Manifest

$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File:                     C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier:          ITtFTp90Z0gRsyyZJcX4Gkemg47ffOnyvgDLYSaHFt0=
Subject key identifier:   43:1D:40:2B:1A:05:B9:2A:8C:B1:3B:07:38:7C:17:DA:F7:28:B6:24
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer:       /CN=apnic-rpki-root-iana-origin
Certificate serial:       EC
Authority info access:    rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access:      rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number:          BB
Signing time:             Tue 05 Mar 2024 23:04:51 +0000
Manifest this update:     Tue 05 Mar 2024 23:04:51 +0000
Manifest next update:     Fri 12 Apr 2024 23:04:51 +0000
Files and hashes:         1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: ZMPlGoINHOQbEY8LxPG3o0Lgx45a90RKV1KtkxrZ2Zo=)
                          2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: EPEaiqHSOnkG7o9tmUP5KoKtvvslnla6xb5SZNqko9c=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 12 Apr 2024 23:04:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 236 (0xec)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=apnic-rpki-root-iana-origin
        Validity
            Not Before: Mar  5 23:04:51 2024 GMT
            Not After : Apr 12 23:04:51 2024 GMT
        Subject: CN=65e7a513-697d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c4:f8:66:49:67:ee:58:8e:8a:64:fe:56:73:
                    f2:51:52:9e:7b:d4:ae:4c:cf:13:33:3d:22:4f:01:
                    14:d2:2c:ea:f2:bd:42:7a:ab:7b:e0:a9:6e:8e:23:
                    17:ea:f7:66:b2:6b:ec:ec:92:76:34:d9:75:96:b9:
                    ac:c9:4d:f6:45:b3:43:86:69:43:33:28:16:7d:ad:
                    da:72:3d:a5:22:e1:64:81:be:16:95:1f:ba:98:77:
                    5b:d9:10:48:91:ef:c8:31:a0:eb:92:24:00:bb:1f:
                    1f:5e:2e:39:f0:dd:55:74:d0:a8:8c:df:5c:e0:7a:
                    a5:bb:84:6c:96:8a:a1:21:13:a0:ec:0d:3b:86:29:
                    28:b8:73:c9:30:c4:f5:41:f0:7a:e1:cb:b3:d8:ec:
                    25:ab:8f:8e:26:67:6b:1e:ac:42:95:08:1d:f8:33:
                    69:16:70:ee:04:62:0d:64:b5:90:b1:50:14:57:6c:
                    22:39:4a:4a:02:a9:f6:32:bf:47:de:3e:f3:6d:af:
                    6f:4f:a4:ca:d2:6e:50:6e:e6:0a:0e:25:55:ce:c9:
                    a1:24:5b:70:90:5b:25:df:56:ce:69:a6:71:2e:25:
                    e2:1d:fa:4c:6f:2e:e4:ce:08:c2:ca:a0:54:14:5a:
                    c2:2d:5c:05:7b:c9:86:18:14:01:2c:e2:cc:86:8e:
                    db:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:1D:40:2B:1A:05:B9:2A:8C:B1:3B:07:38:7C:17:DA:F7:28:B6:24
            X509v3 Authority Key Identifier:
                keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:05:b0:48:72:24:44:f8:b1:25:d3:a6:5f:46:a6:d8:16:fc:
         ca:f6:58:d4:3b:b7:af:8d:73:5e:07:e6:d6:5b:ec:af:36:2f:
         8d:8c:76:0b:4b:79:5c:28:41:13:95:33:82:44:6e:26:6a:80:
         37:cf:16:45:34:86:af:25:86:83:d1:ea:ed:be:78:4a:e1:19:
         ea:7e:2a:4e:51:6b:69:ab:1d:34:c6:b5:98:b2:4d:90:94:fb:
         0c:a3:0c:e6:a7:01:cb:6b:40:ab:23:0d:cf:97:61:4d:18:1f:
         5c:16:b5:70:cd:be:c4:a7:93:c2:7c:82:79:47:d6:36:fc:35:
         4e:fa:7c:67:40:50:25:6b:99:80:9b:b3:07:40:c5:95:b7:a9:
         27:9b:ad:ea:97:0f:48:02:23:eb:ac:1d:5f:89:5a:c1:d7:49:
         36:9e:0e:8b:b8:77:49:c9:93:03:b7:61:65:be:7b:fb:04:41:
         0d:81:ea:d2:1f:9d:1c:fa:e3:41:8e:67:bc:fa:9c:b2:01:a4:
         16:b0:ab:1a:d0:59:99:83:8a:88:5a:c8:79:8a:2f:1d:eb:73:
         04:07:83:aa:63:90:a3:90:a9:bf:52:30:7e:2b:7c:8f:68:86:
         a0:7c:9b:36:15:1d:ed:68:74:89:63:10:47:64:c7:ab:93:1e:
         2b:57:a3:58
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICAOwwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI0MDMwNTIzMDQ1MVoXDTI0MDQx
MjIzMDQ1MVowGDEWMBQGA1UEAxMNNjVlN2E1MTMtNjk3ZDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAJ3E+GZJZ+5Yjopk/lZz8lFSnnvUrkzPEzM9Ik8B
FNIs6vK9Qnqre+Cpbo4jF+r3ZrJr7OySdjTZdZa5rMlN9kWzQ4ZpQzMoFn2t2nI9
pSLhZIG+FpUfuph3W9kQSJHvyDGg65IkALsfH14uOfDdVXTQqIzfXOB6pbuEbJaK
oSEToOwNO4YpKLhzyTDE9UHweuHLs9jsJauPjiZnax6sQpUIHfgzaRZw7gRiDWS1
kLFQFFdsIjlKSgKp9jK/R94+822vb0+kytJuUG7mCg4lVc7JoSRbcJBbJd9Wzmmm
cS4l4h36TG8u5M4IwsqgVBRawi1cBXvJhhgUASzizIaO268CAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBRDHUArGgW5KoyxOwc4fBfa9yi2JDAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBALIF
sEhyJET4sSXTpl9GptgW/Mr2WNQ7t6+Nc14H5tZb7K82L42MdgtLeVwoQROVM4JE
biZqgDfPFkU0hq8lhoPR6u2+eErhGep+Kk5Ra2mrHTTGtZiyTZCU+wyjDOanActr
QKsjDc+XYU0YH1wWtXDNvsSnk8J8gnlH1jb8NU76fGdAUCVrmYCbswdAxZW3qSeb
reqXD0gCI+usHV+JWsHXSTaeDou4d0nJkwO3YWW+e/sEQQ2B6tIfnRz640GOZ7z6
nLIBpBawqxrQWZmDiohayHmKLx3rcwQHg6pjkKOQqb9SMH4rfI9ohqB8mzYVHe1o
dIljEEdkx6uTHitXo1g=
-----END CERTIFICATE-----
Generated at Wed Mar 6 00:39:19 2024 by rpki-client on console-ams.rpki-client.org