Manifest

$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File:                     C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier:          Ae2mT9oI96KJbfYeJCrcgdoO9cMtOt41gUJCyOiNSGY=
Subject key identifier:   28:87:9F:EF:17:27:EC:2D:A0:D2:7C:E1:AC:90:C3:6B:5D:04:D3:B1
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer:       /CN=apnic-rpki-root-iana-origin
Certificate serial:       ED
Authority info access:    rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access:      rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number:          BC
Signing time:             Mon 08 Apr 2024 02:42:43 +0000
Manifest this update:     Mon 08 Apr 2024 02:42:42 +0000
Manifest next update:     Wed 15 May 2024 02:42:42 +0000
Files and hashes:         1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: xKUAsI1HOprBquoxwh+FKZr0KeXpR4IWH7/FOHj1qNo=)
                          2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: EPEaiqHSOnkG7o9tmUP5KoKtvvslnla6xb5SZNqko9c=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 15 May 2024 02:42:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 237 (0xed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=apnic-rpki-root-iana-origin
        Validity
            Not Before: Apr  8 02:42:42 2024 GMT
            Not After : May 15 02:42:42 2024 GMT
        Subject: CN=661359a3-f128
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:11:35:3f:be:af:dd:2d:f2:ef:22:3c:9d:51:
                    8a:e7:fe:f4:2c:2a:e4:af:dc:d2:7c:6e:f1:9f:77:
                    ad:76:c4:7c:90:a0:50:e2:27:7a:13:d1:50:f4:a9:
                    9f:49:93:d7:b9:c6:e4:63:d7:ef:f0:6f:e0:fb:55:
                    38:b3:5c:cd:0e:f6:06:fe:86:6f:ed:03:72:3d:84:
                    ef:d4:49:03:db:4d:ef:49:ca:0d:86:f1:fa:72:e9:
                    51:87:3d:41:4c:fe:a1:c4:d7:d4:96:84:da:b3:32:
                    b2:4a:60:ec:78:77:da:10:16:05:0e:08:a7:bd:3b:
                    52:85:5e:87:93:1e:c1:a9:4d:4d:ba:bd:37:0f:c0:
                    49:33:46:73:1d:08:74:fd:a8:73:3c:95:81:69:23:
                    ac:c7:a7:a9:1a:b1:f2:e2:08:7d:53:a0:96:e3:88:
                    67:e0:58:f4:a9:92:5b:bb:6c:b4:25:60:9e:83:7b:
                    17:d7:34:d0:21:37:bc:91:30:b1:2c:c0:b1:e0:2b:
                    3b:6e:1e:55:5a:91:e0:de:5a:f6:50:af:bb:b1:87:
                    f4:34:b8:8a:a1:aa:1f:05:5d:7c:78:60:d8:7f:7e:
                    67:e4:04:1b:09:c3:e2:84:5b:dc:2e:ca:f1:8e:a8:
                    c1:49:6a:3b:bb:08:cb:55:0a:e5:71:14:a4:b7:c1:
                    7b:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:87:9F:EF:17:27:EC:2D:A0:D2:7C:E1:AC:90:C3:6B:5D:04:D3:B1
            X509v3 Authority Key Identifier:
                keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:84:07:87:37:6b:21:2c:04:e2:49:2d:bd:27:3c:bb:d6:6f:
         27:d0:a7:a2:0e:09:da:0a:e1:31:d9:c5:c7:ec:06:ee:b0:6a:
         08:44:59:28:40:39:e0:f6:52:33:3f:a2:05:a0:dd:19:8c:1d:
         22:61:0b:4c:10:8f:ad:3d:65:72:ef:81:1d:2a:23:38:1b:e1:
         b3:a4:41:36:d2:6a:5d:92:43:22:84:40:04:73:61:46:4a:31:
         4b:d5:9b:da:9f:2d:d9:9d:b1:fe:fc:77:c7:26:00:a2:06:7d:
         09:26:bc:f3:d4:bd:35:c1:b4:7f:55:fe:8c:08:d2:d2:2c:7b:
         38:f4:56:86:3a:23:19:36:d5:51:be:da:87:21:84:60:e0:df:
         59:f3:2e:bd:79:6b:88:29:c0:f0:6f:73:07:8a:de:7f:cc:0d:
         79:03:df:77:9c:9c:80:a5:6d:73:78:8c:79:02:e0:ec:bb:e8:
         c9:ec:8d:5f:3d:68:d5:8f:1d:28:30:14:53:ef:c2:70:45:f9:
         ac:95:3e:ff:a3:60:a7:ff:57:99:01:d7:1c:b3:ab:c5:e3:5e:
         27:93:9d:43:24:2c:8d:ec:35:bc:15:d0:18:12:52:e0:0f:53:
         b8:2b:09:19:8a:86:63:a6:fa:be:45:e4:bc:18:22:c4:f9:bb:
         84:4b:34:22
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICAO0wDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI0MDQwODAyNDI0MloXDTI0MDUx
NTAyNDI0MlowGDEWMBQGA1UEAxMNNjYxMzU5YTMtZjEyODCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMgRNT++r90t8u8iPJ1Riuf+9Cwq5K/c0nxu8Z93
rXbEfJCgUOInehPRUPSpn0mT17nG5GPX7/Bv4PtVOLNczQ72Bv6Gb+0Dcj2E79RJ
A9tN70nKDYbx+nLpUYc9QUz+ocTX1JaE2rMyskpg7Hh32hAWBQ4Ip707UoVeh5Me
walNTbq9Nw/ASTNGcx0IdP2oczyVgWkjrMenqRqx8uIIfVOgluOIZ+BY9KmSW7ts
tCVgnoN7F9c00CE3vJEwsSzAseArO24eVVqR4N5a9lCvu7GH9DS4iqGqHwVdfHhg
2H9+Z+QEGwnD4oRb3C7K8Y6owUlqO7sIy1UK5XEUpLfBew0CAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBQoh5/vFyfsLaDSfOGskMNrXQTTsTAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBABaE
B4c3ayEsBOJJLb0nPLvWbyfQp6IOCdoK4THZxcfsBu6waghEWShAOeD2UjM/ogWg
3RmMHSJhC0wQj609ZXLvgR0qIzgb4bOkQTbSal2SQyKEQARzYUZKMUvVm9qfLdmd
sf78d8cmAKIGfQkmvPPUvTXBtH9V/owI0tIsezj0VoY6Ixk21VG+2ochhGDg31nz
Lr15a4gpwPBvcweK3n/MDXkD33ecnIClbXN4jHkC4Oy76MnsjV89aNWPHSgwFFPv
wnBF+ayVPv+jYKf/V5kB1xyzq8XjXieTnUMkLI3sNbwV0BgSUuAPU7grCRmKhmOm
+r5F5LwYIsT5u4RLNCI=
-----END CERTIFICATE-----
Generated at Mon Apr 8 03:18:46 2024 by rpki-client on console-fra.rpki-client.org