Manifest

$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File:                     C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (download)
Hash identifier:          4Y0N6RMfqlHFeZVkGGBvwfkeFT0OSoCSD07Q4rU3Lsw=
Subject key identifier:   13:F4:1F:17:2F:AD:7D:43:A3:7E:2E:19:15:57:86:34:AA:7B:8F:48
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer:       /CN=apnic-rpki-root-iana-origin
Certificate serial:       D7
Authority info access:    rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access:      rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest Number:          AA
Manifest valid since:     Mon 02 Jan 2023 23:12:04 +0000
Manifest valid until:     Thu 09 Feb 2023 23:12:04 +0000
Files and hashes:
    1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
	hash GRuXkO1mv6XHdOLFK0ec7Y9l/E1tzdGIigsKlnmBx9E=
    2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
	hash OJv1bIXLsKxr0nxvPFPP19BFo1bvQXpQwKYYwrKgiSo=

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 215 (0xd7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=apnic-rpki-root-iana-origin
        Validity
            Not Before: Jan  2 23:12:04 2023 GMT
            Not After : Feb  9 23:12:04 2023 GMT
        Subject: CN=63b364c4-4936
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:b1:94:e6:d0:9d:f5:54:87:11:46:06:eb:be:
                    f8:95:32:2a:9e:96:34:d3:c0:f8:ae:8c:2f:14:8c:
                    76:e4:29:14:98:e4:21:4d:33:01:ed:b6:c3:5a:97:
                    8d:29:e4:19:b3:ae:43:b9:11:56:ef:2f:49:33:c7:
                    7d:1c:3b:95:ab:5c:44:7a:bd:f2:7b:e6:66:bb:7f:
                    95:b6:58:93:c4:b1:f8:6b:f9:9d:2b:7e:14:81:8e:
                    74:92:86:50:c5:70:f0:7d:52:ad:e7:81:f0:8d:a5:
                    68:ae:ec:79:49:f8:cb:47:74:98:a0:a6:08:6a:a0:
                    5d:9c:74:d8:59:2e:8e:85:1c:ec:eb:97:52:08:ac:
                    71:53:52:ff:96:d0:2d:7c:3c:8a:7f:7e:e3:e1:ff:
                    47:28:43:1e:6d:75:7b:b6:dd:56:45:0f:de:ad:96:
                    bd:9c:93:8b:93:b2:81:82:6e:24:f8:75:b4:8c:6e:
                    cb:b0:bb:9c:c3:b2:92:7f:ad:14:03:1a:58:0d:33:
                    1e:50:a1:a9:f4:fc:4e:25:5b:85:e5:d3:1d:68:94:
                    9c:8b:b8:62:18:a1:f5:ea:c9:8c:80:4d:61:03:cd:
                    b6:28:b7:83:2b:66:20:9f:c9:3e:cd:4f:ac:d3:ba:
                    49:6f:65:45:d2:04:19:0f:2b:a3:3b:f3:66:2a:02:
                    41:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                13:F4:1F:17:2F:AD:7D:43:A3:7E:2E:19:15:57:86:34:AA:7B:8F:48
            X509v3 Authority Key Identifier: 
                keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:34:b9:16:99:ba:3e:f7:c9:83:86:c6:12:86:c1:5a:43:11:
         e7:f9:36:ff:dd:06:53:c6:c4:79:0d:df:f1:e8:95:42:35:cf:
         6f:11:1e:db:7e:90:b6:a9:1d:31:4e:53:17:56:ba:b7:b8:04:
         30:1f:64:18:e8:35:ca:b5:fb:b5:68:a6:92:05:4e:96:91:b2:
         7a:f5:20:0e:6b:2e:cb:d3:98:fe:e5:d9:7d:aa:c9:ca:a5:7b:
         35:31:b9:0e:dd:82:14:9e:7d:07:d9:11:75:29:f5:a4:c0:66:
         1d:b0:3b:65:d5:dd:a0:f6:78:d1:5a:85:60:a5:28:e8:fd:21:
         6c:fc:81:67:d7:cd:3c:9f:cd:8f:1a:e0:16:1c:2c:a5:a8:b2:
         54:dc:98:d8:dd:c0:72:4c:af:70:e9:55:fe:a3:9b:9f:2d:c3:
         fe:8f:f3:5d:69:e9:d2:ca:6b:2e:7a:9c:f5:48:8e:e6:01:83:
         21:7b:94:95:db:c4:65:30:17:52:19:0a:93:dd:02:e2:23:17:
         53:7e:3e:3c:22:67:c5:97:dd:9f:2b:c9:56:47:ec:e2:ee:1a:
         11:44:e5:fb:91:72:ed:95:6f:9c:d9:e4:b0:cf:d6:88:ed:84:
         c6:37:60:9f:35:c0:ad:ed:c7:ba:4c:99:6b:be:6e:ce:58:e1:
         89:69:cb:8a
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICANcwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTIzMDEwMjIzMTIwNFoXDTIzMDIw
OTIzMTIwNFowGDEWMBQGA1UEAxMNNjNiMzY0YzQtNDkzNjCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAOCxlObQnfVUhxFGBuu++JUyKp6WNNPA+K6MLxSM
duQpFJjkIU0zAe22w1qXjSnkGbOuQ7kRVu8vSTPHfRw7latcRHq98nvmZrt/lbZY
k8Sx+Gv5nSt+FIGOdJKGUMVw8H1SreeB8I2laK7seUn4y0d0mKCmCGqgXZx02Fku
joUc7OuXUgiscVNS/5bQLXw8in9+4+H/RyhDHm11e7bdVkUP3q2WvZyTi5OygYJu
JPh1tIxuy7C7nMOykn+tFAMaWA0zHlChqfT8TiVbheXTHWiUnIu4Yhih9erJjIBN
YQPNtii3gytmIJ/JPs1PrNO6SW9lRdIEGQ8rozvzZioCQa0CAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBQT9B8XL619Q6N+LhkVV4Y0qnuPSDAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBAII0
uRaZuj73yYOGxhKGwVpDEef5Nv/dBlPGxHkN3/HolUI1z28RHtt+kLapHTFOUxdW
ure4BDAfZBjoNcq1+7VoppIFTpaRsnr1IA5rLsvTmP7l2X2qycqlezUxuQ7dghSe
fQfZEXUp9aTAZh2wO2XV3aD2eNFahWClKOj9IWz8gWfXzTyfzY8a4BYcLKWoslTc
mNjdwHJMr3DpVf6jm58tw/6P811p6dLKay56nPVIjuYBgyF7lJXbxGUwF1IZCpPd
AuIjF1N+PjwiZ8WX3Z8ryVZH7OLuGhFE5fuRcu2Vb5zZ5LDP1ojthMY3YJ81wK3t
x7pMmWu+bs5Y4Ylpy4o=
-----END CERTIFICATE-----
Generated at Tue Jan 31 03:04:32 2023 by rpki-client.