Manifest

$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File:                     mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier:          L8LIxDcWeTUfcUJAE9VTLKnktn1h2LWNGA1xphHNsck=
Subject key identifier:   AF:60:F2:D3:C0:EB:5B:48:45:6E:B5:0D:C8:A8:E8:33:6C:00:55:CE
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer:       /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial:       031B
Authority info access:    rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access:      rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number:          0188
Signing time:             Sun 17 Mar 2024 22:43:19 +0000
Manifest this update:     Sun 17 Mar 2024 22:43:18 +0000
Manifest next update:     Wed 24 Apr 2024 22:43:18 +0000
Files and hashes:         1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: Q5qlaCYdqIQyMdqGe/z5m50i7VvlsdEsF4XdiCk6sR4=)
                          2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: gMkNwePdBF1NT/8LHBiK2+zBiy3mBQwZn3Jc5VgErXE=)
                          3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: hxD7piwrrM7Jk8dWuwh18t99vc2m01QDpEkwyvvj40k=)
                          4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: zpbwy41hRyWwJ7fTsGL6GrpweGmBkIiKg/dSn0a6OHc=)
                          5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: UHNLbksZbGlrce+F2yepxQeIqthy1Wcjq9WO+W2UtAo=)
                          6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: jg03pL2OGXNC8ZxDB2gn61ivoFfg8PWKtd7U8dyLD+c=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 12 Apr 2024 23:04:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 795 (0x31b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
        Validity
            Not Before: Mar 17 22:43:18 2024 GMT
            Not After : Apr 24 22:43:18 2024 GMT
        Subject: CN=65f77207-dc0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:41:e2:3f:f6:20:38:28:a7:2e:8b:72:0f:df:
                    da:ea:cd:f8:1d:83:88:d4:7e:f4:4a:c9:8e:22:5e:
                    30:73:79:3a:86:33:ad:11:1f:f0:dd:a9:cf:46:35:
                    82:97:67:0e:6e:83:78:73:69:c9:27:51:ff:0c:a9:
                    92:75:1b:8c:c2:85:6b:b2:3f:dd:31:43:66:37:35:
                    88:cf:07:98:0f:8a:86:33:f6:38:1b:dc:80:61:0a:
                    d8:33:12:aa:fa:a6:c6:f0:d9:19:48:4d:dd:f9:d8:
                    ab:29:4b:62:90:23:da:bd:dd:34:23:79:5e:d1:04:
                    f2:02:57:18:19:e9:ca:36:6a:1c:d4:da:5f:84:60:
                    90:87:98:4c:5a:34:22:56:c0:24:84:84:24:09:1d:
                    75:f4:7c:9f:c5:bc:bc:7e:fa:e0:43:c5:46:b5:ac:
                    47:22:96:1c:46:15:36:99:ba:4c:a7:fe:71:dd:ce:
                    1f:d6:28:40:9e:cb:9e:ff:48:87:1a:39:9e:38:ba:
                    01:06:52:17:df:6f:a5:c8:3c:e4:88:c5:c0:3d:1a:
                    67:0a:3a:47:e6:01:8b:e9:3f:f5:08:30:2b:15:67:
                    98:66:5e:4f:5b:8c:70:a9:67:b0:5c:ed:b5:92:d3:
                    1d:a0:59:b7:22:ae:38:3f:7a:5c:50:35:83:00:cd:
                    43:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:60:F2:D3:C0:EB:5B:48:45:6E:B5:0D:C8:A8:E8:33:6C:00:55:CE
            X509v3 Authority Key Identifier:
                keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         dd:4b:8e:4c:f9:82:ef:bf:f2:bf:68:00:41:a8:a3:63:a3:66:
         1a:f3:38:c4:37:20:fb:6f:5a:8e:a0:89:17:a8:4e:95:ab:46:
         87:05:b7:d5:66:08:74:39:b7:52:83:aa:03:8a:ee:de:ef:4e:
         b1:65:5f:ab:58:c0:d3:3b:eb:29:2e:63:6b:73:95:ee:a2:6a:
         f8:e2:37:0f:d2:5c:5c:94:4c:75:59:44:81:3e:b8:a8:65:bf:
         48:16:08:52:e0:6b:c2:12:35:61:7e:5d:98:47:ba:a7:e5:0f:
         e2:fc:5a:4a:72:e1:ad:75:3e:6c:e9:ec:35:3d:51:05:9b:3d:
         64:c3:c6:42:46:8d:26:95:aa:3c:e1:2f:13:7d:8f:4e:21:b5:
         89:9a:ea:27:da:86:73:94:a0:82:b8:b8:c6:94:a8:20:fa:f0:
         df:a1:03:28:df:0b:8f:03:77:d9:2f:78:9c:c7:d4:b1:a9:66:
         04:66:77:03:16:5b:93:2f:d1:f4:b7:00:b5:9f:57:a9:22:6a:
         0c:f6:e0:58:cd:ab:54:31:8c:de:d9:5a:ab:6b:c4:3b:74:ca:
         e7:d1:31:e5:0f:b7:a4:b9:77:62:1f:d3:d1:3b:05:d6:43:e2:
         2b:1e:25:f6:2d:ce:df:0c:01:2e:cc:51:60:07:c4:8d:96:3b:
         89:58:72:88
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICAxswDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNDAzMTcyMjQzMThaFw0y
NDA0MjQyMjQzMThaMBgxFjAUBgNVBAMTDTY1Zjc3MjA3LWRjMGQwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0QeI/9iA4KKcui3IP39rqzfgdg4jUfvRK
yY4iXjBzeTqGM60RH/Ddqc9GNYKXZw5ug3hzacknUf8MqZJ1G4zChWuyP90xQ2Y3
NYjPB5gPioYz9jgb3IBhCtgzEqr6psbw2RlITd352KspS2KQI9q93TQjeV7RBPIC
VxgZ6co2ahzU2l+EYJCHmExaNCJWwCSEhCQJHXX0fJ/FvLx++uBDxUa1rEcilhxG
FTaZukyn/nHdzh/WKECey57/SIcaOZ44ugEGUhffb6XIPOSIxcA9GmcKOkfmAYvp
P/UIMCsVZ5hmXk9bjHCpZ7Bc7bWS0x2gWbcirjg/elxQNYMAzUPlAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUr2Dy08DrW0hFbrUNyKjoM2wAVc4wHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDdS45M+YLvv/K/aABB
qKNjo2Ya8zjENyD7b1qOoIkXqE6Vq0aHBbfVZgh0ObdSg6oDiu7e706xZV+rWMDT
O+spLmNrc5Xuomr44jcP0lxclEx1WUSBPrioZb9IFghS4GvCEjVhfl2YR7qn5Q/i
/FpKcuGtdT5s6ew1PVEFmz1kw8ZCRo0mlao84S8TfY9OIbWJmuon2oZzlKCCuLjG
lKgg+vDfoQMo3wuPA3fZL3icx9SxqWYEZncDFluTL9H0twC1n1epImoM9uBYzatU
MYze2Vqra8Q7dMrn0THlD7ekuXdiH9PROwXWQ+IrHiX2Lc7fDAEuzFFgB8SNljuJ
WHKI
-----END CERTIFICATE-----
Generated at Sun Mar 17 23:47:21 2024 by rpki-client on console-fra.rpki-client.org