Manifest

$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File:                     mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier:          iA3oQOS/hRE+q5tEQRIvo6NduDkpBbcxblYd2WcENdU=
Subject key identifier:   40:1A:22:FE:63:96:21:4D:E8:7E:66:5E:D0:1B:44:26:AF:21:87:27
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer:       /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial:       0375
Authority info access:    rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access:      rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number:          01B5
Signing time:             Wed 11 Dec 2024 21:16:57 +0000
Manifest this update:     Wed 11 Dec 2024 21:16:57 +0000
Manifest next update:     Sat 18 Jan 2025 21:16:57 +0000
Files and hashes:         1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: AcKz7RP3MHRJ6ha7+ZA7ztzUJHJcRrTpDoBuIiiy/OQ=)
                          2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: u59dbj+R4VJG/HcbUD2znmHNj2vIloAA8sVw4Yp0YDo=)
                          3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: kNHc9cqyfktynKHJjzsGje7AGjaeijQd41J8RavWmnA=)
                          4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: pNVb25EZijors+W/qaj6sQStRUvWlrDNttDWj1aNTHs=)
                          5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: ftu3wI94x/Wjd3l1kJ286DdMPzYlCu3F6tsGgJkcAfk=)
                          6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: WuvRiTBLu9QcHFS5Yrhg4aVrDWoe9UyiTdqyLNhMjQ8=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 11 Jan 2025 23:05:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 885 (0x375)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
        Validity
            Not Before: Dec 11 21:16:57 2024 GMT
            Not After : Jan 18 21:16:57 2025 GMT
        Subject: CN=675a0149-7da2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:5a:d3:cf:df:53:6b:4c:46:42:37:16:98:fc:
                    70:10:4d:52:f6:98:88:ff:a9:03:e9:77:ce:af:64:
                    ce:b7:18:43:5f:5d:87:d6:7b:4e:dd:0b:00:4e:d5:
                    11:c7:45:96:97:b4:19:e1:22:19:ea:8b:7f:7f:52:
                    53:2c:54:7c:13:e7:04:4b:9b:1d:25:9a:ba:5c:e3:
                    e0:0e:c5:81:42:e9:ae:a7:10:c2:0b:3e:6e:79:ad:
                    ad:e1:49:66:c2:c9:94:3c:ab:f9:8c:27:7d:4c:8e:
                    f9:36:b4:9e:71:19:ff:7e:fe:4d:fb:cc:09:53:0c:
                    be:a1:2f:16:39:fe:33:89:ed:7f:ab:e8:ab:35:08:
                    d7:8a:0f:af:ba:cf:77:cc:14:61:b3:55:45:09:ea:
                    35:7c:3e:37:03:a9:69:1d:2f:7b:45:b0:3b:3a:dd:
                    a3:e4:74:e7:73:05:29:37:bd:55:bd:05:53:73:ca:
                    2e:12:95:04:99:bf:b3:3a:86:a8:b8:38:c6:d1:80:
                    e9:4b:b8:28:e5:e6:46:b5:be:f1:6d:09:e6:8a:e2:
                    ea:32:10:6f:df:dc:b1:56:ef:ca:a1:55:92:65:2c:
                    07:2a:10:d4:69:e6:71:e3:94:84:7c:94:84:bd:a2:
                    fa:e6:9b:43:82:08:b9:60:ae:0d:dc:f2:a0:1f:ff:
                    ba:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:1A:22:FE:63:96:21:4D:E8:7E:66:5E:D0:1B:44:26:AF:21:87:27
            X509v3 Authority Key Identifier:
                keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:a6:3b:2b:05:17:32:0c:94:20:f3:5f:e0:0a:a4:6d:cc:96:
         01:60:0b:cf:28:bf:3c:21:9a:a5:4a:be:f8:e1:30:56:33:ba:
         9a:05:eb:62:99:36:94:6c:4d:31:17:e8:da:9e:f6:82:7d:9c:
         10:4e:f7:26:31:98:95:62:ac:71:a7:59:31:01:8e:00:ea:a2:
         23:1d:91:35:69:9c:6b:a1:20:7d:47:73:e6:97:34:ce:52:3b:
         7e:c9:c9:b2:27:50:22:e5:13:82:b8:18:f3:fa:c5:7c:b1:ff:
         61:62:21:1f:41:f8:df:77:b1:26:23:4e:fd:ca:1d:e9:49:1c:
         3f:84:21:b0:7c:5d:fa:74:b9:37:84:c8:b1:41:15:bc:01:86:
         3b:ff:f7:2d:33:ce:b3:80:ed:66:63:98:71:ca:61:8a:6e:61:
         53:46:36:56:f7:98:66:42:80:16:f6:b1:2f:5e:07:cb:f7:a7:
         51:7c:02:d6:2f:e5:7a:1c:6f:cc:c2:98:a8:73:8c:c8:d0:02:
         8e:6a:54:7f:09:e6:98:93:56:d0:68:92:28:7f:06:07:f1:ab:
         b8:d4:86:89:3d:36:7a:4e:41:46:09:fd:ed:71:a0:18:f4:dd:
         d3:a9:11:17:b2:e6:1e:1c:56:f9:0a:88:0b:2d:bc:fe:6e:1e:
         a6:e3:ba:a7
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA3UwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNDEyMTEyMTE2NTdaFw0y
NTAxMTgyMTE2NTdaMBgxFjAUBgNVBAMTDTY3NWEwMTQ5LTdkYTIwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBWtPP31NrTEZCNxaY/HAQTVL2mIj/qQPp
d86vZM63GENfXYfWe07dCwBO1RHHRZaXtBnhIhnqi39/UlMsVHwT5wRLmx0lmrpc
4+AOxYFC6a6nEMILPm55ra3hSWbCyZQ8q/mMJ31Mjvk2tJ5xGf9+/k37zAlTDL6h
LxY5/jOJ7X+r6Ks1CNeKD6+6z3fMFGGzVUUJ6jV8PjcDqWkdL3tFsDs63aPkdOdz
BSk3vVW9BVNzyi4SlQSZv7M6hqi4OMbRgOlLuCjl5ka1vvFtCeaK4uoyEG/f3LFW
78qhVZJlLAcqENRp5nHjlIR8lIS9ovrmm0OCCLlgrg3c8qAf/7orAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUQBoi/mOWIU3ofmZe0BtEJq8hhycwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBIpjsrBRcyDJQg81/g
CqRtzJYBYAvPKL88IZqlSr744TBWM7qaBetimTaUbE0xF+janvaCfZwQTvcmMZiV
Yqxxp1kxAY4A6qIjHZE1aZxroSB9R3PmlzTOUjt+ycmyJ1Ai5ROCuBjz+sV8sf9h
YiEfQfjfd7EmI079yh3pSRw/hCGwfF36dLk3hMixQRW8AYY7//ctM86zgO1mY5hx
ymGKbmFTRjZW95hmQoAW9rEvXgfL96dRfALWL+V6HG/Mwpioc4zI0AKOalR/CeaY
k1bQaJIofwYH8au41IaJPTZ6TkFGCf3tcaAY9N3TqREXsuYeHFb5CogLLbz+bh6m
47qn
-----END CERTIFICATE-----
Generated at Wed Dec 11 23:28:31 2024 by rpki-client on console-fra.rpki-client.org