Manifest

$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File:                     mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier:          HPRCwVoLuPy2+vjolcyIU7e/5PiF1D+xHLL7gQEHVlo=
Subject key identifier:   5B:DE:B8:98:0B:74:B4:30:9B:FC:BC:22:67:30:0D:33:8A:9E:EF:98
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer:       /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial:       0323
Authority info access:    rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access:      rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number:          018C
Signing time:             Wed 17 Apr 2024 22:41:09 +0000
Manifest this update:     Wed 17 Apr 2024 22:41:09 +0000
Manifest next update:     Fri 24 May 2024 22:41:09 +0000
Files and hashes:         1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: VeJ/eJ9R06fTHnJD20Hg9vo8qmdtc3OhYq8jvRHh9Q0=)
                          2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: gMkNwePdBF1NT/8LHBiK2+zBiy3mBQwZn3Jc5VgErXE=)
                          3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: zNGCeIo9Is2n3eyMhTkgCwwVEes1zrczMDeGE7NzLgE=)
                          4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: zpbwy41hRyWwJ7fTsGL6GrpweGmBkIiKg/dSn0a6OHc=)
                          5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: FMRBk6cnQAMRChqTaBJpJZhCrlPbKZPH3w3gYswUon8=)
                          6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: jg03pL2OGXNC8ZxDB2gn61ivoFfg8PWKtd7U8dyLD+c=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 15 May 2024 02:42:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 803 (0x323)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
        Validity
            Not Before: Apr 17 22:41:09 2024 GMT
            Not After : May 24 22:41:09 2024 GMT
        Subject: CN=66205005-e784
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:cb:1e:b9:ea:cb:6a:05:da:8c:71:5b:a8:75:
                    06:ba:20:a2:58:c2:6d:cc:ba:0b:3b:55:53:2b:8d:
                    50:af:ca:06:ff:5c:d6:d0:2b:ce:89:24:f2:ee:11:
                    e4:b7:41:ca:91:da:fd:5f:84:56:e6:9e:71:73:c8:
                    14:91:46:ad:7a:b2:5f:fb:82:69:73:9e:41:ab:32:
                    e3:b2:5e:a3:c6:4d:4c:af:e2:2d:b8:30:d2:33:31:
                    5e:28:d4:38:86:8a:e4:44:b6:dd:02:92:b8:19:86:
                    25:38:31:9d:b0:74:94:b4:3f:ed:9f:98:bd:4b:5e:
                    eb:12:3a:17:8d:58:fe:53:1a:7a:e6:39:8a:3c:e3:
                    80:09:83:ed:a0:6d:e5:1f:14:de:1d:0b:7b:db:2d:
                    d2:7c:08:38:01:9b:f0:6c:15:d1:38:6b:59:d4:41:
                    ff:10:e0:3d:9e:10:52:ca:d6:ec:97:6d:49:5c:87:
                    da:36:67:75:0a:78:5b:b2:e3:23:4f:10:8f:a9:75:
                    d9:c0:b2:1b:a5:a7:3e:07:0f:dc:21:6c:a8:bf:7d:
                    74:be:27:09:36:39:41:6a:32:a8:8b:33:48:0a:8a:
                    88:34:83:ac:70:90:61:a8:e8:fa:5c:88:15:5e:d8:
                    65:97:56:f7:d3:5d:0d:02:c9:05:13:60:a5:8b:89:
                    55:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:DE:B8:98:0B:74:B4:30:9B:FC:BC:22:67:30:0D:33:8A:9E:EF:98
            X509v3 Authority Key Identifier:
                keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:67:77:83:ca:a9:c6:05:16:e5:eb:83:d2:25:0d:1b:85:8d:
         1f:39:1a:06:25:84:81:e6:9f:43:83:f6:d6:26:dc:78:f8:d0:
         11:24:fe:e2:86:1d:c3:d8:7a:9e:e4:b8:61:8a:8c:39:de:5b:
         53:dc:59:54:07:c7:40:b4:10:5a:1c:68:8c:35:23:88:b8:94:
         b7:03:58:98:d1:50:c7:b5:03:22:2e:4d:c1:0c:7a:88:22:cc:
         fa:80:f7:85:b8:2f:df:e9:0b:59:9d:dc:f0:96:27:f4:1e:ab:
         bd:08:bd:be:0e:47:09:3e:9b:86:68:90:cc:d2:da:0f:66:a9:
         c9:0a:22:ba:ce:08:90:c5:19:05:c0:15:c0:78:fa:c0:b8:f9:
         12:1d:f4:fb:c1:c0:be:c4:4a:f5:23:4d:3c:4c:7a:14:ae:f8:
         13:4d:01:bf:12:2e:f3:dc:1a:ea:e5:a1:9d:9c:b9:4f:93:21:
         ee:af:a6:4f:5f:76:df:dc:37:f5:58:35:7b:13:fb:55:ea:07:
         1c:a5:ab:32:29:ad:b3:de:f0:5d:2f:a0:93:1c:0a:89:a8:ad:
         4f:b1:96:b1:70:88:d0:0e:bf:03:aa:91:d8:52:97:61:2a:ad:
         08:89:84:e6:ec:58:8d:b5:9a:55:bd:da:b4:aa:a3:a9:62:72:
         cd:c4:a6:26
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICAyMwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNDA0MTcyMjQxMDlaFw0y
NDA1MjQyMjQxMDlaMBgxFjAUBgNVBAMTDTY2MjA1MDA1LWU3ODQwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/yx656stqBdqMcVuodQa6IKJYwm3Mugs7
VVMrjVCvygb/XNbQK86JJPLuEeS3QcqR2v1fhFbmnnFzyBSRRq16sl/7gmlznkGr
MuOyXqPGTUyv4i24MNIzMV4o1DiGiuREtt0CkrgZhiU4MZ2wdJS0P+2fmL1LXusS
OheNWP5TGnrmOYo844AJg+2gbeUfFN4dC3vbLdJ8CDgBm/BsFdE4a1nUQf8Q4D2e
EFLK1uyXbUlch9o2Z3UKeFuy4yNPEI+pddnAshulpz4HD9whbKi/fXS+Jwk2OUFq
MqiLM0gKiog0g6xwkGGo6PpciBVe2GWXVvfTXQ0CyQUTYKWLiVW7AgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUW964mAt0tDCb/LwiZzANM4qe75gwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBHZ3eDyqnGBRbl64PS
JQ0bhY0fORoGJYSB5p9Dg/bWJtx4+NARJP7ihh3D2Hqe5Lhhiow53ltT3FlUB8dA
tBBaHGiMNSOIuJS3A1iY0VDHtQMiLk3BDHqIIsz6gPeFuC/f6QtZndzwlif0Hqu9
CL2+DkcJPpuGaJDM0toPZqnJCiK6zgiQxRkFwBXAePrAuPkSHfT7wcC+xEr1I008
THoUrvgTTQG/Ei7z3Brq5aGdnLlPkyHur6ZPX3bf3Df1WDV7E/tV6gccpasyKa2z
3vBdL6CTHAqJqK1PsZaxcIjQDr8DqpHYUpdhKq0IiYTm7FiNtZpVvdq0qqOpYnLN
xKYm
-----END CERTIFICATE-----
Generated at Wed Apr 17 23:43:22 2024 by rpki-client on console-ams.rpki-client.org