Manifest

$ rpki-client -vvf rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft
File:                     lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft (raw, json)
Hash identifier:          yoYQwOyje5jQsAimOipwqZgXwM6RDyNxW4WMgh0FOE4=
Subject key identifier:   19:6D:83:49:B4:4D:54:2B:86:77:7A:6A:9F:17:9C:59:10:47:C6:18
Authority key identifier: 96:A8:5E:F4:B8:CA:F5:D4:C3:5A:15:7F:4E:12:5E:E4:94:BA:F9:39
Certificate issuer:       /CN=A90DC5BE/serialNumber=96A85EF4B8CAF5D4C35A157F4E125EE494BAF939
Certificate serial:       41CE
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer
Subject info access:      rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft
Manifest number:          41C7
Signing time:             Sat 22 Jun 2024 14:50:30 +0000
Manifest this update:     Sat 22 Jun 2024 14:50:30 +0000
Manifest next update:     Sat 29 Jun 2024 14:50:30 +0000
Files and hashes:         1: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.crl (hash: pdKmAae8VUT2jkXRLTYTHteetS7YndMAmrkhCAO5jCc=)
                          2: 4kPzvoJVabsWrLN0vJjavmkLF8E.cer (hash: as1OtBtIoUQ64SB6/fpXeVK8c5b9KBZQRzmSHmW0dNQ=)

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.crl
                          rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 29 Jun 2024 14:50:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16846 (0x41ce)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=96A85EF4B8CAF5D4C35A157F4E125EE494BAF939
        Validity
            Not Before: Jun 22 14:50:30 2024 GMT
            Not After : Jun 29 14:50:30 2024 GMT
        Subject: CN=6676e4b6-3dd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:94:af:00:56:ab:ae:f1:08:b5:86:76:65:e9:
                    63:16:e5:0a:b4:7e:28:e9:b5:24:d0:4b:6a:6a:e9:
                    54:d8:47:c5:09:28:d4:6a:3f:a7:3b:6f:31:4f:d7:
                    91:80:5c:6c:62:7f:87:37:f2:be:b4:a9:6f:b6:07:
                    31:6f:92:8c:1f:91:76:52:58:8b:42:29:02:da:77:
                    d9:45:1f:77:0b:8d:0b:8b:c7:9b:b5:13:b1:38:75:
                    53:d2:7d:5b:61:24:1a:8f:9b:b8:58:cd:45:97:d7:
                    5b:b9:6e:80:39:b2:68:f2:ff:05:8b:38:a9:25:fe:
                    90:21:4b:97:b9:37:96:eb:fe:51:9d:82:b2:7b:e9:
                    99:07:a2:a9:c0:ff:64:24:e1:5a:75:0e:e2:72:cf:
                    ef:18:41:ee:5d:13:62:6a:29:c6:0a:2c:b8:92:1c:
                    09:62:b4:04:23:6c:95:00:45:6a:8d:de:3c:33:84:
                    53:f8:b9:25:e0:7c:d2:dc:ae:2a:77:1b:f7:f0:85:
                    8b:6f:bd:ba:8a:41:d9:22:95:20:98:c6:96:59:3a:
                    73:93:84:a3:a1:3a:a9:de:2c:d1:1b:59:5b:e2:32:
                    34:95:da:77:88:dd:9d:d4:95:58:b3:96:6b:2d:a7:
                    96:03:f9:bb:fb:19:26:74:11:85:01:b0:0f:aa:a2:
                    b1:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:6D:83:49:B4:4D:54:2B:86:77:7A:6A:9F:17:9C:59:10:47:C6:18
            X509v3 Authority Key Identifier:
                keyid:96:A8:5E:F4:B8:CA:F5:D4:C3:5A:15:7F:4E:12:5E:E4:94:BA:F9:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:de:51:a6:34:96:72:72:fb:77:e2:59:2c:c6:a3:3a:dc:d2:
         58:e9:2b:ce:7e:33:8e:97:9c:33:e2:da:e7:d8:34:de:15:18:
         18:cd:d2:f5:96:a4:27:36:72:15:8a:ca:c6:ad:da:53:79:b4:
         fe:32:cd:a9:5e:66:02:7a:a0:56:c7:1d:bb:e9:ea:35:8d:81:
         a9:a8:46:c1:98:8b:2f:fe:f6:d3:08:e0:1a:56:3f:10:17:39:
         9c:ba:dc:2e:9b:b1:a1:41:dc:ae:5a:f8:64:c8:93:20:12:11:
         64:b1:ea:f6:16:1a:19:9b:99:ba:48:12:92:ee:ac:b5:80:f8:
         09:6d:f6:8d:ef:f6:d0:5e:f5:bc:c7:cc:5a:fd:ae:ce:8a:05:
         ba:19:ec:6d:89:8c:36:29:91:26:3a:1e:76:0d:5d:8c:74:34:
         0c:81:f4:53:76:23:4a:17:97:be:42:37:0a:3f:c3:32:82:d5:
         7e:6e:3d:b7:5b:1c:ae:4d:e9:3d:fc:3d:0e:5b:4a:18:c9:9e:
         b0:67:44:da:7d:90:90:41:8c:e3:9f:df:0c:0c:04:67:ca:8f:
         a7:ef:18:8d:21:3e:87:56:79:a7:28:ad:02:77:79:4e:be:e6:
         d4:38:b3:d9:b6:54:75:f1:ff:34:71:4c:c2:ec:42:84:e0:c1:
         5d:04:90:1a
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICQc4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDk2QTg1RUY0QjhDQUY1RDRDMzVBMTU3RjRFMTI1RUU0
OTRCQUY5MzkwHhcNMjQwNjIyMTQ1MDMwWhcNMjQwNjI5MTQ1MDMwWjAYMRYwFAYD
VQQDEw02Njc2ZTRiNi0zZGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2JSvAFarrvEItYZ2ZeljFuUKtH4o6bUk0EtqaulU2EfFCSjUaj+nO28xT9eR
gFxsYn+HN/K+tKlvtgcxb5KMH5F2UliLQikC2nfZRR93C40Li8ebtROxOHVT0n1b
YSQaj5u4WM1Fl9dbuW6AObJo8v8FizipJf6QIUuXuTeW6/5RnYKye+mZB6KpwP9k
JOFadQ7ics/vGEHuXRNiainGCiy4khwJYrQEI2yVAEVqjd48M4RT+Lkl4HzS3K4q
dxv38IWLb726ikHZIpUgmMaWWTpzk4SjoTqp3izRG1lb4jI0ldp3iN2d1JVYs5Zr
LaeWA/m7+xkmdBGFAbAPqqKxoQIDAQABo4IChzCCAoMwHQYDVR0OBBYEFBltg0m0
TVQrhnd6ap8XnFkQR8YYMB8GA1UdIwQYMBaAFJaoXvS4yvXUw1oVf04SXuSUuvk5
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjRBMUJFQTYxRDY2MTFFMkIyQ0Q4QjdDNzJG
RDFGRjIvbHFoZTlMaks5ZFREV2hWX1RoSmU1SlM2LVRrLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9scWhlOUxqSzlk
VERXaFZfVGhKZTVKUzYtVGsuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNEExQkVBNjFENjYxMUUyQjJDRDhCN0M3MkZE
MUZGMi9scWhlOUxqSzlkVERXaFZfVGhKZTVKUzYtVGsubWZ0MDMGCCsGAQUFBzAN
hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB
BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBP3lGmNJZycvt34lksxqM63NJY6SvOfjOO
l5wz4trn2DTeFRgYzdL1lqQnNnIVisrGrdpTebT+Ms2pXmYCeqBWxx276eo1jYGp
qEbBmIsv/vbTCOAaVj8QFzmcutwum7GhQdyuWvhkyJMgEhFkser2FhoZm5m6SBKS
7qy1gPgJbfaN7/bQXvW8x8xa/a7OigW6GextiYw2KZEmOh52DV2MdDQMgfRTdiNK
F5e+QjcKP8MygtV+bj23WxyuTek9/D0OW0oYyZ6wZ0TafZCQQYzjn98MDARnyo+n
7xiNIT6HVnmnKK0Cd3lOvubUOLPZtlR18f80cUzC7EKE4MFdBJAa
-----END CERTIFICATE-----
Generated at Sat Jun 22 15:37:33 2024 by rpki-client on console-ams.rpki-client.org