Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft
File:                     hlMymlHbxnnxvxfXkdg-x2ib564.mft (raw, json)
Hash identifier:          OcR03+JE7C3EtaEOSqbneYuVOT7oi/CQkDwqq+NwZF0=
Subject key identifier:   B1:2C:CE:A3:F1:0A:1B:11:CA:23:95:5D:0A:5D:11:75:E6:A5:51:90
Authority key identifier: 86:53:32:9A:51:DB:C6:79:F1:BF:17:D7:91:D8:3E:C7:68:9B:E7:AE
Certificate issuer:       /CN=A91177D4/serialNumber=8653329A51DBC679F1BF17D791D83EC7689BE7AE
Certificate serial:       081A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hlMymlHbxnnxvxfXkdg-x2ib564.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft
Manifest number:          0815
Signing time:             Thu 24 Apr 2025 20:41:53 +0000
Manifest this update:     Thu 24 Apr 2025 20:41:53 +0000
Manifest next update:     Thu 01 May 2025 20:41:53 +0000
Files and hashes:         1: hlMymlHbxnnxvxfXkdg-x2ib564.crl (hash: f5BQiVsT7m6WzlsdBWXBJbGPoGMMbFQN92ECvOxRkiU=)
                          2: 2611C806D1AA11EA82C4313FC4F9AE02.roa (hash: BTpWw7F/XbdMRveGgpGDkDR4BmkxDYTL8O9GDvpyiEg=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.crl
                          rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hlMymlHbxnnxvxfXkdg-x2ib564.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 01 May 2025 20:41:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2074 (0x81a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91177D4, serialNumber=8653329A51DBC679F1BF17D791D83EC7689BE7AE
        Validity
            Not Before: Apr 24 20:41:53 2025 GMT
            Not After : May  1 20:41:53 2025 GMT
        Subject: CN=680aa211-7466
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ef:c7:94:4a:b9:d4:6b:b6:de:67:44:7b:b4:
                    30:22:c3:fd:04:6f:de:6c:bf:2b:1b:d5:3f:a9:55:
                    14:0a:bd:03:3c:95:5b:41:d4:26:8e:01:de:0c:b9:
                    3e:7e:7f:22:2c:a8:5c:ba:56:21:13:30:4d:45:2c:
                    95:ef:78:69:11:ae:dc:db:e8:ee:8e:4c:f2:b7:7f:
                    5f:8e:46:39:08:2c:6e:25:07:34:dd:e0:85:3b:e6:
                    4e:2f:ff:eb:9c:65:9f:87:c5:04:75:92:32:1b:3b:
                    ba:0d:df:79:9c:78:7c:7f:df:12:15:f6:ae:dd:c3:
                    d3:96:d1:3b:b4:f5:32:68:0c:ac:21:63:3a:b8:2e:
                    2c:83:81:8e:ca:74:13:8d:ad:32:fd:59:0e:a9:fb:
                    60:81:0d:29:d3:cf:eb:c3:a1:44:2a:67:2b:64:ea:
                    e0:af:18:16:ef:98:b1:41:f7:98:cc:54:ab:a0:73:
                    e8:c6:18:f6:08:b5:db:78:26:4f:b3:5c:1d:8e:69:
                    e3:fa:83:35:3b:96:5b:1b:2e:27:5e:55:2a:46:75:
                    5f:28:30:89:cf:b4:fa:a8:b6:94:bb:76:48:77:cc:
                    f9:00:d7:26:90:69:8f:fb:0c:8d:e3:1c:1e:37:3f:
                    75:04:ed:70:23:d0:ad:3d:b7:c4:35:fe:d6:87:18:
                    df:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:2C:CE:A3:F1:0A:1B:11:CA:23:95:5D:0A:5D:11:75:E6:A5:51:90
            X509v3 Authority Key Identifier:
                keyid:86:53:32:9A:51:DB:C6:79:F1:BF:17:D7:91:D8:3E:C7:68:9B:E7:AE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hlMymlHbxnnxvxfXkdg-x2ib564.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:a3:fb:8f:f4:f2:1c:38:b8:fd:bd:c7:8f:6a:37:ef:f4:1b:
         7e:ee:4e:d0:6d:bc:e9:1d:a2:4e:fd:d5:c4:3a:c0:db:26:c6:
         0c:f8:fd:c5:d4:0c:d2:51:d6:7f:49:b8:d4:5f:24:5c:2e:21:
         c2:21:e5:25:ea:b0:38:c9:53:44:05:7f:6c:47:8a:a9:33:0c:
         b0:f1:a0:89:91:42:a0:4f:5a:28:95:f6:64:fd:56:ff:11:4a:
         7f:9c:06:1e:b6:eb:0f:4f:68:2b:92:c2:d3:c8:3d:a4:00:d5:
         d7:c5:b1:16:ba:55:36:64:0f:7f:02:a0:ab:21:f1:92:e7:20:
         ea:68:2d:b9:a9:fc:07:25:3d:07:90:fa:71:68:fa:12:6d:88:
         22:65:57:cc:b5:b7:f0:e1:06:7c:fb:83:a1:8e:03:e7:18:e7:
         85:ce:61:52:da:a0:c9:4f:27:8c:9b:11:b1:02:8b:ca:27:27:
         00:fa:fc:43:48:d3:4b:ad:e3:cf:9c:3b:e3:f6:d0:81:97:c5:
         cb:ff:64:15:0d:8a:19:69:f7:17:4f:12:90:d2:2a:ee:c2:6a:
         2c:0e:fd:d0:2b:0b:70:e2:f0:59:e5:1d:ee:8c:c1:a4:5f:dc:
         0e:30:5f:8d:33:b7:56:0c:8b:a7:63:33:0d:c2:e9:50:70:a4:
         a7:0b:ef:4e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCBowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTc3RDQxMTAvBgNVBAUTKDg2NTMzMjlBNTFEQkM2NzlGMUJGMTdENzkxRDgzRUM3
Njg5QkU3QUUwHhcNMjUwNDI0MjA0MTUzWhcNMjUwNTAxMjA0MTUzWjAYMRYwFAYD
VQQDEw02ODBhYTIxMS03NDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApO/HlEq51Gu23mdEe7QwIsP9BG/ebL8rG9U/qVUUCr0DPJVbQdQmjgHeDLk+
fn8iLKhculYhEzBNRSyV73hpEa7c2+jujkzyt39fjkY5CCxuJQc03eCFO+ZOL//r
nGWfh8UEdZIyGzu6Dd95nHh8f98SFfau3cPTltE7tPUyaAysIWM6uC4sg4GOynQT
ja0y/VkOqftggQ0p08/rw6FEKmcrZOrgrxgW75ixQfeYzFSroHPoxhj2CLXbeCZP
s1wdjmnj+oM1O5ZbGy4nXlUqRnVfKDCJz7T6qLaUu3ZId8z5ANcmkGmP+wyN4xwe
Nz91BO1wI9CtPbfENf7Whxjf4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLEszqPx
ChsRyiOVXQpdEXXmpVGQMB8GA1UdIwQYMBaAFIZTMppR28Z58b8X15HYPsdom+eu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzdENC8yQ0VFRkUzNEQx
QTgxMUVBOEM1ODM3M0JDNEY5QUUwMi9obE15bWxIYnhubnh2eGZYa2RnLXgyaWI1
NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hsTXltbEhieG5ueHZ4ZlhrZGcteDJpYjU2NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
NzdENC8yQ0VFRkUzNEQxQTgxMUVBOEM1ODM3M0JDNEY5QUUwMi9obE15bWxIYnhu
bnh2eGZYa2RnLXgyaWI1NjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAio/uP9PIcOLj9vcePajfv9Bt+7k7QbbzpHaJO/dXEOsDbJsYM+P3F
1AzSUdZ/SbjUXyRcLiHCIeUl6rA4yVNEBX9sR4qpMwyw8aCJkUKgT1oolfZk/Vb/
EUp/nAYetusPT2grksLTyD2kANXXxbEWulU2ZA9/AqCrIfGS5yDqaC25qfwHJT0H
kPpxaPoSbYgiZVfMtbfw4QZ8+4OhjgPnGOeFzmFS2qDJTyeMmxGxAovKJycA+vxD
SNNLrePPnDvj9tCBl8XL/2QVDYoZafcXTxKQ0iruwmosDv3QKwtw4vBZ5R3ujMGk
X9wOMF+NM7dWDIunYzMNwulQcKSnC+9O
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:32:53 2025 by rpki-client