Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft
File:                     hlMymlHbxnnxvxfXkdg-x2ib564.mft (raw, json)
Hash identifier:          iM7wR0hmd7B7ZguwHKmBeV0bOqnUYQPxcl8ceUxT7rM=
Subject key identifier:   7B:38:63:21:AE:30:C1:1C:89:84:94:81:65:A3:70:44:80:2D:CC:BB
Authority key identifier: 86:53:32:9A:51:DB:C6:79:F1:BF:17:D7:91:D8:3E:C7:68:9B:E7:AE
Certificate issuer:       /CN=A91177D4/serialNumber=8653329A51DBC679F1BF17D791D83EC7689BE7AE
Certificate serial:       081C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hlMymlHbxnnxvxfXkdg-x2ib564.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft
Manifest number:          0817
Signing time:             Mon 28 Apr 2025 21:17:20 +0000
Manifest this update:     Mon 28 Apr 2025 21:17:19 +0000
Manifest next update:     Mon 05 May 2025 21:17:19 +0000
Files and hashes:         1: hlMymlHbxnnxvxfXkdg-x2ib564.crl (hash: 92GF83Kw5trPlUwfmSPjej9cT1nLiGqWOcwHqUnXkgs=)
                          2: 2611C806D1AA11EA82C4313FC4F9AE02.roa (hash: BTpWw7F/XbdMRveGgpGDkDR4BmkxDYTL8O9GDvpyiEg=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.crl
                          rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hlMymlHbxnnxvxfXkdg-x2ib564.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 05 May 2025 21:17:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2076 (0x81c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91177D4, serialNumber=8653329A51DBC679F1BF17D791D83EC7689BE7AE
        Validity
            Not Before: Apr 28 21:17:19 2025 GMT
            Not After : May  5 21:17:19 2025 GMT
        Subject: CN=680ff060-e27c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:bf:6f:1b:a3:ef:2d:8e:60:26:a2:d7:a4:ed:
                    35:bb:8b:01:05:a1:91:21:cb:3e:57:c9:d4:c9:50:
                    98:96:2b:f1:ed:67:6f:4b:3b:87:41:bd:54:b5:65:
                    51:33:1b:82:5b:31:0d:c1:b2:7f:4f:21:f7:3a:c3:
                    bb:b4:6f:75:32:70:f9:07:ea:71:fe:d1:4e:61:f3:
                    3d:7c:b4:55:62:7f:df:b1:d9:04:3b:57:4f:39:ce:
                    fa:e2:e6:1d:d6:cf:26:c5:7e:96:f7:93:76:c2:d7:
                    9a:9d:cf:23:ef:ee:7f:8b:f3:99:cf:8d:fd:12:c6:
                    6f:0e:ac:86:68:8b:d9:d0:a7:52:b3:9f:a0:b9:5a:
                    fa:95:9c:5e:4b:f5:d3:83:d9:f7:dc:6a:59:91:67:
                    60:a4:1e:63:af:88:bf:b4:c5:fb:6e:38:51:eb:25:
                    7d:fd:82:a4:6d:35:00:14:70:01:8d:ab:fb:18:d2:
                    af:97:e0:99:24:17:04:dc:00:14:89:c6:03:49:7e:
                    e0:ee:14:72:58:93:9d:b6:47:76:40:45:23:0e:4c:
                    32:40:3d:c3:eb:20:db:b0:e9:3c:7c:b4:cb:24:af:
                    56:ff:0a:7d:0d:09:fd:f9:06:9e:79:e4:f6:a6:30:
                    8a:df:4d:52:68:c4:61:1b:ea:50:c4:00:47:f8:be:
                    da:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:38:63:21:AE:30:C1:1C:89:84:94:81:65:A3:70:44:80:2D:CC:BB
            X509v3 Authority Key Identifier:
                keyid:86:53:32:9A:51:DB:C6:79:F1:BF:17:D7:91:D8:3E:C7:68:9B:E7:AE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hlMymlHbxnnxvxfXkdg-x2ib564.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91177D4/2CEEFE34D1A811EA8C58373BC4F9AE02/hlMymlHbxnnxvxfXkdg-x2ib564.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:73:18:40:bb:cc:16:c6:2d:0e:9f:89:e2:1d:1f:c1:2f:a1:
         45:cc:51:65:e4:01:a8:39:8d:b8:d4:76:29:38:6e:3a:90:7e:
         6d:3b:4e:ed:97:0e:40:68:8b:a1:c9:ee:7c:b8:8d:ea:ce:a6:
         25:6f:e3:10:25:5b:5c:e0:9d:6f:5f:fb:32:1d:53:7d:2b:86:
         9b:d6:43:d5:c0:b4:97:7d:bb:6a:ad:d1:f9:56:89:10:8e:34:
         79:bd:82:6a:56:a9:0a:14:b6:84:0e:5a:e3:93:4c:6f:fb:b8:
         f1:bb:3c:ab:25:d5:86:36:2e:d0:a6:8c:b3:73:b9:20:79:b1:
         ec:33:cd:1d:76:54:54:59:b7:67:34:05:56:cd:eb:bc:a1:6d:
         99:87:40:82:3a:e0:89:12:b6:9a:7e:ab:28:a4:c8:63:4b:f1:
         ef:b4:b4:41:62:aa:39:10:bf:9d:6c:cd:23:5d:af:57:36:35:
         d0:12:4e:54:de:ed:b5:72:79:31:48:73:f0:5b:51:e5:a4:2b:
         cb:31:13:80:36:42:67:02:db:23:ff:16:62:c2:55:c5:0e:4e:
         81:c9:8e:f0:ab:88:a0:c8:9f:62:a6:2a:43:b2:2a:06:f5:33:
         ee:df:67:29:21:ed:7f:24:eb:47:a6:a1:db:12:17:a9:e9:15:
         bf:8d:6d:67
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCBwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTc3RDQxMTAvBgNVBAUTKDg2NTMzMjlBNTFEQkM2NzlGMUJGMTdENzkxRDgzRUM3
Njg5QkU3QUUwHhcNMjUwNDI4MjExNzE5WhcNMjUwNTA1MjExNzE5WjAYMRYwFAYD
VQQDEw02ODBmZjA2MC1lMjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0b9vG6PvLY5gJqLXpO01u4sBBaGRIcs+V8nUyVCYlivx7WdvSzuHQb1UtWVR
MxuCWzENwbJ/TyH3OsO7tG91MnD5B+px/tFOYfM9fLRVYn/fsdkEO1dPOc764uYd
1s8mxX6W95N2wteanc8j7+5/i/OZz439EsZvDqyGaIvZ0KdSs5+guVr6lZxeS/XT
g9n33GpZkWdgpB5jr4i/tMX7bjhR6yV9/YKkbTUAFHABjav7GNKvl+CZJBcE3AAU
icYDSX7g7hRyWJOdtkd2QEUjDkwyQD3D6yDbsOk8fLTLJK9W/wp9DQn9+QaeeeT2
pjCK301SaMRhG+pQxABH+L7aKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHs4YyGu
MMEciYSUgWWjcESALcy7MB8GA1UdIwQYMBaAFIZTMppR28Z58b8X15HYPsdom+eu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzdENC8yQ0VFRkUzNEQx
QTgxMUVBOEM1ODM3M0JDNEY5QUUwMi9obE15bWxIYnhubnh2eGZYa2RnLXgyaWI1
NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hsTXltbEhieG5ueHZ4ZlhrZGcteDJpYjU2NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
NzdENC8yQ0VFRkUzNEQxQTgxMUVBOEM1ODM3M0JDNEY5QUUwMi9obE15bWxIYnhu
bnh2eGZYa2RnLXgyaWI1NjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAgcxhAu8wWxi0On4niHR/BL6FFzFFl5AGoOY241HYpOG46kH5tO07t
lw5AaIuhye58uI3qzqYlb+MQJVtc4J1vX/syHVN9K4ab1kPVwLSXfbtqrdH5VokQ
jjR5vYJqVqkKFLaEDlrjk0xv+7jxuzyrJdWGNi7Qpoyzc7kgebHsM80ddlRUWbdn
NAVWzeu8oW2Zh0CCOuCJEraafqsopMhjS/HvtLRBYqo5EL+dbM0jXa9XNjXQEk5U
3u21cnkxSHPwW1HlpCvLMROANkJnAtsj/xZiwlXFDk6ByY7wq4igyJ9ipipDsioG
9TPu32cpIe1/JOtHpqHbEhep6RW/jW1n
-----END CERTIFICATE-----
Generated at Tue Apr 29 10:34:53 2025 by rpki-client