Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft
File:                     yozvXh2MPaWsm67lsZbvBmCaOVk.mft (raw, json)
Hash identifier:          Khw+FmcCXRjX0q1rkeoHGOJRmI9jUeSOmLqDhFHg3kI=
Subject key identifier:   82:DF:51:4A:69:16:67:03:AB:78:39:08:9A:58:AF:48:4F:EA:64:7C
Authority key identifier: CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59
Certificate issuer:       /CN=A911B5BA/serialNumber=CA8CEF5E1D8C3DA5AC9BAEE5B196EF06609A3959
Certificate serial:       0B46
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft
Manifest number:          0B43
Signing time:             Fri 08 Aug 2025 19:24:13 +0000
Manifest this update:     Fri 08 Aug 2025 19:24:12 +0000
Manifest next update:     Fri 15 Aug 2025 19:24:12 +0000
Files and hashes:         1: yozvXh2MPaWsm67lsZbvBmCaOVk.crl (hash: eYOQkZpwBMQLc5A39agndlWtvqLDRvhXVQbs+EZqebo=)
                          2: 410BAD2095F011EFA9137C67C4F9AE02.roa (hash: 3u5hviV9wYqSDD6MZKgqds2XhBaPvlTgTPQdfbhFev0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.crl
                          rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2886 (0xb46)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911B5BA, serialNumber=CA8CEF5E1D8C3DA5AC9BAEE5B196EF06609A3959
        Validity
            Not Before: Aug  8 19:24:12 2025 GMT
            Not After : Aug 15 19:24:12 2025 GMT
        Subject: CN=68964edc-9bb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:ec:ac:08:b7:24:29:9e:2a:f6:60:90:d7:25:
                    8e:d8:03:09:07:0b:ce:85:93:ec:40:4e:0b:de:9d:
                    d3:74:5b:c7:d0:81:d3:92:92:c2:47:f5:d3:4f:49:
                    0d:b5:35:8d:f5:0f:4c:cd:d2:b4:00:cc:31:94:83:
                    64:61:2d:9f:f4:c5:ab:18:8c:ed:fc:cb:0e:d2:44:
                    a4:18:3e:10:25:03:4c:70:a8:40:c2:94:c4:79:7c:
                    fe:29:a0:14:44:dc:72:ab:ec:5a:26:76:68:92:b8:
                    24:3e:47:d5:ae:d9:c4:0d:5f:77:2f:62:a5:b2:13:
                    4a:41:0c:17:f7:3d:3f:a3:b9:61:be:24:96:1e:22:
                    b4:7a:2b:33:96:63:35:04:39:72:93:fd:17:88:ac:
                    0c:74:60:da:2f:60:06:f6:ea:fa:bb:e1:49:d9:c2:
                    67:4c:ed:38:d1:1c:d6:3f:ce:80:cf:fa:e9:40:d8:
                    1b:2e:36:2b:dc:91:b8:86:10:ab:0b:a1:dd:a6:8c:
                    e5:e2:1e:bd:13:eb:a8:2d:58:e2:01:14:f1:1e:07:
                    79:f7:85:08:9d:73:f8:51:dd:c8:03:ed:2b:54:e9:
                    4d:50:53:f5:97:c3:d1:c0:5e:1d:16:8c:1b:a0:fc:
                    d3:75:70:91:60:80:7b:a9:8f:cf:f0:18:f4:dc:b4:
                    6a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:DF:51:4A:69:16:67:03:AB:78:39:08:9A:58:AF:48:4F:EA:64:7C
            X509v3 Authority Key Identifier:
                keyid:CA:8C:EF:5E:1D:8C:3D:A5:AC:9B:AE:E5:B1:96:EF:06:60:9A:39:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yozvXh2MPaWsm67lsZbvBmCaOVk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5BA/93E2FB0C3DA311EAA4DC3A59C4F9AE02/yozvXh2MPaWsm67lsZbvBmCaOVk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:4c:1c:fc:a9:17:f6:64:68:09:c0:fb:06:c8:66:7f:1c:ea:
         c5:0b:e9:44:9d:e3:14:2a:1e:86:57:ba:bb:08:d4:3d:a7:6d:
         f5:62:bf:2b:41:4b:e3:c3:8b:52:a2:6e:1e:18:59:28:e5:2d:
         5c:26:eb:c7:85:a3:11:6d:61:da:27:16:1d:dc:49:18:97:b7:
         68:b3:32:3d:db:0b:ba:13:d9:3c:02:36:c5:68:b5:06:b9:7e:
         82:17:74:59:71:8c:98:3b:61:1d:5c:03:ad:1f:5c:ff:0c:8c:
         dd:1a:9c:07:e1:48:25:71:d4:4e:07:92:43:ed:50:82:89:96:
         8b:6c:17:7e:4c:c8:9b:f8:ae:65:2b:49:9d:bc:80:a7:54:91:
         ac:3a:e8:08:ae:bf:ef:7e:45:71:91:20:cf:06:b4:79:bc:f9:
         24:3b:8c:87:69:82:d7:d3:21:5b:37:6f:2d:83:cf:1c:ce:08:
         1b:6c:af:fc:f3:1b:11:30:af:bc:16:49:67:06:44:d9:ca:4b:
         cf:23:d5:1e:73:7d:1d:34:d1:c6:9e:be:29:e2:64:16:14:2e:
         d5:04:80:93:b8:6c:8b:26:be:cb:46:ee:53:9e:d1:cb:cb:1b:
         c5:72:0b:24:3d:a6:37:c8:f8:65:b2:3c:4c:f7:12:0e:c9:57:
         7e:eb:4d:fc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICC0YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI1QkExMTAvBgNVBAUTKENBOENFRjVFMUQ4QzNEQTVBQzlCQUVFNUIxOTZFRjA2
NjA5QTM5NTkwHhcNMjUwODA4MTkyNDEyWhcNMjUwODE1MTkyNDEyWjAYMRYwFAYD
VQQDEw02ODk2NGVkYy05YmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4eysCLckKZ4q9mCQ1yWO2AMJBwvOhZPsQE4L3p3TdFvH0IHTkpLCR/XTT0kN
tTWN9Q9MzdK0AMwxlINkYS2f9MWrGIzt/MsO0kSkGD4QJQNMcKhAwpTEeXz+KaAU
RNxyq+xaJnZokrgkPkfVrtnEDV93L2KlshNKQQwX9z0/o7lhviSWHiK0eiszlmM1
BDlyk/0XiKwMdGDaL2AG9ur6u+FJ2cJnTO040RzWP86Az/rpQNgbLjYr3JG4hhCr
C6Hdpozl4h69E+uoLVjiARTxHgd594UInXP4Ud3IA+0rVOlNUFP1l8PRwF4dFowb
oPzTdXCRYIB7qY/P8Bj03LRqlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFILfUUpp
FmcDq3g5CJpYr0hP6mR8MB8GA1UdIwQYMBaAFMqM714djD2lrJuu5bGW7wZgmjlZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVCQS85M0UyRkIwQzNE
QTMxMUVBQTREQzNBNTlDNEY5QUUwMi95b3p2WGgyTVBhV3NtNjdsc1pidkJtQ2FP
VmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lvenZYaDJNUGFXc202N2xzWmJ2Qm1DYU9Way5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QjVCQS85M0UyRkIwQzNEQTMxMUVBQTREQzNBNTlDNEY5QUUwMi95b3p2WGgyTVBh
V3NtNjdsc1pidkJtQ2FPVmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBnTBz8qRf2ZGgJwPsGyGZ/HOrFC+lEneMUKh6GV7q7CNQ9p231Yr8r
QUvjw4tSom4eGFko5S1cJuvHhaMRbWHaJxYd3EkYl7doszI92wu6E9k8AjbFaLUG
uX6CF3RZcYyYO2EdXAOtH1z/DIzdGpwH4UglcdROB5JD7VCCiZaLbBd+TMib+K5l
K0mdvICnVJGsOugIrr/vfkVxkSDPBrR5vPkkO4yHaYLX0yFbN28tg88czggbbK/8
8xsRMK+8FklnBkTZykvPI9Uec30dNNHGnr4p4mQWFC7VBICTuGyLJr7LRu5TntHL
yxvFcgskPaY3yPhlsjxM9xIOyVd+6038
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:04:52 2025 by rpki-client