Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft
File:                     hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft (raw, json)
Hash identifier:          2oOMlS9Un5QAE9ATHO8e14QoXo7zBkRLkRtHoGfdksg=
Subject key identifier:   20:0B:DE:DA:AA:69:AA:BD:93:3F:AA:66:B8:75:50:83:CD:1A:61:E7
Authority key identifier: 85:29:9F:0D:B1:4C:8F:0A:53:D2:44:6E:FD:B0:CC:05:9C:15:24:BF
Certificate issuer:       /CN=A911C9E8/serialNumber=85299F0DB14C8F0A53D2446EFDB0CC059C1524BF
Certificate serial:       0164
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSmfDbFMjwpT0kRu_bDMBZwVJL8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft
Manifest number:          0161
Signing time:             Thu 07 Aug 2025 04:29:01 +0000
Manifest this update:     Thu 07 Aug 2025 04:29:00 +0000
Manifest next update:     Thu 14 Aug 2025 04:29:00 +0000
Files and hashes:         1: hSmfDbFMjwpT0kRu_bDMBZwVJL8.crl (hash: LDn6PJ1O3R/Tc6+taVkAjXKXyX29EohhPO38i3BaJWI=)
                          2: E39F4ED65C2411EEB54C4F43C4F9AE02.roa (hash: jSX8BBXcDhKRO02h61flDcL9PRKVJzf27mu274wCdhk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.crl
                          rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSmfDbFMjwpT0kRu_bDMBZwVJL8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 04:29:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 356 (0x164)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911C9E8, serialNumber=85299F0DB14C8F0A53D2446EFDB0CC059C1524BF
        Validity
            Not Before: Aug  7 04:29:00 2025 GMT
            Not After : Aug 14 04:29:00 2025 GMT
        Subject: CN=68942b8d-0adc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:3a:ce:05:7f:a6:7c:18:d4:b8:f0:f3:09:df:
                    29:00:fb:ec:7a:15:c4:fc:ad:c1:01:09:da:66:1f:
                    c6:76:c3:86:88:9e:6f:5c:0d:6e:55:47:2b:d7:92:
                    c3:80:53:b4:3f:b1:88:fd:c9:5f:ab:f9:5d:d6:52:
                    ec:86:aa:6b:a3:40:71:e6:bf:57:46:1e:11:0f:70:
                    d2:ab:f1:c5:c3:eb:39:4a:b9:c1:97:02:cd:d1:22:
                    d7:ad:3a:87:83:26:e6:59:5e:d8:75:f4:70:4d:71:
                    65:79:f4:86:99:5d:00:02:b4:1d:5d:1d:45:f6:dd:
                    72:82:40:40:af:60:bc:64:e1:44:37:e8:f7:5a:34:
                    ab:54:37:31:05:c8:70:fc:b9:43:99:4d:b9:9a:cf:
                    23:a4:1b:20:bc:50:e4:8e:5c:e1:fc:85:15:31:7a:
                    01:4b:74:49:75:dd:d2:24:a3:4a:0d:99:98:40:9c:
                    9a:a1:1f:7a:8b:70:ae:06:ad:31:00:e6:53:29:fa:
                    cc:9e:39:95:bf:37:a5:23:ba:02:b2:29:6c:54:d2:
                    87:df:da:6a:01:cf:76:dc:91:ea:62:20:7c:26:77:
                    5b:1c:d9:8b:a5:f2:be:ea:0e:be:c9:73:df:dc:4b:
                    e8:b1:03:c9:61:39:f3:cc:5c:a0:0b:31:f7:bc:ed:
                    72:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:0B:DE:DA:AA:69:AA:BD:93:3F:AA:66:B8:75:50:83:CD:1A:61:E7
            X509v3 Authority Key Identifier:
                keyid:85:29:9F:0D:B1:4C:8F:0A:53:D2:44:6E:FD:B0:CC:05:9C:15:24:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hSmfDbFMjwpT0kRu_bDMBZwVJL8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C9E8/FDF6730658FD11EE9D2D2376C4F9AE02/hSmfDbFMjwpT0kRu_bDMBZwVJL8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:70:12:d0:ec:7a:67:e7:01:45:69:90:4b:b9:20:2a:8d:4e:
         a5:ba:8b:81:62:7a:f9:b1:eb:2a:c8:23:f9:b7:40:07:15:46:
         70:29:34:15:02:7b:ab:04:be:74:34:2e:11:e8:6f:2f:a3:fa:
         9a:16:64:78:51:54:48:c5:4e:c1:be:94:54:1a:8a:20:8b:bb:
         fd:ec:3b:4d:5a:62:92:88:86:2d:49:13:e3:aa:7e:d2:9b:e2:
         fc:db:33:64:18:31:3d:66:ff:88:d4:b7:79:ef:80:2a:1f:2f:
         6a:ba:8d:64:db:81:25:a3:f5:e4:61:9a:4c:0a:6f:84:c6:dc:
         c1:3b:78:5e:dc:b8:fc:40:0f:ea:18:81:8e:b3:35:67:47:56:
         fd:8b:11:3f:41:5e:06:10:bb:65:e3:bd:6f:c7:71:c3:88:7c:
         15:a2:59:38:fd:05:8d:23:87:8e:96:05:11:6d:51:01:81:df:
         d4:66:85:3b:11:67:65:0c:cd:44:90:f8:13:5b:15:79:08:23:
         8f:4e:9b:3b:f6:f8:d3:73:fb:d0:42:14:62:11:60:b6:e3:aa:
         92:49:c4:54:7e:d4:c2:40:a8:ce:94:c8:8d:a5:8d:ed:83:4a:
         19:91:96:66:6d:1c:8c:90:27:12:b9:9d:90:32:b5:ba:e9:bb:
         0a:00:a3:c1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAWQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM5RTgxMTAvBgNVBAUTKDg1Mjk5RjBEQjE0QzhGMEE1M0QyNDQ2RUZEQjBDQzA1
OUMxNTI0QkYwHhcNMjUwODA3MDQyOTAwWhcNMjUwODE0MDQyOTAwWjAYMRYwFAYD
VQQDEw02ODk0MmI4ZC0wYWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsDrOBX+mfBjUuPDzCd8pAPvsehXE/K3BAQnaZh/GdsOGiJ5vXA1uVUcr15LD
gFO0P7GI/clfq/ld1lLshqpro0Bx5r9XRh4RD3DSq/HFw+s5SrnBlwLN0SLXrTqH
gybmWV7YdfRwTXFlefSGmV0AArQdXR1F9t1ygkBAr2C8ZOFEN+j3WjSrVDcxBchw
/LlDmU25ms8jpBsgvFDkjlzh/IUVMXoBS3RJdd3SJKNKDZmYQJyaoR96i3CuBq0x
AOZTKfrMnjmVvzelI7oCsilsVNKH39pqAc923JHqYiB8JndbHNmLpfK+6g6+yXPf
3EvosQPJYTnzzFygCzH3vO1yKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCAL3tqq
aaq9kz+qZrh1UIPNGmHnMB8GA1UdIwQYMBaAFIUpnw2xTI8KU9JEbv2wzAWcFSS/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzlFOC9GREY2NzMwNjU4
RkQxMUVFOUQyRDIzNzZDNEY5QUUwMi9oU21mRGJGTWp3cFQwa1J1X2JETUJad1ZK
TDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hTbWZEYkZNandwVDBrUnVfYkRNQlp3VkpMOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QzlFOC9GREY2NzMwNjU4RkQxMUVFOUQyRDIzNzZDNEY5QUUwMi9oU21mRGJGTWp3
cFQwa1J1X2JETUJad1ZKTDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB3cBLQ7Hpn5wFFaZBLuSAqjU6luouBYnr5sesqyCP5t0AHFUZwKTQV
AnurBL50NC4R6G8vo/qaFmR4UVRIxU7BvpRUGoogi7v97DtNWmKSiIYtSRPjqn7S
m+L82zNkGDE9Zv+I1Ld574AqHy9quo1k24Elo/XkYZpMCm+ExtzBO3he3Lj8QA/q
GIGOszVnR1b9ixE/QV4GELtl471vx3HDiHwVolk4/QWNI4eOlgURbVEBgd/UZoU7
EWdlDM1EkPgTWxV5CCOPTps79vjTc/vQQhRiEWC246qSScRUftTCQKjOlMiNpY3t
g0oZkZZmbRyMkCcSuZ2QMrW66bsKAKPB
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:23:06 2025 by rpki-client