Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.mft
File:                     drnTOfrNYrR-k-iITehQOW2877Q.mft (raw, json)
Hash identifier:          DfDg/zzdwfOsrF3AeCfbEVTZMAqThy7YWnMt+3ne0Pw=
Subject key identifier:   8A:79:C2:73:76:45:FA:4C:F4:EC:1C:3D:26:53:7F:0B:C8:82:95:FD
Authority key identifier: 76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4
Certificate issuer:       /CN=A911E6CA/serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4
Certificate serial:       0B0F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.mft
Manifest number:          0AF7
Signing time:             Sun 10 Aug 2025 19:24:48 +0000
Manifest this update:     Sun 10 Aug 2025 19:24:48 +0000
Manifest next update:     Sun 17 Aug 2025 19:24:48 +0000
Files and hashes:         1: drnTOfrNYrR-k-iITehQOW2877Q.crl (hash: 0Qp+InhUhSddbTy3e/FK4EhMrHDhcGgQXjeOfmEvtxk=)
                          2: 83882F7AF83B11ECB4154E31C4F9AE02.roa (hash: YH3lhLXoSVbhjIpXiN2vn5qlApvWo5uVmDvE4K7XYgk=)
                          3: 4FFC83964CA311EE815AF017C4F9AE02.roa (hash: UA3Z3TNFXnNBwmElq5Ec0QuBLoZlUKqnBYT4/k/3BsY=)
                          4: AA1ABF0AB20011EA9C0DFB2FC4F9AE02.roa (hash: FcXy6QLc2Tvjs24Fp66P1cwtAXMmWgi5gNPzljev1BY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.crl
                          rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2831 (0xb0f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911E6CA, serialNumber=76B9D339FACD62B47E93E8884DE850396DBCEFB4
        Validity
            Not Before: Aug 10 19:24:48 2025 GMT
            Not After : Aug 17 19:24:48 2025 GMT
        Subject: CN=6898f200-9cc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:1f:fa:6a:e7:09:73:1f:99:fb:bf:8e:d6:45:
                    bb:33:0b:07:67:ec:11:e8:57:e7:31:9e:5c:e6:0a:
                    20:08:3b:16:65:c5:fa:9c:8d:f5:94:79:2c:e2:e8:
                    f9:57:9d:d4:c3:cb:8b:cb:12:ad:90:20:88:c8:f3:
                    bc:11:7f:96:db:38:c7:91:f3:30:31:e7:b4:c2:99:
                    cc:51:fa:2a:0f:90:44:3e:33:ad:5c:34:b2:a5:77:
                    77:f3:b4:f0:b5:ab:f1:91:c7:a1:d0:bb:ce:75:40:
                    36:37:fe:7c:39:66:5d:25:a5:37:ea:88:1f:cc:d0:
                    d4:12:79:a4:73:27:3c:53:43:19:9e:1a:72:02:64:
                    81:17:df:29:9c:7d:ca:e1:09:c4:16:86:a3:67:dc:
                    62:83:1e:eb:b3:a6:16:bf:96:51:57:87:68:6a:21:
                    72:01:5c:63:d7:b8:e9:00:37:42:a2:9d:45:19:15:
                    db:55:97:37:46:99:31:27:db:7f:83:c9:38:74:40:
                    a1:3b:f6:34:fe:68:80:8d:01:3f:e0:c7:a5:6d:0a:
                    c9:56:e2:83:15:91:fd:8a:ec:5e:53:4a:81:50:b8:
                    68:3f:f6:35:03:38:24:22:84:6a:bd:58:5e:04:c7:
                    44:f0:ec:e1:2f:c7:a3:51:21:43:40:34:2d:25:67:
                    2d:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:79:C2:73:76:45:FA:4C:F4:EC:1C:3D:26:53:7F:0B:C8:82:95:FD
            X509v3 Authority Key Identifier:
                keyid:76:B9:D3:39:FA:CD:62:B4:7E:93:E8:88:4D:E8:50:39:6D:BC:EF:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/drnTOfrNYrR-k-iITehQOW2877Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E6CA/7409B47A4FC711EA8E46D415C4F9AE02/drnTOfrNYrR-k-iITehQOW2877Q.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:58:9e:d0:56:1d:29:61:52:59:21:0b:4a:5d:ff:e3:87:b8:
         ae:ae:50:f0:c3:51:d2:67:85:cd:b1:08:d1:0c:af:f7:fe:c4:
         2b:86:06:64:d4:8c:77:5c:55:58:ab:ed:be:81:6b:ab:31:17:
         8e:57:7b:10:05:da:83:36:61:4c:51:cc:ab:a6:a2:af:39:59:
         7a:86:10:d4:94:41:c3:3c:0b:2f:39:63:21:28:f5:a4:a4:af:
         7f:78:b6:e9:cd:9c:90:ad:b1:9f:3d:fe:06:f4:09:19:81:2f:
         db:4e:de:05:12:09:45:dd:b7:07:9b:41:de:09:c0:82:d9:3a:
         fd:d5:9a:3f:a4:92:bb:99:54:ab:3f:15:77:04:a7:9b:e3:42:
         63:87:13:e4:b1:5d:7e:34:49:d2:4e:84:55:75:8e:76:3c:be:
         df:7a:67:f1:f3:9c:94:50:f6:44:4d:77:d0:2f:75:28:fd:9c:
         a9:a0:c2:74:61:74:5b:d5:0f:f1:ba:78:85:92:90:9b:64:fd:
         36:1a:d6:30:07:8d:11:5d:07:86:f0:9a:3f:ac:cc:02:b9:71:
         be:d9:61:fc:8b:bd:f0:af:e5:11:63:6d:2d:35:87:65:af:f5:
         1f:19:d6:30:82:58:86:53:84:9c:19:b3:45:81:01:53:82:7b:
         0c:26:a5:a6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCw8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUU2Q0ExMTAvBgNVBAUTKDc2QjlEMzM5RkFDRDYyQjQ3RTkzRTg4ODRERTg1MDM5
NkRCQ0VGQjQwHhcNMjUwODEwMTkyNDQ4WhcNMjUwODE3MTkyNDQ4WjAYMRYwFAYD
VQQDEw02ODk4ZjIwMC05Y2MyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwx/6aucJcx+Z+7+O1kW7MwsHZ+wR6FfnMZ5c5gogCDsWZcX6nI31lHks4uj5
V53Uw8uLyxKtkCCIyPO8EX+W2zjHkfMwMee0wpnMUfoqD5BEPjOtXDSypXd387Tw
tavxkceh0LvOdUA2N/58OWZdJaU36ogfzNDUEnmkcyc8U0MZnhpyAmSBF98pnH3K
4QnEFoajZ9xigx7rs6YWv5ZRV4doaiFyAVxj17jpADdCop1FGRXbVZc3RpkxJ9t/
g8k4dEChO/Y0/miAjQE/4MelbQrJVuKDFZH9iuxeU0qBULhoP/Y1AzgkIoRqvVhe
BMdE8OzhL8ejUSFDQDQtJWctWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIp5wnN2
RfpM9OwcPSZTfwvIgpX9MB8GA1UdIwQYMBaAFHa50zn6zWK0fpPoiE3oUDltvO+0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTZDQS83NDA5QjQ3QTRG
QzcxMUVBOEU0NkQ0MTVDNEY5QUUwMi9kcm5UT2ZyTllyUi1rLWlJVGVoUU9XMjg3
N1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RyblRPZnJOWXJSLWstaUlUZWhRT1cyODc3US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RTZDQS83NDA5QjQ3QTRGQzcxMUVBOEU0NkQ0MTVDNEY5QUUwMi9kcm5UT2ZyTlly
Ui1rLWlJVGVoUU9XMjg3N1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBqWJ7QVh0pYVJZIQtKXf/jh7iurlDww1HSZ4XNsQjRDK/3/sQrhgZk
1Ix3XFVYq+2+gWurMReOV3sQBdqDNmFMUcyrpqKvOVl6hhDUlEHDPAsvOWMhKPWk
pK9/eLbpzZyQrbGfPf4G9AkZgS/bTt4FEglF3bcHm0HeCcCC2Tr91Zo/pJK7mVSr
PxV3BKeb40JjhxPksV1+NEnSToRVdY52PL7femfx85yUUPZETXfQL3Uo/ZypoMJ0
YXRb1Q/xuniFkpCbZP02GtYwB40RXQeG8Jo/rMwCuXG+2WH8i73wr+URY20tNYdl
r/UfGdYwgliGU4ScGbNFgQFTgnsMJqWm
-----END CERTIFICATE-----
Generated at Mon Aug 11 10:35:53 2025 by rpki-client