Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9120CDE/23D8566EFBDB11E8920CB044C4F9AE02/EW-SD4cwZnR6jO3a_-hLz72wNRo.mft
File:                     EW-SD4cwZnR6jO3a_-hLz72wNRo.mft (raw, json)
Hash identifier:          DMw9YHz2rTCDBn191xeZkJFuxAP3igExg8YM5DN2giE=
Subject key identifier:   C2:50:4D:EA:70:40:59:D8:39:C4:5F:2D:63:E1:18:5F:7B:07:3E:7B
Authority key identifier: 11:6F:92:0F:87:30:66:74:7A:8C:ED:DA:FF:E8:4B:CF:BD:B0:35:1A
Certificate issuer:       /CN=A9120CDE/serialNumber=116F920F873066747A8CEDDAFFE84BCFBDB0351A
Certificate serial:       11BB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EW-SD4cwZnR6jO3a_-hLz72wNRo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9120CDE/23D8566EFBDB11E8920CB044C4F9AE02/EW-SD4cwZnR6jO3a_-hLz72wNRo.mft
Manifest number:          11AF
Signing time:             Fri 08 Aug 2025 17:22:46 +0000
Manifest this update:     Fri 08 Aug 2025 17:22:46 +0000
Manifest next update:     Fri 15 Aug 2025 17:22:46 +0000
Files and hashes:         1: EW-SD4cwZnR6jO3a_-hLz72wNRo.crl (hash: Lsp8/wa1qmQhFLC9OirQ5ypuTey4W6jHsB10ZtPg/Fw=)
                          2: D8D63660B9A811ECB7EE5A71C4F9AE02.roa (hash: DIX09IMqDwhYz9qe1Nv5iQBk3kT+S7TLOQSBMI/PtT0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9120CDE/23D8566EFBDB11E8920CB044C4F9AE02/EW-SD4cwZnR6jO3a_-hLz72wNRo.crl
                          rsync://rpki.apnic.net/member_repository/A9120CDE/23D8566EFBDB11E8920CB044C4F9AE02/EW-SD4cwZnR6jO3a_-hLz72wNRo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EW-SD4cwZnR6jO3a_-hLz72wNRo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4539 (0x11bb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9120CDE, serialNumber=116F920F873066747A8CEDDAFFE84BCFBDB0351A
        Validity
            Not Before: Aug  8 17:22:46 2025 GMT
            Not After : Aug 15 17:22:46 2025 GMT
        Subject: CN=68963266-8b6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:91:ed:7e:a3:f3:2b:41:2a:19:c2:26:67:f9:
                    7d:9b:e4:19:e8:f8:60:c7:e5:ae:34:5b:20:89:0a:
                    c4:90:c9:ba:a5:41:6a:c5:2c:37:00:1d:6c:eb:a7:
                    86:a7:34:28:f9:41:0d:96:3f:89:6a:71:c4:e5:eb:
                    54:f4:65:fb:d9:57:87:e0:2e:03:b2:e1:a3:96:16:
                    82:05:06:f2:17:6e:5d:86:96:ab:a8:19:2c:2a:65:
                    3c:f2:89:8c:50:a1:7d:13:d4:93:1d:10:11:68:74:
                    67:db:85:c7:36:f9:d5:9c:c9:09:0d:c3:da:96:99:
                    f3:f2:1a:c6:9b:4b:62:39:e9:ad:ae:a9:b7:78:31:
                    15:2f:e8:7d:61:7e:c0:cf:ca:04:aa:ef:df:1c:4d:
                    7d:55:00:e1:0c:73:e1:56:46:4c:37:fb:ca:97:d6:
                    65:61:85:1e:7a:2c:dd:25:d6:bc:94:b8:35:8e:2e:
                    dd:49:89:c5:f0:7b:07:61:3d:17:09:66:ee:f0:0f:
                    9c:ef:79:fa:4c:c9:66:6f:97:43:63:c5:76:67:1e:
                    ef:f5:c1:9b:ab:22:da:21:31:d4:a0:d5:b0:f7:ee:
                    91:eb:e1:5f:05:9a:5a:4b:37:ce:f2:16:43:54:c9:
                    41:ab:6a:36:c2:6d:a5:e4:de:b7:e1:8d:9b:0d:23:
                    a2:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:50:4D:EA:70:40:59:D8:39:C4:5F:2D:63:E1:18:5F:7B:07:3E:7B
            X509v3 Authority Key Identifier:
                keyid:11:6F:92:0F:87:30:66:74:7A:8C:ED:DA:FF:E8:4B:CF:BD:B0:35:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9120CDE/23D8566EFBDB11E8920CB044C4F9AE02/EW-SD4cwZnR6jO3a_-hLz72wNRo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EW-SD4cwZnR6jO3a_-hLz72wNRo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9120CDE/23D8566EFBDB11E8920CB044C4F9AE02/EW-SD4cwZnR6jO3a_-hLz72wNRo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:f5:5e:be:75:c8:35:e6:fb:46:b8:9d:de:a3:f8:2b:e7:dc:
         46:54:d1:4f:95:32:f4:7f:40:c0:07:e2:3c:de:0e:ad:89:96:
         a7:9c:b6:89:81:d4:6d:d7:e8:2d:33:40:8b:e8:22:7d:3a:61:
         cb:ee:68:bf:98:46:87:ca:2f:91:96:d1:59:80:54:22:3c:46:
         cf:6d:9b:e9:01:b2:81:27:2b:e6:30:db:1e:a2:68:e6:8d:3e:
         1f:65:d4:02:cd:db:ea:3f:34:0f:27:ef:09:1b:fb:d3:95:9e:
         11:27:f4:59:6e:9b:f7:6c:cf:7b:65:33:85:4b:2e:69:16:52:
         36:cc:7b:52:3c:1b:ad:7f:6a:c2:87:bd:b3:80:80:fb:95:70:
         f9:1b:f4:66:8e:37:f6:16:27:ed:ca:e4:b9:00:b4:4e:10:a8:
         95:f8:59:9a:e8:23:27:bb:c8:36:f1:b1:89:82:9d:42:f0:61:
         8d:82:5a:74:6a:a6:b4:ae:bc:90:96:32:6d:c1:e6:3e:da:e6:
         d8:62:d5:c6:24:32:5a:98:24:73:9c:32:0e:bc:85:29:30:99:
         39:10:e3:73:25:a0:24:fb:32:bd:2e:6c:9f:fd:5f:8c:70:93:
         0a:b1:0f:25:82:e0:34:f1:37:fb:fb:10:58:67:43:dd:32:ad:
         97:ab:80:32
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEbswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjBDREUxMTAvBgNVBAUTKDExNkY5MjBGODczMDY2NzQ3QThDRUREQUZGRTg0QkNG
QkRCMDM1MUEwHhcNMjUwODA4MTcyMjQ2WhcNMjUwODE1MTcyMjQ2WjAYMRYwFAYD
VQQDEw02ODk2MzI2Ni04YjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2JHtfqPzK0EqGcImZ/l9m+QZ6Phgx+WuNFsgiQrEkMm6pUFqxSw3AB1s66eG
pzQo+UENlj+JanHE5etU9GX72VeH4C4DsuGjlhaCBQbyF25dhparqBksKmU88omM
UKF9E9STHRARaHRn24XHNvnVnMkJDcPalpnz8hrGm0tiOemtrqm3eDEVL+h9YX7A
z8oEqu/fHE19VQDhDHPhVkZMN/vKl9ZlYYUeeizdJda8lLg1ji7dSYnF8HsHYT0X
CWbu8A+c73n6TMlmb5dDY8V2Zx7v9cGbqyLaITHUoNWw9+6R6+FfBZpaSzfO8hZD
VMlBq2o2wm2l5N634Y2bDSOiZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMJQTepw
QFnYOcRfLWPhGF97Bz57MB8GA1UdIwQYMBaAFBFvkg+HMGZ0eozt2v/oS8+9sDUa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMENERS8yM0Q4NTY2RUZC
REIxMUU4OTIwQ0IwNDRDNEY5QUUwMi9FVy1TRDRjd1puUjZqTzNhXy1oTHo3MndO
Um8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VXLVNENGN3Wm5SNmpPM2FfLWhMejcyd05Sby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MENERS8yM0Q4NTY2RUZCREIxMUU4OTIwQ0IwNDRDNEY5QUUwMi9FVy1TRDRjd1pu
UjZqTzNhXy1oTHo3MndOUm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAU9V6+dcg15vtGuJ3eo/gr59xGVNFPlTL0f0DAB+I83g6tiZannLaJ
gdRt1+gtM0CL6CJ9OmHL7mi/mEaHyi+RltFZgFQiPEbPbZvpAbKBJyvmMNseomjm
jT4fZdQCzdvqPzQPJ+8JG/vTlZ4RJ/RZbpv3bM97ZTOFSy5pFlI2zHtSPButf2rC
h72zgID7lXD5G/Rmjjf2FiftyuS5ALROEKiV+Fma6CMnu8g28bGJgp1C8GGNglp0
aqa0rryQljJtweY+2ubYYtXGJDJamCRznDIOvIUpMJk5EONzJaAk+zK9Lmyf/V+M
cJMKsQ8lguA08Tf7+xBYZ0PdMq2Xq4Ay
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:23:45 2025 by rpki-client