Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft
File:                     aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft (raw, json)
Hash identifier:          VJhRq790SG4ELWamzUpbNrb7MP57+gxruLz/BXWW+5g=
Subject key identifier:   5E:8C:24:9B:A2:76:85:7D:1C:2A:F3:20:FD:49:C0:66:65:47:FE:85
Authority key identifier: 68:14:0C:15:82:5E:D5:0A:03:78:10:52:AD:DE:2E:CA:1A:6F:EA:3A
Certificate issuer:       /CN=A91289A2/serialNumber=68140C15825ED50A03781052ADDE2ECA1A6FEA3A
Certificate serial:       03F0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBQMFYJe1QoDeBBSrd4uyhpv6jo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft
Manifest number:          03E9
Signing time:             Tue 05 Aug 2025 01:03:45 +0000
Manifest this update:     Tue 05 Aug 2025 01:03:45 +0000
Manifest next update:     Tue 12 Aug 2025 01:03:45 +0000
Files and hashes:         1: aBQMFYJe1QoDeBBSrd4uyhpv6jo.crl (hash: Pi0mDBk0naIVR2m+EfTwRNOKjvmgErC1yoa2DY+FxnE=)
                          2: 97E8ACD68E6611EC9EBE626FC4F9AE02.roa (hash: 3IMIlDIIJ2OW6DDbM2+fc2GlxtLv0j04UxGtHanf/68=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.crl
                          rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBQMFYJe1QoDeBBSrd4uyhpv6jo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 12 Aug 2025 01:03:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1008 (0x3f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91289A2, serialNumber=68140C15825ED50A03781052ADDE2ECA1A6FEA3A
        Validity
            Not Before: Aug  5 01:03:45 2025 GMT
            Not After : Aug 12 01:03:45 2025 GMT
        Subject: CN=68915871-4b64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:55:0f:69:fc:01:a8:e4:3e:da:3d:6f:5c:da:
                    58:6a:4a:32:ee:ac:55:03:42:62:03:24:7a:f5:b1:
                    e0:f0:3e:ac:06:9b:56:e4:c5:9e:63:bd:be:5e:d1:
                    b2:38:57:f6:fb:fc:f4:5c:7e:e0:66:e0:cb:8c:d8:
                    df:8c:78:f8:81:eb:37:00:22:29:ca:af:d9:50:a7:
                    40:a5:5c:86:81:91:80:ee:c0:c0:0c:21:7b:24:d9:
                    84:4f:2f:13:8c:70:30:6b:89:da:83:e6:57:b7:48:
                    94:81:67:e9:92:ce:c9:cb:61:69:92:ea:41:7b:e0:
                    fc:8e:4c:9d:9e:9a:b2:23:5c:e5:81:82:56:18:aa:
                    c0:a4:72:c6:66:12:f0:09:f2:5c:24:94:5c:71:03:
                    ae:dc:e7:7f:54:68:75:c5:a6:6c:5d:2e:48:c0:fb:
                    21:5f:d5:2a:46:db:eb:30:dc:c8:65:bf:85:5c:d1:
                    54:06:a8:fa:0c:4b:fc:c2:b9:4a:d5:44:16:b7:c2:
                    d9:94:06:b3:b2:d1:48:cb:89:c5:41:84:a5:2f:50:
                    5e:e3:d7:ec:c5:6a:6f:24:c0:b0:6e:ce:2b:49:91:
                    9c:09:2e:c9:20:1c:a1:ef:b2:15:8d:dc:5a:57:15:
                    bd:59:6a:23:16:5e:b9:5b:83:fd:2f:5e:32:6b:93:
                    f2:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:8C:24:9B:A2:76:85:7D:1C:2A:F3:20:FD:49:C0:66:65:47:FE:85
            X509v3 Authority Key Identifier:
                keyid:68:14:0C:15:82:5E:D5:0A:03:78:10:52:AD:DE:2E:CA:1A:6F:EA:3A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBQMFYJe1QoDeBBSrd4uyhpv6jo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:61:da:77:a7:4e:6e:e3:76:84:d6:29:20:57:76:13:d8:0e:
         3e:08:33:c3:61:06:bc:30:29:be:59:6a:d2:47:1c:83:d1:cb:
         36:d2:fd:32:3f:b5:e6:30:bf:2d:80:59:4e:9b:36:83:ad:13:
         dc:35:f6:2b:4d:ec:0a:c1:ca:cd:4a:bd:3d:6a:01:9b:53:28:
         a3:61:a8:4d:8a:33:d5:54:40:fb:bd:2f:4f:98:f7:16:43:14:
         ec:e8:9b:94:2b:e1:32:26:83:b4:01:ed:1c:40:39:6e:7e:2f:
         25:87:70:99:ad:8c:32:00:40:7d:55:bb:1f:fd:17:35:47:57:
         5e:70:81:4f:25:8f:6f:b8:8d:17:e0:77:c9:7c:58:98:9b:fb:
         b5:f3:00:4c:41:30:4a:a8:83:39:6c:97:41:3c:9d:ec:07:fc:
         94:31:0b:47:6e:03:27:76:4f:d1:7d:2b:d8:ec:36:ef:ce:37:
         cb:50:f3:4d:83:53:2f:5d:b4:9c:ae:ff:d6:6b:1d:ee:7f:89:
         ff:4b:0f:23:5d:d9:c6:35:33:2f:cf:f0:ae:19:cd:46:ae:fa:
         62:f0:bc:a2:6d:1f:02:1a:15:22:4a:45:89:4a:de:bc:bb:9e:
         80:dd:7f:da:3e:c6:57:d7:be:e4:1e:3f:e7:43:75:93:91:47:
         c7:5e:26:62
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICA/AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjg5QTIxMTAvBgNVBAUTKDY4MTQwQzE1ODI1RUQ1MEEwMzc4MTA1MkFEREUyRUNB
MUE2RkVBM0EwHhcNMjUwODA1MDEwMzQ1WhcNMjUwODEyMDEwMzQ1WjAYMRYwFAYD
VQQDEw02ODkxNTg3MS00YjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsFUPafwBqOQ+2j1vXNpYakoy7qxVA0JiAyR69bHg8D6sBptW5MWeY72+XtGy
OFf2+/z0XH7gZuDLjNjfjHj4ges3ACIpyq/ZUKdApVyGgZGA7sDADCF7JNmETy8T
jHAwa4nag+ZXt0iUgWfpks7Jy2FpkupBe+D8jkydnpqyI1zlgYJWGKrApHLGZhLw
CfJcJJRccQOu3Od/VGh1xaZsXS5IwPshX9UqRtvrMNzIZb+FXNFUBqj6DEv8wrlK
1UQWt8LZlAazstFIy4nFQYSlL1Be49fsxWpvJMCwbs4rSZGcCS7JIByh77IVjdxa
VxW9WWojFl65W4P9L14ya5Py3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF6MJJui
doV9HCrzIP1JwGZlR/6FMB8GA1UdIwQYMBaAFGgUDBWCXtUKA3gQUq3eLsoab+o6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODlBMi9GQjUyRjY0RThF
NjMxMUVDOUUwMTVENkRDNEY5QUUwMi9hQlFNRllKZTFRb0RlQkJTcmQ0dXlocHY2
am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FCUU1GWUplMVFvRGVCQlNyZDR1eWhwdjZqby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
ODlBMi9GQjUyRjY0RThFNjMxMUVDOUUwMTVENkRDNEY5QUUwMi9hQlFNRllKZTFR
b0RlQkJTcmQ0dXlocHY2am8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBLYdp3p05u43aE1ikgV3YT2A4+CDPDYQa8MCm+WWrSRxyD0cs20v0y
P7XmML8tgFlOmzaDrRPcNfYrTewKwcrNSr09agGbUyijYahNijPVVED7vS9PmPcW
QxTs6JuUK+EyJoO0Ae0cQDlufi8lh3CZrYwyAEB9Vbsf/Rc1R1decIFPJY9vuI0X
4HfJfFiYm/u18wBMQTBKqIM5bJdBPJ3sB/yUMQtHbgMndk/RfSvY7DbvzjfLUPNN
g1MvXbScrv/Wax3uf4n/Sw8jXdnGNTMvz/CuGc1Grvpi8LyibR8CGhUiSkWJSt68
u56A3X/aPsZX177kHj/nQ3WTkUfHXiZi
-----END CERTIFICATE-----
Generated at Wed Aug 6 18:42:32 2025 by rpki-client