Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft
File:                     lyuQ2cUZIlatlkdbOSurGnp5zC0.mft (raw, json)
Hash identifier:          Kzlr6A4BSqMiga1iH83jeRQmUMDDw3j/w5/0Gw/ZzLc=
Subject key identifier:   74:5C:2D:E9:BF:EC:0C:F8:B2:6F:36:06:AB:EA:88:31:2F:87:78:75
Authority key identifier: 97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D
Certificate issuer:       /CN=A9132FD9/serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D
Certificate serial:       37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft
Manifest number:          33
Signing time:             Tue 05 Aug 2025 08:19:30 +0000
Manifest this update:     Tue 05 Aug 2025 08:19:29 +0000
Manifest next update:     Tue 12 Aug 2025 08:19:29 +0000
Files and hashes:         1: lyuQ2cUZIlatlkdbOSurGnp5zC0.crl (hash: /WMHHKWfJddnjAc1gqXSYrA8BdqnXxmzs/HyRuo7W9g=)
                          2: DCC2224A313011F0BE214A64C4F9AE02.roa (hash: boAAaQY0nzMtC8MdALGWU7uiMFPgsCoPJLOiVmNOgmU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.crl
                          rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 12 Aug 2025 08:19:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55 (0x37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9132FD9, serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D
        Validity
            Not Before: Aug  5 08:19:29 2025 GMT
            Not After : Aug 12 08:19:29 2025 GMT
        Subject: CN=6891be91-a3c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:9a:1b:40:f8:7d:2b:54:ac:3f:22:b0:b9:00:
                    03:59:e4:ea:12:62:61:85:66:88:04:bf:67:b6:06:
                    40:19:2d:84:82:c6:29:3f:3f:c5:35:23:ba:6b:53:
                    13:ae:5f:65:dd:d5:b5:cd:81:f6:af:3c:5a:ce:90:
                    b2:af:2b:1d:5f:13:2f:76:18:3f:e6:7f:51:97:1e:
                    0c:1a:e7:98:29:40:28:c8:53:04:c3:b8:e2:63:44:
                    a7:c2:d6:f4:d0:37:50:11:0a:58:82:4e:07:88:2b:
                    bb:c1:7b:b8:9f:e8:2b:b8:b3:ae:22:ec:46:33:fb:
                    28:a1:91:92:f8:dd:d4:55:57:11:b2:eb:26:ca:87:
                    17:c1:1a:8f:0f:98:5e:6a:97:23:97:38:00:d9:7c:
                    53:a1:1d:22:ca:0a:f2:2f:ac:22:98:26:bc:d7:ad:
                    67:7c:51:8a:19:f0:ef:4b:7d:bd:cd:83:6e:ac:da:
                    a9:4e:f7:2d:76:6e:9d:b2:07:08:7e:04:a6:47:69:
                    9a:5f:46:3a:c0:18:66:b6:a6:10:75:9c:da:3b:c9:
                    bf:f6:cc:2d:2e:db:59:5d:f2:0f:ed:37:36:73:e5:
                    44:37:24:6d:12:e2:77:7f:2a:bd:f6:dd:cb:5e:22:
                    14:b8:45:ca:5f:cf:f1:94:50:82:6a:c4:ef:9b:c1:
                    9c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:5C:2D:E9:BF:EC:0C:F8:B2:6F:36:06:AB:EA:88:31:2F:87:78:75
            X509v3 Authority Key Identifier:
                keyid:97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:9b:52:e3:5f:9c:a1:fa:1a:b6:58:35:11:8c:ec:c0:61:c4:
         24:41:da:46:26:ca:29:93:fe:03:1d:94:25:7b:3c:46:3c:af:
         47:42:3f:0a:ea:4f:c5:6e:15:a9:0c:48:b5:57:3c:b8:fe:b7:
         01:d3:33:95:0f:6d:cb:27:65:2a:d2:13:cb:90:7e:21:df:7f:
         61:23:cc:17:45:ed:3e:ba:fe:9e:37:04:46:fd:54:2b:9f:be:
         1c:56:5f:0e:95:c5:53:e7:eb:a0:99:5e:c3:a3:cb:42:70:37:
         72:de:7f:df:9b:88:95:24:d6:9f:49:93:fb:97:66:da:70:30:
         c5:51:50:1c:8e:8f:95:94:a3:19:0a:b2:42:48:e7:26:5e:c5:
         1f:9d:0b:c4:e4:43:83:03:95:91:d3:f1:84:d2:0e:03:5e:a3:
         80:22:29:5a:9a:c2:d6:9f:b2:48:e4:57:57:24:4c:c9:9f:71:
         c3:38:25:0e:c7:10:2b:a9:8f:4f:08:da:d1:9f:9d:11:d7:1f:
         39:ad:d6:59:ca:1c:52:18:46:27:e7:45:4a:3b:16:7d:e5:6a:
         fa:45:81:15:83:b0:4f:73:3c:59:93:9e:2e:31:54:02:55:da:
         7f:fb:23:e3:02:84:54:b0:39:48:95:e8:0b:df:87:a8:3d:3d:
         c7:96:da:c6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
MkZEOTExMC8GA1UEBRMoOTcyQjkwRDlDNTE5MjI1NkFEOTY0NzVCMzkyQkFCMUE3
QTc5Q0MyRDAeFw0yNTA4MDUwODE5MjlaFw0yNTA4MTIwODE5MjlaMBgxFjAUBgNV
BAMTDTY4OTFiZTkxLWEzYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDnmhtA+H0rVKw/IrC5AANZ5OoSYmGFZogEv2e2BkAZLYSCxik/P8U1I7prUxOu
X2Xd1bXNgfavPFrOkLKvKx1fEy92GD/mf1GXHgwa55gpQCjIUwTDuOJjRKfC1vTQ
N1ARCliCTgeIK7vBe7if6Cu4s64i7EYz+yihkZL43dRVVxGy6ybKhxfBGo8PmF5q
lyOXOADZfFOhHSLKCvIvrCKYJrzXrWd8UYoZ8O9Lfb3Ng26s2qlO9y12bp2yBwh+
BKZHaZpfRjrAGGa2phB1nNo7yb/2zC0u21ld8g/tNzZz5UQ3JG0S4nd/Kr323cte
IhS4Rcpfz/GUUIJqxO+bwZxdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUdFwt6b/s
DPiybzYGq+qIMS+HeHUwHwYDVR0jBBgwFoAUlyuQ2cUZIlatlkdbOSurGnp5zC0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMyRkQ5LzdGOUE3MDM0MkJC
NTExRjA5REU1QkE0RUM0RjlBRTAyL2x5dVEyY1VaSWxhdGxrZGJPU3VyR25wNXpD
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbHl1UTJjVVpJbGF0bGtkYk9TdXJHbnA1ekMwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMy
RkQ5LzdGOUE3MDM0MkJCNTExRjA5REU1QkE0RUM0RjlBRTAyL2x5dVEyY1VaSWxh
dGxrZGJPU3VyR25wNXpDMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAGabUuNfnKH6GrZYNRGM7MBhxCRB2kYmyimT/gMdlCV7PEY8r0dCPwrq
T8VuFakMSLVXPLj+twHTM5UPbcsnZSrSE8uQfiHff2EjzBdF7T66/p43BEb9VCuf
vhxWXw6VxVPn66CZXsOjy0JwN3Lef9+biJUk1p9Jk/uXZtpwMMVRUByOj5WUoxkK
skJI5yZexR+dC8TkQ4MDlZHT8YTSDgNeo4AiKVqawtafskjkV1ckTMmfccM4JQ7H
ECupj08I2tGfnRHXHzmt1lnKHFIYRifnRUo7Fn3lavpFgRWDsE9zPFmTni4xVAJV
2n/7I+MChFSwOUiV6Avfh6g9PceW2sY=
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:22:32 2025 by rpki-client