Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A913E03C/B6E0F4AA1D9A11E28921298808B02CD2/0Iw24m8k-51RTztAqON6mgS1gCU.mft
File:                     0Iw24m8k-51RTztAqON6mgS1gCU.mft (raw, json)
Hash identifier:          OuZ1r0Iz6qxGzyupgOeB8w0xdONZStGVVJCs5fmAu68=
Subject key identifier:   01:CA:F1:05:E8:38:26:2A:9D:9A:6B:94:A3:D7:2A:60:D4:6C:D1:96
Authority key identifier: D0:8C:36:E2:6F:24:FB:9D:51:4F:3B:40:A8:E3:7A:9A:04:B5:80:25
Certificate issuer:       /CN=A913E03C/serialNumber=D08C36E26F24FB9D514F3B40A8E37A9A04B58025
Certificate serial:       34AA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Iw24m8k-51RTztAqON6mgS1gCU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913E03C/B6E0F4AA1D9A11E28921298808B02CD2/0Iw24m8k-51RTztAqON6mgS1gCU.mft
Manifest number:          34A9
Signing time:             Tue 12 Aug 2025 14:57:45 +0000
Manifest this update:     Tue 12 Aug 2025 14:57:44 +0000
Manifest next update:     Tue 19 Aug 2025 14:57:44 +0000
Files and hashes:         1: 0Iw24m8k-51RTztAqON6mgS1gCU.crl (hash: CmVU0tQI3a443JmpjzaetIiSJFIX+hgLgHKQxwKHZlg=)
                          2: 1D790596F25D11EF8C5D7036C4F9AE02.roa (hash: 0c5mooek/SI4tHJlanxjMJ+LPip9Hy2VF66plGlTaFA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913E03C/B6E0F4AA1D9A11E28921298808B02CD2/0Iw24m8k-51RTztAqON6mgS1gCU.crl
                          rsync://rpki.apnic.net/member_repository/A913E03C/B6E0F4AA1D9A11E28921298808B02CD2/0Iw24m8k-51RTztAqON6mgS1gCU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Iw24m8k-51RTztAqON6mgS1gCU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 19 Aug 2025 14:57:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13482 (0x34aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913E03C, serialNumber=D08C36E26F24FB9D514F3B40A8E37A9A04B58025
        Validity
            Not Before: Aug 12 14:57:44 2025 GMT
            Not After : Aug 19 14:57:44 2025 GMT
        Subject: CN=689b5668-50ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:1e:81:62:7a:8a:a2:a3:99:f9:85:48:a5:25:
                    9e:ab:d8:a2:c4:8a:df:bb:aa:07:80:27:98:a8:35:
                    e8:7d:c0:cd:e6:f4:2e:36:4d:0d:b4:1a:18:23:80:
                    ca:88:cf:78:eb:53:ac:96:b0:14:c3:ea:d0:27:a1:
                    d5:64:44:59:8c:bd:93:c8:71:34:06:0e:13:66:3c:
                    d2:29:fc:e4:1a:03:a5:fd:ea:23:e0:c7:17:4d:48:
                    25:51:fd:4e:5f:a4:a3:39:e2:ee:21:a1:78:92:ef:
                    00:fa:c2:06:3b:26:2a:36:c6:4c:4b:01:df:d1:c3:
                    eb:f5:f1:ab:c0:27:57:fc:91:32:d8:74:21:26:89:
                    9d:57:d5:dd:1e:57:95:5d:e7:76:5e:8c:57:99:b1:
                    1e:69:1f:a9:1a:c6:39:94:88:93:07:3a:ec:fc:ef:
                    98:2b:9f:6a:15:51:f8:24:c0:15:58:81:c1:44:9f:
                    25:0d:b3:3d:9a:a9:5e:76:6e:a1:5d:be:dd:36:2b:
                    70:c3:6f:31:86:ac:c4:c0:a3:a2:63:dc:8e:10:17:
                    61:a3:da:93:ba:c7:d8:3d:bc:45:9c:db:99:89:f5:
                    68:46:12:f3:8a:20:8e:df:39:5d:bd:6e:7d:52:0c:
                    e2:5b:37:52:c8:04:b0:92:06:d2:e0:2c:77:03:1e:
                    11:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:CA:F1:05:E8:38:26:2A:9D:9A:6B:94:A3:D7:2A:60:D4:6C:D1:96
            X509v3 Authority Key Identifier:
                keyid:D0:8C:36:E2:6F:24:FB:9D:51:4F:3B:40:A8:E3:7A:9A:04:B5:80:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913E03C/B6E0F4AA1D9A11E28921298808B02CD2/0Iw24m8k-51RTztAqON6mgS1gCU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0Iw24m8k-51RTztAqON6mgS1gCU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E03C/B6E0F4AA1D9A11E28921298808B02CD2/0Iw24m8k-51RTztAqON6mgS1gCU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:af:8d:3e:52:41:16:f6:9f:8c:cd:ee:e8:6a:03:bd:ff:3d:
         e8:ab:3e:3b:39:3f:f8:63:ab:75:9b:73:7a:40:81:a6:ba:a8:
         48:66:f1:1f:ca:eb:09:58:bb:ec:4c:ac:f8:cf:c3:67:3d:5e:
         7d:de:2d:c6:8c:30:dd:69:8e:48:7a:42:a0:de:74:e9:ee:ec:
         a4:ab:15:28:ae:11:46:2d:22:ad:90:38:c8:4a:90:f0:99:d3:
         3b:58:e1:de:b1:b9:35:23:e2:dd:ba:d5:fb:ab:49:e2:fa:dd:
         8d:99:96:19:fb:4e:31:06:a7:35:87:82:48:a3:38:e5:85:f6:
         64:08:02:57:23:fa:9a:8a:53:88:63:e9:0e:32:b3:03:37:29:
         b3:55:be:70:10:f5:d0:52:cf:92:6d:06:9c:ed:55:c8:08:5d:
         6f:3c:4c:5f:86:5b:9a:00:0e:eb:df:e7:5d:30:99:58:1d:3d:
         9f:32:ca:dd:4d:bf:ab:fa:15:0d:df:da:4d:c9:1f:9b:f4:37:
         60:c8:7d:7e:a8:8f:a8:8b:f4:f9:52:8e:f9:67:ef:46:2a:dd:
         04:f0:7c:ba:3a:7e:34:39:31:ab:cd:96:1e:ea:71:1a:77:6e:
         9d:78:be:81:2d:67:7c:d7:97:db:b3:84:bb:e2:a5:1e:2d:c7:
         f8:a4:52:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0UwM0MxMTAvBgNVBAUTKEQwOEMzNkUyNkYyNEZCOUQ1MTRGM0I0MEE4RTM3QTlB
MDRCNTgwMjUwHhcNMjUwODEyMTQ1NzQ0WhcNMjUwODE5MTQ1NzQ0WjAYMRYwFAYD
VQQDEw02ODliNTY2OC01MGVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1R6BYnqKoqOZ+YVIpSWeq9iixIrfu6oHgCeYqDXofcDN5vQuNk0NtBoYI4DK
iM9461OslrAUw+rQJ6HVZERZjL2TyHE0Bg4TZjzSKfzkGgOl/eoj4McXTUglUf1O
X6SjOeLuIaF4ku8A+sIGOyYqNsZMSwHf0cPr9fGrwCdX/JEy2HQhJomdV9XdHleV
Xed2XoxXmbEeaR+pGsY5lIiTBzrs/O+YK59qFVH4JMAVWIHBRJ8lDbM9mqledm6h
Xb7dNitww28xhqzEwKOiY9yOEBdho9qTusfYPbxFnNuZifVoRhLziiCO3zldvW59
UgziWzdSyASwkgbS4Cx3Ax4R+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAHK8QXo
OCYqnZprlKPXKmDUbNGWMB8GA1UdIwQYMBaAFNCMNuJvJPudUU87QKjjepoEtYAl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTAzQy9CNkUwRjRBQTFE
OUExMUUyODkyMTI5ODgwOEIwMkNEMi8wSXcyNG04ay01MVJUenRBcU9ONm1nUzFn
Q1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBJdzI0bThrLTUxUlR6dEFxT042bWdTMWdDVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
RTAzQy9CNkUwRjRBQTFEOUExMUUyODkyMTI5ODgwOEIwMkNEMi8wSXcyNG04ay01
MVJUenRBcU9ONm1nUzFnQ1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBsr40+UkEW9p+Mze7oagO9/z3oqz47OT/4Y6t1m3N6QIGmuqhIZvEf
yusJWLvsTKz4z8NnPV593i3GjDDdaY5IekKg3nTp7uykqxUorhFGLSKtkDjISpDw
mdM7WOHesbk1I+LdutX7q0ni+t2NmZYZ+04xBqc1h4JIozjlhfZkCAJXI/qailOI
Y+kOMrMDNymzVb5wEPXQUs+SbQac7VXICF1vPExfhluaAA7r3+ddMJlYHT2fMsrd
Tb+r+hUN39pNyR+b9DdgyH1+qI+oi/T5Uo75Z+9GKt0E8Hy6On40OTGrzZYe6nEa
d26deL6BLWd815fbs4S74qUeLcf4pFKg
-----END CERTIFICATE-----
Generated at Wed Aug 13 02:50:14 2025 by rpki-client