Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft
File:                     2-bH-ZCQRq41ohWw4hVErlIjfoo.mft (raw, json)
Hash identifier:          T8K779/lzaaucUubH8b1YhZVKBmIKxJDx2+OrNkJ4oE=
Subject key identifier:   75:A8:30:65:6B:8B:E7:C3:86:7E:58:CF:84:BE:4E:82:C1:AF:FF:74
Authority key identifier: DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A
Certificate issuer:       /CN=A914F697/serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A
Certificate serial:       06A0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft
Manifest number:          07CE
Signing time:             Fri 08 Aug 2025 21:14:38 +0000
Manifest this update:     Fri 08 Aug 2025 21:14:37 +0000
Manifest next update:     Fri 15 Aug 2025 21:14:37 +0000
Files and hashes:         1: 2-bH-ZCQRq41ohWw4hVErlIjfoo.crl (hash: 0AvAcA2R1rfzSATr7FLiIhLH5Y/iwAhYVYvfrFn1oYM=)
                          2: 1AA7504A92DD11EB9B9E993FC4F9AE02.roa (hash: C75Vrv4Uz+C6zFOBFG0FQ16ertvfsDBJQmC7BROeKb0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl
                          rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1696 (0x6a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914F697, serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A
        Validity
            Not Before: Aug  8 21:14:37 2025 GMT
            Not After : Aug 15 21:14:37 2025 GMT
        Subject: CN=689668bd-206b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:d3:30:77:a6:1d:ee:37:d8:ac:c1:12:c3:25:
                    42:71:a9:e0:34:30:94:5e:90:25:13:51:60:38:12:
                    2c:3b:e9:2e:1a:3b:de:d7:17:29:59:0a:ec:b1:a1:
                    68:a6:ed:59:c0:73:dc:92:c6:97:e0:b6:c6:e7:1c:
                    76:97:b9:f4:d6:70:aa:f7:f4:64:ba:49:4a:93:0f:
                    f5:b9:dc:ae:46:21:c2:19:21:d2:79:1b:e9:08:7d:
                    8b:21:a5:55:8f:e3:85:37:88:35:23:18:be:fd:06:
                    3a:88:83:78:65:6a:ba:b8:2c:89:69:79:56:15:37:
                    58:93:6f:9b:50:74:7e:02:c5:e4:21:fb:69:e1:d4:
                    62:3c:cb:11:f1:9e:51:6d:f0:ee:f2:d6:a5:c6:4c:
                    e3:98:8e:7e:f9:e3:76:43:5f:54:51:58:1d:9b:78:
                    9e:27:8f:5d:bd:02:4f:72:2f:41:55:1b:5d:0c:ca:
                    c2:73:7a:85:7b:d4:37:bf:23:1a:a1:82:c4:30:40:
                    b4:a7:1e:fe:da:e4:0d:7f:9e:82:03:9b:e8:45:c5:
                    0f:e2:79:6c:df:26:a3:a3:55:9e:52:30:4e:17:62:
                    79:6d:2d:8f:16:e3:f0:71:f5:52:cf:e7:21:90:34:
                    d4:00:63:b0:06:29:66:9b:cf:2c:d0:ae:3d:54:4f:
                    b8:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:A8:30:65:6B:8B:E7:C3:86:7E:58:CF:84:BE:4E:82:C1:AF:FF:74
            X509v3 Authority Key Identifier:
                keyid:DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:40:13:10:60:92:07:bd:0a:e5:e7:7d:05:cf:e4:91:56:ca:
         8a:d0:fa:0b:62:51:3b:fe:dd:b1:93:86:3c:d2:c6:61:50:39:
         6d:52:ef:d8:28:42:d2:ac:01:57:a8:2e:20:63:97:8b:1f:dd:
         10:e5:b3:c9:41:f5:fe:78:ba:9f:6a:0e:2d:ed:80:0e:d2:be:
         63:be:e1:50:fd:74:1b:77:34:ee:45:4d:fe:26:18:70:b4:92:
         d2:63:0f:25:86:ef:98:5f:ec:c0:d7:42:8a:1d:91:d5:27:98:
         60:63:d0:40:84:81:96:52:f9:26:ec:21:77:10:09:61:8f:06:
         71:e6:61:33:51:ee:a0:3f:85:bc:f9:8d:f5:40:fa:8c:8c:ad:
         28:86:72:3c:74:cf:e4:d2:34:00:2b:f2:e3:7f:3a:92:63:51:
         1f:f0:ea:05:22:1e:32:e9:a3:49:3c:70:8a:f5:b3:57:c0:4d:
         a7:a5:ac:4a:63:c1:04:43:b0:20:cb:bc:bb:de:e7:ba:5a:16:
         27:43:19:8c:c7:b3:46:36:f2:d6:39:88:4c:f9:c7:61:a0:aa:
         48:c0:05:ad:01:57:ca:32:9e:98:60:64:1b:12:2f:54:4a:06:
         be:06:30:4f:e0:1d:13:87:65:3d:a2:9f:f0:7e:f9:55:38:ae:
         26:fa:41:b3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBqAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEY2OTcxMTAvBgNVBAUTKERCRTZDN0Y5OTA5MDQ2QUUzNUEyMTVCMEUyMTU0NEFF
NTIyMzdFOEEwHhcNMjUwODA4MjExNDM3WhcNMjUwODE1MjExNDM3WjAYMRYwFAYD
VQQDEw02ODk2NjhiZC0yMDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvtMwd6Yd7jfYrMESwyVCcangNDCUXpAlE1FgOBIsO+kuGjve1xcpWQrssaFo
pu1ZwHPcksaX4LbG5xx2l7n01nCq9/RkuklKkw/1udyuRiHCGSHSeRvpCH2LIaVV
j+OFN4g1Ixi+/QY6iIN4ZWq6uCyJaXlWFTdYk2+bUHR+AsXkIftp4dRiPMsR8Z5R
bfDu8talxkzjmI5++eN2Q19UUVgdm3ieJ49dvQJPci9BVRtdDMrCc3qFe9Q3vyMa
oYLEMEC0px7+2uQNf56CA5voRcUP4nls3yajo1WeUjBOF2J5bS2PFuPwcfVSz+ch
kDTUAGOwBilmm88s0K49VE+4GwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHWoMGVr
i+fDhn5Yz4S+ToLBr/90MB8GA1UdIwQYMBaAFNvmx/mQkEauNaIVsOIVRK5SI36K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjY5Ny83NTIxREZDMEU4
NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJxNDFvaFd3NGhWRXJsSWpm
b28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzItYkgtWkNRUnE0MW9oV3c0aFZFcmxJamZvby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RjY5Ny83NTIxREZDMEU4NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJx
NDFvaFd3NGhWRXJsSWpmb28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQALQBMQYJIHvQrl530Fz+SRVsqK0PoLYlE7/t2xk4Y80sZhUDltUu/Y
KELSrAFXqC4gY5eLH90Q5bPJQfX+eLqfag4t7YAO0r5jvuFQ/XQbdzTuRU3+Jhhw
tJLSYw8lhu+YX+zA10KKHZHVJ5hgY9BAhIGWUvkm7CF3EAlhjwZx5mEzUe6gP4W8
+Y31QPqMjK0ohnI8dM/k0jQAK/LjfzqSY1Ef8OoFIh4y6aNJPHCK9bNXwE2npaxK
Y8EEQ7Agy7y73ue6WhYnQxmMx7NGNvLWOYhM+cdhoKpIwAWtAVfKMp6YYGQbEi9U
Sga+BjBP4B0Th2U9op/wfvlVOK4m+kGz
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:48:25 2025 by rpki-client