Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.mft
File:                     Z7qlic6898PyfVPZjqxMEEzAkTU.mft (raw, json)
Hash identifier:          DKlaK479U4MfROnb6GX5K8AegpB6nSCxjcZpaN0PXmM=
Subject key identifier:   17:B6:AB:06:93:02:9C:0F:88:95:D6:EA:0C:9F:06:9E:2A:64:DC:27
Authority key identifier: 67:BA:A5:89:CE:BC:F7:C3:F2:7D:53:D9:8E:AC:4C:10:4C:C0:91:35
Certificate issuer:       /CN=A9152E29/serialNumber=67BAA589CEBCF7C3F27D53D98EAC4C104CC09135
Certificate serial:       0C37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z7qlic6898PyfVPZjqxMEEzAkTU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.mft
Manifest number:          0C31
Signing time:             Sat 26 Apr 2025 18:18:03 +0000
Manifest this update:     Sat 26 Apr 2025 18:18:02 +0000
Manifest next update:     Sat 03 May 2025 18:18:02 +0000
Files and hashes:         1: Z7qlic6898PyfVPZjqxMEEzAkTU.crl (hash: DAqze18nQioySdJrIoDF7L0eGShU7w6O7ekLZ7PXcqc=)
                          2: 94EA7370050111EA9BDD372BC4F9AE02.roa (hash: dMPlbwZZJ9a9ifwF8f+1OVtKYmpgj8cV+d0a3+m/kqY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.crl
                          rsync://rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z7qlic6898PyfVPZjqxMEEzAkTU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 03 May 2025 18:18:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3127 (0xc37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9152E29, serialNumber=67BAA589CEBCF7C3F27D53D98EAC4C104CC09135
        Validity
            Not Before: Apr 26 18:18:02 2025 GMT
            Not After : May  3 18:18:02 2025 GMT
        Subject: CN=680d235b-5754
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:3b:b6:c6:59:ff:c8:ee:11:c4:af:42:9e:4f:
                    a9:25:0a:09:1d:6c:33:45:8d:e6:66:75:de:3e:63:
                    f4:bb:08:23:24:bb:4f:39:da:0b:67:de:84:b1:d2:
                    22:c7:5f:5e:d3:71:a2:92:c9:cf:32:d2:72:51:24:
                    1f:0d:18:f1:c7:d7:16:8d:bc:02:7e:17:29:aa:69:
                    50:98:96:dc:eb:c1:7b:9a:b8:ad:2b:78:d3:66:ef:
                    b8:26:20:c6:27:44:57:75:64:0d:0f:a7:45:74:e5:
                    b1:5d:bb:a4:5b:ea:f0:34:fe:18:53:ad:74:74:77:
                    04:6d:28:f1:1c:c5:d4:ca:9d:5f:79:0c:33:90:35:
                    dd:a5:c5:c1:62:04:1f:8c:a1:0e:c2:c2:12:e6:ca:
                    21:58:f4:64:75:a5:34:d6:bd:87:4f:b4:ce:7f:e8:
                    d3:6d:fd:c5:b2:ee:06:ba:68:c2:47:9b:b4:f7:d8:
                    e9:93:e7:5a:94:8d:c4:9d:22:df:ef:79:19:19:7f:
                    fb:59:46:bb:41:d4:fa:2d:aa:ab:94:c3:a7:8d:40:
                    ba:ff:5d:8a:7b:df:c4:c5:1e:f1:2b:2e:5d:c6:6c:
                    15:7e:60:f3:db:b1:56:fe:a0:98:d7:f0:93:18:17:
                    dd:91:7e:1b:31:ef:16:f9:85:53:ed:71:e8:83:c5:
                    b2:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:B6:AB:06:93:02:9C:0F:88:95:D6:EA:0C:9F:06:9E:2A:64:DC:27
            X509v3 Authority Key Identifier:
                keyid:67:BA:A5:89:CE:BC:F7:C3:F2:7D:53:D9:8E:AC:4C:10:4C:C0:91:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z7qlic6898PyfVPZjqxMEEzAkTU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:05:0f:29:03:9c:de:24:f2:2c:41:94:f8:4a:d2:97:91:29:
         bd:74:d0:8a:0b:08:f9:85:82:31:12:8b:6c:1c:10:ac:29:98:
         5b:d5:79:4e:91:6d:7e:68:e6:c2:71:9d:6c:f4:48:b9:4f:c2:
         85:be:ed:8c:1a:24:61:3f:d7:54:00:90:ee:1c:2f:9e:f0:b2:
         70:a2:5f:91:f4:cf:09:ed:ef:22:e2:2c:26:af:6d:80:61:66:
         fa:b0:ac:86:1c:88:aa:a2:57:2e:67:b1:8d:d8:13:af:5e:09:
         23:69:1d:e3:14:cf:fe:6d:bd:56:c3:6d:9b:d9:50:fe:d8:04:
         e6:72:6c:eb:f5:3c:15:ba:1d:53:d7:b8:c6:99:1d:09:54:12:
         a5:5d:84:8d:d8:6e:8a:b2:ca:f1:ba:dd:d3:94:d0:c7:b0:26:
         c6:27:38:14:5d:40:b7:4d:29:a4:06:7c:ac:5f:ad:a8:3a:2b:
         97:06:f6:1d:3d:5c:df:bf:3b:b5:5a:3e:55:4f:d6:eb:ec:75:
         73:7f:7d:a7:63:3e:31:a1:6f:f0:9b:1c:b8:ae:f7:a3:77:e0:
         00:52:5d:08:cb:16:9e:da:95:2c:93:63:08:2e:99:ad:d5:0d:
         14:1d:26:cc:35:0e:a7:32:3d:3a:cd:b1:26:86:06:5f:1f:d0:
         11:bc:32:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDDcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJFMjkxMTAvBgNVBAUTKDY3QkFBNTg5Q0VCQ0Y3QzNGMjdENTNEOThFQUM0QzEw
NENDMDkxMzUwHhcNMjUwNDI2MTgxODAyWhcNMjUwNTAzMTgxODAyWjAYMRYwFAYD
VQQDEw02ODBkMjM1Yi01NzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8zu2xln/yO4RxK9Cnk+pJQoJHWwzRY3mZnXePmP0uwgjJLtPOdoLZ96EsdIi
x19e03GiksnPMtJyUSQfDRjxx9cWjbwCfhcpqmlQmJbc68F7mritK3jTZu+4JiDG
J0RXdWQND6dFdOWxXbukW+rwNP4YU610dHcEbSjxHMXUyp1feQwzkDXdpcXBYgQf
jKEOwsIS5sohWPRkdaU01r2HT7TOf+jTbf3Fsu4GumjCR5u099jpk+dalI3EnSLf
73kZGX/7WUa7QdT6LaqrlMOnjUC6/12Ke9/ExR7xKy5dxmwVfmDz27FW/qCY1/CT
GBfdkX4bMe8W+YVT7XHog8WyWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBe2qwaT
ApwPiJXW6gyfBp4qZNwnMB8GA1UdIwQYMBaAFGe6pYnOvPfD8n1T2Y6sTBBMwJE1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkUyOS9BRDMzNDAxQzA0
RkYxMUVBQjU4Q0I4MjNDNEY5QUUwMi9aN3FsaWM2ODk4UHlmVlBaanF4TUVFekFr
VFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1o3cWxpYzY4OThQeWZWUFpqcXhNRUV6QWtUVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MkUyOS9BRDMzNDAxQzA0RkYxMUVBQjU4Q0I4MjNDNEY5QUUwMi9aN3FsaWM2ODk4
UHlmVlBaanF4TUVFekFrVFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQChBQ8pA5zeJPIsQZT4StKXkSm9dNCKCwj5hYIxEotsHBCsKZhb1XlO
kW1+aObCcZ1s9Ei5T8KFvu2MGiRhP9dUAJDuHC+e8LJwol+R9M8J7e8i4iwmr22A
YWb6sKyGHIiqolcuZ7GN2BOvXgkjaR3jFM/+bb1Ww22b2VD+2ATmcmzr9TwVuh1T
17jGmR0JVBKlXYSN2G6Kssrxut3TlNDHsCbGJzgUXUC3TSmkBnysX62oOiuXBvYd
PVzfvzu1Wj5VT9br7HVzf32nYz4xoW/wmxy4rvejd+AAUl0Iyxae2pUsk2MILpmt
1Q0UHSbMNQ6nMj06zbEmhgZfH9ARvDKM
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:10:18 2025 by rpki-client