Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.mft
File:                     Z7qlic6898PyfVPZjqxMEEzAkTU.mft (raw, json)
Hash identifier:          n1kPiPJkFKcGZc4499zgfHzQugwe82hvkIa/xW2YQgg=
Subject key identifier:   0B:0E:76:74:37:B7:B1:80:CC:BA:76:49:91:A6:C6:0A:93:3F:9D:38
Authority key identifier: 67:BA:A5:89:CE:BC:F7:C3:F2:7D:53:D9:8E:AC:4C:10:4C:C0:91:35
Certificate issuer:       /CN=A9152E29/serialNumber=67BAA589CEBCF7C3F27D53D98EAC4C104CC09135
Certificate serial:       0C36
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z7qlic6898PyfVPZjqxMEEzAkTU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.mft
Manifest number:          0C30
Signing time:             Thu 24 Apr 2025 18:23:10 +0000
Manifest this update:     Thu 24 Apr 2025 18:23:10 +0000
Manifest next update:     Thu 01 May 2025 18:23:10 +0000
Files and hashes:         1: Z7qlic6898PyfVPZjqxMEEzAkTU.crl (hash: KsHOXYA6cHYdaRAxOjO9E35MoumfXCNsRH8pmUKuOWY=)
                          2: 94EA7370050111EA9BDD372BC4F9AE02.roa (hash: dMPlbwZZJ9a9ifwF8f+1OVtKYmpgj8cV+d0a3+m/kqY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.crl
                          rsync://rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z7qlic6898PyfVPZjqxMEEzAkTU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 01 May 2025 18:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3126 (0xc36)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9152E29, serialNumber=67BAA589CEBCF7C3F27D53D98EAC4C104CC09135
        Validity
            Not Before: Apr 24 18:23:10 2025 GMT
            Not After : May  1 18:23:10 2025 GMT
        Subject: CN=680a818e-1366
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:68:32:38:fc:14:3d:b5:42:64:6f:11:f7:d5:
                    2f:76:48:15:2f:68:d4:e2:4b:68:30:f7:73:4d:35:
                    a2:f3:73:de:2a:72:23:19:3a:3d:ce:3c:1f:65:53:
                    29:2c:e2:8d:9c:3d:68:57:69:ca:e3:18:ca:d8:2d:
                    7f:65:c3:3f:f0:7d:01:fa:fc:04:a7:0d:5d:62:3e:
                    01:b6:4a:26:65:57:a4:13:32:8f:7d:44:97:d3:06:
                    ea:51:1b:8b:58:cc:ee:66:67:f7:1e:2a:83:b4:6c:
                    a1:50:c7:f3:3a:b8:a4:57:04:6a:0a:bb:e6:bc:99:
                    25:80:a9:ff:c4:91:a7:0f:1e:8b:2b:e4:94:d4:2a:
                    16:06:fc:e7:40:11:47:32:c0:94:fc:66:9f:77:11:
                    90:b0:d7:ba:dd:c4:06:c4:32:5d:af:0d:ad:53:1e:
                    3d:15:9c:63:d4:e7:75:16:3a:50:d2:e0:70:1b:1c:
                    3b:b9:52:3d:d1:e4:e7:fa:2e:24:3c:c5:fa:d7:15:
                    4b:2b:fd:1c:6b:ca:30:a0:92:91:3c:aa:f0:41:a0:
                    1d:8e:9d:04:b6:a7:ed:66:21:55:28:04:10:a6:85:
                    d9:70:50:44:4e:3f:9b:26:09:d5:e7:2d:2e:e9:57:
                    cb:05:96:7e:bc:46:15:1f:00:67:fb:4f:36:54:03:
                    ec:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:0E:76:74:37:B7:B1:80:CC:BA:76:49:91:A6:C6:0A:93:3F:9D:38
            X509v3 Authority Key Identifier:
                keyid:67:BA:A5:89:CE:BC:F7:C3:F2:7D:53:D9:8E:AC:4C:10:4C:C0:91:35

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Z7qlic6898PyfVPZjqxMEEzAkTU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152E29/AD33401C04FF11EAB58CB823C4F9AE02/Z7qlic6898PyfVPZjqxMEEzAkTU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:80:fa:3f:c8:2b:ea:66:be:79:b8:e4:2f:aa:ae:21:ad:02:
         85:fd:9e:e3:b6:73:ff:75:65:71:cd:56:ad:88:a6:0b:fe:bf:
         ea:13:73:83:7f:52:ee:61:c6:43:db:4f:db:e2:63:ad:c7:6a:
         72:dc:d3:53:9d:64:51:d6:ea:11:16:63:eb:35:9b:3a:30:a1:
         cc:7d:dd:8f:06:41:4d:59:ec:d7:14:77:30:50:f0:4e:5a:55:
         a7:80:f6:e0:06:a2:2a:80:ce:60:f3:bf:1c:17:4b:73:35:a7:
         a3:76:06:8f:18:aa:c7:0b:13:0d:4b:63:06:1d:a7:93:22:a6:
         b3:27:e2:a0:8a:ff:47:bd:4c:9c:26:89:c8:34:7c:43:c2:ba:
         ea:1c:a9:9d:1d:5c:5e:88:83:83:f7:66:60:cd:94:52:99:f3:
         c5:f0:c7:bd:36:48:6d:9a:25:19:22:9a:34:66:e1:45:b6:31:
         d0:92:62:f6:1e:8d:bc:8a:86:ad:3b:99:b6:dd:84:f1:69:98:
         c5:73:48:7b:8d:68:cb:57:b3:cc:8e:c2:67:f0:b2:93:a0:e4:
         69:96:5d:d4:96:40:98:f1:9a:6a:f0:c6:bd:2b:7d:89:74:f9:
         26:ff:cf:ef:76:9e:a8:e6:c1:d1:41:49:68:cf:47:e4:a7:42:
         2a:70:35:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJFMjkxMTAvBgNVBAUTKDY3QkFBNTg5Q0VCQ0Y3QzNGMjdENTNEOThFQUM0QzEw
NENDMDkxMzUwHhcNMjUwNDI0MTgyMzEwWhcNMjUwNTAxMTgyMzEwWjAYMRYwFAYD
VQQDEw02ODBhODE4ZS0xMzY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs2gyOPwUPbVCZG8R99UvdkgVL2jU4ktoMPdzTTWi83PeKnIjGTo9zjwfZVMp
LOKNnD1oV2nK4xjK2C1/ZcM/8H0B+vwEpw1dYj4BtkomZVekEzKPfUSX0wbqURuL
WMzuZmf3HiqDtGyhUMfzOrikVwRqCrvmvJklgKn/xJGnDx6LK+SU1CoWBvznQBFH
MsCU/GafdxGQsNe63cQGxDJdrw2tUx49FZxj1Od1FjpQ0uBwGxw7uVI90eTn+i4k
PMX61xVLK/0ca8owoJKRPKrwQaAdjp0EtqftZiFVKAQQpoXZcFBETj+bJgnV5y0u
6VfLBZZ+vEYVHwBn+082VAPsxQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAsOdnQ3
t7GAzLp2SZGmxgqTP504MB8GA1UdIwQYMBaAFGe6pYnOvPfD8n1T2Y6sTBBMwJE1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkUyOS9BRDMzNDAxQzA0
RkYxMUVBQjU4Q0I4MjNDNEY5QUUwMi9aN3FsaWM2ODk4UHlmVlBaanF4TUVFekFr
VFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1o3cWxpYzY4OThQeWZWUFpqcXhNRUV6QWtUVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
MkUyOS9BRDMzNDAxQzA0RkYxMUVBQjU4Q0I4MjNDNEY5QUUwMi9aN3FsaWM2ODk4
UHlmVlBaanF4TUVFekFrVFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAZgPo/yCvqZr55uOQvqq4hrQKF/Z7jtnP/dWVxzVatiKYL/r/qE3OD
f1LuYcZD20/b4mOtx2py3NNTnWRR1uoRFmPrNZs6MKHMfd2PBkFNWezXFHcwUPBO
WlWngPbgBqIqgM5g878cF0tzNaejdgaPGKrHCxMNS2MGHaeTIqazJ+Kgiv9HvUyc
JonINHxDwrrqHKmdHVxeiIOD92ZgzZRSmfPF8Me9NkhtmiUZIpo0ZuFFtjHQkmL2
Ho28ioatO5m23YTxaZjFc0h7jWjLV7PMjsJn8LKToORpll3UlkCY8Zpq8Ma9K32J
dPkm/8/vdp6o5sHRQUloz0fkp0IqcDVw
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:58:34 2025 by rpki-client