Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft
File:                     iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft (raw, json)
Hash identifier:          p318W+SyCaSnBKey6ekPizx4uLfrpsEhpwhHDewgDEo=
Subject key identifier:   61:99:9E:E5:31:08:77:F2:27:F2:C0:85:D5:18:9E:01:7B:0E:17:FB
Authority key identifier: 88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44
Certificate issuer:       /CN=A9157DA0/serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44
Certificate serial:       34D1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft
Manifest number:          34BD
Signing time:             Fri 08 Aug 2025 14:37:06 +0000
Manifest this update:     Fri 08 Aug 2025 14:37:05 +0000
Manifest next update:     Fri 15 Aug 2025 14:37:05 +0000
Files and hashes:         1: iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl (hash: hGSK5ttEL0IAe7mIxHBDpCrzZUrlFnmULrwpCmmgEoI=)
                          2: 10BC8836509B11F0A1C78F35C4F9AE02.roa (hash: 5P8iz2/f75JawHS84+uOtc39+Wj5fIfZ/CgqWjpJHIs=)
                          3: E52708AADFCE11EFBC4CD631C4F9AE02.roa (hash: /pC0o36JZbc/+sMAFn6ZasM1rRw+KC7uxqzujpRX3bY=)
                          4: 075152B253CB11F09DA22358C4F9AE02.roa (hash: zuQumTbCd8/+WRCpCpTlfL5cCnKF+yOSXxN8EoHEiUM=)
                          5: E4BA3CE8DFCE11EFBC4CD631C4F9AE02.roa (hash: H2psEBDgMdRvNZgUPZApVJCLqrPQ8EnSpGElYQR9ZLA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl
                          rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13521 (0x34d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9157DA0, serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44
        Validity
            Not Before: Aug  8 14:37:05 2025 GMT
            Not After : Aug 15 14:37:05 2025 GMT
        Subject: CN=68960b92-efff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d5:5c:9b:f3:9b:8d:df:e6:b6:ae:9e:7f:9f:
                    7e:c8:4f:34:3f:3a:ba:84:e4:66:25:7e:27:3f:cd:
                    95:4a:2b:c7:29:2b:93:c1:10:9f:bf:95:b7:58:40:
                    bb:ed:f2:01:c4:d1:35:24:ec:c4:01:dc:b8:f7:e8:
                    41:a4:89:13:8f:0c:ef:f5:73:82:81:28:0d:20:42:
                    c0:ea:14:e7:35:bc:e1:c1:97:66:c1:1e:0e:11:2f:
                    f0:76:3b:a2:69:09:fb:1f:ec:fb:f8:95:84:9f:8e:
                    14:6b:a6:d0:25:41:1b:ce:47:1d:82:de:e9:14:0c:
                    f8:a5:48:c3:22:0b:89:d0:9e:6c:fd:cf:db:65:9e:
                    85:e4:ff:19:58:49:83:20:ef:40:4c:62:bf:ae:77:
                    8d:01:5e:b1:b3:7a:d6:8b:5d:0e:23:3a:99:23:c7:
                    3e:3d:f1:70:c2:59:11:67:3c:32:af:b1:65:9b:5b:
                    ec:b9:91:ae:f9:03:f3:de:e4:c0:ff:a8:4f:ef:33:
                    fd:83:a6:a7:26:d1:5c:73:e1:c5:cf:d2:4e:96:ad:
                    d6:1f:52:b1:f8:86:b9:6e:43:e8:8a:02:15:c3:ab:
                    4f:d8:ec:a1:15:c9:21:9b:13:17:2f:5f:60:cf:d0:
                    47:92:7e:85:00:d2:cb:56:31:f7:46:43:b6:b8:c6:
                    fb:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:99:9E:E5:31:08:77:F2:27:F2:C0:85:D5:18:9E:01:7B:0E:17:FB
            X509v3 Authority Key Identifier:
                keyid:88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:7c:ee:d5:1a:a1:6c:cf:f0:46:b1:8d:96:cd:11:0d:fb:48:
         10:4e:52:e8:2c:8f:95:2c:3b:ca:06:0f:82:d7:a2:40:d1:ea:
         5b:bc:99:72:7e:d1:c0:75:2a:1a:a1:07:ee:fb:c5:05:8a:80:
         68:69:51:b4:6a:74:6e:3e:a6:db:d4:e0:90:a3:ca:01:6a:99:
         92:1e:45:47:eb:e1:55:11:72:14:92:40:bc:ea:ef:0b:f0:e1:
         0e:cb:be:23:3c:dc:f9:3e:a5:16:51:28:ac:6f:a0:68:ab:2e:
         60:f5:d7:b6:7a:d2:36:28:a5:13:8e:d3:3e:3a:e0:81:d7:d7:
         05:5f:77:5f:3a:ef:15:a3:65:25:42:3a:66:44:98:28:99:49:
         db:70:bf:7e:b2:6d:76:4e:e2:11:8a:da:86:b2:9e:b1:1b:3c:
         05:15:81:13:cd:e9:33:83:47:cb:7e:1f:a4:de:66:5e:62:67:
         5b:50:00:24:5a:34:07:9d:e3:59:6e:06:fd:88:22:65:33:42:
         2b:bd:e2:4e:d5:35:49:ef:9b:51:fa:48:6e:bd:71:20:22:32:
         1c:5d:fd:93:dc:aa:21:77:2f:00:65:d2:3c:24:ae:7d:9e:d4:
         46:14:89:ed:ed:29:1a:8f:90:a0:f8:b5:1f:0b:78:ba:be:1d:
         ac:41:66:6c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNNEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEQTAxMTAvBgNVBAUTKDg4ODdDRjZDRjUxMDJGMEZCNzEzRjRDNEExQkRFMzg5
NDgxRjFDNDQwHhcNMjUwODA4MTQzNzA1WhcNMjUwODE1MTQzNzA1WjAYMRYwFAYD
VQQDEw02ODk2MGI5Mi1lZmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtdVcm/Objd/mtq6ef59+yE80Pzq6hORmJX4nP82VSivHKSuTwRCfv5W3WEC7
7fIBxNE1JOzEAdy49+hBpIkTjwzv9XOCgSgNIELA6hTnNbzhwZdmwR4OES/wdjui
aQn7H+z7+JWEn44Ua6bQJUEbzkcdgt7pFAz4pUjDIguJ0J5s/c/bZZ6F5P8ZWEmD
IO9ATGK/rneNAV6xs3rWi10OIzqZI8c+PfFwwlkRZzwyr7Flm1vsuZGu+QPz3uTA
/6hP7zP9g6anJtFcc+HFz9JOlq3WH1Kx+Ia5bkPoigIVw6tP2OyhFckhmxMXL19g
z9BHkn6FANLLVjH3RkO2uMb7ZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGGZnuUx
CHfyJ/LAhdUYngF7Dhf7MB8GA1UdIwQYMBaAFIiHz2z1EC8PtxP0xKG944lIHxxE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBMC8zQTBEOTMxMDFE
OEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3LTNFX1RFb2IzamlVZ2ZI
RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lJZlBiUFVRTHctM0VfVEVvYjNqaVVnZkhFUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
N0RBMC8zQTBEOTMxMDFEOEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3
LTNFX1RFb2IzamlVZ2ZIRVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAffO7VGqFsz/BGsY2WzREN+0gQTlLoLI+VLDvKBg+C16JA0epbvJly
ftHAdSoaoQfu+8UFioBoaVG0anRuPqbb1OCQo8oBapmSHkVH6+FVEXIUkkC86u8L
8OEOy74jPNz5PqUWUSisb6Boqy5g9de2etI2KKUTjtM+OuCB19cFX3dfOu8Vo2Ul
QjpmRJgomUnbcL9+sm12TuIRitqGsp6xGzwFFYETzekzg0fLfh+k3mZeYmdbUAAk
WjQHneNZbgb9iCJlM0IrveJO1TVJ75tR+khuvXEgIjIcXf2T3Kohdy8AZdI8JK59
ntRGFInt7Skaj5Cg+LUfC3i6vh2sQWZs
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:49:12 2025 by rpki-client