Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft
File:                     ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft (raw, json)
Hash identifier:          z0o7AWDcqkborg55anRfz52XMU3ZLZbbH561GJ22BLI=
Subject key identifier:   7E:79:89:B3:75:C1:95:92:B9:35:C4:1F:43:18:84:47:A1:90:9A:AC
Authority key identifier: C9:C2:8F:99:0B:62:74:12:C9:7C:2D:CE:C7:C9:06:E6:1A:D3:25:AC
Certificate issuer:       /CN=A91597E8/serialNumber=C9C28F990B627412C97C2DCEC7C906E61AD325AC
Certificate serial:       347D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft
Manifest number:          347D
Signing time:             Sat 26 Apr 2025 14:44:24 +0000
Manifest this update:     Sat 26 Apr 2025 14:44:23 +0000
Manifest next update:     Sat 03 May 2025 14:44:23 +0000
Files and hashes:         1: ycKPmQtidBLJfC3Ox8kG5hrTJaw.crl (hash: I23tA4L6TDepvqujY3Fl6RwtMj9qwmw7nSaSAAHPOS4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.crl
                          rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 03 May 2025 14:44:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13437 (0x347d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91597E8, serialNumber=C9C28F990B627412C97C2DCEC7C906E61AD325AC
        Validity
            Not Before: Apr 26 14:44:23 2025 GMT
            Not After : May  3 14:44:23 2025 GMT
        Subject: CN=680cf147-be7e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:bf:0d:0d:e6:0a:0d:60:ff:50:90:59:6a:90:
                    70:ba:e0:11:50:7e:29:cb:7f:b8:4f:9e:6d:cb:59:
                    9a:c7:34:09:2f:c5:3d:29:ba:01:05:32:2b:c2:a1:
                    70:b9:0b:dc:16:00:06:1e:46:d5:07:60:47:1d:35:
                    d0:33:01:dc:ab:c4:e5:1c:d5:2b:21:6e:6e:63:73:
                    d1:4a:ff:63:07:a9:95:b7:97:d3:4b:52:aa:f0:45:
                    f7:04:93:4a:ca:36:2b:d0:ad:25:96:e2:62:61:b7:
                    27:59:dc:dc:03:48:a8:a2:54:30:19:d2:90:97:95:
                    20:b5:5b:66:42:ff:fb:90:32:30:70:13:72:c5:ad:
                    66:82:5c:ce:3e:dc:cc:ff:28:db:5d:15:a7:19:81:
                    7d:33:7d:ec:8a:38:77:a9:e0:7a:69:00:c9:c1:57:
                    cc:28:18:55:d3:02:2f:49:47:2b:32:95:01:58:65:
                    d1:02:42:e0:af:8c:d6:cd:74:1e:f0:d2:90:ed:46:
                    5f:36:4c:fb:0e:21:63:8d:10:02:c4:41:50:3d:6f:
                    22:d7:31:28:9e:62:d6:20:58:0a:89:72:01:67:be:
                    0c:0b:43:4b:99:0c:27:99:fe:b6:6f:e0:fd:1a:42:
                    d1:8e:c6:88:c0:87:cf:0d:1d:4e:37:34:54:83:1d:
                    08:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:79:89:B3:75:C1:95:92:B9:35:C4:1F:43:18:84:47:A1:90:9A:AC
            X509v3 Authority Key Identifier:
                keyid:C9:C2:8F:99:0B:62:74:12:C9:7C:2D:CE:C7:C9:06:E6:1A:D3:25:AC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:71:ae:ce:76:c3:96:b9:42:f8:5d:1e:90:20:70:00:be:05:
         f5:25:bd:d0:01:19:c7:ec:8c:c4:a2:a8:c3:d1:ac:0f:8d:1a:
         5a:c7:bf:22:c9:b6:dc:b8:c5:b9:90:71:c5:6f:62:e5:33:4a:
         0f:3e:af:4d:be:eb:7d:6f:79:4c:55:ac:cd:f3:c3:cd:28:9a:
         13:b8:87:cd:38:9a:f4:1b:07:33:cf:7d:4f:e9:34:90:04:71:
         59:21:c5:ab:54:19:4f:1c:c9:b7:fa:8c:88:03:ed:90:65:c3:
         cf:31:33:e8:2a:3f:55:50:03:3d:32:7f:0b:80:a2:a1:41:61:
         73:7c:4b:5f:7d:51:44:98:9c:d2:65:7f:4f:c7:5f:df:8c:b1:
         4d:74:01:e5:35:20:2e:6a:23:df:02:8f:a5:76:c3:68:4a:9f:
         55:70:39:a5:ac:12:e2:fd:7f:47:ac:5b:0f:14:e7:28:a6:e9:
         84:85:03:16:02:c5:0e:93:05:32:ea:0d:c9:ad:ec:d8:02:c2:
         9c:54:fd:d9:8a:dd:9d:04:85:9f:43:9c:97:f4:5c:13:e2:e0:
         9f:22:ac:2e:fb:e3:bf:16:92:97:bf:c1:e6:a7:be:37:8a:07:
         af:a7:e6:89:73:42:29:ca:45:2a:b4:08:29:bc:7f:a3:b4:b1:
         bb:bd:ac:62
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNH0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTk3RTgxMTAvBgNVBAUTKEM5QzI4Rjk5MEI2Mjc0MTJDOTdDMkRDRUM3QzkwNkU2
MUFEMzI1QUMwHhcNMjUwNDI2MTQ0NDIzWhcNMjUwNTAzMTQ0NDIzWjAYMRYwFAYD
VQQDEw02ODBjZjE0Ny1iZTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2r8NDeYKDWD/UJBZapBwuuARUH4py3+4T55ty1maxzQJL8U9KboBBTIrwqFw
uQvcFgAGHkbVB2BHHTXQMwHcq8TlHNUrIW5uY3PRSv9jB6mVt5fTS1Kq8EX3BJNK
yjYr0K0lluJiYbcnWdzcA0ioolQwGdKQl5UgtVtmQv/7kDIwcBNyxa1mglzOPtzM
/yjbXRWnGYF9M33sijh3qeB6aQDJwVfMKBhV0wIvSUcrMpUBWGXRAkLgr4zWzXQe
8NKQ7UZfNkz7DiFjjRACxEFQPW8i1zEonmLWIFgKiXIBZ74MC0NLmQwnmf62b+D9
GkLRjsaIwIfPDR1ONzRUgx0InQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH55ibN1
wZWSuTXEH0MYhEehkJqsMB8GA1UdIwQYMBaAFMnCj5kLYnQSyXwtzsfJBuYa0yWs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTdFOC83QTBGRTdGQTFE
OTIxMUUyQjVCQzc0RjUwOEIwMkNEMi95Y0tQbVF0aWRCTEpmQzNPeDhrRzVoclRK
YXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ljS1BtUXRpZEJMSmZDM094OGtHNWhyVEphdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
OTdFOC83QTBGRTdGQTFEOTIxMUUyQjVCQzc0RjUwOEIwMkNEMi95Y0tQbVF0aWRC
TEpmQzNPeDhrRzVoclRKYXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBGca7OdsOWuUL4XR6QIHAAvgX1Jb3QARnH7IzEoqjD0awPjRpax78i
ybbcuMW5kHHFb2LlM0oPPq9Nvut9b3lMVazN88PNKJoTuIfNOJr0Gwczz31P6TSQ
BHFZIcWrVBlPHMm3+oyIA+2QZcPPMTPoKj9VUAM9Mn8LgKKhQWFzfEtffVFEmJzS
ZX9Px1/fjLFNdAHlNSAuaiPfAo+ldsNoSp9VcDmlrBLi/X9HrFsPFOcopumEhQMW
AsUOkwUy6g3JrezYAsKcVP3Zit2dBIWfQ5yX9FwT4uCfIqwu++O/FpKXv8Hmp743
igevp+aJc0IpykUqtAgpvH+jtLG7vaxi
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:25:46 2025 by rpki-client