Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft
File:                     ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft (raw, json)
Hash identifier:          KbRpLcqtBpZI/RgzRzU9+XkS8cRfg+/yiOWo1uiu0lg=
Subject key identifier:   23:0C:17:7E:9E:B4:6D:E2:6A:F0:DC:89:D4:9F:D4:A5:7B:27:8D:31
Authority key identifier: C9:C2:8F:99:0B:62:74:12:C9:7C:2D:CE:C7:C9:06:E6:1A:D3:25:AC
Certificate issuer:       /CN=A91597E8/serialNumber=C9C28F990B627412C97C2DCEC7C906E61AD325AC
Certificate serial:       347C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft
Manifest number:          347C
Signing time:             Thu 24 Apr 2025 14:43:34 +0000
Manifest this update:     Thu 24 Apr 2025 14:43:34 +0000
Manifest next update:     Thu 01 May 2025 14:43:34 +0000
Files and hashes:         1: ycKPmQtidBLJfC3Ox8kG5hrTJaw.crl (hash: XAP0SryeVIwCStMj9JDgd7T+6k9R1HkcwlllHg3fqTM=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.crl
                          rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 01 May 2025 14:43:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13436 (0x347c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91597E8, serialNumber=C9C28F990B627412C97C2DCEC7C906E61AD325AC
        Validity
            Not Before: Apr 24 14:43:34 2025 GMT
            Not After : May  1 14:43:34 2025 GMT
        Subject: CN=680a4e16-c205
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:86:f3:5c:d6:98:c2:fd:e6:f0:38:ef:2e:c3:
                    29:72:86:54:62:6c:0f:92:d5:bd:d1:a2:2f:bf:40:
                    c5:31:1d:a2:13:eb:50:03:30:27:5f:04:ef:22:6a:
                    92:85:88:6b:72:79:33:df:fa:1b:a0:d9:73:ef:d7:
                    8b:ca:61:25:51:1e:52:34:dd:9a:95:0e:48:0e:a7:
                    f7:31:06:4d:28:f8:79:51:2c:a0:6c:d4:69:24:15:
                    f5:5f:be:26:dc:08:6e:e2:91:5f:87:93:15:87:dd:
                    4c:e1:4b:2d:a9:b1:84:65:2f:a2:a7:e8:c3:b8:ff:
                    59:b9:ca:53:b7:9c:d5:ff:1a:b0:8b:24:4d:c2:12:
                    0f:0e:95:6b:c3:ae:af:9f:8f:41:94:37:de:bb:e8:
                    56:95:81:40:9e:b2:54:6a:0e:16:e4:e0:eb:21:ff:
                    59:d4:7e:c1:52:22:c5:47:f5:e1:dd:93:95:47:31:
                    4b:19:f7:3c:5c:82:89:25:d3:ac:40:27:12:c5:88:
                    56:b7:64:25:7a:65:63:85:15:8a:2c:cb:7e:2f:f4:
                    64:cf:82:78:3b:88:8a:8b:04:39:db:0a:2f:18:eb:
                    23:50:b2:30:fa:6b:f4:48:73:6c:e0:20:df:a8:8b:
                    21:e6:06:8c:96:fe:2a:e0:10:07:66:5a:22:30:66:
                    d3:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:0C:17:7E:9E:B4:6D:E2:6A:F0:DC:89:D4:9F:D4:A5:7B:27:8D:31
            X509v3 Authority Key Identifier:
                keyid:C9:C2:8F:99:0B:62:74:12:C9:7C:2D:CE:C7:C9:06:E6:1A:D3:25:AC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91597E8/7A0FE7FA1D9211E2B5BC74F508B02CD2/ycKPmQtidBLJfC3Ox8kG5hrTJaw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:cb:dd:cb:f9:04:b4:dc:d4:97:2f:5f:bc:13:40:98:b8:d9:
         91:78:8d:99:83:8c:97:a8:b7:57:cb:a6:df:99:8c:09:37:e4:
         41:db:aa:e1:cf:76:7e:f4:f2:d5:9c:6f:c5:96:4f:37:d9:cd:
         f3:5b:db:b3:48:cc:a7:fd:42:a7:4b:e3:c7:a9:46:97:42:fd:
         05:e8:7c:c2:c7:8f:5b:ff:36:83:a7:8a:21:ab:63:d8:e5:ea:
         99:66:9d:df:aa:4b:35:79:71:b2:91:7b:b7:25:72:0c:d3:32:
         1c:e2:e3:56:36:45:ca:b6:c1:b4:f1:9c:46:44:0f:c4:c1:4a:
         19:93:f9:ae:83:a4:c0:cc:2d:38:e5:24:5f:37:63:ba:99:fd:
         07:02:7b:04:f4:2d:10:68:cb:35:0b:b7:3d:22:39:70:f3:3d:
         c9:36:ac:38:d5:17:b0:c0:4c:a9:75:08:fa:7c:ea:4f:0d:29:
         4b:1a:f3:6a:04:5a:ca:27:54:58:b6:f9:31:4d:52:77:fb:c4:
         75:1c:dd:50:ea:3d:db:3c:21:f2:f7:87:67:f2:42:0e:6a:1b:
         4b:6d:d7:f5:ba:a8:2e:fa:94:ad:97:d3:b4:6d:d0:99:af:5f:
         64:05:c1:b1:cb:a4:74:2a:7b:77:a1:ce:58:48:e0:03:80:c9:
         cb:f6:07:35
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNHwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTk3RTgxMTAvBgNVBAUTKEM5QzI4Rjk5MEI2Mjc0MTJDOTdDMkRDRUM3QzkwNkU2
MUFEMzI1QUMwHhcNMjUwNDI0MTQ0MzM0WhcNMjUwNTAxMTQ0MzM0WjAYMRYwFAYD
VQQDEw02ODBhNGUxNi1jMjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1YbzXNaYwv3m8DjvLsMpcoZUYmwPktW90aIvv0DFMR2iE+tQAzAnXwTvImqS
hYhrcnkz3/oboNlz79eLymElUR5SNN2alQ5IDqf3MQZNKPh5USygbNRpJBX1X74m
3Ahu4pFfh5MVh91M4UstqbGEZS+ip+jDuP9ZucpTt5zV/xqwiyRNwhIPDpVrw66v
n49BlDfeu+hWlYFAnrJUag4W5ODrIf9Z1H7BUiLFR/Xh3ZOVRzFLGfc8XIKJJdOs
QCcSxYhWt2QlemVjhRWKLMt+L/Rkz4J4O4iKiwQ52wovGOsjULIw+mv0SHNs4CDf
qIsh5gaMlv4q4BAHZloiMGbT4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCMMF36e
tG3iavDcidSf1KV7J40xMB8GA1UdIwQYMBaAFMnCj5kLYnQSyXwtzsfJBuYa0yWs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTdFOC83QTBGRTdGQTFE
OTIxMUUyQjVCQzc0RjUwOEIwMkNEMi95Y0tQbVF0aWRCTEpmQzNPeDhrRzVoclRK
YXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ljS1BtUXRpZEJMSmZDM094OGtHNWhyVEphdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
OTdFOC83QTBGRTdGQTFEOTIxMUUyQjVCQzc0RjUwOEIwMkNEMi95Y0tQbVF0aWRC
TEpmQzNPeDhrRzVoclRKYXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA6y93L+QS03NSXL1+8E0CYuNmReI2Zg4yXqLdXy6bfmYwJN+RB26rh
z3Z+9PLVnG/Flk832c3zW9uzSMyn/UKnS+PHqUaXQv0F6HzCx49b/zaDp4ohq2PY
5eqZZp3fqks1eXGykXu3JXIM0zIc4uNWNkXKtsG08ZxGRA/EwUoZk/mug6TAzC04
5SRfN2O6mf0HAnsE9C0QaMs1C7c9Ijlw8z3JNqw41RewwEypdQj6fOpPDSlLGvNq
BFrKJ1RYtvkxTVJ3+8R1HN1Q6j3bPCHy94dn8kIOahtLbdf1uqgu+pStl9O0bdCZ
r19kBcGxy6R0Knt3oc5YSOADgMnL9gc1
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:58:16 2025 by rpki-client