Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.mft
File:                     aZoPjRWjT1mVbLSADGxEBNwOvV0.mft (raw, json)
Hash identifier:          XasnIAwWOcKUbx2Xyn5TpYkiiHqUF5u9NX2hLzFA+hQ=
Subject key identifier:   67:73:7A:50:C9:D0:5F:5D:09:A8:A8:02:30:76:AD:9C:EE:B5:78:D6
Authority key identifier: 69:9A:0F:8D:15:A3:4F:59:95:6C:B4:80:0C:6C:44:04:DC:0E:BD:5D
Certificate issuer:       /CN=A915C1FE/serialNumber=699A0F8D15A34F59956CB4800C6C4404DC0EBD5D
Certificate serial:       349D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZoPjRWjT1mVbLSADGxEBNwOvV0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.mft
Manifest number:          3480
Signing time:             Sat 26 Apr 2025 15:17:38 +0000
Manifest this update:     Sat 26 Apr 2025 15:17:37 +0000
Manifest next update:     Sat 03 May 2025 15:17:37 +0000
Files and hashes:         1: aZoPjRWjT1mVbLSADGxEBNwOvV0.crl (hash: ERDGbSaHiI7H9pAGE8T8WxQpnzw/bjrHqc9tcs2Y2Fk=)
                          2: 6BC5DC4AB10511E591A3E484C4F9AE02.roa (hash: H9fsyURTb8qh5DVJOvXZinGpj/nUZcubrPdBUX+wonM=)
                          3: 6A9E6940B10511E591A3E484C4F9AE02.roa (hash: jaRSKEufT55PHq8OPoLG/qgSfjEXVPXjl00275Oa/lI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.crl
                          rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZoPjRWjT1mVbLSADGxEBNwOvV0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 03 May 2025 15:17:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13469 (0x349d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915C1FE, serialNumber=699A0F8D15A34F59956CB4800C6C4404DC0EBD5D
        Validity
            Not Before: Apr 26 15:17:37 2025 GMT
            Not After : May  3 15:17:37 2025 GMT
        Subject: CN=680cf911-fc6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:3d:ad:87:3b:7f:f7:17:80:67:c4:1d:88:19:
                    42:81:0d:f3:5a:71:a1:4a:f9:bb:f9:2f:10:a1:c3:
                    e7:36:b5:d5:08:ca:19:54:ba:14:67:e3:39:d9:f2:
                    ce:75:f4:fd:f6:0d:5f:20:c0:7f:1d:26:4b:7d:2d:
                    46:2e:a3:4d:3f:f2:a0:38:68:f7:cc:d3:41:a6:ce:
                    c6:c8:f6:7f:bc:09:b5:7a:01:04:8d:2c:3d:1f:1a:
                    cc:22:20:ba:5e:d1:42:b1:4b:77:44:ca:f1:42:e4:
                    20:98:c5:ad:94:96:ba:4d:3f:68:b2:8a:ee:42:e0:
                    28:bd:ae:8f:41:be:05:ed:10:f9:ac:68:0b:fc:21:
                    73:2f:cd:5d:60:af:ba:e2:7b:47:e0:59:de:a5:30:
                    1a:b8:e9:7b:a3:be:46:0a:50:46:b7:2d:dc:ed:bf:
                    13:2d:46:44:26:2a:14:e7:b3:2a:fa:3d:42:cb:22:
                    54:5e:df:5e:c7:21:1b:6a:c1:ed:45:f8:e5:17:b1:
                    2e:d1:e9:f7:5d:b9:74:4c:cf:aa:b4:3b:50:72:60:
                    07:ba:83:af:16:f8:19:de:de:a9:ec:56:56:40:bf:
                    5a:9f:ed:a8:8b:c8:6e:9b:f2:30:06:55:cf:20:95:
                    c3:84:ca:83:8f:f0:ec:3c:e1:96:de:9f:8a:54:4b:
                    8b:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:73:7A:50:C9:D0:5F:5D:09:A8:A8:02:30:76:AD:9C:EE:B5:78:D6
            X509v3 Authority Key Identifier:
                keyid:69:9A:0F:8D:15:A3:4F:59:95:6C:B4:80:0C:6C:44:04:DC:0E:BD:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZoPjRWjT1mVbLSADGxEBNwOvV0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:e2:41:b2:d5:d5:f4:db:b0:19:cc:2c:9d:35:4b:83:aa:ed:
         db:f4:a5:a1:3c:af:07:d2:46:b0:6a:c8:94:70:45:c1:63:7f:
         30:a0:93:ad:c5:25:39:12:f3:93:3c:3a:97:2d:e7:d8:86:85:
         d1:93:73:16:3a:f9:9b:43:c1:9d:63:d1:c1:db:4b:69:8d:b3:
         15:36:e7:79:5b:e9:82:24:42:bd:5e:ba:d0:a6:2f:8e:7b:52:
         26:d5:16:b4:a8:3e:19:a0:d6:97:3e:66:54:e3:7d:d3:b8:f8:
         9f:58:32:b4:ba:43:e8:50:19:9f:31:09:f1:86:ef:5d:27:3d:
         c6:95:8e:84:0f:78:1d:c1:89:c3:c3:a7:5f:96:ff:78:99:a1:
         bb:be:33:6d:1d:cb:7e:88:3d:27:1d:47:eb:c9:cc:56:80:b4:
         c8:9f:10:40:03:58:1d:10:45:4c:ef:50:d0:d4:4b:ed:19:1e:
         7d:87:d8:9f:5b:ac:9a:39:9c:9e:0c:7e:c7:55:59:c6:8c:70:
         1f:49:d5:ff:de:56:ff:64:ae:e9:48:d6:43:59:d3:ae:f1:5b:
         2d:d2:64:30:79:1f:ab:b7:42:32:d4:d3:d3:14:93:a6:f6:19:
         8a:1c:32:31:60:bb:0c:42:fb:2a:cf:95:49:34:be:15:16:e8:
         95:81:f2:0d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUMxRkUxMTAvBgNVBAUTKDY5OUEwRjhEMTVBMzRGNTk5NTZDQjQ4MDBDNkM0NDA0
REMwRUJENUQwHhcNMjUwNDI2MTUxNzM3WhcNMjUwNTAzMTUxNzM3WjAYMRYwFAYD
VQQDEw02ODBjZjkxMS1mYzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsj2thzt/9xeAZ8QdiBlCgQ3zWnGhSvm7+S8QocPnNrXVCMoZVLoUZ+M52fLO
dfT99g1fIMB/HSZLfS1GLqNNP/KgOGj3zNNBps7GyPZ/vAm1egEEjSw9HxrMIiC6
XtFCsUt3RMrxQuQgmMWtlJa6TT9osoruQuAova6PQb4F7RD5rGgL/CFzL81dYK+6
4ntH4FnepTAauOl7o75GClBGty3c7b8TLUZEJioU57Mq+j1CyyJUXt9exyEbasHt
RfjlF7Eu0en3Xbl0TM+qtDtQcmAHuoOvFvgZ3t6p7FZWQL9an+2oi8hum/IwBlXP
IJXDhMqDj/DsPOGW3p+KVEuLiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGdzelDJ
0F9dCaioAjB2rZzutXjWMB8GA1UdIwQYMBaAFGmaD40Vo09ZlWy0gAxsRATcDr1d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzFGRS9EMTE4QUFCQTFE
QUExMUUyQTJFQ0NBQTYwOEIwMkNEMi9hWm9QalJXalQxbVZiTFNBREd4RUJOd092
VjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Fab1BqUldqVDFtVmJMU0FER3hFQk53T3ZWMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QzFGRS9EMTE4QUFCQTFEQUExMUUyQTJFQ0NBQTYwOEIwMkNEMi9hWm9QalJXalQx
bVZiTFNBREd4RUJOd092VjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCM4kGy1dX027AZzCydNUuDqu3b9KWhPK8H0kawasiUcEXBY38woJOt
xSU5EvOTPDqXLefYhoXRk3MWOvmbQ8GdY9HB20tpjbMVNud5W+mCJEK9XrrQpi+O
e1Im1Ra0qD4ZoNaXPmZU433TuPifWDK0ukPoUBmfMQnxhu9dJz3GlY6ED3gdwYnD
w6dflv94maG7vjNtHct+iD0nHUfrycxWgLTInxBAA1gdEEVM71DQ1EvtGR59h9if
W6yaOZyeDH7HVVnGjHAfSdX/3lb/ZK7pSNZDWdOu8Vst0mQweR+rt0Iy1NPTFJOm
9hmKHDIxYLsMQvsqz5VJNL4VFuiVgfIN
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:25:22 2025 by rpki-client