Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.mft
File:                     aZoPjRWjT1mVbLSADGxEBNwOvV0.mft (raw, json)
Hash identifier:          4VHLfOvzWbS51Vx8qSeS8Fm4YWFJW9fDjRMySw1JlSw=
Subject key identifier:   5B:68:A6:CE:E1:53:C7:FE:F4:86:61:FA:7E:28:80:72:3D:BE:8F:2F
Authority key identifier: 69:9A:0F:8D:15:A3:4F:59:95:6C:B4:80:0C:6C:44:04:DC:0E:BD:5D
Certificate issuer:       /CN=A915C1FE/serialNumber=699A0F8D15A34F59956CB4800C6C4404DC0EBD5D
Certificate serial:       349C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZoPjRWjT1mVbLSADGxEBNwOvV0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.mft
Manifest number:          347F
Signing time:             Thu 24 Apr 2025 15:18:27 +0000
Manifest this update:     Thu 24 Apr 2025 15:18:27 +0000
Manifest next update:     Thu 01 May 2025 15:18:27 +0000
Files and hashes:         1: aZoPjRWjT1mVbLSADGxEBNwOvV0.crl (hash: VPog6j7U/BX468V3c9n9AHFJQRbEjlsBmcFvoxEPDuY=)
                          2: 6BC5DC4AB10511E591A3E484C4F9AE02.roa (hash: H9fsyURTb8qh5DVJOvXZinGpj/nUZcubrPdBUX+wonM=)
                          3: 6A9E6940B10511E591A3E484C4F9AE02.roa (hash: jaRSKEufT55PHq8OPoLG/qgSfjEXVPXjl00275Oa/lI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.crl
                          rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZoPjRWjT1mVbLSADGxEBNwOvV0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 01 May 2025 15:18:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13468 (0x349c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915C1FE, serialNumber=699A0F8D15A34F59956CB4800C6C4404DC0EBD5D
        Validity
            Not Before: Apr 24 15:18:27 2025 GMT
            Not After : May  1 15:18:27 2025 GMT
        Subject: CN=680a5643-83be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:97:2b:13:6e:18:48:91:46:38:95:72:24:93:
                    17:4b:89:0c:77:2d:3f:bb:d1:df:93:66:f2:58:54:
                    47:8e:40:a6:a1:df:fe:4c:ed:8e:fc:1a:41:b6:9c:
                    44:57:3e:02:cd:81:de:55:92:94:04:95:9f:23:3e:
                    c3:ee:ef:8c:5c:fc:62:d1:9f:38:f7:20:d7:1f:1a:
                    27:17:90:29:b1:c1:13:ee:78:93:7b:ac:9a:dd:44:
                    cd:ac:7a:2e:62:9d:3c:2d:c6:b6:56:13:58:ad:3d:
                    d3:d6:ff:a9:fb:98:cd:ce:ff:49:01:ca:8a:8b:d6:
                    c3:f2:4d:41:af:80:20:27:e0:ec:31:bf:e8:1b:d2:
                    0a:8b:93:79:4f:0e:3d:d3:0f:2f:53:c7:85:e7:56:
                    48:9e:72:c0:f6:22:6b:11:90:fc:a7:3e:3a:03:13:
                    dd:df:e2:28:80:f3:a5:fe:fe:e1:e1:e7:1e:36:f8:
                    1d:25:13:12:d9:db:3f:be:81:da:ad:ec:a4:cf:01:
                    66:41:96:16:77:aa:be:0b:67:44:e2:88:e5:c6:01:
                    9d:b3:26:fd:a1:72:09:06:c0:2c:8f:d3:47:f6:1d:
                    a0:13:7a:20:cb:c9:26:cc:a7:f2:ad:12:94:d5:ef:
                    7c:18:86:1a:8c:b1:a2:71:0b:f6:f8:8d:63:b5:42:
                    87:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:68:A6:CE:E1:53:C7:FE:F4:86:61:FA:7E:28:80:72:3D:BE:8F:2F
            X509v3 Authority Key Identifier:
                keyid:69:9A:0F:8D:15:A3:4F:59:95:6C:B4:80:0C:6C:44:04:DC:0E:BD:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZoPjRWjT1mVbLSADGxEBNwOvV0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C1FE/D118AABA1DAA11E2A2ECCAA608B02CD2/aZoPjRWjT1mVbLSADGxEBNwOvV0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:b0:49:60:02:56:4c:ec:01:43:57:09:58:2e:42:93:f9:85:
         5c:f8:a8:fb:0d:62:35:14:88:91:25:d3:48:e7:9a:6f:64:ec:
         4b:78:36:58:14:42:2d:79:7c:de:40:43:72:9b:43:41:aa:ba:
         e1:0f:ed:15:53:6d:11:4f:36:c6:f0:1b:69:40:aa:bf:23:7c:
         75:7f:7b:96:26:51:a5:51:20:c5:e3:0d:10:49:a9:8d:25:74:
         ce:f0:cc:ef:1c:46:72:68:cb:42:14:fa:6a:11:17:20:5f:f2:
         00:78:16:9f:32:00:68:d5:9c:1a:bb:ac:76:83:d0:e3:7e:77:
         8c:ef:26:d9:dc:48:4c:ca:db:58:97:71:ff:4f:5d:3d:9d:e2:
         b6:b1:7b:b1:aa:97:59:6e:07:38:b8:35:e2:de:28:c5:ae:62:
         e9:03:34:17:2b:74:47:d6:17:68:24:6f:e1:df:7a:b6:e6:97:
         61:e4:98:5e:80:91:5f:3e:66:55:f2:66:a0:18:ef:48:e6:69:
         d6:3a:15:94:a1:95:4f:04:08:a2:55:c4:b4:84:15:55:82:9a:
         96:7c:4a:99:7b:f6:c3:db:b7:ff:a5:d9:4a:b0:83:aa:84:7a:
         68:79:84:69:f1:c6:ce:9a:ff:b0:75:5d:a5:0e:a8:98:f9:d7:
         4c:7f:af:d8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUMxRkUxMTAvBgNVBAUTKDY5OUEwRjhEMTVBMzRGNTk5NTZDQjQ4MDBDNkM0NDA0
REMwRUJENUQwHhcNMjUwNDI0MTUxODI3WhcNMjUwNTAxMTUxODI3WjAYMRYwFAYD
VQQDEw02ODBhNTY0My04M2JlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqJcrE24YSJFGOJVyJJMXS4kMdy0/u9Hfk2byWFRHjkCmod/+TO2O/BpBtpxE
Vz4CzYHeVZKUBJWfIz7D7u+MXPxi0Z849yDXHxonF5ApscET7niTe6ya3UTNrHou
Yp08Lca2VhNYrT3T1v+p+5jNzv9JAcqKi9bD8k1Br4AgJ+DsMb/oG9IKi5N5Tw49
0w8vU8eF51ZInnLA9iJrEZD8pz46AxPd3+IogPOl/v7h4eceNvgdJRMS2ds/voHa
reykzwFmQZYWd6q+C2dE4ojlxgGdsyb9oXIJBsAsj9NH9h2gE3ogy8kmzKfyrRKU
1e98GIYajLGicQv2+I1jtUKHfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFtops7h
U8f+9IZh+n4ogHI9vo8vMB8GA1UdIwQYMBaAFGmaD40Vo09ZlWy0gAxsRATcDr1d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzFGRS9EMTE4QUFCQTFE
QUExMUUyQTJFQ0NBQTYwOEIwMkNEMi9hWm9QalJXalQxbVZiTFNBREd4RUJOd092
VjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Fab1BqUldqVDFtVmJMU0FER3hFQk53T3ZWMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QzFGRS9EMTE4QUFCQTFEQUExMUUyQTJFQ0NBQTYwOEIwMkNEMi9hWm9QalJXalQx
bVZiTFNBREd4RUJOd092VjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBYsElgAlZM7AFDVwlYLkKT+YVc+Kj7DWI1FIiRJdNI55pvZOxLeDZY
FEIteXzeQENym0NBqrrhD+0VU20RTzbG8BtpQKq/I3x1f3uWJlGlUSDF4w0QSamN
JXTO8MzvHEZyaMtCFPpqERcgX/IAeBafMgBo1Zwau6x2g9DjfneM7ybZ3EhMyttY
l3H/T109neK2sXuxqpdZbgc4uDXi3ijFrmLpAzQXK3RH1hdoJG/h33q25pdh5Jhe
gJFfPmZV8magGO9I5mnWOhWUoZVPBAiiVcS0hBVVgpqWfEqZe/bD27f/pdlKsIOq
hHpoeYRp8cbOmv+wdV2lDqiY+ddMf6/Y
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:58:15 2025 by rpki-client