Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.mft
File:                     rIf9aQzGskx4_D9x0y3eDbookNs.mft (raw, json)
Hash identifier:          efUfe8j1xLV//6KYA/B3IlfUOnCnpeYRVTdMp5iCGSA=
Subject key identifier:   2C:7B:18:2E:FB:78:5A:4E:62:4B:79:0C:A3:E4:41:CF:8D:E6:76:D6
Authority key identifier: AC:87:FD:69:0C:C6:B2:4C:78:FC:3F:71:D3:2D:DE:0D:BA:28:90:DB
Certificate issuer:       /CN=A917C156/serialNumber=AC87FD690CC6B24C78FC3F71D32DDE0DBA2890DB
Certificate serial:       43
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rIf9aQzGskx4_D9x0y3eDbookNs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.mft
Manifest number:          3F
Signing time:             Mon 11 Aug 2025 07:48:59 +0000
Manifest this update:     Mon 11 Aug 2025 07:48:58 +0000
Manifest next update:     Mon 18 Aug 2025 07:48:58 +0000
Files and hashes:         1: rIf9aQzGskx4_D9x0y3eDbookNs.crl (hash: 1Rrw2m0KvMwaD1bLgpSHZMnlhyRDym/wSBRC8ACP6rc=)
                          2: 82B7AD281C2811F0AF6EDC47C4F9AE02.roa (hash: TOct4YZ3x0uVg6PIqVFGhW7Pj8+y8nCLAaZLvcpqBvw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.crl
                          rsync://rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rIf9aQzGskx4_D9x0y3eDbookNs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67 (0x43)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917C156, serialNumber=AC87FD690CC6B24C78FC3F71D32DDE0DBA2890DB
        Validity
            Not Before: Aug 11 07:48:58 2025 GMT
            Not After : Aug 18 07:48:58 2025 GMT
        Subject: CN=6899a06b-28ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:4e:b4:e6:f9:fb:c4:37:ae:81:2c:a7:a7:cb:
                    45:1e:05:3c:ba:d7:87:be:67:ae:73:3f:76:0d:3f:
                    e5:76:47:fa:3f:49:ea:dd:2c:bf:d4:60:fc:11:14:
                    37:d0:f7:9a:cd:0c:78:6a:53:52:56:8b:2c:0a:8b:
                    3d:a4:f1:29:29:07:b2:05:b6:f0:fa:9c:b1:4d:68:
                    2f:35:32:2f:b5:3d:0c:53:11:51:23:f6:dd:bc:5f:
                    d6:80:8e:7b:3e:b6:d2:6e:0e:08:83:b3:2a:55:be:
                    f2:91:0a:c5:f8:6e:f8:69:75:24:98:c6:2c:7b:c2:
                    61:64:17:e5:8d:07:11:42:7a:0e:b5:25:00:03:6f:
                    f6:2d:98:67:6b:5b:87:07:c9:77:cb:ae:1d:43:8e:
                    aa:4f:2b:ff:41:04:cd:5c:b4:6e:be:76:ce:ca:b0:
                    38:f6:eb:64:10:63:11:c4:97:8d:aa:91:bc:e9:f0:
                    cc:d6:cc:2f:b8:b0:99:16:91:bf:10:9b:7c:0e:cb:
                    d5:0b:dd:13:68:95:2d:2e:c7:34:92:5e:43:04:d7:
                    89:bf:61:83:cf:d6:e8:4b:48:90:5d:ec:a4:ac:f9:
                    06:48:c2:a8:74:c9:57:60:ed:30:4e:4a:bb:e5:91:
                    2f:c3:42:0e:d0:cc:4c:f9:aa:21:d7:74:41:da:8b:
                    a4:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:7B:18:2E:FB:78:5A:4E:62:4B:79:0C:A3:E4:41:CF:8D:E6:76:D6
            X509v3 Authority Key Identifier:
                keyid:AC:87:FD:69:0C:C6:B2:4C:78:FC:3F:71:D3:2D:DE:0D:BA:28:90:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rIf9aQzGskx4_D9x0y3eDbookNs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:60:d9:bd:6d:b4:7a:57:da:ca:5d:1c:4e:75:10:e0:4f:6c:
         6b:3d:ad:4b:36:10:1e:4f:78:c8:9c:1a:d0:1d:62:be:29:62:
         25:b7:86:0f:7b:66:de:6d:6b:cc:c8:b4:4f:07:63:73:85:a8:
         ec:96:d2:b4:8d:2c:48:cd:e6:1b:52:b0:2b:3b:d7:3b:bf:aa:
         b1:ce:fe:e1:bd:6d:71:9c:ef:26:5d:28:48:31:31:93:27:57:
         26:a3:83:2e:e5:eb:4b:a0:9d:91:02:ae:a2:bb:32:cf:a8:a1:
         64:5f:19:b7:64:72:6e:af:d0:5a:86:bc:fb:75:d9:d7:cd:97:
         91:7b:80:f9:cf:ef:be:96:63:2c:73:9c:fa:bf:39:f8:96:12:
         88:08:81:69:5b:13:90:34:bf:2b:90:77:34:17:36:df:ae:c2:
         1e:5c:eb:17:de:4b:72:83:df:af:d2:d9:0c:c6:93:4e:0a:be:
         bb:3e:5e:e1:71:34:40:c3:b1:80:1a:64:ae:bb:81:33:90:7a:
         96:6e:04:0c:1d:2e:90:6b:ec:7d:a1:c8:26:30:8d:77:c2:ff:
         28:10:bf:74:8c:c1:bd:1c:bf:4b:21:f9:ea:0c:ee:ad:9a:45:
         d4:8a:99:64:f6:45:eb:a8:16:41:f1:11:84:08:b0:f9:00:97:
         d1:04:de:4e
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QzE1NjExMC8GA1UEBRMoQUM4N0ZENjkwQ0M2QjI0Qzc4RkMzRjcxRDMyRERFMERC
QTI4OTBEQjAeFw0yNTA4MTEwNzQ4NThaFw0yNTA4MTgwNzQ4NThaMBgxFjAUBgNV
BAMTDTY4OTlhMDZiLTI4YWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDTrTm+fvEN66BLKeny0UeBTy614e+Z65zP3YNP+V2R/o/SerdLL/UYPwRFDfQ
95rNDHhqU1JWiywKiz2k8SkpB7IFtvD6nLFNaC81Mi+1PQxTEVEj9t28X9aAjns+
ttJuDgiDsypVvvKRCsX4bvhpdSSYxix7wmFkF+WNBxFCeg61JQADb/YtmGdrW4cH
yXfLrh1DjqpPK/9BBM1ctG6+ds7KsDj262QQYxHEl42qkbzp8MzWzC+4sJkWkb8Q
m3wOy9UL3RNolS0uxzSSXkME14m/YYPP1uhLSJBd7KSs+QZIwqh0yVdg7TBOSrvl
kS/DQg7QzEz5qiHXdEHai6SFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQULHsYLvt4
Wk5iS3kMo+RBz43mdtYwHwYDVR0jBBgwFoAUrIf9aQzGskx4/D9x0y3eDbookNsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDMTU2LzE0MkU2NERFMUMw
MzExRjBBNURDMTU1NkM0RjlBRTAyL3JJZjlhUXpHc2t4NF9EOXgweTNlRGJvb2tO
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcklmOWFRekdza3g0X0Q5eDB5M2VEYm9va05zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdD
MTU2LzE0MkU2NERFMUMwMzExRjBBNURDMTU1NkM0RjlBRTAyL3JJZjlhUXpHc2t4
NF9EOXgweTNlRGJvb2tOcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAAtg2b1ttHpX2spdHE51EOBPbGs9rUs2EB5PeMicGtAdYr4pYiW3hg97
Zt5ta8zItE8HY3OFqOyW0rSNLEjN5htSsCs71zu/qrHO/uG9bXGc7yZdKEgxMZMn
Vyajgy7l60ugnZECrqK7Ms+ooWRfGbdkcm6v0FqGvPt12dfNl5F7gPnP776WYyxz
nPq/OfiWEogIgWlbE5A0vyuQdzQXNt+uwh5c6xfeS3KD36/S2QzGk04Kvrs+XuFx
NEDDsYAaZK67gTOQepZuBAwdLpBr7H2hyCYwjXfC/ygQv3SMwb0cv0sh+eoM7q2a
RdSKmWT2ReuoFkHxEYQIsPkAl9EE3k4=
-----END CERTIFICATE-----
Generated at Mon Aug 11 10:35:04 2025 by rpki-client