Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft
File:                     CDWHSXi6MJ7X2kZz53OdkyLyYps.mft (raw, json)
Hash identifier:          SY0hLBa5pEXJizHZpFHkE8+36xo5le0g9wpmRejDDao=
Subject key identifier:   3A:6F:42:C8:5D:21:D2:2E:1B:FE:71:D0:08:1B:24:77:D6:D7:8D:A1
Authority key identifier: 08:35:87:49:78:BA:30:9E:D7:DA:46:73:E7:73:9D:93:22:F2:62:9B
Certificate issuer:       /CN=A917E00F/serialNumber=0835874978BA309ED7DA4673E7739D9322F2629B
Certificate serial:       36
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft
Manifest number:          35
Signing time:             Mon 28 Apr 2025 23:59:34 +0000
Manifest this update:     Mon 28 Apr 2025 23:59:34 +0000
Manifest next update:     Mon 05 May 2025 23:59:33 +0000
Files and hashes:         1: CDWHSXi6MJ7X2kZz53OdkyLyYps.crl (hash: jMr/+frJ8ilGvgj0lgO1fwlaYyomaXU9WNC986xvaPk=)
                          2: 2DA549EAE23E11EFB267422EC4F9AE02.roa (hash: MAjR+6vV6kQAbBvReYR67qji2ZeC3+thGK+jJVjSbNk=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.crl
                          rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 05 May 2025 23:59:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54 (0x36)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917E00F, serialNumber=0835874978BA309ED7DA4673E7739D9322F2629B
        Validity
            Not Before: Apr 28 23:59:34 2025 GMT
            Not After : May  5 23:59:33 2025 GMT
        Subject: CN=68101666-8e82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:bd:70:18:6b:e4:e7:e8:84:d8:f7:31:e7:52:
                    b4:f6:96:c2:0d:02:b8:e7:98:f1:a6:96:72:54:52:
                    8b:ec:09:3d:a4:07:2a:8d:a3:17:7c:2a:d6:2f:d3:
                    37:95:7f:04:55:31:57:3b:87:0d:b5:f8:f8:57:75:
                    30:44:3e:82:16:29:4a:7d:3c:1c:eb:83:d7:be:c2:
                    9a:b9:b6:bc:6f:8b:50:f8:81:dd:4d:fa:60:95:20:
                    5d:a1:30:5f:f2:03:e3:9c:c2:ac:bc:d2:50:c1:c7:
                    a6:d7:b9:1c:fe:2e:49:f5:4c:58:c8:bb:8e:2b:9f:
                    c7:a1:ef:66:6b:65:40:65:7a:ca:33:ab:5e:7d:d9:
                    05:ef:61:9d:54:04:09:3d:6d:46:8c:4d:df:fc:fb:
                    b9:f8:92:a6:47:d1:8b:5c:fe:3e:f1:3f:6c:3d:c3:
                    ab:70:f6:d6:c2:71:ba:d5:e4:dd:15:95:7f:12:34:
                    f0:09:73:cb:96:e7:2c:3c:67:81:c9:da:2e:02:8c:
                    55:1d:0c:c0:d7:8e:57:4e:fe:76:18:01:3f:b7:c7:
                    0f:7f:a3:df:e3:45:c6:6d:27:42:41:c8:fd:bf:91:
                    23:c4:83:b7:58:4e:99:e3:64:2d:31:73:23:12:8f:
                    48:2b:c1:08:13:8a:d8:e8:17:ef:06:6e:93:a0:a6:
                    b5:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:6F:42:C8:5D:21:D2:2E:1B:FE:71:D0:08:1B:24:77:D6:D7:8D:A1
            X509v3 Authority Key Identifier:
                keyid:08:35:87:49:78:BA:30:9E:D7:DA:46:73:E7:73:9D:93:22:F2:62:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CDWHSXi6MJ7X2kZz53OdkyLyYps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E00F/7D2B1DF0D7D011EF9EFC910DC4F9AE02/CDWHSXi6MJ7X2kZz53OdkyLyYps.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:81:16:8b:e3:cb:ce:94:46:28:91:fc:7e:47:53:b9:f2:fe:
         2f:e8:f5:95:88:52:6c:0c:72:9a:a1:3b:d9:ec:00:ae:25:d6:
         b2:dd:5e:31:e6:3f:f8:db:9c:82:7a:fd:e0:4a:ae:6f:89:5a:
         a7:a8:5c:d6:87:1d:16:95:39:c8:5a:fa:43:11:48:a8:16:f2:
         d1:0c:93:f4:b1:62:bd:66:22:13:1f:72:16:52:eb:35:b7:7e:
         7a:0e:47:7c:c6:b4:01:6c:a6:c0:9c:a7:44:07:43:f8:77:8f:
         89:2d:a4:fe:47:42:b5:29:42:9b:26:ed:a2:d9:af:78:c5:19:
         37:08:13:64:1d:66:4e:b8:2b:da:cc:10:a7:88:15:d7:3d:1f:
         12:02:22:e4:ce:6e:1b:98:f9:ed:fd:3b:b8:f5:c7:e8:d8:ce:
         56:e2:11:6e:af:e1:c3:79:f2:3e:73:74:0d:a4:4b:bd:4b:f8:
         21:87:f4:ff:f9:8f:94:46:7e:f5:2e:7c:c7:93:75:91:06:5a:
         bf:65:7f:57:09:61:26:d2:f7:e2:16:54:a1:12:7e:d5:30:05:
         42:08:eb:8f:b6:ab:99:e5:04:ac:f2:9c:38:b8:85:9f:be:12:
         37:a6:23:81:bd:88:f6:95:55:87:d3:8a:d4:ed:c0:61:3f:ca:
         18:3e:59:49
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBNjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RTAwRjExMC8GA1UEBRMoMDgzNTg3NDk3OEJBMzA5RUQ3REE0NjczRTc3MzlEOTMy
MkYyNjI5QjAeFw0yNTA0MjgyMzU5MzRaFw0yNTA1MDUyMzU5MzNaMBgxFjAUBgNV
BAMTDTY4MTAxNjY2LThlODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXvXAYa+Tn6ITY9zHnUrT2lsINArjnmPGmlnJUUovsCT2kByqNoxd8KtYv0zeV
fwRVMVc7hw21+PhXdTBEPoIWKUp9PBzrg9e+wpq5trxvi1D4gd1N+mCVIF2hMF/y
A+Ocwqy80lDBx6bXuRz+Lkn1TFjIu44rn8eh72ZrZUBlesozq1592QXvYZ1UBAk9
bUaMTd/8+7n4kqZH0Ytc/j7xP2w9w6tw9tbCcbrV5N0VlX8SNPAJc8uW5yw8Z4HJ
2i4CjFUdDMDXjldO/nYYAT+3xw9/o9/jRcZtJ0JByP2/kSPEg7dYTpnjZC0xcyMS
j0grwQgTitjoF+8GbpOgprXBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOm9CyF0h
0i4b/nHQCBskd9bXjaEwHwYDVR0jBBgwFoAUCDWHSXi6MJ7X2kZz53OdkyLyYpsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFMDBGLzdEMkIxREYwRDdE
MDExRUY5RUZDOTEwREM0RjlBRTAyL0NEV0hTWGk2TUo3WDJrWno1M09ka3lMeVlw
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvQ0RXSFNYaTZNSjdYMmtaejUzT2RreUx5WXBzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdF
MDBGLzdEMkIxREYwRDdEMDExRUY5RUZDOTEwREM0RjlBRTAyL0NEV0hTWGk2TUo3
WDJrWno1M09ka3lMeVlwcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBACKBFovjy86URiiR/H5HU7ny/i/o9ZWIUmwMcpqhO9nsAK4l1rLdXjHm
P/jbnIJ6/eBKrm+JWqeoXNaHHRaVOcha+kMRSKgW8tEMk/SxYr1mIhMfchZS6zW3
fnoOR3zGtAFspsCcp0QHQ/h3j4ktpP5HQrUpQpsm7aLZr3jFGTcIE2QdZk64K9rM
EKeIFdc9HxICIuTObhuY+e39O7j1x+jYzlbiEW6v4cN58j5zdA2kS71L+CGH9P/5
j5RGfvUufMeTdZEGWr9lf1cJYSbS9+IWVKESftUwBUII64+2q5nlBKzynDi4hZ++
EjemI4G9iPaVVYfTitTtwGE/yhg+WUk=
-----END CERTIFICATE-----
Generated at Tue Apr 29 02:47:08 2025 by rpki-client