Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A919F525/E187177684ED11EFB9FF2D5AC4F9AE02/Kz24XvlSI40ZLc8XDua-scjbA6k.mft
File:                     Kz24XvlSI40ZLc8XDua-scjbA6k.mft (raw, json)
Hash identifier:          X/JmxJ9f0chn5vXlM1SM/CJtQ3vsbi93Cb4CbcYAm2g=
Subject key identifier:   D3:7D:FF:6B:D0:23:D3:E9:11:34:B6:AA:82:5A:1A:7B:04:69:21:A2
Authority key identifier: 2B:3D:B8:5E:F9:52:23:8D:19:2D:CF:17:0E:E6:BE:B1:C8:DB:03:A9
Certificate issuer:       /CN=A919F525/serialNumber=2B3DB85EF952238D192DCF170EE6BEB1C8DB03A9
Certificate serial:       A6
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Kz24XvlSI40ZLc8XDua-scjbA6k.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919F525/E187177684ED11EFB9FF2D5AC4F9AE02/Kz24XvlSI40ZLc8XDua-scjbA6k.mft
Manifest number:          A2
Signing time:             Thu 07 Aug 2025 06:52:07 +0000
Manifest this update:     Thu 07 Aug 2025 06:52:07 +0000
Manifest next update:     Thu 14 Aug 2025 06:52:07 +0000
Files and hashes:         1: Kz24XvlSI40ZLc8XDua-scjbA6k.crl (hash: iIXpGJ2u/GkRensJgbLkNvaLAh4NoeWvjs4AWgKeBM8=)
                          2: 4AFF817484EF11EFBDCD721DC4F9AE02.roa (hash: VYuqdxkeY8VDCaP9z9fc7NoqICt3B9Gb1p23SFkZpM0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A919F525/E187177684ED11EFB9FF2D5AC4F9AE02/Kz24XvlSI40ZLc8XDua-scjbA6k.crl
                          rsync://rpki.apnic.net/member_repository/A919F525/E187177684ED11EFB9FF2D5AC4F9AE02/Kz24XvlSI40ZLc8XDua-scjbA6k.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Kz24XvlSI40ZLc8XDua-scjbA6k.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 166 (0xa6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919F525, serialNumber=2B3DB85EF952238D192DCF170EE6BEB1C8DB03A9
        Validity
            Not Before: Aug  7 06:52:07 2025 GMT
            Not After : Aug 14 06:52:07 2025 GMT
        Subject: CN=68944d17-7402
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:29:cc:35:6c:b3:11:bc:82:40:6a:97:74:56:
                    f5:67:7b:b1:91:bf:c3:5c:4f:b9:a5:07:2e:85:cf:
                    ab:7a:d1:ea:b2:64:c0:c8:d4:f0:7d:7b:6f:4c:a5:
                    f2:a5:c3:c6:40:16:f3:a6:ba:4f:b2:c6:5d:b4:86:
                    cd:68:be:b2:73:4c:19:7a:80:1c:f4:de:20:ef:32:
                    5e:14:9f:1e:c7:a1:29:0e:c7:db:a0:ed:04:c8:a8:
                    83:66:3f:10:4d:20:34:c8:50:cd:06:4c:36:0b:1d:
                    fa:ac:9b:98:01:81:df:50:4e:6c:d1:2d:48:1f:17:
                    6c:8e:58:20:d7:2a:a9:c8:d3:7d:1e:c9:32:d0:55:
                    2f:d5:ec:c9:2a:48:a0:37:5f:79:89:c4:3f:ac:49:
                    2f:0c:60:62:ad:30:f4:b4:86:a6:75:19:87:fc:88:
                    17:64:ed:2d:d6:77:b5:e4:1f:5a:3a:ea:54:dd:bf:
                    73:f0:40:29:f7:47:6c:3f:49:c2:15:a7:5a:9d:f3:
                    ab:9d:44:c5:98:a6:cb:75:c5:9f:e2:43:fd:64:53:
                    43:5d:7e:7a:d9:03:86:61:8e:9d:19:5a:b7:f3:af:
                    5a:91:95:7f:3d:c3:aa:af:91:84:0d:2b:22:bd:7f:
                    a6:d5:35:01:6e:86:1b:ba:4a:de:4b:48:fc:b7:7c:
                    53:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:7D:FF:6B:D0:23:D3:E9:11:34:B6:AA:82:5A:1A:7B:04:69:21:A2
            X509v3 Authority Key Identifier:
                keyid:2B:3D:B8:5E:F9:52:23:8D:19:2D:CF:17:0E:E6:BE:B1:C8:DB:03:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919F525/E187177684ED11EFB9FF2D5AC4F9AE02/Kz24XvlSI40ZLc8XDua-scjbA6k.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Kz24XvlSI40ZLc8XDua-scjbA6k.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F525/E187177684ED11EFB9FF2D5AC4F9AE02/Kz24XvlSI40ZLc8XDua-scjbA6k.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:b3:a1:2b:82:3f:a3:d0:4d:40:2a:6e:cc:0b:32:8f:ec:2b:
         3a:54:47:8f:76:2a:84:78:23:e5:5a:d4:a7:d2:1f:bc:7b:ce:
         35:97:1e:aa:4a:36:55:62:83:f1:f5:ec:1c:ba:d1:e1:70:22:
         1f:b6:68:c5:b7:c6:dd:5d:9f:97:a6:50:8a:4b:ab:de:fe:6c:
         bc:de:cb:de:2c:c9:70:aa:69:6f:75:a3:96:9f:00:98:6e:ba:
         1d:fb:8e:db:90:6a:73:ed:bd:71:a5:72:9d:56:b8:5c:94:b9:
         1c:83:7c:b1:ad:4b:a3:9a:44:7c:97:3b:57:45:76:17:e6:77:
         77:63:3e:ba:8d:4f:a7:63:51:18:ba:e5:6b:3f:cc:cd:ec:c8:
         03:c1:17:b4:80:c4:07:09:47:98:cc:de:c7:e6:b2:40:22:dc:
         f2:ea:fb:a1:63:f3:33:44:43:4a:49:41:b0:f0:ed:b6:8b:8d:
         f7:7b:b4:0a:6e:1e:ad:84:a3:f3:79:4e:dd:22:af:cc:25:ed:
         06:6b:00:8c:70:77:6b:41:a5:57:35:bf:15:ac:b1:ce:07:6d:
         9c:5d:49:f7:c9:e6:ff:d4:7f:31:90:a0:ce:52:44:65:2f:ba:
         f6:45:e6:b2:bf:5d:0c:31:cb:76:51:e9:40:e7:bf:d5:1a:fa:
         4b:e6:7b:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUY1MjUxMTAvBgNVBAUTKDJCM0RCODVFRjk1MjIzOEQxOTJEQ0YxNzBFRTZCRUIx
QzhEQjAzQTkwHhcNMjUwODA3MDY1MjA3WhcNMjUwODE0MDY1MjA3WjAYMRYwFAYD
VQQDEw02ODk0NGQxNy03NDAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8CnMNWyzEbyCQGqXdFb1Z3uxkb/DXE+5pQcuhc+retHqsmTAyNTwfXtvTKXy
pcPGQBbzprpPssZdtIbNaL6yc0wZeoAc9N4g7zJeFJ8ex6EpDsfboO0EyKiDZj8Q
TSA0yFDNBkw2Cx36rJuYAYHfUE5s0S1IHxdsjlgg1yqpyNN9Hsky0FUv1ezJKkig
N195icQ/rEkvDGBirTD0tIamdRmH/IgXZO0t1ne15B9aOupU3b9z8EAp90dsP0nC
FadanfOrnUTFmKbLdcWf4kP9ZFNDXX562QOGYY6dGVq3869akZV/PcOqr5GEDSsi
vX+m1TUBboYbukreS0j8t3xTiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNN9/2vQ
I9PpETS2qoJaGnsEaSGiMB8GA1UdIwQYMBaAFCs9uF75UiONGS3PFw7mvrHI2wOp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjUyNS9FMTg3MTc3Njg0
RUQxMUVGQjlGRjJENUFDNEY5QUUwMi9LejI0WHZsU0k0MFpMYzhYRHVhLXNjamJB
NmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0t6MjRYdmxTSTQwWkxjOFhEdWEtc2NqYkE2ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RjUyNS9FMTg3MTc3Njg0RUQxMUVGQjlGRjJENUFDNEY5QUUwMi9LejI0WHZsU0k0
MFpMYzhYRHVhLXNjamJBNmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBVs6Ergj+j0E1AKm7MCzKP7Cs6VEePdiqEeCPlWtSn0h+8e841lx6q
SjZVYoPx9ewcutHhcCIftmjFt8bdXZ+XplCKS6ve/my83sveLMlwqmlvdaOWnwCY
brod+47bkGpz7b1xpXKdVrhclLkcg3yxrUujmkR8lztXRXYX5nd3Yz66jU+nY1EY
uuVrP8zN7MgDwRe0gMQHCUeYzN7H5rJAItzy6vuhY/MzRENKSUGw8O22i433e7QK
bh6thKPzeU7dIq/MJe0GawCMcHdrQaVXNb8VrLHOB22cXUn3yeb/1H8xkKDOUkRl
L7r2Reayv10MMct2UelA57/VGvpL5nvA
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:49:06 2025 by rpki-client