Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft
File:                     0hsNWsWvkZAPUK2WADMT5R7WChA.mft (raw, json)
Hash identifier:          NSj+1NwZViVLEvPERBXD0A5l84zyQiCSXjU6dLm75+A=
Subject key identifier:   77:5B:AE:3D:23:86:83:FF:8F:79:F1:0E:6B:42:98:CF:AA:E5:EF:FC
Authority key identifier: D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10
Certificate issuer:       /CN=A91A0E9D/serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10
Certificate serial:       A5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft
Manifest number:          9C
Signing time:             Sat 09 Aug 2025 06:54:47 +0000
Manifest this update:     Sat 09 Aug 2025 06:54:46 +0000
Manifest next update:     Sat 16 Aug 2025 06:54:46 +0000
Files and hashes:         1: 0hsNWsWvkZAPUK2WADMT5R7WChA.crl (hash: pvs/v2rKUs4hcvR/grJ+P0CeK9wvIBaPIh9wz28Kcb4=)
                          2: 3996C94896D211EF924C486FC4F9AE02.roa (hash: jPKROmghkPyJWap1Ck0b+pE8AGKhobQAaRNerFhIWOA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.crl
                          rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 165 (0xa5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A0E9D, serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10
        Validity
            Not Before: Aug  9 06:54:46 2025 GMT
            Not After : Aug 16 06:54:46 2025 GMT
        Subject: CN=6896f0b7-f396
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a8:5b:14:be:fa:22:a4:63:1f:88:28:33:8c:
                    9e:eb:bc:be:f4:e4:4d:aa:ed:61:1d:1b:80:12:4d:
                    c7:02:a3:c6:8a:fc:d0:90:32:08:ea:07:5f:53:34:
                    d2:a1:45:53:47:cd:93:8e:22:d1:e4:cb:4a:e7:b0:
                    8c:0b:fb:69:58:d7:8f:74:7b:f4:a6:41:8a:e9:5e:
                    89:4a:42:2f:5a:7e:7d:5e:81:a5:d6:33:9b:ce:7d:
                    c3:fc:91:a7:e8:18:d1:62:fd:ad:ef:0c:f1:1f:23:
                    45:01:66:b5:0a:83:dc:67:37:82:fd:6b:1b:e1:55:
                    75:e3:d6:c2:81:2f:9b:ba:96:93:2f:38:1a:3a:91:
                    7d:d4:ef:ae:e1:1e:d8:b6:89:b1:17:ce:5b:39:a3:
                    62:da:76:54:6c:0d:26:72:a0:72:12:93:b1:ae:7a:
                    b6:2b:79:7f:30:0a:b3:1f:ee:8c:39:e5:51:bb:ea:
                    80:e2:06:10:ec:07:83:d8:94:6d:22:42:c5:c0:a6:
                    7e:9c:8a:e0:10:9a:80:57:b5:e8:7e:74:71:55:bf:
                    77:e5:8c:e9:c2:22:cc:80:5c:62:dc:e9:36:a6:84:
                    5d:f8:6e:f9:73:13:fa:34:2f:a4:66:91:c7:7b:58:
                    ad:2a:c5:63:5e:41:5d:50:72:c8:e4:6a:cd:ad:9e:
                    32:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:5B:AE:3D:23:86:83:FF:8F:79:F1:0E:6B:42:98:CF:AA:E5:EF:FC
            X509v3 Authority Key Identifier:
                keyid:D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:8d:06:ad:4b:c9:77:81:8e:43:8a:6c:56:76:a1:52:aa:b9:
         6b:87:3b:42:a3:67:4d:fe:36:4e:79:95:07:37:0c:c8:9c:0f:
         24:ec:c2:c5:92:5f:ab:ce:46:a2:35:ae:93:6b:5e:da:9b:64:
         89:31:de:8f:24:1d:f4:d6:81:46:11:e2:de:92:84:6a:b0:df:
         19:2f:c3:0a:e9:34:6e:f4:98:94:1f:56:b3:03:55:e4:76:fd:
         c9:15:be:b5:c9:fd:50:36:d3:b2:5d:d0:c2:6d:65:03:1c:bb:
         19:5e:0d:d0:b5:94:ac:0c:11:c3:35:92:ea:cf:5d:0c:6d:d3:
         29:fd:d5:78:f5:96:a2:45:85:cd:68:dc:0e:45:b2:1e:3a:cd:
         28:7b:66:a6:5c:64:46:cf:8f:80:7c:99:f2:c1:41:3a:d1:63:
         e5:e7:10:07:23:65:6d:83:ae:99:47:87:b5:0e:be:c1:a8:8f:
         4c:55:32:2c:49:8f:84:e6:5c:26:ee:9c:de:cf:cc:00:4a:3c:
         80:fa:ed:2e:b4:bf:b4:73:de:11:44:d7:88:5d:9c:f0:1f:34:
         a8:43:ac:84:f0:7a:2b:05:bf:df:9c:ab:3e:31:7e:25:48:f6:
         a7:fc:0d:70:0a:ec:e1:cf:ba:c4:ac:bc:8a:29:17:85:d0:39:
         bc:d5:2d:3a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTBFOUQxMTAvBgNVBAUTKEQyMUIwRDVBQzVBRjkxOTAwRjUwQUQ5NjAwMzMxM0U1
MUVENjBBMTAwHhcNMjUwODA5MDY1NDQ2WhcNMjUwODE2MDY1NDQ2WjAYMRYwFAYD
VQQDEw02ODk2ZjBiNy1mMzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoahbFL76IqRjH4goM4ye67y+9ORNqu1hHRuAEk3HAqPGivzQkDII6gdfUzTS
oUVTR82TjiLR5MtK57CMC/tpWNePdHv0pkGK6V6JSkIvWn59XoGl1jObzn3D/JGn
6BjRYv2t7wzxHyNFAWa1CoPcZzeC/Wsb4VV149bCgS+bupaTLzgaOpF91O+u4R7Y
tomxF85bOaNi2nZUbA0mcqByEpOxrnq2K3l/MAqzH+6MOeVRu+qA4gYQ7AeD2JRt
IkLFwKZ+nIrgEJqAV7XofnRxVb935YzpwiLMgFxi3Ok2poRd+G75cxP6NC+kZpHH
e1itKsVjXkFdUHLI5GrNrZ4ywQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHdbrj0j
hoP/j3nxDmtCmM+q5e/8MB8GA1UdIwQYMBaAFNIbDVrFr5GQD1CtlgAzE+Ue1goQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMEU5RC85NTY5QURCNDk1
REIxMUVGQTRFMkZCNDVDNEY5QUUwMi8waHNOV3NXdmtaQVBVSzJXQURNVDVSN1dD
aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBoc05Xc1d2a1pBUFVLMldBRE1UNVI3V0NoQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MEU5RC85NTY5QURCNDk1REIxMUVGQTRFMkZCNDVDNEY5QUUwMi8waHNOV3NXdmta
QVBVSzJXQURNVDVSN1dDaEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAujQatS8l3gY5DimxWdqFSqrlrhztCo2dN/jZOeZUHNwzInA8k7MLF
kl+rzkaiNa6Ta17am2SJMd6PJB301oFGEeLekoRqsN8ZL8MK6TRu9JiUH1azA1Xk
dv3JFb61yf1QNtOyXdDCbWUDHLsZXg3QtZSsDBHDNZLqz10MbdMp/dV49ZaiRYXN
aNwORbIeOs0oe2amXGRGz4+AfJnywUE60WPl5xAHI2Vtg66ZR4e1Dr7BqI9MVTIs
SY+E5lwm7pzez8wASjyA+u0utL+0c94RRNeIXZzwHzSoQ6yE8HorBb/fnKs+MX4l
SPan/A1wCuzhz7rErLyKKReF0Dm81S06
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:49:30 2025 by rpki-client