Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3FEB/B018AD96291911EB9854985CC4F9AE02/x5XlnAMMfJKfy-R0Gfxexp4frP0.mft
File:                     x5XlnAMMfJKfy-R0Gfxexp4frP0.mft (raw, json)
Hash identifier:          rWkbxpz5J3wwBTEIBASg9tFhG8TiYzaAOSZh0WbedT0=
Subject key identifier:   82:D2:AD:B5:E8:5A:52:89:4B:FE:45:89:3F:45:3E:CD:BD:65:BE:21
Authority key identifier: C7:95:E5:9C:03:0C:7C:92:9F:CB:E4:74:19:FC:5E:C6:9E:1F:AC:FD
Certificate issuer:       /CN=A91A3FEB/serialNumber=C795E59C030C7C929FCBE47419FC5EC69E1FACFD
Certificate serial:       0740
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x5XlnAMMfJKfy-R0Gfxexp4frP0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A3FEB/B018AD96291911EB9854985CC4F9AE02/x5XlnAMMfJKfy-R0Gfxexp4frP0.mft
Manifest number:          073A
Signing time:             Mon 28 Apr 2025 22:10:52 +0000
Manifest this update:     Mon 28 Apr 2025 22:10:52 +0000
Manifest next update:     Mon 05 May 2025 22:10:52 +0000
Files and hashes:         1: x5XlnAMMfJKfy-R0Gfxexp4frP0.crl (hash: jLEKtjEJepeX8rCCJwm/7uqX8KSgDbS/PzZ5J4UejE0=)
                          2: B722FC542A0411EB992DD32EC4F9AE02.roa (hash: wsrS8Hj9tlKWrRYJKi3rNPfDpEOnN9QMK0e9qX0Cib4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A3FEB/B018AD96291911EB9854985CC4F9AE02/x5XlnAMMfJKfy-R0Gfxexp4frP0.crl
                          rsync://rpki.apnic.net/member_repository/A91A3FEB/B018AD96291911EB9854985CC4F9AE02/x5XlnAMMfJKfy-R0Gfxexp4frP0.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x5XlnAMMfJKfy-R0Gfxexp4frP0.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 05 May 2025 22:10:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1856 (0x740)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A3FEB, serialNumber=C795E59C030C7C929FCBE47419FC5EC69E1FACFD
        Validity
            Not Before: Apr 28 22:10:52 2025 GMT
            Not After : May  5 22:10:52 2025 GMT
        Subject: CN=680ffcec-1ae7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f5:51:9b:f6:32:aa:8d:c9:31:78:45:8f:33:
                    a0:79:37:42:83:b9:08:58:95:5c:f0:f7:53:69:6c:
                    8b:63:48:ed:b6:46:4a:81:dd:14:a0:b5:fc:6d:11:
                    ef:59:81:4e:0d:7d:b3:34:26:3f:64:6f:a9:5f:94:
                    08:ba:1d:1f:09:a6:51:5b:f0:b9:0b:03:8e:03:5b:
                    69:20:10:06:a1:2f:33:75:71:0c:cb:0e:19:a4:5f:
                    45:1d:ac:92:7a:51:c0:fc:ed:6a:3d:62:1c:3a:8a:
                    41:e3:8f:1f:45:ee:4f:c1:82:9c:81:b9:b9:90:87:
                    d4:7d:c8:71:27:fe:67:12:0f:84:74:99:d5:0b:ea:
                    ce:db:bd:2c:4b:dd:fd:9e:fd:c9:80:bd:71:7d:ae:
                    6c:4c:f2:35:8f:da:a8:e4:19:8c:be:11:67:33:17:
                    52:d0:9a:16:91:b8:a4:33:18:4f:e6:dd:c7:0e:5e:
                    d7:ed:39:a6:da:f5:ad:59:94:f4:bf:0f:4f:56:48:
                    49:db:a1:c9:96:bf:a4:72:c1:a0:02:3c:6c:c0:6f:
                    54:9c:e2:05:5e:c3:f6:af:4f:bf:9c:1c:84:62:a1:
                    1a:87:25:10:c4:00:1f:e2:08:d4:65:64:c8:59:98:
                    25:91:21:a4:c7:de:1f:7b:13:df:af:2c:aa:e1:dd:
                    01:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:D2:AD:B5:E8:5A:52:89:4B:FE:45:89:3F:45:3E:CD:BD:65:BE:21
            X509v3 Authority Key Identifier:
                keyid:C7:95:E5:9C:03:0C:7C:92:9F:CB:E4:74:19:FC:5E:C6:9E:1F:AC:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A3FEB/B018AD96291911EB9854985CC4F9AE02/x5XlnAMMfJKfy-R0Gfxexp4frP0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x5XlnAMMfJKfy-R0Gfxexp4frP0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3FEB/B018AD96291911EB9854985CC4F9AE02/x5XlnAMMfJKfy-R0Gfxexp4frP0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:6e:67:1b:fd:75:80:91:47:01:36:63:66:5f:97:53:24:d3:
         eb:cc:46:1a:86:3b:b2:db:71:eb:99:e8:47:1a:34:32:d7:57:
         0a:a4:19:d6:62:3e:f5:f8:a0:fa:62:b5:fb:3a:ae:a1:c7:29:
         3a:9c:24:42:a8:b1:06:c4:27:ce:f7:e6:2d:0f:10:e9:8d:e9:
         c2:cf:83:4c:25:47:3f:7a:cd:da:aa:f6:ad:0e:32:4d:14:76:
         20:0d:2c:8c:d8:7e:2b:88:61:d4:c7:56:2e:de:85:28:ab:5b:
         60:ee:74:97:58:12:5d:bc:25:a2:8b:44:ec:b7:bd:d2:8e:f5:
         4d:38:a0:6e:9c:b7:01:18:98:0c:af:7d:33:29:5e:aa:6a:c1:
         9b:f3:db:cf:88:15:41:e5:d4:02:46:91:00:04:a3:51:7a:83:
         5e:41:ad:3d:82:23:90:74:6b:2d:98:cf:dc:c1:02:ca:81:9d:
         2a:9b:45:69:8d:0b:83:c3:3e:0c:ef:9c:ed:60:0c:02:f5:ca:
         53:88:c0:69:f9:2b:a9:2e:71:76:e7:ad:64:96:db:93:99:0d:
         80:9b:01:38:9e:7a:ef:76:a4:c8:0f:aa:9b:75:68:fd:aa:78:
         f5:9c:73:35:07:e0:7e:5e:96:35:b7:9f:3f:69:24:97:4e:48:
         12:6c:59:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB0AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTNGRUIxMTAvBgNVBAUTKEM3OTVFNTlDMDMwQzdDOTI5RkNCRTQ3NDE5RkM1RUM2
OUUxRkFDRkQwHhcNMjUwNDI4MjIxMDUyWhcNMjUwNTA1MjIxMDUyWjAYMRYwFAYD
VQQDEw02ODBmZmNlYy0xYWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtvVRm/Yyqo3JMXhFjzOgeTdCg7kIWJVc8PdTaWyLY0jttkZKgd0UoLX8bRHv
WYFODX2zNCY/ZG+pX5QIuh0fCaZRW/C5CwOOA1tpIBAGoS8zdXEMyw4ZpF9FHayS
elHA/O1qPWIcOopB448fRe5PwYKcgbm5kIfUfchxJ/5nEg+EdJnVC+rO270sS939
nv3JgL1xfa5sTPI1j9qo5BmMvhFnMxdS0JoWkbikMxhP5t3HDl7X7Tmm2vWtWZT0
vw9PVkhJ26HJlr+kcsGgAjxswG9UnOIFXsP2r0+/nByEYqEahyUQxAAf4gjUZWTI
WZglkSGkx94fexPfryyq4d0BVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFILSrbXo
WlKJS/5FiT9FPs29Zb4hMB8GA1UdIwQYMBaAFMeV5ZwDDHySn8vkdBn8XsaeH6z9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0ZFQi9CMDE4QUQ5NjI5
MTkxMUVCOTg1NDk4NUNDNEY5QUUwMi94NVhsbkFNTWZKS2Z5LVIwR2Z4ZXhwNGZy
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3g1WGxuQU1NZkpLZnktUjBHZnhleHA0ZnJQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
M0ZFQi9CMDE4QUQ5NjI5MTkxMUVCOTg1NDk4NUNDNEY5QUUwMi94NVhsbkFNTWZK
S2Z5LVIwR2Z4ZXhwNGZyUDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAQbmcb/XWAkUcBNmNmX5dTJNPrzEYahjuy23HrmehHGjQy11cKpBnW
Yj71+KD6YrX7Oq6hxyk6nCRCqLEGxCfO9+YtDxDpjenCz4NMJUc/es3aqvatDjJN
FHYgDSyM2H4riGHUx1Yu3oUoq1tg7nSXWBJdvCWii0Tst73SjvVNOKBunLcBGJgM
r30zKV6qasGb89vPiBVB5dQCRpEABKNReoNeQa09giOQdGstmM/cwQLKgZ0qm0Vp
jQuDwz4M75ztYAwC9cpTiMBp+SupLnF2561kltuTmQ2AmwE4nnrvdqTID6qbdWj9
qnj1nHM1B+B+XpY1t58/aSSXTkgSbFlV
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:50:52 2025 by rpki-client