Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6F2D/6F821178AB8811EF80C75A74C4F9AE02/r2ctqMXR1sgNUGF4yefLdE9uOOY.mft
File:                     r2ctqMXR1sgNUGF4yefLdE9uOOY.mft (raw, json)
Hash identifier:          +6RM2ENUlErYZ/yMZjWKVIVo2/RXO3Xdqh1oR/eIbYs=
Subject key identifier:   62:13:41:BE:EB:C9:B6:8E:94:37:96:5E:F6:85:5F:94:B4:5B:1F:5A
Authority key identifier: AF:67:2D:A8:C5:D1:D6:C8:0D:50:61:78:C9:E7:CB:74:4F:6E:38:E6
Certificate issuer:       /CN=A91A6F2D/serialNumber=AF672DA8C5D1D6C80D506178C9E7CB744F6E38E6
Certificate serial:       89
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r2ctqMXR1sgNUGF4yefLdE9uOOY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A6F2D/6F821178AB8811EF80C75A74C4F9AE02/r2ctqMXR1sgNUGF4yefLdE9uOOY.mft
Manifest number:          87
Signing time:             Fri 08 Aug 2025 23:21:14 +0000
Manifest this update:     Fri 08 Aug 2025 23:21:14 +0000
Manifest next update:     Fri 15 Aug 2025 23:21:13 +0000
Files and hashes:         1: r2ctqMXR1sgNUGF4yefLdE9uOOY.crl (hash: iNoi3lF6CvxKMK+kr1hHvN/o0wjQ1l0cjiw1IkFnCvk=)
                          2: FBE0AB56AC6511EFAEAA8A3CC4F9AE02.roa (hash: 05N/6Qhw5iJe1Qr/JCmwvRl4veGMACl1Zh2wsIyWrXw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A6F2D/6F821178AB8811EF80C75A74C4F9AE02/r2ctqMXR1sgNUGF4yefLdE9uOOY.crl
                          rsync://rpki.apnic.net/member_repository/A91A6F2D/6F821178AB8811EF80C75A74C4F9AE02/r2ctqMXR1sgNUGF4yefLdE9uOOY.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r2ctqMXR1sgNUGF4yefLdE9uOOY.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137 (0x89)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A6F2D, serialNumber=AF672DA8C5D1D6C80D506178C9E7CB744F6E38E6
        Validity
            Not Before: Aug  8 23:21:14 2025 GMT
            Not After : Aug 15 23:21:13 2025 GMT
        Subject: CN=6896866a-3d75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:99:03:19:a7:55:df:cc:a5:a9:5c:05:e1:ac:
                    1c:c6:39:87:3a:35:59:ad:0a:b2:a1:c3:76:33:5e:
                    b0:76:fb:e4:56:01:b2:0c:ab:7d:0c:12:96:f9:3a:
                    61:ee:b3:13:0e:74:c9:d8:d4:2c:e5:e5:97:c4:54:
                    c8:3a:7b:10:1c:81:5b:ae:64:32:26:97:80:6e:da:
                    1f:72:40:26:cc:59:79:d7:82:ac:e9:64:82:76:d8:
                    f2:80:2b:33:f8:7c:5e:5f:c8:69:e0:de:66:5e:93:
                    f2:79:ca:e9:d1:a3:0e:6f:04:1b:3d:0a:a0:a0:3f:
                    3b:b2:c3:fb:6e:d0:a5:c5:81:9e:9e:b7:37:58:2b:
                    a3:21:8b:b8:19:34:c1:26:da:a8:e4:03:a4:ae:c1:
                    f0:85:a3:9d:ab:fa:4a:94:f1:be:fb:6c:98:8d:2f:
                    34:3c:0f:a9:06:52:7f:ca:7e:b1:4f:55:9c:34:f5:
                    4e:0d:9b:63:83:8d:2c:31:b9:88:63:93:e7:60:e3:
                    4d:6f:9b:b6:ac:a4:3e:ef:61:be:9b:08:76:1f:fc:
                    a5:ba:3c:fb:83:c2:92:21:f2:58:2f:54:39:b7:6e:
                    85:09:88:42:1f:ac:c7:de:4c:0d:2c:e9:62:f7:18:
                    42:d2:82:1e:f0:57:c5:a0:8a:4f:87:bb:40:bc:ce:
                    21:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:13:41:BE:EB:C9:B6:8E:94:37:96:5E:F6:85:5F:94:B4:5B:1F:5A
            X509v3 Authority Key Identifier:
                keyid:AF:67:2D:A8:C5:D1:D6:C8:0D:50:61:78:C9:E7:CB:74:4F:6E:38:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A6F2D/6F821178AB8811EF80C75A74C4F9AE02/r2ctqMXR1sgNUGF4yefLdE9uOOY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r2ctqMXR1sgNUGF4yefLdE9uOOY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6F2D/6F821178AB8811EF80C75A74C4F9AE02/r2ctqMXR1sgNUGF4yefLdE9uOOY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:aa:8f:08:c2:79:ed:a6:ad:a1:ae:11:79:33:da:ca:a4:4d:
         82:48:b1:11:09:27:bf:b8:fa:ab:b0:10:a0:9e:5c:77:7e:92:
         e6:1a:f1:62:a3:9b:1c:ef:60:16:f3:29:7c:89:81:32:a5:19:
         2c:bc:b2:68:2b:28:18:44:20:a5:df:3d:19:64:4c:7f:ea:df:
         dd:71:2a:25:dd:85:86:10:1c:22:f5:a5:6c:49:8b:f8:dc:30:
         e0:15:b0:3a:2a:3b:2a:04:1b:5e:b8:87:5e:36:67:fa:0d:49:
         54:9a:24:fd:6a:ba:2e:a6:7b:cb:88:9b:0f:3b:54:85:28:a0:
         5a:7f:33:03:4f:2a:93:d5:57:05:d8:0a:06:d2:00:b6:c5:4b:
         2f:1c:41:7a:20:89:40:4d:38:9c:90:a4:6e:ba:a2:45:c2:e9:
         b4:2e:75:56:ed:46:86:c7:a3:d1:8e:95:76:d3:80:72:2e:6d:
         19:81:02:cc:1c:95:07:e7:6e:35:1f:ed:4f:d6:93:2a:e5:6a:
         e3:2a:bf:39:f0:db:26:72:03:18:93:2d:25:9b:19:41:41:f8:
         55:de:c7:25:04:b4:4f:b2:f4:93:cd:a6:ca:06:37:af:dd:38:
         d1:ea:be:2d:6e:6f:6e:ea:dd:a9:f6:3d:58:40:96:e7:41:23:
         f0:5e:3a:68
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTZGMkQxMTAvBgNVBAUTKEFGNjcyREE4QzVEMUQ2QzgwRDUwNjE3OEM5RTdDQjc0
NEY2RTM4RTYwHhcNMjUwODA4MjMyMTE0WhcNMjUwODE1MjMyMTEzWjAYMRYwFAYD
VQQDEw02ODk2ODY2YS0zZDc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqZkDGadV38ylqVwF4awcxjmHOjVZrQqyocN2M16wdvvkVgGyDKt9DBKW+Tph
7rMTDnTJ2NQs5eWXxFTIOnsQHIFbrmQyJpeAbtofckAmzFl514Ks6WSCdtjygCsz
+HxeX8hp4N5mXpPyecrp0aMObwQbPQqgoD87ssP7btClxYGenrc3WCujIYu4GTTB
Jtqo5AOkrsHwhaOdq/pKlPG++2yYjS80PA+pBlJ/yn6xT1WcNPVODZtjg40sMbmI
Y5PnYONNb5u2rKQ+72G+mwh2H/ylujz7g8KSIfJYL1Q5t26FCYhCH6zH3kwNLOli
9xhC0oIe8FfFoIpPh7tAvM4hyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGITQb7r
ybaOlDeWXvaFX5S0Wx9aMB8GA1UdIwQYMBaAFK9nLajF0dbIDVBheMnny3RPbjjm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNkYyRC82RjgyMTE3OEFC
ODgxMUVGODBDNzVBNzRDNEY5QUUwMi9yMmN0cU1YUjFzZ05VR0Y0eWVmTGRFOXVP
T1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3IyY3RxTVhSMXNnTlVHRjR5ZWZMZEU5dU9PWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NkYyRC82RjgyMTE3OEFCODgxMUVGODBDNzVBNzRDNEY5QUUwMi9yMmN0cU1YUjFz
Z05VR0Y0eWVmTGRFOXVPT1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCUqo8Iwnntpq2hrhF5M9rKpE2CSLERCSe/uPqrsBCgnlx3fpLmGvFi
o5sc72AW8yl8iYEypRksvLJoKygYRCCl3z0ZZEx/6t/dcSol3YWGEBwi9aVsSYv4
3DDgFbA6KjsqBBteuIdeNmf6DUlUmiT9aroupnvLiJsPO1SFKKBafzMDTyqT1VcF
2AoG0gC2xUsvHEF6IIlATTickKRuuqJFwum0LnVW7UaGx6PRjpV204ByLm0ZgQLM
HJUH5241H+1P1pMq5WrjKr858NsmcgMYky0lmxlBQfhV3sclBLRPsvSTzabKBjev
3TjR6r4tbm9u6t2p9j1YQJbnQSPwXjpo
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:08:18 2025 by rpki-client