Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft
File:                     D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft (raw, json)
Hash identifier:          ONoNXIuYcKDgkFOOmRdgRAq6ComWjTDujIyLl3SfEJk=
Subject key identifier:   0B:65:84:9E:28:25:58:C1:F1:F2:4E:C9:A0:B9:D8:5D:48:25:DC:6F
Authority key identifier: 0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34
Certificate issuer:       /CN=A91A7C68/serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34
Certificate serial:       01F8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft
Manifest number:          01EB
Signing time:             Sat 09 Aug 2025 03:03:59 +0000
Manifest this update:     Sat 09 Aug 2025 03:03:58 +0000
Manifest next update:     Sat 16 Aug 2025 03:03:58 +0000
Files and hashes:         1: D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl (hash: y3+osTmB43HfasghT4yQA22bl4YQ9VJ7ObyF9UNkFgY=)
                          2: BC72661A972911ED8CBCA476C4F9AE02.roa (hash: 50hi2vNUebBRUz8ceA03XMTbcW3zeli1X+BmJSriA30=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl
                          rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 504 (0x1f8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A7C68, serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34
        Validity
            Not Before: Aug  9 03:03:58 2025 GMT
            Not After : Aug 16 03:03:58 2025 GMT
        Subject: CN=6896ba9f-a0e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:9e:9a:fc:51:63:02:93:0f:da:1f:d5:86:c4:
                    8a:fa:14:73:3c:45:cd:2d:3f:96:54:c1:8e:d6:ba:
                    b9:9f:e8:a0:fc:5b:5d:a0:9b:8c:55:7b:1c:90:7e:
                    b8:5b:01:e6:7d:e5:0e:8a:55:d2:ed:b7:25:06:f8:
                    11:4c:0c:85:15:9a:39:05:8c:92:ac:c8:88:5f:d9:
                    88:bb:25:80:4a:92:a8:a0:43:8a:02:b0:5f:5b:99:
                    ec:e3:4e:8c:bf:34:76:0c:b4:a3:4a:59:76:2e:e4:
                    9f:a3:4f:da:24:a5:45:6b:3e:2f:64:8f:f5:0a:7c:
                    8d:8b:9f:bd:7b:f8:78:c5:5f:26:54:08:23:df:d1:
                    5e:64:7b:1d:58:8f:b2:df:f8:00:17:43:67:64:c8:
                    95:59:25:f7:ec:08:d9:bb:07:a4:ff:dd:fa:06:0b:
                    02:52:28:38:b2:79:53:5b:fb:06:07:ee:a3:7e:1d:
                    3d:37:25:11:6c:e3:3c:7a:44:0e:bf:32:19:78:a3:
                    ec:80:c8:5b:51:e3:95:94:a5:03:d0:d3:77:7f:ce:
                    7c:69:c8:f8:4b:09:8e:87:69:48:9e:c1:17:1d:89:
                    ff:93:af:6a:c9:74:23:2f:07:ab:c8:40:12:3c:13:
                    c0:d4:e2:cd:44:5f:0f:48:b9:8e:c0:93:0e:4b:b4:
                    c4:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:65:84:9E:28:25:58:C1:F1:F2:4E:C9:A0:B9:D8:5D:48:25:DC:6F
            X509v3 Authority Key Identifier:
                keyid:0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:6c:8a:c9:10:2b:84:4d:66:0e:95:46:02:c9:3d:09:7a:09:
         8b:eb:db:ea:6c:ef:ba:25:a3:d1:25:15:d7:d4:e5:b2:08:07:
         2f:4b:4d:46:5a:a5:89:2f:18:b1:cb:26:d5:53:f4:2e:04:fe:
         b8:fd:1b:f7:3b:5d:4d:07:9a:ff:5b:e1:16:88:d8:cf:5a:b3:
         73:50:75:2f:8c:5b:b1:a4:f5:a2:86:4e:1e:ec:b8:d6:a7:20:
         fb:f4:76:cd:21:cb:9e:a9:b4:d1:48:9f:b8:c8:d7:5d:f0:9c:
         6f:ce:75:e6:ac:72:06:d1:92:c4:9b:13:0c:99:0e:ee:09:0d:
         7b:a2:78:d3:d4:a9:9a:2d:70:c0:bb:9c:e4:9c:f3:f2:b5:8e:
         d6:17:54:a5:73:6b:e2:a5:15:82:a7:3f:41:35:e8:4f:6b:5f:
         f8:7d:78:2e:3f:4a:41:75:04:8b:c7:b3:68:e6:33:97:c2:1c:
         86:39:ec:54:8a:1f:49:f2:89:9d:60:b4:ee:b4:fd:90:32:ed:
         0b:c7:cb:31:68:63:43:03:9c:a6:11:0b:db:7d:ee:2d:e6:11:
         91:ca:4f:c3:a1:c0:29:b5:42:76:02:ea:9b:20:33:5f:cc:14:
         36:73:c5:33:14:ad:02:b7:b4:72:90:14:99:53:6f:30:ca:c1:
         6e:2f:f4:75
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAfgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTdDNjgxMTAvBgNVBAUTKDBGNjI2QTMyNjRENkZFQ0NDQkZFQjJEOTlCMURCRjhB
RkZFQzNCMzQwHhcNMjUwODA5MDMwMzU4WhcNMjUwODE2MDMwMzU4WjAYMRYwFAYD
VQQDEw02ODk2YmE5Zi1hMGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzJ6a/FFjApMP2h/VhsSK+hRzPEXNLT+WVMGO1rq5n+ig/FtdoJuMVXsckH64
WwHmfeUOilXS7bclBvgRTAyFFZo5BYySrMiIX9mIuyWASpKooEOKArBfW5ns406M
vzR2DLSjSll2LuSfo0/aJKVFaz4vZI/1CnyNi5+9e/h4xV8mVAgj39FeZHsdWI+y
3/gAF0NnZMiVWSX37AjZuwek/936BgsCUig4snlTW/sGB+6jfh09NyURbOM8ekQO
vzIZeKPsgMhbUeOVlKUD0NN3f858acj4SwmOh2lInsEXHYn/k69qyXQjLweryEAS
PBPA1OLNRF8PSLmOwJMOS7TElwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAtlhJ4o
JVjB8fJOyaC52F1IJdxvMB8GA1UdIwQYMBaAFA9iajJk1v7My/6y2Zsdv4r/7Ds0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0M2OC80MjM5ODZGNjk3
MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9EMkpxTW1UV19zekxfckxabXgyX2l2X3NP
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0QySnFNbVRXX3N6TF9yTFpteDJfaXZfc096US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
N0M2OC80MjM5ODZGNjk3MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9EMkpxTW1UV19z
ekxfckxabXgyX2l2X3NPelEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBjbIrJECuETWYOlUYCyT0JegmL69vqbO+6JaPRJRXX1OWyCAcvS01G
WqWJLxixyybVU/QuBP64/Rv3O11NB5r/W+EWiNjPWrNzUHUvjFuxpPWihk4e7LjW
pyD79HbNIcueqbTRSJ+4yNdd8JxvznXmrHIG0ZLEmxMMmQ7uCQ17onjT1KmaLXDA
u5zknPPytY7WF1Slc2vipRWCpz9BNehPa1/4fXguP0pBdQSLx7No5jOXwhyGOexU
ih9J8omdYLTutP2QMu0Lx8sxaGNDA5ymEQvbfe4t5hGRyk/DocAptUJ2AuqbIDNf
zBQ2c8UzFK0Ct7RykBSZU28wysFuL/R1
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:06:34 2025 by rpki-client