Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.mft
File:                     f7FuQPo8p3_OJMTJpGRWg8OeihE.mft (raw, json)
Hash identifier:          f/JC+CoYJDuVFTo4wQ/D57fmNEWIxyUK69qw19Gzo/8=
Subject key identifier:   17:C8:89:95:10:02:A6:5D:88:BA:B3:0B:F5:D1:CB:8E:A6:12:AC:72
Authority key identifier: 7F:B1:6E:40:FA:3C:A7:7F:CE:24:C4:C9:A4:64:56:83:C3:9E:8A:11
Certificate issuer:       /CN=A91AF83D/serialNumber=7FB16E40FA3CA77FCE24C4C9A4645683C39E8A11
Certificate serial:       018D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f7FuQPo8p3_OJMTJpGRWg8OeihE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.mft
Manifest number:          018A
Signing time:             Fri 25 Apr 2025 02:42:22 +0000
Manifest this update:     Fri 25 Apr 2025 02:42:22 +0000
Manifest next update:     Fri 02 May 2025 02:42:22 +0000
Files and hashes:         1: f7FuQPo8p3_OJMTJpGRWg8OeihE.crl (hash: KEYS3dD0iwxO2RqWG+iBmzkelE5okTdkwGRgBSsJRRw=)
                          2: AB3814CEC85411EDAE5D9322C4F9AE02.roa (hash: hP+l6tFfGRtL/s3PVotLK1C45PriZjz7pB5mLcbuaqE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.crl
                          rsync://rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f7FuQPo8p3_OJMTJpGRWg8OeihE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 02 May 2025 02:42:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 397 (0x18d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AF83D, serialNumber=7FB16E40FA3CA77FCE24C4C9A4645683C39E8A11
        Validity
            Not Before: Apr 25 02:42:22 2025 GMT
            Not After : May  2 02:42:22 2025 GMT
        Subject: CN=680af68e-6724
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:fc:a9:16:b2:a0:95:4b:a8:68:c6:76:40:ab:
                    68:0b:74:fb:9c:9a:94:4d:b3:c8:e8:97:1a:e7:6c:
                    3d:7f:6e:ef:bf:66:5f:5a:e7:b8:a4:dc:56:d6:7b:
                    ef:03:d2:df:c0:7c:8b:5b:d6:14:73:95:90:23:75:
                    5c:6f:a1:ee:c8:62:46:52:74:50:28:e2:4b:36:c3:
                    84:01:9f:72:f7:95:b9:67:7f:bd:65:2f:75:c0:2b:
                    df:9d:9a:34:42:c5:71:51:fc:10:0c:86:22:e4:ba:
                    68:f3:5b:ae:77:56:cc:68:d0:d3:6a:be:d3:b6:95:
                    34:61:e3:42:46:21:78:6b:2e:b1:1a:47:e7:51:d0:
                    b3:1a:56:1d:f7:76:80:53:b5:b6:09:cd:39:63:86:
                    44:9a:a7:47:1a:01:0c:da:d3:53:b9:e4:c1:d1:05:
                    0a:3a:54:74:73:5f:0d:6f:a7:98:6b:a1:4d:54:5f:
                    c2:3a:28:ae:43:84:8a:12:0b:b6:0b:51:d6:7d:7e:
                    2d:0a:14:16:d6:a3:1c:92:aa:4e:f2:bc:de:5b:4e:
                    73:25:45:08:6f:eb:8f:c4:10:e9:85:9c:cd:db:00:
                    3c:46:e4:3d:40:7e:0a:db:12:17:f4:94:85:0c:dc:
                    db:0e:f6:fe:6b:dc:d4:6e:d9:be:95:02:54:14:ed:
                    7d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:C8:89:95:10:02:A6:5D:88:BA:B3:0B:F5:D1:CB:8E:A6:12:AC:72
            X509v3 Authority Key Identifier:
                keyid:7F:B1:6E:40:FA:3C:A7:7F:CE:24:C4:C9:A4:64:56:83:C3:9E:8A:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f7FuQPo8p3_OJMTJpGRWg8OeihE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF83D/A3D52FB8C85011EDAF5BBA87C4F9AE02/f7FuQPo8p3_OJMTJpGRWg8OeihE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b6:5f:b7:9b:45:ba:da:58:36:59:7f:37:f8:15:2f:ef:df:dc:
         5d:20:8a:1e:5d:d7:b6:12:6f:c3:08:e2:39:40:fb:23:a9:34:
         88:31:8b:91:b1:df:4b:84:7d:df:af:72:e7:63:41:18:0a:48:
         37:11:e2:60:8c:bf:12:fc:8d:21:c3:54:37:22:c0:8b:7b:21:
         95:a2:4e:a6:00:12:01:43:a0:80:d5:15:b4:a8:99:13:cb:17:
         35:24:f8:94:98:01:fe:3b:fc:a5:2c:bc:da:b3:58:57:13:8c:
         cf:a1:65:6f:78:75:e2:c3:d3:f5:aa:b7:17:b6:1d:5d:a5:0d:
         03:6f:c4:96:3c:86:0f:84:59:ae:36:75:82:85:ac:d0:a1:3c:
         1d:5e:03:58:fe:26:d5:9f:17:0d:9c:90:7f:97:0c:09:21:3a:
         f3:05:17:58:41:8b:c1:93:c1:d7:b9:51:6a:c6:b7:be:6d:5a:
         c0:79:ce:03:0b:da:76:ca:66:ff:79:b5:ee:0c:9b:67:97:6c:
         59:3c:58:b2:dd:10:6e:0b:45:6c:c3:3f:73:53:e6:50:d8:be:
         fc:df:31:45:fb:5f:53:4b:9e:e9:fe:04:4c:71:15:de:f0:ac:
         c5:cf:d3:11:08:e1:59:1e:f5:d2:da:b9:d9:65:34:d1:35:b6:
         6c:fa:f7:a3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUY4M0QxMTAvBgNVBAUTKDdGQjE2RTQwRkEzQ0E3N0ZDRTI0QzRDOUE0NjQ1Njgz
QzM5RThBMTEwHhcNMjUwNDI1MDI0MjIyWhcNMjUwNTAyMDI0MjIyWjAYMRYwFAYD
VQQDEw02ODBhZjY4ZS02NzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvvypFrKglUuoaMZ2QKtoC3T7nJqUTbPI6Jca52w9f27vv2ZfWue4pNxW1nvv
A9LfwHyLW9YUc5WQI3Vcb6HuyGJGUnRQKOJLNsOEAZ9y95W5Z3+9ZS91wCvfnZo0
QsVxUfwQDIYi5Lpo81uud1bMaNDTar7TtpU0YeNCRiF4ay6xGkfnUdCzGlYd93aA
U7W2Cc05Y4ZEmqdHGgEM2tNTueTB0QUKOlR0c18Nb6eYa6FNVF/COiiuQ4SKEgu2
C1HWfX4tChQW1qMckqpO8rzeW05zJUUIb+uPxBDphZzN2wA8RuQ9QH4K2xIX9JSF
DNzbDvb+a9zUbtm+lQJUFO19nwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBfIiZUQ
AqZdiLqzC/XRy46mEqxyMB8GA1UdIwQYMBaAFH+xbkD6PKd/ziTEyaRkVoPDnooR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjgzRC9BM0Q1MkZCOEM4
NTAxMUVEQUY1QkJBODdDNEY5QUUwMi9mN0Z1UVBvOHAzX09KTVRKcEdSV2c4T2Vp
aEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Y3RnVRUG84cDNfT0pNVEpwR1JXZzhPZWloRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RjgzRC9BM0Q1MkZCOEM4NTAxMUVEQUY1QkJBODdDNEY5QUUwMi9mN0Z1UVBvOHAz
X09KTVRKcEdSV2c4T2VpaEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC2X7ebRbraWDZZfzf4FS/v39xdIIoeXde2Em/DCOI5QPsjqTSIMYuR
sd9LhH3fr3LnY0EYCkg3EeJgjL8S/I0hw1Q3IsCLeyGVok6mABIBQ6CA1RW0qJkT
yxc1JPiUmAH+O/ylLLzas1hXE4zPoWVveHXiw9P1qrcXth1dpQ0Db8SWPIYPhFmu
NnWChazQoTwdXgNY/ibVnxcNnJB/lwwJITrzBRdYQYvBk8HXuVFqxre+bVrAec4D
C9p2ymb/ebXuDJtnl2xZPFiy3RBuC0Vswz9zU+ZQ2L783zFF+19TS57p/gRMcRXe
8KzFz9MRCOFZHvXS2rnZZTTRNbZs+vej
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:58:49 2025 by rpki-client