Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2131/BE4A6CD07D7211EB8CB63665C4F9AE02/FAfjHIfhFiRZ2Dw660iMl1qcI_E.mft
File:                     FAfjHIfhFiRZ2Dw660iMl1qcI_E.mft (raw, json)
Hash identifier:          utOEO8z3zX+cmatJ0BhyE7kIR/ZWmjaQtoiHP+gHzb8=
Subject key identifier:   4E:E9:37:B7:93:30:3B:02:D7:14:11:B9:71:00:45:79:7F:41:45:92
Authority key identifier: 14:07:E3:1C:87:E1:16:24:59:D8:3C:3A:EB:48:8C:97:5A:9C:23:F1
Certificate issuer:       /CN=A91B2131/serialNumber=1407E31C87E1162459D83C3AEB488C975A9C23F1
Certificate serial:       0697
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FAfjHIfhFiRZ2Dw660iMl1qcI_E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B2131/BE4A6CD07D7211EB8CB63665C4F9AE02/FAfjHIfhFiRZ2Dw660iMl1qcI_E.mft
Manifest number:          0691
Signing time:             Fri 08 Aug 2025 22:40:27 +0000
Manifest this update:     Fri 08 Aug 2025 22:40:27 +0000
Manifest next update:     Fri 15 Aug 2025 22:40:27 +0000
Files and hashes:         1: FAfjHIfhFiRZ2Dw660iMl1qcI_E.crl (hash: /ws1cIRHYG11I4qH23j6c6UoP8JQtXgY45kVG9doBhg=)
                          2: D240E2EE814D11EBB1CE367FC4F9AE02.roa (hash: OcDk0+b+7yUXsyGIwS3/BcoBm4sD7lmajtFFAPMecA4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B2131/BE4A6CD07D7211EB8CB63665C4F9AE02/FAfjHIfhFiRZ2Dw660iMl1qcI_E.crl
                          rsync://rpki.apnic.net/member_repository/A91B2131/BE4A6CD07D7211EB8CB63665C4F9AE02/FAfjHIfhFiRZ2Dw660iMl1qcI_E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FAfjHIfhFiRZ2Dw660iMl1qcI_E.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1687 (0x697)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B2131, serialNumber=1407E31C87E1162459D83C3AEB488C975A9C23F1
        Validity
            Not Before: Aug  8 22:40:27 2025 GMT
            Not After : Aug 15 22:40:27 2025 GMT
        Subject: CN=68967cdb-7c98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c9:a3:2e:69:d5:57:f1:2a:84:68:f0:fe:64:
                    55:a5:cf:d1:dc:b8:b3:7b:9d:c1:b6:e7:13:00:99:
                    e6:66:63:04:4d:49:e9:af:80:d6:95:78:d6:0c:5a:
                    b4:17:a3:d7:a5:08:ac:bf:11:70:04:c6:d4:f6:52:
                    bf:59:9f:fe:8f:cb:6d:0b:c6:1d:80:0d:e2:fa:43:
                    cc:34:45:a7:bc:5e:dc:d1:35:2f:1f:e5:4f:9a:53:
                    c6:a9:ce:00:f3:ef:c7:74:0d:9f:df:22:82:f7:34:
                    01:40:af:a0:a6:3e:02:ca:d8:8c:e2:f4:4f:f8:69:
                    d4:e0:1e:92:bc:83:94:b1:a7:5b:81:62:8e:e5:4a:
                    80:70:2b:f6:1a:51:a2:cb:5e:4f:d7:d8:33:25:36:
                    10:23:78:98:cb:8f:63:3c:e9:07:a4:e5:c8:32:99:
                    2d:fc:80:17:85:8f:24:c9:9f:2e:b0:49:7c:35:4d:
                    a3:1f:ea:2e:da:95:86:67:2a:1b:bd:b0:a8:23:c2:
                    40:66:52:eb:12:1a:ed:50:d5:ae:e5:6b:1f:76:00:
                    bb:9e:cc:a6:1b:3b:b8:08:38:8e:61:e2:b6:21:ea:
                    fc:3e:94:e5:c5:59:25:17:56:ff:e7:fc:22:ff:bd:
                    cb:19:a7:6a:b2:ed:f0:a0:4e:24:1c:28:9f:dc:80:
                    80:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:E9:37:B7:93:30:3B:02:D7:14:11:B9:71:00:45:79:7F:41:45:92
            X509v3 Authority Key Identifier:
                keyid:14:07:E3:1C:87:E1:16:24:59:D8:3C:3A:EB:48:8C:97:5A:9C:23:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B2131/BE4A6CD07D7211EB8CB63665C4F9AE02/FAfjHIfhFiRZ2Dw660iMl1qcI_E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FAfjHIfhFiRZ2Dw660iMl1qcI_E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2131/BE4A6CD07D7211EB8CB63665C4F9AE02/FAfjHIfhFiRZ2Dw660iMl1qcI_E.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:30:f4:19:1e:1f:39:fc:6d:0b:77:a7:4e:2e:46:4e:9f:48:
         66:58:35:86:3c:6e:c1:0e:f3:91:f0:33:eb:f8:3e:67:0b:80:
         82:09:b5:0c:db:82:27:64:36:83:5d:b7:36:c2:95:73:20:c1:
         11:aa:82:ea:2a:3f:27:e5:57:07:92:4c:6d:a4:ad:2e:8b:06:
         c6:dc:ab:61:4c:08:5a:7a:62:48:af:32:40:71:14:70:8a:a1:
         00:51:e8:13:c0:9e:5f:4d:71:99:28:0f:28:2b:30:94:6a:c9:
         96:bb:22:5c:b2:d1:56:76:c8:0b:91:b6:b8:d2:b5:d5:da:0c:
         0e:b0:6c:c9:0f:c0:94:7b:7a:73:67:99:d0:8f:61:84:b6:7f:
         6f:30:f6:bc:59:45:e0:68:5f:1f:e1:57:ef:21:28:52:4d:dc:
         03:2c:72:68:4b:cd:b6:08:26:0b:a4:50:2f:06:b8:b4:c2:62:
         66:d8:f4:4c:2b:e8:9c:c4:71:f1:c0:19:35:c9:fc:b8:05:6b:
         e9:8f:2c:d7:40:66:21:ff:73:99:10:4c:ad:74:de:1b:c7:6c:
         92:02:26:17:a4:8b:b5:6b:96:4f:1b:c8:f6:82:d4:1e:8e:cd:
         f1:f1:7c:11:15:c3:fe:25:ff:e3:d8:c5:8b:3d:ff:d9:87:0e:
         e3:ce:36:ea
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBpcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjIxMzExMTAvBgNVBAUTKDE0MDdFMzFDODdFMTE2MjQ1OUQ4M0MzQUVCNDg4Qzk3
NUE5QzIzRjEwHhcNMjUwODA4MjI0MDI3WhcNMjUwODE1MjI0MDI3WjAYMRYwFAYD
VQQDEw02ODk2N2NkYi03Yzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAusmjLmnVV/EqhGjw/mRVpc/R3Lize53BtucTAJnmZmMETUnpr4DWlXjWDFq0
F6PXpQisvxFwBMbU9lK/WZ/+j8ttC8YdgA3i+kPMNEWnvF7c0TUvH+VPmlPGqc4A
8+/HdA2f3yKC9zQBQK+gpj4CytiM4vRP+GnU4B6SvIOUsadbgWKO5UqAcCv2GlGi
y15P19gzJTYQI3iYy49jPOkHpOXIMpkt/IAXhY8kyZ8usEl8NU2jH+ou2pWGZyob
vbCoI8JAZlLrEhrtUNWu5WsfdgC7nsymGzu4CDiOYeK2Ier8PpTlxVklF1b/5/wi
/73LGadqsu3woE4kHCif3ICA0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE7pN7eT
MDsC1xQRuXEARXl/QUWSMB8GA1UdIwQYMBaAFBQH4xyH4RYkWdg8OutIjJdanCPx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjEzMS9CRTRBNkNEMDdE
NzIxMUVCOENCNjM2NjVDNEY5QUUwMi9GQWZqSElmaEZpUloyRHc2NjBpTWwxcWNJ
X0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZBZmpISWZoRmlSWjJEdzY2MGlNbDFxY0lfRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MjEzMS9CRTRBNkNEMDdENzIxMUVCOENCNjM2NjVDNEY5QUUwMi9GQWZqSElmaEZp
UloyRHc2NjBpTWwxcWNJX0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB7MPQZHh85/G0Ld6dOLkZOn0hmWDWGPG7BDvOR8DPr+D5nC4CCCbUM
24InZDaDXbc2wpVzIMERqoLqKj8n5VcHkkxtpK0uiwbG3KthTAhaemJIrzJAcRRw
iqEAUegTwJ5fTXGZKA8oKzCUasmWuyJcstFWdsgLkba40rXV2gwOsGzJD8CUe3pz
Z5nQj2GEtn9vMPa8WUXgaF8f4VfvIShSTdwDLHJoS822CCYLpFAvBri0wmJm2PRM
K+icxHHxwBk1yfy4BWvpjyzXQGYh/3OZEEytdN4bx2ySAiYXpIu1a5ZPG8j2gtQe
js3x8XwRFcP+Jf/j2MWLPf/Zhw7jzjbq
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:49:32 2025 by rpki-client