Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
File:                     tY0p97gQfxWFtf_nDFAsbI9dMwI.mft (raw, json)
Hash identifier:          9fF7WN7ITGHMsQ6yF6CVsY4FF0FHNX7naIkc6cu+muA=
Subject key identifier:   4C:5D:29:41:B9:81:36:9F:B8:54:83:AD:69:2A:D6:41:68:DD:2F:F7
Authority key identifier: B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02
Certificate issuer:       /CN=A91B3CA4/serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302
Certificate serial:       0882
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
Manifest number:          0868
Signing time:             Fri 08 Aug 2025 21:02:33 +0000
Manifest this update:     Fri 08 Aug 2025 21:02:32 +0000
Manifest next update:     Fri 15 Aug 2025 21:02:32 +0000
Files and hashes:         1: tY0p97gQfxWFtf_nDFAsbI9dMwI.crl (hash: LWlU7txleMuC8V9HvnWz/xK8H7+Qy4vSYB2Y2KpEe4E=)
                          2: C33EB0EC7C4211EB933D233EC4F9AE02.roa (hash: V3s4r52s3OPKDLcYcdmKSn/0GHVPcogcj1iQaYzRFaU=)
                          3: F6F5BCCE53E711F084348F87C4F9AE02.roa (hash: eEq3ZG4qI8pUpOyGlAwoIW1Iq8bp1Jor6FtXouhYCXM=)
                          4: 3C3F21BAD6F011EE9B38B67DC4F9AE02.roa (hash: w/43LlQIYPABEvYlfxDIIPmu3emguiTlymMjfBLzQJU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl
                          rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2178 (0x882)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B3CA4, serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302
        Validity
            Not Before: Aug  8 21:02:32 2025 GMT
            Not After : Aug 15 21:02:32 2025 GMT
        Subject: CN=689665e9-4b3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:7d:b5:31:42:fb:25:22:1c:b4:f6:c2:ac:7c:
                    93:ca:7c:20:f4:6e:a4:66:6d:c3:fe:ea:10:3e:3d:
                    6f:06:d7:ac:95:c7:1d:92:8c:f9:5f:de:57:22:c9:
                    74:cf:10:72:a5:ac:a5:7b:ee:5b:1d:65:1d:a4:a5:
                    95:25:9c:ff:5e:46:1f:55:18:e5:a6:28:f5:53:28:
                    8e:7b:5a:56:aa:e8:0f:14:f2:0c:b6:95:c8:80:65:
                    33:c2:83:f9:01:45:46:ce:5d:b9:4f:df:91:ee:38:
                    f8:e3:1f:a9:e7:2f:d8:5f:e3:3c:cd:94:e4:2c:01:
                    f1:6c:b0:3e:19:91:fa:1f:6f:60:ac:17:10:b7:2e:
                    de:35:8a:46:7a:e4:ed:66:6b:5e:7a:73:38:68:08:
                    68:78:bd:0f:da:21:6e:37:3a:53:56:e9:c9:62:f2:
                    0b:58:ce:c5:5a:73:11:04:97:a6:cd:85:62:b5:cf:
                    b1:19:47:ff:ee:95:7e:85:a8:af:bc:9a:8e:d4:8c:
                    eb:16:e3:a1:53:76:51:1b:31:d1:10:8c:8d:38:f8:
                    68:87:29:cc:25:91:f9:66:3f:f7:d4:e0:a1:89:da:
                    55:82:ab:1c:92:eb:47:25:f2:bd:94:ae:c6:d2:3b:
                    99:52:69:89:53:b7:5b:72:68:b5:a7:f9:73:72:b9:
                    10:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:5D:29:41:B9:81:36:9F:B8:54:83:AD:69:2A:D6:41:68:DD:2F:F7
            X509v3 Authority Key Identifier:
                keyid:B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:a7:a9:11:72:a9:3f:97:65:03:63:82:ab:6b:ab:73:be:c8:
         28:43:fd:03:17:68:da:86:57:a6:a9:a3:29:85:d6:8b:47:35:
         73:1f:1a:4b:18:20:e6:3f:35:a2:ac:78:c3:b1:ff:84:a1:f7:
         78:c4:bd:7b:6c:f4:6b:00:43:de:b2:9d:fd:50:4f:11:61:72:
         0c:58:63:d9:1c:d9:26:1e:e0:2d:f9:cf:74:e8:e8:74:02:46:
         e3:19:ac:de:f3:1a:51:ce:32:68:22:0d:d3:ca:f8:dc:ee:54:
         82:99:33:2e:6a:86:a5:a8:1d:97:f9:38:e1:d6:98:03:66:de:
         53:eb:97:f8:7b:e7:46:ce:90:ca:d9:39:0b:ec:7d:ff:3b:7d:
         8f:70:3a:17:5a:a1:46:b5:2c:16:8b:ee:0f:38:f9:6d:69:a0:
         f9:16:7d:60:23:cc:5c:54:9d:ea:f3:82:79:00:21:ce:ea:50:
         31:37:80:7f:56:06:3a:18:19:c9:90:9e:cb:ee:c2:65:66:41:
         f1:7c:6b:b8:6c:5b:45:17:b1:6b:64:8f:93:e0:20:21:e0:6a:
         fa:dd:8f:d3:80:6a:f5:f5:38:fb:ea:45:14:b1:9f:92:42:64:
         29:8f:b8:4d:e7:c7:a6:e7:5d:4b:f5:82:4f:fe:db:e3:60:54:
         b5:4f:8d:a1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCIIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjNDQTQxMTAvBgNVBAUTKEI1OEQyOUY3QjgxMDdGMTU4NUI1RkZFNzBDNTAyQzZD
OEY1RDMzMDIwHhcNMjUwODA4MjEwMjMyWhcNMjUwODE1MjEwMjMyWjAYMRYwFAYD
VQQDEw02ODk2NjVlOS00YjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4321MUL7JSIctPbCrHyTynwg9G6kZm3D/uoQPj1vBteslccdkoz5X95XIsl0
zxBypayle+5bHWUdpKWVJZz/XkYfVRjlpij1UyiOe1pWqugPFPIMtpXIgGUzwoP5
AUVGzl25T9+R7jj44x+p5y/YX+M8zZTkLAHxbLA+GZH6H29grBcQty7eNYpGeuTt
ZmteenM4aAhoeL0P2iFuNzpTVunJYvILWM7FWnMRBJemzYVitc+xGUf/7pV+haiv
vJqO1IzrFuOhU3ZRGzHREIyNOPhohynMJZH5Zj/31OChidpVgqsckutHJfK9lK7G
0juZUmmJU7dbcmi1p/lzcrkQbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFExdKUG5
gTafuFSDrWkq1kFo3S/3MB8GA1UdIwQYMBaAFLWNKfe4EH8VhbX/5wxQLGyPXTMC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0NBNC8xNUY2OEI1Q0NG
MTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4V0Z0Zl9uREZBc2JJOWRN
d0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RZMHA5N2dRZnhXRnRmX25ERkFzYkk5ZE13SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
M0NBNC8xNUY2OEI1Q0NGMTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4
V0Z0Zl9uREZBc2JJOWRNd0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA5p6kRcqk/l2UDY4Kra6tzvsgoQ/0DF2jahlemqaMphdaLRzVzHxpL
GCDmPzWirHjDsf+Eofd4xL17bPRrAEPesp39UE8RYXIMWGPZHNkmHuAt+c906Oh0
AkbjGaze8xpRzjJoIg3Tyvjc7lSCmTMuaoalqB2X+Tjh1pgDZt5T65f4e+dGzpDK
2TkL7H3/O32PcDoXWqFGtSwWi+4POPltaaD5Fn1gI8xcVJ3q84J5ACHO6lAxN4B/
VgY6GBnJkJ7L7sJlZkHxfGu4bFtFF7FrZI+T4CAh4Gr63Y/TgGr19Tj76kUUsZ+S
QmQpj7hN58em511L9YJP/tvjYFS1T42h
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:10:11 2025 by rpki-client