Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft
File:                     3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft (raw, json)
Hash identifier:          Yo8yLVuxU3QgmYlFcvsJmawu11+aoH3bKiK+pvjzBNE=
Subject key identifier:   D7:9F:B8:12:09:66:A5:59:36:C3:C1:0E:0E:EA:34:AD:12:9F:2D:C7
Authority key identifier: DC:B8:39:31:9F:D5:2E:AD:9F:CB:97:78:29:84:FD:1F:D4:49:2C:17
Certificate issuer:       /CN=A91B569E/serialNumber=DCB839319FD52EAD9FCB97782984FD1FD4492C17
Certificate serial:       0222
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft
Manifest number:          021A
Signing time:             Sat 09 Aug 2025 02:33:56 +0000
Manifest this update:     Sat 09 Aug 2025 02:33:56 +0000
Manifest next update:     Sat 16 Aug 2025 02:33:56 +0000
Files and hashes:         1: 3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.crl (hash: YnopWg3sP9+xFpLiRRGyBRmOX7K8DZ6MRUKefVbnMGI=)
                          2: 0CDAA8EEE86611EFA5152A24C4F9AE02.roa (hash: lUMcuws+kkSP+r54F6XS/v0f47726g1ZKxyTfmh7RHY=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.crl
                          rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 546 (0x222)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B569E, serialNumber=DCB839319FD52EAD9FCB97782984FD1FD4492C17
        Validity
            Not Before: Aug  9 02:33:56 2025 GMT
            Not After : Aug 16 02:33:56 2025 GMT
        Subject: CN=6896b394-00c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:19:b1:a7:09:d8:53:34:b3:6a:cc:5f:60:a2:
                    b6:86:96:9b:58:da:d0:82:76:b2:f6:9c:4b:88:59:
                    46:9b:66:d9:24:37:00:5d:3f:04:8c:72:ac:57:fb:
                    d6:90:28:53:ca:59:bd:c6:e3:50:12:6a:48:c0:ad:
                    b7:9d:df:b0:a2:ab:84:4b:8c:8b:5f:14:ad:7e:01:
                    0a:f8:a1:15:52:9b:72:09:2d:27:c2:7b:56:2f:70:
                    c7:3a:05:ac:b5:c0:61:60:2f:8b:30:cc:20:16:a3:
                    36:f0:bb:82:79:d7:4c:08:b4:4e:c0:59:68:b4:bc:
                    3d:1e:25:13:55:5c:81:21:1b:6a:91:26:cc:92:e7:
                    27:28:22:8d:aa:eb:a6:70:a2:18:de:ce:e3:58:f1:
                    f7:6b:b6:85:10:d6:15:dd:4f:14:44:60:33:e9:1f:
                    1a:e5:c7:c1:29:69:5c:c2:0f:83:46:37:c5:a3:c7:
                    20:99:49:5c:5b:c2:97:26:c5:79:59:ac:7e:9e:76:
                    ad:74:75:86:17:9d:11:64:47:a6:5c:4c:4f:30:70:
                    18:16:91:d1:35:2b:b2:a7:ff:65:3c:c9:02:bb:f0:
                    65:65:bd:58:c9:c4:ef:a9:15:b9:9c:2e:9a:ea:91:
                    7d:e4:b9:e9:e8:da:ed:91:26:85:60:30:a2:cf:32:
                    34:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:9F:B8:12:09:66:A5:59:36:C3:C1:0E:0E:EA:34:AD:12:9F:2D:C7
            X509v3 Authority Key Identifier:
                keyid:DC:B8:39:31:9F:D5:2E:AD:9F:CB:97:78:29:84:FD:1F:D4:49:2C:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:8e:cd:95:68:dc:7f:13:b6:7a:1c:40:72:5f:c7:63:7b:58:
         16:25:3c:d1:16:59:d4:59:07:b0:b4:47:10:eb:1c:f6:46:ec:
         92:8e:26:6b:44:e2:4c:3a:f3:1c:14:5e:95:63:70:f5:1d:1c:
         d2:fa:e9:cb:07:44:46:bd:12:47:13:60:47:a9:fb:96:21:10:
         57:3d:d9:7a:95:c9:b0:0f:05:3a:b1:d2:4f:21:f7:be:3b:71:
         de:74:bc:78:43:4f:d3:7a:d9:b5:1c:78:a4:48:76:fb:35:6f:
         91:b2:59:6a:ed:67:5e:ae:f2:87:cc:02:5f:bd:29:42:79:23:
         a0:9b:4e:8c:a7:3e:2e:52:80:f5:71:ff:2e:1c:40:74:09:b6:
         62:5d:c5:0c:31:ba:d6:bc:31:f4:4b:1c:ec:8b:95:6c:47:93:
         6d:0b:bd:22:75:d4:68:bf:ce:00:2a:48:f4:7a:f9:da:e5:49:
         78:2c:f2:64:7d:1e:66:54:ba:33:09:09:f8:2f:c2:d8:d1:f4:
         dd:73:0b:5b:0b:2f:1f:5f:fc:59:d5:ed:84:47:06:75:d4:52:
         b7:d1:6a:69:f5:8a:78:07:91:91:ff:96:3b:db:5c:11:9a:a0:
         d2:47:15:6b:b9:99:c7:32:cd:d3:88:9a:7b:d5:2c:ab:35:4d:
         e4:2d:43:4b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU2OUUxMTAvBgNVBAUTKERDQjgzOTMxOUZENTJFQUQ5RkNCOTc3ODI5ODRGRDFG
RDQ0OTJDMTcwHhcNMjUwODA5MDIzMzU2WhcNMjUwODE2MDIzMzU2WjAYMRYwFAYD
VQQDEw02ODk2YjM5NC0wMGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzhmxpwnYUzSzasxfYKK2hpabWNrQgnay9pxLiFlGm2bZJDcAXT8EjHKsV/vW
kChTylm9xuNQEmpIwK23nd+woquES4yLXxStfgEK+KEVUptyCS0nwntWL3DHOgWs
tcBhYC+LMMwgFqM28LuCeddMCLROwFlotLw9HiUTVVyBIRtqkSbMkucnKCKNquum
cKIY3s7jWPH3a7aFENYV3U8URGAz6R8a5cfBKWlcwg+DRjfFo8cgmUlcW8KXJsV5
Wax+nnatdHWGF50RZEemXExPMHAYFpHRNSuyp/9lPMkCu/BlZb1YycTvqRW5nC6a
6pF95Lnp6NrtkSaFYDCizzI0xwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNefuBIJ
ZqVZNsPBDg7qNK0Sny3HMB8GA1UdIwQYMBaAFNy4OTGf1S6tn8uXeCmE/R/USSwX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTY5RS8yNTI1QzdDODRE
MjUxMUVEQTZEREQyMkVDNEY5QUUwMi8zTGc1TVpfVkxxMmZ5NWQ0S1lUOUg5UkpM
QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNMZzVNWl9WTHEyZnk1ZDRLWVQ5SDlSSkxCYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NTY5RS8yNTI1QzdDODREMjUxMUVEQTZEREQyMkVDNEY5QUUwMi8zTGc1TVpfVkxx
MmZ5NWQ0S1lUOUg5UkpMQmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCcjs2VaNx/E7Z6HEByX8dje1gWJTzRFlnUWQewtEcQ6xz2RuySjiZr
ROJMOvMcFF6VY3D1HRzS+unLB0RGvRJHE2BHqfuWIRBXPdl6lcmwDwU6sdJPIfe+
O3HedLx4Q0/Tetm1HHikSHb7NW+Rsllq7WdervKHzAJfvSlCeSOgm06Mpz4uUoD1
cf8uHEB0CbZiXcUMMbrWvDH0Sxzsi5VsR5NtC70iddRov84AKkj0evna5Ul4LPJk
fR5mVLozCQn4L8LY0fTdcwtbCy8fX/xZ1e2ERwZ11FK30Wpp9Yp4B5GR/5Y721wR
mqDSRxVruZnHMs3TiJp71SyrNU3kLUNL
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:49:53 2025 by rpki-client