Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft
File:                     oKMiStDIKz-aYvNHrKP5RdsI8rA.mft (raw, json)
Hash identifier:          nbImUk7ZfNLztsJio1l+Sr4j4TX6VoAQEEX5sV0XA8M=
Subject key identifier:   BD:51:78:E1:55:A0:4C:ED:D9:34:22:A1:85:64:37:2E:7F:22:79:0F
Authority key identifier: A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0
Certificate issuer:       /CN=A91B80BD/serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0
Certificate serial:       3079
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft
Manifest number:          304B
Signing time:             Fri 08 Aug 2025 15:30:30 +0000
Manifest this update:     Fri 08 Aug 2025 15:30:29 +0000
Manifest next update:     Fri 15 Aug 2025 15:30:29 +0000
Files and hashes:         1: oKMiStDIKz-aYvNHrKP5RdsI8rA.crl (hash: lfoKSPs+R9uXd9Z3pOKK4TUovqLZOXE2GzD/e8lVxjA=)
                          2: 583C1F6854F611E79DF7E643C4F9AE02.roa (hash: J9SJ4DIJ/7Jqarub1sf8j6PHgZAGlGGdRbRsMiv9apI=)
                          3: 915E51B8F3BE11ED8B9B1450C4F9AE02.roa (hash: 9deMiuArgkPyt65CV7Ht+L/9JKrWYVcP+qJb8LKGzOI=)
                          4: 4C72E61CB0EC11E5A6934B42C4F9AE02.roa (hash: 2+WTGnYcaeWw8w6rtvBrYx7uq+JHkK1rDrCVxpG+T+Y=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl
                          rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12409 (0x3079)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B80BD, serialNumber=A0A3224AD0C82B3F9A62F347ACA3F945DB08F2B0
        Validity
            Not Before: Aug  8 15:30:29 2025 GMT
            Not After : Aug 15 15:30:29 2025 GMT
        Subject: CN=68961815-6754
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:66:c3:7b:92:a5:fd:6b:47:df:17:49:a2:ee:
                    38:a9:42:ab:d3:0f:e0:2b:2f:c5:56:7a:49:82:b7:
                    68:8c:c6:2c:8f:4d:77:42:46:93:a6:cf:c6:68:fc:
                    ad:03:37:2b:5f:8e:22:de:1f:29:cd:79:1e:c5:fa:
                    f4:ae:1d:aa:94:9d:dd:2a:46:58:52:b9:17:b0:17:
                    23:74:c3:04:fe:71:10:28:27:62:25:b8:72:a9:77:
                    23:04:23:47:51:fe:f4:96:1d:22:72:ae:a3:7a:61:
                    f9:50:96:25:90:6e:e8:95:41:9f:e6:6f:d1:a5:c9:
                    bc:6e:27:c6:cc:36:bb:20:ad:1d:51:91:a1:84:02:
                    aa:39:12:b4:6a:d9:6c:b7:ab:a3:f4:3b:f1:7e:b2:
                    f1:12:8b:31:04:73:7b:00:43:06:23:84:86:67:b9:
                    e9:a1:8d:b7:bf:16:5c:5f:82:39:55:b1:cb:6c:22:
                    34:56:50:99:8d:1d:9f:d0:f0:2d:81:65:1f:1d:6e:
                    bd:f5:66:87:df:dc:f6:9a:fa:1d:42:bf:27:97:02:
                    97:18:0a:cc:b8:85:3b:b7:7a:72:a9:38:bf:df:41:
                    d9:33:81:4e:cd:5e:74:53:ee:23:b2:9e:a6:0a:55:
                    f3:9e:cf:d7:fd:cd:b4:80:32:82:7f:eb:f4:11:7e:
                    8f:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:51:78:E1:55:A0:4C:ED:D9:34:22:A1:85:64:37:2E:7F:22:79:0F
            X509v3 Authority Key Identifier:
                keyid:A0:A3:22:4A:D0:C8:2B:3F:9A:62:F3:47:AC:A3:F9:45:DB:08:F2:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKMiStDIKz-aYvNHrKP5RdsI8rA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80BD/B5A636D8FE5C11E2AEC042505911EA32/oKMiStDIKz-aYvNHrKP5RdsI8rA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:10:34:4a:b8:67:0a:fc:a4:bf:60:12:5f:66:66:27:08:2c:
         7b:e1:51:26:06:5c:86:32:b0:bb:97:9a:90:c1:49:09:b4:d6:
         e3:1b:69:18:60:2d:ae:f7:c4:a4:c3:fe:ed:a1:8d:80:10:94:
         dd:29:24:fa:89:ad:f8:87:49:39:ec:de:b1:8e:19:69:3a:cb:
         ab:71:04:82:aa:34:c9:65:90:30:4b:6c:04:e6:61:f0:ec:50:
         55:05:cc:ca:b7:fe:db:72:da:f4:89:d7:93:5c:ac:b2:b9:42:
         ea:d3:62:5c:d3:70:5a:90:52:3c:0b:03:d7:3e:c5:7c:46:c2:
         2a:f5:69:f1:1f:8d:7d:25:4f:d7:49:58:15:70:66:a0:f5:af:
         a2:74:2d:80:0c:ff:ba:83:e8:97:9e:9a:f7:07:01:6b:b9:d2:
         91:68:86:4b:42:a2:36:6d:3f:c0:f9:99:c0:ca:ec:e2:28:82:
         51:a1:fc:d0:b3:f3:f4:04:87:06:61:a8:10:00:aa:03:2d:88:
         ad:d9:0a:c8:63:3c:03:03:5f:31:ae:63:43:a0:68:85:8e:2b:
         b4:f9:18:b0:2d:0d:2d:61:66:f1:35:33:a1:3b:cd:15:64:64:
         d5:91:16:b3:39:e8:34:0f:28:20:95:55:27:f7:ec:72:a5:16:
         f3:64:ad:7c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICMHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjgwQkQxMTAvBgNVBAUTKEEwQTMyMjRBRDBDODJCM0Y5QTYyRjM0N0FDQTNGOTQ1
REIwOEYyQjAwHhcNMjUwODA4MTUzMDI5WhcNMjUwODE1MTUzMDI5WjAYMRYwFAYD
VQQDEw02ODk2MTgxNS02NzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxGbDe5Kl/WtH3xdJou44qUKr0w/gKy/FVnpJgrdojMYsj013QkaTps/GaPyt
AzcrX44i3h8pzXkexfr0rh2qlJ3dKkZYUrkXsBcjdMME/nEQKCdiJbhyqXcjBCNH
Uf70lh0icq6jemH5UJYlkG7olUGf5m/Rpcm8bifGzDa7IK0dUZGhhAKqORK0atls
t6uj9DvxfrLxEosxBHN7AEMGI4SGZ7npoY23vxZcX4I5VbHLbCI0VlCZjR2f0PAt
gWUfHW699WaH39z2mvodQr8nlwKXGArMuIU7t3pyqTi/30HZM4FOzV50U+4jsp6m
ClXzns/X/c20gDKCf+v0EX6P/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL1ReOFV
oEzt2TQioYVkNy5/InkPMB8GA1UdIwQYMBaAFKCjIkrQyCs/mmLzR6yj+UXbCPKw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODBCRC9CNUE2MzZEOEZF
NUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6LWFZdk5IcktQNVJkc0k4
ckEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29LTWlTdERJS3otYVl2TkhyS1A1UmRzSThyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODBCRC9CNUE2MzZEOEZFNUMxMUUyQUVDMDQyNTA1OTExRUEzMi9vS01pU3RESUt6
LWFZdk5IcktQNVJkc0k4ckEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBGEDRKuGcK/KS/YBJfZmYnCCx74VEmBlyGMrC7l5qQwUkJtNbjG2kY
YC2u98Skw/7toY2AEJTdKST6ia34h0k57N6xjhlpOsurcQSCqjTJZZAwS2wE5mHw
7FBVBczKt/7bctr0ideTXKyyuULq02Jc03BakFI8CwPXPsV8RsIq9WnxH419JU/X
SVgVcGag9a+idC2ADP+6g+iXnpr3BwFrudKRaIZLQqI2bT/A+ZnAyuziKIJRofzQ
s/P0BIcGYagQAKoDLYit2QrIYzwDA18xrmNDoGiFjiu0+RiwLQ0tYWbxNTOhO80V
ZGTVkRazOeg0DygglVUn9+xypRbzZK18
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:09:20 2025 by rpki-client