Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft
File:                     US3AbkHAiZokofyIXrNG5FMH80c.mft (raw, json)
Hash identifier:          Mf8BM9oDecUpfCw2P3eQaw8SphI1IZP5wYAlePHvjeA=
Subject key identifier:   C5:C2:D2:5E:05:E3:7B:10:79:C6:BE:7A:03:32:DC:6A:AF:49:D2:84
Authority key identifier: 51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47
Certificate issuer:       /CN=A91BA4F2/serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347
Certificate serial:       0947
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft
Manifest number:          0941
Signing time:             Mon 28 Apr 2025 20:40:34 +0000
Manifest this update:     Mon 28 Apr 2025 20:40:34 +0000
Manifest next update:     Mon 05 May 2025 20:40:34 +0000
Files and hashes:         1: US3AbkHAiZokofyIXrNG5FMH80c.crl (hash: /j879uy2e496pAOBCCe+jtGwxI6Dcmsh9RNt2aR1ZJY=)
                          2: 9EEA3006979411EA8C6FC25AC4F9AE02.roa (hash: S4ZaaJwKZSnUQdUJjzEBewIqlA4hqhU0xKL1nfod00M=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl
                          rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 05 May 2025 20:40:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2375 (0x947)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BA4F2, serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347
        Validity
            Not Before: Apr 28 20:40:34 2025 GMT
            Not After : May  5 20:40:34 2025 GMT
        Subject: CN=680fe7c2-31ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:2b:4f:78:36:83:40:64:74:8f:2c:aa:58:74:
                    cd:ff:15:39:05:68:fa:35:41:b3:e5:1f:ff:ac:f8:
                    59:db:09:6f:a8:45:f4:a1:83:43:f4:c6:12:80:ff:
                    3c:bb:26:32:d0:2a:8e:34:9b:5b:d5:2e:f9:67:ea:
                    68:12:df:49:6e:b2:d4:bf:08:86:53:01:aa:19:40:
                    7a:9d:67:6c:a1:76:46:20:2a:5a:e2:dd:6b:09:e9:
                    4d:f1:43:cd:4a:c9:49:d4:75:9d:7d:39:23:59:e8:
                    60:df:62:93:c5:0f:48:94:31:5d:45:c9:cd:8a:f3:
                    89:74:12:e9:95:8d:c5:a0:4c:01:4a:2c:02:0c:f9:
                    6a:70:af:65:7c:70:f0:8b:e9:3d:3c:98:79:d3:3c:
                    19:00:05:79:63:1a:4c:44:1b:99:e4:78:45:88:bc:
                    5f:f8:e6:bf:62:3f:51:2d:57:2c:6f:ba:40:21:f3:
                    57:40:68:4c:da:6e:7d:9f:d1:67:f2:8c:3b:33:9a:
                    17:1d:fe:34:2a:e2:4a:f9:cd:f3:17:ef:1f:d0:60:
                    ba:2f:07:38:38:91:10:4f:69:2b:82:cd:c5:33:9b:
                    ef:7e:75:82:43:cd:96:49:9b:4e:87:15:0e:d7:28:
                    90:45:50:f9:18:9c:9d:3b:90:43:db:3c:00:0d:a2:
                    39:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:C2:D2:5E:05:E3:7B:10:79:C6:BE:7A:03:32:DC:6A:AF:49:D2:84
            X509v3 Authority Key Identifier:
                keyid:51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:25:08:ea:7a:fa:c9:20:53:a9:dd:3b:cc:cb:44:67:53:b0:
         99:20:38:99:0c:e0:33:89:17:e3:ec:7f:d0:9e:18:54:e0:a5:
         f3:ba:48:dd:18:62:08:35:ce:fa:97:01:9f:5e:a1:44:ad:c9:
         d4:75:7f:ab:c3:c1:73:b2:6f:5b:6a:93:33:78:9e:ce:0e:cf:
         e8:15:3b:0c:17:e0:ad:4c:db:20:ac:fb:63:b3:5a:ef:0d:b5:
         be:72:29:93:cb:50:81:90:fd:27:26:b6:b9:73:89:78:91:a6:
         77:b0:b5:be:79:2d:e0:d5:0e:23:e0:4d:93:1d:08:9d:2c:26:
         74:95:93:a7:2c:0c:5e:71:94:7d:4b:de:fd:14:e9:95:c9:05:
         63:b9:ef:6e:92:37:c3:45:ee:7a:28:fc:c2:b3:4b:90:11:b7:
         74:f6:d5:ca:bf:16:2c:e7:4d:fb:39:41:c2:be:ce:52:ac:46:
         6d:4d:c2:ef:ca:d7:03:ac:18:46:be:af:71:40:f3:6d:65:04:
         21:bc:38:a9:5f:ad:1a:60:79:9a:44:c3:c9:58:26:7a:1b:a4:
         74:65:83:f1:6d:1b:1d:02:3d:9e:7b:81:40:20:61:2e:71:96:
         87:30:7c:4f:e0:b2:ac:5f:92:7f:08:fc:07:39:b8:bd:a6:3f:
         8e:4c:91:67
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkE0RjIxMTAvBgNVBAUTKDUxMkRDMDZFNDFDMDg5OUEyNEExRkM4ODVFQjM0NkU0
NTMwN0YzNDcwHhcNMjUwNDI4MjA0MDM0WhcNMjUwNTA1MjA0MDM0WjAYMRYwFAYD
VQQDEw02ODBmZTdjMi0zMWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqitPeDaDQGR0jyyqWHTN/xU5BWj6NUGz5R//rPhZ2wlvqEX0oYND9MYSgP88
uyYy0CqONJtb1S75Z+poEt9JbrLUvwiGUwGqGUB6nWdsoXZGICpa4t1rCelN8UPN
SslJ1HWdfTkjWehg32KTxQ9IlDFdRcnNivOJdBLplY3FoEwBSiwCDPlqcK9lfHDw
i+k9PJh50zwZAAV5YxpMRBuZ5HhFiLxf+Oa/Yj9RLVcsb7pAIfNXQGhM2m59n9Fn
8ow7M5oXHf40KuJK+c3zF+8f0GC6Lwc4OJEQT2krgs3FM5vvfnWCQ82WSZtOhxUO
1yiQRVD5GJydO5BD2zwADaI5BwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMXC0l4F
43sQeca+egMy3GqvSdKEMB8GA1UdIwQYMBaAFFEtwG5BwImaJKH8iF6zRuRTB/NH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTRGMi8yQUVERUY5QTk3
OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWlab2tvZnlJWHJORzVGTUg4
MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VTM0Fia0hBaVpva29meUlYck5HNUZNSDgwYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QTRGMi8yQUVERUY5QTk3OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWla
b2tvZnlJWHJORzVGTUg4MGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAkJQjqevrJIFOp3TvMy0RnU7CZIDiZDOAziRfj7H/QnhhU4KXzukjd
GGIINc76lwGfXqFErcnUdX+rw8Fzsm9bapMzeJ7ODs/oFTsMF+CtTNsgrPtjs1rv
DbW+cimTy1CBkP0nJra5c4l4kaZ3sLW+eS3g1Q4j4E2THQidLCZ0lZOnLAxecZR9
S979FOmVyQVjue9ukjfDRe56KPzCs0uQEbd09tXKvxYs5037OUHCvs5SrEZtTcLv
ytcDrBhGvq9xQPNtZQQhvDipX60aYHmaRMPJWCZ6G6R0ZYPxbRsdAj2ee4FAIGEu
cZaHMHxP4LKsX5J/CPwHObi9pj+OTJFn
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:33:18 2025 by rpki-client