Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BBCAF/0F61886A6B3211EE9B522053C4F9AE02/J7LmYpFIIhNrCWLbtbpEfCU_Uhs.mft
File:                     J7LmYpFIIhNrCWLbtbpEfCU_Uhs.mft (raw, json)
Hash identifier:          QnaCqX/rT6WwZ8ALdAb2b6G4O32pemFC6XApIaxzWts=
Subject key identifier:   3E:D2:EC:8D:AB:FA:53:2F:5F:14:38:F2:2B:41:38:B6:0D:9D:80:F4
Authority key identifier: 27:B2:E6:62:91:48:22:13:6B:09:62:DB:B5:BA:44:7C:25:3F:52:1B
Certificate issuer:       /CN=A91BBCAF/serialNumber=27B2E662914822136B0962DBB5BA447C253F521B
Certificate serial:       015A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7LmYpFIIhNrCWLbtbpEfCU_Uhs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BBCAF/0F61886A6B3211EE9B522053C4F9AE02/J7LmYpFIIhNrCWLbtbpEfCU_Uhs.mft
Manifest number:          0156
Signing time:             Tue 05 Aug 2025 04:35:37 +0000
Manifest this update:     Tue 05 Aug 2025 04:35:37 +0000
Manifest next update:     Tue 12 Aug 2025 04:35:37 +0000
Files and hashes:         1: J7LmYpFIIhNrCWLbtbpEfCU_Uhs.crl (hash: 1tZn33OzBx18hLvMOR3YIE6SX05Rkx5lVUiK7Yrc4/s=)
                          2: D2FA5DBE6C1E11EEBB9EAB7AC4F9AE02.roa (hash: VxCtnEbF2p63KawOX+Ec2pPAYcngxsY5VpNi8SAFc50=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BBCAF/0F61886A6B3211EE9B522053C4F9AE02/J7LmYpFIIhNrCWLbtbpEfCU_Uhs.crl
                          rsync://rpki.apnic.net/member_repository/A91BBCAF/0F61886A6B3211EE9B522053C4F9AE02/J7LmYpFIIhNrCWLbtbpEfCU_Uhs.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7LmYpFIIhNrCWLbtbpEfCU_Uhs.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 12 Aug 2025 04:35:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 346 (0x15a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BBCAF, serialNumber=27B2E662914822136B0962DBB5BA447C253F521B
        Validity
            Not Before: Aug  5 04:35:37 2025 GMT
            Not After : Aug 12 04:35:37 2025 GMT
        Subject: CN=68918a19-f693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:66:da:86:d2:ef:3f:f3:6f:95:bb:f1:46:2e:
                    f2:63:05:14:16:23:4b:58:30:d9:29:b4:9f:89:9a:
                    c0:ba:2a:92:ef:ad:9c:c5:d1:1a:36:07:ed:4d:48:
                    82:ad:bb:40:5d:c7:27:9b:4e:ff:65:96:5f:e0:65:
                    4a:b2:0c:f7:19:48:79:f2:43:f1:20:7c:73:9d:ea:
                    25:2e:1e:a0:83:65:36:1e:bc:c3:c5:23:ee:fd:cf:
                    a2:33:33:59:54:de:08:be:78:e0:0e:88:5f:99:22:
                    a8:4d:59:78:7a:83:89:7a:ff:ef:5b:b3:8e:1c:0d:
                    ac:a6:65:1b:50:99:64:32:6d:18:c3:04:05:ec:51:
                    47:fb:7d:30:57:96:5b:e6:f2:1a:fc:1c:8a:c4:20:
                    31:56:bf:96:34:3e:85:51:55:69:49:85:e6:fe:78:
                    17:e5:fd:13:f6:68:88:c4:16:93:c5:50:62:13:1c:
                    fa:22:8f:58:e1:47:c0:c5:30:11:c0:75:f7:0a:9c:
                    ea:59:cb:4a:bf:66:81:fe:08:4b:d2:d4:88:33:19:
                    12:69:fb:1d:bd:f4:f8:f5:0a:70:b0:4e:9b:c3:8f:
                    02:9c:aa:f7:f3:8c:4b:8c:b4:89:ff:48:0e:0d:15:
                    71:cb:27:14:3e:ff:76:6b:81:08:f6:bb:0a:68:dc:
                    16:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:D2:EC:8D:AB:FA:53:2F:5F:14:38:F2:2B:41:38:B6:0D:9D:80:F4
            X509v3 Authority Key Identifier:
                keyid:27:B2:E6:62:91:48:22:13:6B:09:62:DB:B5:BA:44:7C:25:3F:52:1B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BBCAF/0F61886A6B3211EE9B522053C4F9AE02/J7LmYpFIIhNrCWLbtbpEfCU_Uhs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7LmYpFIIhNrCWLbtbpEfCU_Uhs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BBCAF/0F61886A6B3211EE9B522053C4F9AE02/J7LmYpFIIhNrCWLbtbpEfCU_Uhs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:23:29:ec:f9:3f:e3:34:7c:68:dd:91:24:b7:c9:87:5e:55:
         b1:ed:6e:3c:3f:55:6f:22:85:d4:8d:15:58:5f:f8:26:ac:6a:
         d3:aa:f6:35:dd:05:d0:0e:9e:16:22:6f:f0:37:90:98:b4:c6:
         3d:17:3a:7e:81:27:16:79:ef:3f:58:27:e3:60:78:ba:ef:7c:
         5e:e2:f7:ee:2a:33:6d:b3:4c:b7:8f:ca:0a:ee:67:f6:8d:cc:
         9e:c7:c9:da:02:fe:47:f6:15:7d:2f:7b:a4:13:f0:07:ef:d0:
         55:41:a2:5c:32:5e:9a:fb:89:24:f7:aa:d4:ca:49:1e:28:f7:
         f0:e2:78:22:70:e3:99:17:e4:09:d2:6d:e3:26:59:01:12:f4:
         75:92:97:90:57:9c:30:f4:75:22:5b:e8:0f:c1:90:06:1a:2c:
         00:97:be:45:2a:c9:9c:35:7f:8e:ac:bd:b0:08:4b:6a:f9:28:
         46:6a:1d:5c:0e:6d:8b:56:f6:56:f9:55:f8:18:06:32:58:fc:
         1e:4a:22:b1:d8:44:bf:eb:c0:f4:c9:30:89:bc:46:72:b4:11:
         37:05:c4:f2:e1:28:f0:c6:a8:f7:59:61:f9:27:5c:c8:19:ba:
         46:61:ba:65:e1:5e:24:40:8b:0d:7f:e0:97:c1:52:47:78:bb:
         c7:3b:65:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkJDQUYxMTAvBgNVBAUTKDI3QjJFNjYyOTE0ODIyMTM2QjA5NjJEQkI1QkE0NDdD
MjUzRjUyMUIwHhcNMjUwODA1MDQzNTM3WhcNMjUwODEyMDQzNTM3WjAYMRYwFAYD
VQQDEw02ODkxOGExOS1mNjkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8mbahtLvP/NvlbvxRi7yYwUUFiNLWDDZKbSfiZrAuiqS762cxdEaNgftTUiC
rbtAXccnm07/ZZZf4GVKsgz3GUh58kPxIHxzneolLh6gg2U2HrzDxSPu/c+iMzNZ
VN4IvnjgDohfmSKoTVl4eoOJev/vW7OOHA2spmUbUJlkMm0YwwQF7FFH+30wV5Zb
5vIa/ByKxCAxVr+WND6FUVVpSYXm/ngX5f0T9miIxBaTxVBiExz6Io9Y4UfAxTAR
wHX3CpzqWctKv2aB/ghL0tSIMxkSafsdvfT49QpwsE6bw48CnKr384xLjLSJ/0gO
DRVxyycUPv92a4EI9rsKaNwW0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD7S7I2r
+lMvXxQ48itBOLYNnYD0MB8GA1UdIwQYMBaAFCey5mKRSCITawli27W6RHwlP1Ib
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQkNBRi8wRjYxODg2QTZC
MzIxMUVFOUI1MjIwNTNDNEY5QUUwMi9KN0xtWXBGSUloTnJDV0xidGJwRWZDVV9V
aHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0o3TG1ZcEZJSWhOckNXTGJ0YnBFZkNVX1Vocy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QkNBRi8wRjYxODg2QTZCMzIxMUVFOUI1MjIwNTNDNEY5QUUwMi9KN0xtWXBGSUlo
TnJDV0xidGJwRWZDVV9VaHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAQIyns+T/jNHxo3ZEkt8mHXlWx7W48P1VvIoXUjRVYX/gmrGrTqvY1
3QXQDp4WIm/wN5CYtMY9Fzp+gScWee8/WCfjYHi673xe4vfuKjNts0y3j8oK7mf2
jcyex8naAv5H9hV9L3ukE/AH79BVQaJcMl6a+4kk96rUykkeKPfw4ngicOOZF+QJ
0m3jJlkBEvR1kpeQV5ww9HUiW+gPwZAGGiwAl75FKsmcNX+OrL2wCEtq+ShGah1c
Dm2LVvZW+VX4GAYyWPweSiKx2ES/68D0yTCJvEZytBE3BcTy4Sjwxqj3WWH5J1zI
GbpGYbpl4V4kQIsNf+CXwVJHeLvHO2Xi
-----END CERTIFICATE-----
Generated at Tue Aug 5 20:20:33 2025 by rpki-client