Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft
File:                     aLMj2oThIFRmzrWv19YHcmdbBTE.mft (raw, json)
Hash identifier:          na4WPa0wmb+XCaGDAluI9sqJtKcu9JQk7HywsUFFnmg=
Subject key identifier:   3F:EE:F5:A1:F2:99:4F:9F:D8:41:B7:52:EA:47:E5:91:13:84:44:AD
Authority key identifier: 68:B3:23:DA:84:E1:20:54:66:CE:B5:AF:D7:D6:07:72:67:5B:05:31
Certificate issuer:       /CN=A91CD40B/serialNumber=68B323DA84E1205466CEB5AFD7D60772675B0531
Certificate serial:       9A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aLMj2oThIFRmzrWv19YHcmdbBTE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft
Manifest number:          9A
Signing time:             Sun 03 Aug 2025 06:40:34 +0000
Manifest this update:     Sun 03 Aug 2025 06:40:33 +0000
Manifest next update:     Sun 10 Aug 2025 06:40:33 +0000
Files and hashes:         1: aLMj2oThIFRmzrWv19YHcmdbBTE.crl (hash: qwHspTno+Zh/ndYuEUz55xKvt3FaU2LzXqoPkad59y0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.crl
                          rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aLMj2oThIFRmzrWv19YHcmdbBTE.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 06:40:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 154 (0x9a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD40B, serialNumber=68B323DA84E1205466CEB5AFD7D60772675B0531
        Validity
            Not Before: Aug  3 06:40:33 2025 GMT
            Not After : Aug 10 06:40:33 2025 GMT
        Subject: CN=688f0461-7fb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:4b:c2:b5:c7:ae:0a:e0:e0:ba:57:61:8d:2c:
                    9c:e6:df:c8:d7:31:ef:68:83:66:a1:77:60:55:12:
                    1e:af:ad:db:5f:e8:39:f3:47:e0:80:92:99:0a:5d:
                    e1:96:af:46:20:ff:71:52:49:e4:db:e8:76:02:5d:
                    5e:f8:a9:9b:fd:86:4b:0a:22:93:98:7c:ad:f1:ad:
                    c8:1b:11:23:1d:f8:40:0e:fb:ee:4b:be:33:45:e1:
                    87:7d:f8:3e:95:06:2c:27:fc:c6:0d:15:36:97:1a:
                    fa:17:19:31:4f:56:19:55:2e:32:d6:3a:c2:de:e9:
                    4d:d6:61:36:5b:50:b6:12:29:0f:cb:b9:7c:cb:f9:
                    71:5f:87:36:f7:75:4a:04:a7:bf:50:0e:5d:e4:36:
                    0a:26:8a:7f:d7:93:f1:86:9b:d9:e8:a2:45:e9:7d:
                    4f:71:21:0e:fa:de:d5:bb:62:b7:c7:6f:61:b9:68:
                    43:24:7c:d9:9e:20:24:e0:56:4b:cd:78:01:f3:ec:
                    a1:b2:6f:85:4b:2e:e9:7e:e1:22:65:29:a6:2e:cc:
                    09:65:45:ce:4a:17:5e:5d:36:5c:05:db:db:cc:e9:
                    ea:f6:33:2a:e3:b5:9a:b6:bf:0d:37:a1:e5:40:a7:
                    36:fa:a7:c4:3f:11:1a:d6:4c:13:18:d6:95:d5:54:
                    fc:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:EE:F5:A1:F2:99:4F:9F:D8:41:B7:52:EA:47:E5:91:13:84:44:AD
            X509v3 Authority Key Identifier:
                keyid:68:B3:23:DA:84:E1:20:54:66:CE:B5:AF:D7:D6:07:72:67:5B:05:31

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aLMj2oThIFRmzrWv19YHcmdbBTE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:32:d2:bc:4d:5e:ac:64:b7:4f:e0:2a:d0:f5:36:54:51:8a:
         6b:a4:08:0d:35:04:74:32:e3:f1:9f:9f:ab:37:47:5f:02:1d:
         13:f1:64:aa:ae:3a:dd:66:3a:25:fd:19:2b:ba:b2:3d:02:fd:
         e7:b7:15:f7:fd:57:63:fb:8d:75:5f:35:e5:05:5f:a6:90:4e:
         37:68:73:6f:14:55:1e:d4:d7:80:35:15:7b:63:e0:98:f5:4c:
         97:64:5e:ed:91:eb:ea:4b:3a:85:1b:34:c5:2c:20:67:87:3f:
         ff:ff:1d:91:1b:ed:4e:64:41:3b:7e:b2:38:89:35:fd:ab:36:
         50:f4:af:39:9b:c7:39:68:b0:9e:7b:00:39:8e:57:f6:50:74:
         b6:1b:6b:31:89:79:a1:48:ed:f3:f5:ae:54:f9:80:63:0c:1e:
         b0:9e:ce:fa:2e:a6:2e:d6:e5:71:67:b0:21:24:1f:2f:91:9a:
         5e:fe:5d:9d:21:d1:2c:9b:f4:d4:f9:8e:c7:2b:24:4d:9f:bd:
         e8:ea:86:ef:34:4b:82:4d:20:fb:e0:ed:ff:c4:a6:b4:fe:5e:
         06:a6:1a:20:d4:fe:a8:1f:2f:d4:a6:71:5b:cf:33:fb:65:c9:
         fd:e5:2d:71:43:91:ea:71:de:a6:83:86:39:03:b5:85:66:6c:
         9e:58:a0:1c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Q0MEIxMTAvBgNVBAUTKDY4QjMyM0RBODRFMTIwNTQ2NkNFQjVBRkQ3RDYwNzcy
Njc1QjA1MzEwHhcNMjUwODAzMDY0MDMzWhcNMjUwODEwMDY0MDMzWjAYMRYwFAYD
VQQDEw02ODhmMDQ2MS03ZmI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx0vCtceuCuDguldhjSyc5t/I1zHvaINmoXdgVRIer63bX+g580fggJKZCl3h
lq9GIP9xUknk2+h2Al1e+Kmb/YZLCiKTmHyt8a3IGxEjHfhADvvuS74zReGHffg+
lQYsJ/zGDRU2lxr6FxkxT1YZVS4y1jrC3ulN1mE2W1C2EikPy7l8y/lxX4c293VK
BKe/UA5d5DYKJop/15PxhpvZ6KJF6X1PcSEO+t7Vu2K3x29huWhDJHzZniAk4FZL
zXgB8+yhsm+FSy7pfuEiZSmmLswJZUXOShdeXTZcBdvbzOnq9jMq47Watr8NN6Hl
QKc2+qfEPxEa1kwTGNaV1VT8dQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD/u9aHy
mU+f2EG3UupH5ZEThEStMB8GA1UdIwQYMBaAFGizI9qE4SBUZs61r9fWB3JnWwUx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDQwQi83NDFBMUUyQzg1
NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9hTE1qMm9UaElGUm16cld2MTlZSGNtZGJC
VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FMTWoyb1RoSUZSbXpyV3YxOVlIY21kYkJURS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RDQwQi83NDFBMUUyQzg1NUIxMUVGQjA1NzZENDBDNEY5QUUwMi9hTE1qMm9UaElG
Um16cld2MTlZSGNtZGJCVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCrMtK8TV6sZLdP4CrQ9TZUUYprpAgNNQR0MuPxn5+rN0dfAh0T8WSq
rjrdZjol/RkrurI9Av3ntxX3/Vdj+411XzXlBV+mkE43aHNvFFUe1NeANRV7Y+CY
9UyXZF7tkevqSzqFGzTFLCBnhz///x2RG+1OZEE7frI4iTX9qzZQ9K85m8c5aLCe
ewA5jlf2UHS2G2sxiXmhSO3z9a5U+YBjDB6wns76LqYu1uVxZ7AhJB8vkZpe/l2d
IdEsm/TU+Y7HKyRNn73o6obvNEuCTSD74O3/xKa0/l4Gphog1P6oHy/UpnFbzzP7
Zcn95S1xQ5Hqcd6mg4Y5A7WFZmyeWKAc
-----END CERTIFICATE-----
Generated at Mon Aug 4 18:57:12 2025 by rpki-client