Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/Yt3ChdqLPiCesA6qNnGEXaps8oY.mft
File:                     Yt3ChdqLPiCesA6qNnGEXaps8oY.mft (raw, json)
Hash identifier:          aJDGStReaLQfDD9NPsCdyRMC+37Ht0ky8rYT+tZs1sw=
Subject key identifier:   D8:EA:AE:B3:CE:94:A5:8E:95:28:E8:D3:05:66:7C:C6:1D:03:42:33
Authority key identifier: 62:DD:C2:85:DA:8B:3E:20:9E:B0:0E:AA:36:71:84:5D:AA:6C:F2:86
Certificate issuer:       /CN=A91CE5A6/serialNumber=62DDC285DA8B3E209EB00EAA3671845DAA6CF286
Certificate serial:       0136
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Yt3ChdqLPiCesA6qNnGEXaps8oY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/Yt3ChdqLPiCesA6qNnGEXaps8oY.mft
Manifest number:          0130
Signing time:             Tue 29 Apr 2025 04:38:04 +0000
Manifest this update:     Tue 29 Apr 2025 04:38:03 +0000
Manifest next update:     Tue 06 May 2025 04:38:03 +0000
Files and hashes:         1: Yt3ChdqLPiCesA6qNnGEXaps8oY.crl (hash: LS3u5UWyvbtJ4C3IgvaXtXXD0++6heZnLmWWWAGEznQ=)
                          2: 64120230B2C211EFA43BF057C4F9AE02.roa (hash: 9h3davUQ9pNDA3U7SYojAK+YEhrIBkhT56ukToleizY=)
                          3: 3B8DEFBCB2CD11EFBEB6A532C4F9AE02.roa (hash: DgTHE1vd+LuLJ/6bYp2I4wVbGI057+J0uGiHNmi5Ok4=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/Yt3ChdqLPiCesA6qNnGEXaps8oY.crl
                          rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/Yt3ChdqLPiCesA6qNnGEXaps8oY.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Yt3ChdqLPiCesA6qNnGEXaps8oY.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 06 May 2025 04:38:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 310 (0x136)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CE5A6, serialNumber=62DDC285DA8B3E209EB00EAA3671845DAA6CF286
        Validity
            Not Before: Apr 29 04:38:03 2025 GMT
            Not After : May  6 04:38:03 2025 GMT
        Subject: CN=681057ab-86fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:a8:be:77:26:4b:41:7d:a7:72:58:ba:a5:3c:
                    b0:c1:f4:92:5a:42:ef:d5:73:3e:7c:f1:e7:8b:f8:
                    b4:54:30:54:7e:06:81:9d:d4:a0:30:d8:a3:51:fb:
                    34:72:89:e1:d4:8f:5d:d9:31:23:b2:f3:ce:95:14:
                    68:be:0b:98:2d:aa:86:08:3a:a3:eb:04:7f:cb:7d:
                    ec:34:aa:f2:61:f0:1d:5e:1e:8d:38:d5:d1:2a:42:
                    ac:e5:17:ad:c4:db:ba:b4:3d:59:60:40:29:be:89:
                    0c:65:9c:a5:e5:98:91:38:81:41:9c:0a:c6:53:59:
                    0b:47:b7:3c:67:19:68:9b:59:0b:8f:37:13:89:1b:
                    eb:9e:10:18:4a:64:29:d7:05:c4:ab:d5:35:c8:18:
                    62:f3:42:8e:bf:45:88:13:aa:d1:7f:e7:8c:17:84:
                    cd:3b:8a:fa:b2:c6:44:26:10:1d:48:88:b9:e9:0e:
                    28:e2:4f:dd:29:95:70:8f:4a:83:c0:d5:32:37:f8:
                    c9:1a:48:a6:53:1e:c1:93:b1:d8:7d:4f:80:c4:93:
                    e0:e9:3e:d4:0b:18:de:97:7d:e9:af:9c:3e:32:f0:
                    30:dc:94:1c:26:d7:e7:70:26:22:80:be:9f:bd:36:
                    dc:86:18:8e:dd:a9:c1:0e:bb:c2:1b:66:99:31:aa:
                    11:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:EA:AE:B3:CE:94:A5:8E:95:28:E8:D3:05:66:7C:C6:1D:03:42:33
            X509v3 Authority Key Identifier:
                keyid:62:DD:C2:85:DA:8B:3E:20:9E:B0:0E:AA:36:71:84:5D:AA:6C:F2:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/Yt3ChdqLPiCesA6qNnGEXaps8oY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Yt3ChdqLPiCesA6qNnGEXaps8oY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE5A6/AAB33E4C5B3F11EE8F1D3D6EC4F9AE02/Yt3ChdqLPiCesA6qNnGEXaps8oY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:a2:82:87:52:01:0f:6a:8f:b7:e9:0e:51:04:b3:34:54:78:
         ac:43:88:54:ab:93:10:72:45:9d:0a:0b:a5:41:2f:f3:16:50:
         75:ec:db:54:11:ef:66:41:a8:c0:b4:74:1b:1d:7f:be:8a:b0:
         45:ec:8a:eb:c5:da:2d:22:be:9e:ac:6a:39:e7:78:aa:1e:52:
         97:51:cc:2d:67:94:10:73:2b:7a:a6:9e:4a:19:98:2d:86:57:
         6d:2a:97:7e:b2:64:6c:8e:7c:a2:1e:94:ea:ce:47:df:c7:60:
         69:a7:6f:05:8f:ab:9d:84:e8:fc:45:5e:83:00:fc:59:77:2d:
         22:0e:0c:9d:38:c4:11:3e:45:6f:9a:6a:c9:0d:e4:d4:22:b8:
         75:54:be:ba:e0:97:be:cf:cc:21:2e:78:6e:2e:24:9d:d1:cd:
         48:37:36:e7:ab:ea:9a:4d:9c:73:df:3e:87:f3:02:b4:5f:3c:
         46:8f:e0:67:b0:e3:66:a5:8f:61:26:ca:a7:14:36:6c:c8:78:
         f3:4b:eb:99:86:d6:c1:03:09:c3:ef:3e:a5:19:2b:cf:b2:46:
         57:02:6c:25:57:64:7c:ae:70:f4:e5:f3:37:b8:25:ba:1c:77:
         1b:6f:98:24:76:f7:64:b5:d4:9a:ad:a9:85:66:1c:17:3e:2e:
         d4:df:d0:53
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICATYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U1QTYxMTAvBgNVBAUTKDYyRERDMjg1REE4QjNFMjA5RUIwMEVBQTM2NzE4NDVE
QUE2Q0YyODYwHhcNMjUwNDI5MDQzODAzWhcNMjUwNTA2MDQzODAzWjAYMRYwFAYD
VQQDEw02ODEwNTdhYi04NmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw6i+dyZLQX2ncli6pTywwfSSWkLv1XM+fPHni/i0VDBUfgaBndSgMNijUfs0
conh1I9d2TEjsvPOlRRovguYLaqGCDqj6wR/y33sNKryYfAdXh6NONXRKkKs5Ret
xNu6tD1ZYEApvokMZZyl5ZiROIFBnArGU1kLR7c8Zxlom1kLjzcTiRvrnhAYSmQp
1wXEq9U1yBhi80KOv0WIE6rRf+eMF4TNO4r6ssZEJhAdSIi56Q4o4k/dKZVwj0qD
wNUyN/jJGkimUx7Bk7HYfU+AxJPg6T7UCxjel33pr5w+MvAw3JQcJtfncCYigL6f
vTbchhiO3anBDrvCG2aZMaoRBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNjqrrPO
lKWOlSjo0wVmfMYdA0IzMB8GA1UdIwQYMBaAFGLdwoXaiz4gnrAOqjZxhF2qbPKG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTVBNi9BQUIzM0U0QzVC
M0YxMUVFOEYxRDNENkVDNEY5QUUwMi9ZdDNDaGRxTFBpQ2VzQTZxTm5HRVhhcHM4
b1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1l0M0NoZHFMUGlDZXNBNnFObkdFWGFwczhvWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RTVBNi9BQUIzM0U0QzVCM0YxMUVFOEYxRDNENkVDNEY5QUUwMi9ZdDNDaGRxTFBp
Q2VzQTZxTm5HRVhhcHM4b1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCWooKHUgEPao+36Q5RBLM0VHisQ4hUq5MQckWdCgulQS/zFlB17NtU
Ee9mQajAtHQbHX++irBF7IrrxdotIr6erGo553iqHlKXUcwtZ5QQcyt6pp5KGZgt
hldtKpd+smRsjnyiHpTqzkffx2Bpp28Fj6udhOj8RV6DAPxZdy0iDgydOMQRPkVv
mmrJDeTUIrh1VL664Je+z8whLnhuLiSd0c1INzbnq+qaTZxz3z6H8wK0XzxGj+Bn
sONmpY9hJsqnFDZsyHjzS+uZhtbBAwnD7z6lGSvPskZXAmwlV2R8rnD05fM3uCW6
HHcbb5gkdvdktdSaramFZhwXPi7U39BT
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:54:09 2025 by rpki-client