Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft
File:                     CJy1orM7eG11SgfWgKnElBQmGeE.mft (raw, json)
Hash identifier:          96+Uk3Wmh1ao2T5fWG5huXuut+XIFWIfIkdzgweJ7Q8=
Subject key identifier:   43:3F:D1:45:A6:C4:AE:2F:8C:75:C8:66:A0:3E:1C:94:E3:FD:C3:F8
Authority key identifier: 08:9C:B5:A2:B3:3B:78:6D:75:4A:07:D6:80:A9:C4:94:14:26:19:E1
Certificate issuer:       /CN=A91D0C18/serialNumber=089CB5A2B33B786D754A07D680A9C494142619E1
Certificate serial:       7F
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CJy1orM7eG11SgfWgKnElBQmGeE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft
Manifest number:          7E
Signing time:             Sun 27 Apr 2025 05:30:39 +0000
Manifest this update:     Sun 27 Apr 2025 05:30:38 +0000
Manifest next update:     Sun 04 May 2025 05:30:38 +0000
Files and hashes:         1: CJy1orM7eG11SgfWgKnElBQmGeE.crl (hash: dRXlJWnGK5/+DZ05JkDc+C1tWmow3KIrtPcL2XZuDUM=)
                          2: EEE0092A646611EFA25D167EC4F9AE02.roa (hash: PB6LRHoIMyYv1uIUIe4A3HeqPVxI7OtzvXNUbqHxj3Y=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.crl
                          rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CJy1orM7eG11SgfWgKnElBQmGeE.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 04 May 2025 05:30:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 127 (0x7f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D0C18, serialNumber=089CB5A2B33B786D754A07D680A9C494142619E1
        Validity
            Not Before: Apr 27 05:30:38 2025 GMT
            Not After : May  4 05:30:38 2025 GMT
        Subject: CN=680dc0fe-385e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:52:e4:63:07:a3:fe:d8:df:cd:50:10:e0:ef:
                    19:bc:3c:9f:1e:f6:71:be:22:73:b3:77:70:e0:b2:
                    60:a0:ad:88:7d:be:6c:93:d3:10:86:02:ba:ac:be:
                    16:21:bf:88:26:02:b2:bb:ff:0d:f1:22:8e:da:87:
                    15:6a:b5:e2:b5:a2:95:87:31:17:4e:8e:7e:cf:a9:
                    c4:b2:37:4b:58:ab:c3:f1:a4:b3:fc:ba:7e:42:63:
                    76:14:6a:91:d2:ee:0d:89:00:56:7a:d6:57:62:4c:
                    c1:45:3e:95:87:c5:66:01:6b:73:11:83:b6:53:77:
                    3f:b9:a0:8d:92:b3:fd:06:cc:2a:dd:ce:d7:5c:e2:
                    3c:d8:3c:ef:7f:d6:40:c8:99:8b:0f:29:32:a4:40:
                    fe:f3:3f:5d:a5:3f:e0:e0:d7:09:0b:a1:be:c9:a8:
                    e5:1b:e5:55:e2:73:de:4a:76:0f:ab:0d:71:be:55:
                    b6:d8:9c:88:ee:2c:41:3f:11:78:99:27:87:a2:f6:
                    b7:cc:c7:70:a3:57:31:78:94:29:15:2d:32:50:b5:
                    f9:9a:c1:5a:d2:fd:ea:22:8c:3f:30:2b:3a:bd:20:
                    ef:98:0e:97:41:16:12:24:65:33:fe:43:a7:b8:24:
                    8e:a3:93:33:2f:20:dd:a3:b0:34:dd:28:7d:58:3b:
                    54:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:3F:D1:45:A6:C4:AE:2F:8C:75:C8:66:A0:3E:1C:94:E3:FD:C3:F8
            X509v3 Authority Key Identifier:
                keyid:08:9C:B5:A2:B3:3B:78:6D:75:4A:07:D6:80:A9:C4:94:14:26:19:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CJy1orM7eG11SgfWgKnElBQmGeE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:e9:b1:bb:f3:2d:38:d4:57:cd:1c:5c:51:b7:29:d3:c2:aa:
         55:08:2b:0b:39:91:7d:27:8f:e1:08:44:a9:2a:6d:f2:68:4b:
         32:50:94:55:89:d0:72:b4:87:b9:da:40:22:1e:57:1b:2d:a7:
         55:9a:fc:4e:c9:f8:1f:f9:d1:c4:0b:68:ec:37:69:89:d2:f5:
         47:8a:83:94:27:82:6f:36:f9:7c:5d:e3:5c:dd:f5:3d:c4:9a:
         00:c0:0b:48:e9:32:12:3c:46:5e:a2:b1:2d:a7:b3:05:65:19:
         21:4a:89:f6:90:c8:28:01:4d:21:18:d6:e6:39:10:33:27:b1:
         ab:66:b1:dd:b7:06:12:0a:b9:34:8b:7e:b0:59:23:06:7a:e1:
         b5:b1:e4:8a:33:ab:0c:07:9e:0d:59:84:86:dc:9f:c2:37:e1:
         73:ad:27:44:81:d5:fc:8c:d2:6c:87:49:24:91:91:04:76:fa:
         df:96:9b:9b:49:38:f0:dc:79:f5:53:e5:e4:64:f4:e7:23:55:
         ba:61:01:fe:b4:76:19:90:6d:9c:2a:10:b4:28:e6:bf:95:47:
         ed:65:68:97:3c:2b:70:38:59:70:e1:9a:96:32:08:c2:14:d2:
         41:d2:17:4f:7d:95:8e:f6:e4:e1:df:c1:17:ac:39:7e:01:46:
         be:37:9c:1b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBfzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MEMxODExMC8GA1UEBRMoMDg5Q0I1QTJCMzNCNzg2RDc1NEEwN0Q2ODBBOUM0OTQx
NDI2MTlFMTAeFw0yNTA0MjcwNTMwMzhaFw0yNTA1MDQwNTMwMzhaMBgxFjAUBgNV
BAMTDTY4MGRjMGZlLTM4NWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZUuRjB6P+2N/NUBDg7xm8PJ8e9nG+InOzd3DgsmCgrYh9vmyT0xCGArqsvhYh
v4gmArK7/w3xIo7ahxVqteK1opWHMRdOjn7PqcSyN0tYq8PxpLP8un5CY3YUapHS
7g2JAFZ61ldiTMFFPpWHxWYBa3MRg7ZTdz+5oI2Ss/0GzCrdztdc4jzYPO9/1kDI
mYsPKTKkQP7zP12lP+Dg1wkLob7JqOUb5VXic95Kdg+rDXG+VbbYnIjuLEE/EXiZ
J4ei9rfMx3CjVzF4lCkVLTJQtfmawVrS/eoijD8wKzq9IO+YDpdBFhIkZTP+Q6e4
JI6jkzMvIN2jsDTdKH1YO1Q/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUQz/RRabE
ri+MdchmoD4clOP9w/gwHwYDVR0jBBgwFoAUCJy1orM7eG11SgfWgKnElBQmGeEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQwQzE4LzY4M0JBMDk2NjQ2
NjExRUY4RTE4Rjg3QUM0RjlBRTAyL0NKeTFvck03ZUcxMVNnZldnS25FbEJRbUdl
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvQ0p5MW9yTTdlRzExU2dmV2dLbkVsQlFtR2VFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQw
QzE4LzY4M0JBMDk2NjQ2NjExRUY4RTE4Rjg3QUM0RjlBRTAyL0NKeTFvck03ZUcx
MVNnZldnS25FbEJRbUdlRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAGHpsbvzLTjUV80cXFG3KdPCqlUIKws5kX0nj+EIRKkqbfJoSzJQlFWJ
0HK0h7naQCIeVxstp1Wa/E7J+B/50cQLaOw3aYnS9UeKg5Qngm82+Xxd41zd9T3E
mgDAC0jpMhI8Rl6isS2nswVlGSFKifaQyCgBTSEY1uY5EDMnsatmsd23BhIKuTSL
frBZIwZ64bWx5IozqwwHng1ZhIbcn8I34XOtJ0SB1fyM0myHSSSRkQR2+t+Wm5tJ
OPDcefVT5eRk9OcjVbphAf60dhmQbZwqELQo5r+VR+1laJc8K3A4WXDhmpYyCMIU
0kHSF099lY725OHfwResOX4BRr43nBs=
-----END CERTIFICATE-----
Generated at Tue Apr 29 02:49:58 2025 by rpki-client