Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft
File:                     CJy1orM7eG11SgfWgKnElBQmGeE.mft (raw, json)
Hash identifier:          FWsMh+M01CzJEuz6swSPhKM6ZvrA84zt/ExoHKK+jBY=
Subject key identifier:   54:24:D2:62:2C:33:1E:63:D1:22:C2:D2:CE:13:CA:F2:E4:B1:9E:EB
Authority key identifier: 08:9C:B5:A2:B3:3B:78:6D:75:4A:07:D6:80:A9:C4:94:14:26:19:E1
Certificate issuer:       /CN=A91D0C18/serialNumber=089CB5A2B33B786D754A07D680A9C494142619E1
Certificate serial:       7E
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CJy1orM7eG11SgfWgKnElBQmGeE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft
Manifest number:          7D
Signing time:             Fri 25 Apr 2025 05:40:56 +0000
Manifest this update:     Fri 25 Apr 2025 05:40:55 +0000
Manifest next update:     Fri 02 May 2025 05:40:55 +0000
Files and hashes:         1: CJy1orM7eG11SgfWgKnElBQmGeE.crl (hash: 5aYUIs9gXV4M34yJ7T3h9DBKuPcndz52K6JzXNRr53Y=)
                          2: EEE0092A646611EFA25D167EC4F9AE02.roa (hash: PB6LRHoIMyYv1uIUIe4A3HeqPVxI7OtzvXNUbqHxj3Y=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.crl
                          rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CJy1orM7eG11SgfWgKnElBQmGeE.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 02 May 2025 05:40:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126 (0x7e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D0C18, serialNumber=089CB5A2B33B786D754A07D680A9C494142619E1
        Validity
            Not Before: Apr 25 05:40:55 2025 GMT
            Not After : May  2 05:40:55 2025 GMT
        Subject: CN=680b2068-06d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:5e:70:d1:a6:ea:8b:b0:45:15:74:40:92:00:
                    20:fd:9f:4a:51:ba:22:9f:8c:44:92:30:b6:e5:3c:
                    ea:81:20:d6:4c:0e:88:14:39:66:71:c5:b7:60:96:
                    97:eb:06:77:50:95:cc:f0:2e:45:cb:21:06:7a:67:
                    7d:b7:a2:83:bd:ee:cb:8c:9b:2a:a3:83:30:62:12:
                    a0:85:e8:ca:ab:60:2b:57:f3:fd:73:77:50:ca:e1:
                    55:27:0d:f4:1d:af:ec:61:13:86:bf:e0:50:b3:a1:
                    6c:1c:11:30:5d:41:32:9f:a9:e2:5f:d7:c9:f8:9e:
                    75:1d:a3:42:80:b7:8c:1b:ee:2d:11:c3:6f:83:a1:
                    ea:79:ce:dc:c0:a4:f9:5b:f3:a6:a2:e9:e6:5d:5d:
                    a4:52:84:e7:51:7a:53:63:14:02:b9:a6:99:fb:03:
                    cf:7b:ed:51:50:07:cf:2e:5d:d8:a9:56:9f:88:a7:
                    66:1f:61:27:33:b7:aa:49:6e:39:86:da:e6:b2:b3:
                    07:fe:95:fa:cf:60:1e:59:d8:7d:e2:f9:ff:07:8f:
                    f4:62:61:17:ae:fa:f6:fa:d8:c6:46:b5:8f:a8:ec:
                    bc:1e:31:56:d9:f5:8a:c3:e6:83:fa:cb:9c:95:25:
                    c1:98:d3:bb:34:42:28:28:d4:b8:bb:d3:89:ca:32:
                    99:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:24:D2:62:2C:33:1E:63:D1:22:C2:D2:CE:13:CA:F2:E4:B1:9E:EB
            X509v3 Authority Key Identifier:
                keyid:08:9C:B5:A2:B3:3B:78:6D:75:4A:07:D6:80:A9:C4:94:14:26:19:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CJy1orM7eG11SgfWgKnElBQmGeE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:ef:4b:81:fa:c9:52:1c:15:cb:50:1b:79:fa:a3:18:f4:10:
         f2:3f:9c:ae:10:a2:b4:50:96:11:36:c9:f0:84:67:15:41:d5:
         7e:ec:79:a3:e5:70:17:07:48:bf:ff:27:2b:94:e4:67:49:ac:
         f4:80:f9:ca:ed:80:3a:c8:85:99:8d:e7:75:fa:78:ff:87:ef:
         f7:07:b3:75:16:28:4a:c4:e8:e8:73:e1:a6:b3:ef:df:73:80:
         d8:e4:67:2f:84:fd:da:69:b4:2f:ad:3c:57:da:96:55:93:82:
         d8:71:b0:e0:ee:61:6b:d3:9e:1e:ac:e8:e3:89:41:80:c7:ae:
         32:23:04:e2:ad:67:a3:8a:df:66:80:3c:06:e4:2f:34:61:9f:
         3c:93:84:df:a3:de:1a:14:db:1f:9b:3b:48:b9:7f:b7:65:6d:
         69:e4:6a:d2:4a:c9:bc:10:11:26:d2:91:b9:21:8f:af:5c:0c:
         ca:f5:85:66:5e:56:34:3a:0c:11:05:26:54:11:7a:ab:8b:82:
         9e:66:af:54:3c:c7:71:0b:a8:a9:4e:14:48:97:d6:c0:61:70:
         f0:c2:29:93:fb:d6:80:91:04:d6:88:b6:17:0a:42:59:6b:25:
         ca:fe:e6:89:d0:79:25:70:f8:aa:d1:56:b3:39:be:30:1d:5f:
         fd:3a:02:b9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBfjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MEMxODExMC8GA1UEBRMoMDg5Q0I1QTJCMzNCNzg2RDc1NEEwN0Q2ODBBOUM0OTQx
NDI2MTlFMTAeFw0yNTA0MjUwNTQwNTVaFw0yNTA1MDIwNTQwNTVaMBgxFjAUBgNV
BAMTDTY4MGIyMDY4LTA2ZDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDKXnDRpuqLsEUVdECSACD9n0pRuiKfjESSMLblPOqBINZMDogUOWZxxbdglpfr
BndQlczwLkXLIQZ6Z323ooO97suMmyqjgzBiEqCF6MqrYCtX8/1zd1DK4VUnDfQd
r+xhE4a/4FCzoWwcETBdQTKfqeJf18n4nnUdo0KAt4wb7i0Rw2+Doep5ztzApPlb
86ai6eZdXaRShOdRelNjFAK5ppn7A8977VFQB88uXdipVp+Ip2YfYSczt6pJbjmG
2uayswf+lfrPYB5Z2H3i+f8Hj/RiYReu+vb62MZGtY+o7LweMVbZ9YrD5oP6y5yV
JcGY07s0Qigo1Li704nKMplPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUVCTSYiwz
HmPRIsLSzhPK8uSxnuswHwYDVR0jBBgwFoAUCJy1orM7eG11SgfWgKnElBQmGeEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQwQzE4LzY4M0JBMDk2NjQ2
NjExRUY4RTE4Rjg3QUM0RjlBRTAyL0NKeTFvck03ZUcxMVNnZldnS25FbEJRbUdl
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvQ0p5MW9yTTdlRzExU2dmV2dLbkVsQlFtR2VFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQw
QzE4LzY4M0JBMDk2NjQ2NjExRUY4RTE4Rjg3QUM0RjlBRTAyL0NKeTFvck03ZUcx
MVNnZldnS25FbEJRbUdlRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAB3vS4H6yVIcFctQG3n6oxj0EPI/nK4QorRQlhE2yfCEZxVB1X7seaPl
cBcHSL//JyuU5GdJrPSA+crtgDrIhZmN53X6eP+H7/cHs3UWKErE6Ohz4aaz799z
gNjkZy+E/dpptC+tPFfallWTgthxsODuYWvTnh6s6OOJQYDHrjIjBOKtZ6OK32aA
PAbkLzRhnzyThN+j3hoU2x+bO0i5f7dlbWnkatJKybwQESbSkbkhj69cDMr1hWZe
VjQ6DBEFJlQRequLgp5mr1Q8x3ELqKlOFEiX1sBhcPDCKZP71oCRBNaIthcKQllr
Jcr+5onQeSVw+KrRVrM5vjAdX/06Ark=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:32:45 2025 by rpki-client