Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft
File:                     5TfQw0j9fcSfX8OwBmoxxYT64as.mft (raw, json)
Hash identifier:          K7KQG/UZsW6O9pvDoUn7li2BOPZhjnACzZBLSK8lF+g=
Subject key identifier:   82:6A:1B:3D:66:84:45:65:0B:4E:93:A0:58:36:CF:FF:23:BC:12:1E
Authority key identifier: E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB
Certificate issuer:       /CN=A91D4345/serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB
Certificate serial:       0C47
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft
Manifest number:          0C3A
Signing time:             Mon 28 Apr 2025 18:44:33 +0000
Manifest this update:     Mon 28 Apr 2025 18:44:33 +0000
Manifest next update:     Mon 05 May 2025 18:44:33 +0000
Files and hashes:         1: 5TfQw0j9fcSfX8OwBmoxxYT64as.crl (hash: Ne6xHLFisJWzEFzfasNvxBvvrfU735nKdm8xtm+h4LM=)
                          2: F3529CDCAE1511EE92D99E46C4F9AE02.roa (hash: hTD7DjMK2EnPCWqJypUdiJk7jUHRPt10GcfYU8sN4po=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.crl
                          rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 05 May 2025 18:44:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3143 (0xc47)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D4345, serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB
        Validity
            Not Before: Apr 28 18:44:33 2025 GMT
            Not After : May  5 18:44:33 2025 GMT
        Subject: CN=680fcc91-8520
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:60:88:6a:07:df:48:ee:99:e0:d5:11:68:ee:
                    5e:9a:d2:6e:f5:56:c1:84:51:e7:71:90:6b:f2:f0:
                    6c:8f:e8:d2:ee:98:0f:36:56:0d:64:24:26:57:4d:
                    bc:f1:ad:5b:ee:63:0f:57:78:34:51:3e:02:28:82:
                    7a:e5:86:06:54:f4:5e:cc:24:f1:66:17:64:d5:bf:
                    00:66:95:9d:2d:d6:b3:b9:b0:86:d3:ee:16:df:00:
                    97:2e:a7:92:31:0d:52:d5:21:57:49:87:98:90:08:
                    02:51:b4:80:c1:61:9c:0e:95:bd:3d:6a:7c:65:4d:
                    35:e4:6b:d7:a7:ab:53:29:89:70:99:26:06:53:c8:
                    36:aa:cc:d6:96:aa:93:2f:b8:a6:3f:8f:30:c3:7c:
                    5a:98:77:55:40:ba:29:10:13:be:21:f9:1c:20:94:
                    e1:92:1d:0d:27:20:72:79:8b:aa:77:1a:87:37:25:
                    8b:23:7b:3b:75:94:32:7c:aa:4d:1b:d8:fe:ef:08:
                    3a:48:f0:98:3e:57:06:95:e1:d6:b0:e0:df:72:a6:
                    d8:6d:59:c9:4e:0b:d8:6a:ca:3c:ed:61:b2:04:d1:
                    c3:bf:b9:ec:8a:6d:6e:4b:46:a3:c3:0c:03:92:46:
                    93:7d:c6:d6:a0:cb:3d:7c:08:ae:b8:9a:ff:c1:ab:
                    11:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:6A:1B:3D:66:84:45:65:0B:4E:93:A0:58:36:CF:FF:23:BC:12:1E
            X509v3 Authority Key Identifier:
                keyid:E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:bf:d4:52:f2:9e:b3:4b:e4:a7:2b:29:57:1b:43:68:59:f8:
         61:ed:5b:52:67:e4:a6:d9:11:0c:c6:c8:fa:a4:69:d2:ab:ac:
         92:ca:c5:e3:49:fc:f6:b5:e1:3a:5f:c0:11:fe:b2:01:cd:0b:
         09:dc:82:9b:2b:a8:af:5e:f4:46:fe:36:36:6c:1f:11:18:b3:
         4d:0c:92:12:18:d7:42:33:3b:37:b2:1a:ff:7f:75:67:b8:0f:
         68:a6:52:4c:5b:f9:00:37:40:6f:48:0a:01:10:7a:d5:19:17:
         86:46:87:10:25:29:c4:31:2b:9a:51:d9:a3:d7:42:0b:2f:29:
         e8:79:0d:5b:90:5c:33:2d:60:03:b8:f8:98:82:85:0c:a2:7e:
         d0:f6:18:34:8c:c9:f9:51:40:4e:28:be:84:78:ee:5d:1b:c6:
         ef:35:cc:02:93:7b:67:ca:3c:5b:f5:25:55:62:c1:ed:f8:6f:
         cd:d8:d0:eb:7a:2a:62:c7:bf:88:ff:25:97:5f:60:8a:2e:7f:
         92:25:34:33:81:2c:ac:ff:28:67:11:33:b2:94:5b:8a:b5:e0:
         b3:83:19:6f:7a:0b:2b:61:f2:9d:84:c1:8e:7b:51:b8:11:e3:
         56:1a:06:2a:0a:cd:79:92:96:4a:85:b3:f5:a4:62:80:d5:b1:
         0d:20:f3:ab
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDEcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQzNDUxMTAvBgNVBAUTKEU1MzdEMEMzNDhGRDdEQzQ5RjVGQzNCMDA2NkEzMUM1
ODRGQUUxQUIwHhcNMjUwNDI4MTg0NDMzWhcNMjUwNTA1MTg0NDMzWjAYMRYwFAYD
VQQDEw02ODBmY2M5MS04NTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx2CIagffSO6Z4NURaO5emtJu9VbBhFHncZBr8vBsj+jS7pgPNlYNZCQmV028
8a1b7mMPV3g0UT4CKIJ65YYGVPRezCTxZhdk1b8AZpWdLdazubCG0+4W3wCXLqeS
MQ1S1SFXSYeYkAgCUbSAwWGcDpW9PWp8ZU015GvXp6tTKYlwmSYGU8g2qszWlqqT
L7imP48ww3xamHdVQLopEBO+IfkcIJThkh0NJyByeYuqdxqHNyWLI3s7dZQyfKpN
G9j+7wg6SPCYPlcGleHWsODfcqbYbVnJTgvYaso87WGyBNHDv7nsim1uS0ajwwwD
kkaTfcbWoMs9fAiuuJr/wasR3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIJqGz1m
hEVlC06ToFg2z/8jvBIeMB8GA1UdIwQYMBaAFOU30MNI/X3En1/DsAZqMcWE+uGr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDM0NS9FQzc4Q0REQTA1
MzgxMUVBQjU4OTc2NjhDNEY5QUUwMi81VGZRdzBqOWZjU2ZYOE93Qm1veHhZVDY0
YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVUZlF3MGo5ZmNTZlg4T3dCbW94eFlUNjRhcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NDM0NS9FQzc4Q0REQTA1MzgxMUVBQjU4OTc2NjhDNEY5QUUwMi81VGZRdzBqOWZj
U2ZYOE93Qm1veHhZVDY0YXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBuv9RS8p6zS+SnKylXG0NoWfhh7VtSZ+Sm2REMxsj6pGnSq6ySysXj
Sfz2teE6X8AR/rIBzQsJ3IKbK6ivXvRG/jY2bB8RGLNNDJISGNdCMzs3shr/f3Vn
uA9oplJMW/kAN0BvSAoBEHrVGReGRocQJSnEMSuaUdmj10ILLynoeQ1bkFwzLWAD
uPiYgoUMon7Q9hg0jMn5UUBOKL6EeO5dG8bvNcwCk3tnyjxb9SVVYsHt+G/N2NDr
eipix7+I/yWXX2CKLn+SJTQzgSys/yhnETOylFuKteCzgxlvegsrYfKdhMGOe1G4
EeNWGgYqCs15kpZKhbP1pGKA1bENIPOr
-----END CERTIFICATE-----
Generated at Wed Apr 30 07:53:56 2025 by rpki-client