Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft
File:                     5TfQw0j9fcSfX8OwBmoxxYT64as.mft (raw, json)
Hash identifier:          udGsACzDttv7s8hWY5ZaXYMeF+7cMMvegkiC1dCWsHU=
Subject key identifier:   17:E3:5C:42:F3:00:F8:99:B7:07:77:CD:E7:BE:B9:D5:EA:A1:94:AE
Authority key identifier: E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB
Certificate issuer:       /CN=A91D4345/serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB
Certificate serial:       0C45
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft
Manifest number:          0C38
Signing time:             Thu 24 Apr 2025 18:24:35 +0000
Manifest this update:     Thu 24 Apr 2025 18:24:34 +0000
Manifest next update:     Thu 01 May 2025 18:24:34 +0000
Files and hashes:         1: 5TfQw0j9fcSfX8OwBmoxxYT64as.crl (hash: Hvh8vuiyn1Nmy6OAj4H3pl+5geu9F4umgLiIQco+W2I=)
                          2: F3529CDCAE1511EE92D99E46C4F9AE02.roa (hash: hTD7DjMK2EnPCWqJypUdiJk7jUHRPt10GcfYU8sN4po=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.crl
                          rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 01 May 2025 18:24:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3141 (0xc45)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D4345, serialNumber=E537D0C348FD7DC49F5FC3B0066A31C584FAE1AB
        Validity
            Not Before: Apr 24 18:24:34 2025 GMT
            Not After : May  1 18:24:34 2025 GMT
        Subject: CN=680a81e2-fa37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:33:a4:12:b1:35:31:d3:d6:d4:05:bb:3f:0d:
                    5d:99:4a:73:55:85:ff:1e:22:09:8d:88:d4:e4:b8:
                    df:06:dd:83:7f:b4:db:6a:53:c5:1c:83:c2:35:63:
                    17:d1:15:f0:cd:b7:59:90:5b:48:24:ce:e9:8f:20:
                    c5:47:d7:60:6b:4e:38:a0:60:e0:f2:a5:2b:0b:cf:
                    78:53:e5:b6:31:96:95:e7:ef:20:3a:db:19:c9:ca:
                    de:45:9f:80:80:0a:3c:00:14:83:e4:8d:ee:a9:b7:
                    a9:e1:95:b0:1c:db:5d:50:58:79:f5:83:87:7a:1e:
                    55:c0:37:96:01:97:35:c8:7a:bf:c6:84:ec:fa:40:
                    01:34:03:3f:ad:0d:59:44:ed:71:9d:33:b2:80:3d:
                    77:ea:f0:13:c2:5a:f0:1a:41:48:03:9f:1b:fa:a0:
                    50:eb:e9:83:ab:86:f9:f7:ff:5d:ac:20:66:a0:a5:
                    f1:12:b4:ed:6b:12:7a:d5:c6:ff:1a:32:8e:52:cf:
                    70:1b:0c:ec:c0:b5:f6:1f:91:1e:f0:a1:50:f4:4e:
                    7e:9e:aa:1d:14:69:f2:a4:ef:2e:f4:e6:6f:ec:d3:
                    4a:78:f3:ca:a7:9c:68:bd:99:3e:3e:2f:33:e0:55:
                    4f:70:05:86:56:b3:d3:8c:26:16:6b:a6:f1:1c:34:
                    7d:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:E3:5C:42:F3:00:F8:99:B7:07:77:CD:E7:BE:B9:D5:EA:A1:94:AE
            X509v3 Authority Key Identifier:
                keyid:E5:37:D0:C3:48:FD:7D:C4:9F:5F:C3:B0:06:6A:31:C5:84:FA:E1:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5TfQw0j9fcSfX8OwBmoxxYT64as.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4345/EC78CDDA053811EAB5897668C4F9AE02/5TfQw0j9fcSfX8OwBmoxxYT64as.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:ce:9d:1c:03:2f:77:29:dc:8b:8b:2f:71:5d:7d:81:e7:0e:
         52:0c:d6:1c:81:33:f6:00:3c:1b:56:09:25:0f:95:2f:eb:59:
         61:b4:a3:93:64:15:67:a5:16:c6:77:01:b0:2b:14:c0:b3:85:
         1e:d3:ae:2b:aa:f4:d2:07:bd:4c:85:e3:c5:75:0b:97:b9:bf:
         c5:d3:ea:43:12:df:b3:b9:4f:35:09:60:0b:cb:ce:da:37:b6:
         9f:21:03:29:79:3f:8c:73:14:7e:8a:3e:c8:06:3c:9a:df:15:
         3a:a6:7f:a1:e1:46:0f:c9:d1:b3:52:42:ac:7e:71:3b:3d:36:
         7a:8f:8a:82:f9:40:49:e5:c0:d2:bc:36:65:4c:62:62:1e:f9:
         df:e4:b8:e3:79:f2:cf:7b:a3:20:3b:c7:42:4c:b4:0c:12:8e:
         6b:dd:64:ef:d2:73:22:9b:e9:e0:41:74:a0:1c:f8:93:9e:2e:
         81:96:33:fe:21:26:cd:67:98:e1:59:24:b9:22:f8:61:97:4d:
         40:1e:20:ca:fa:00:b1:c2:5c:dc:01:98:e8:d0:04:d4:62:ea:
         c3:cc:b5:f1:ea:77:57:d6:35:b8:0c:8e:6c:84:f5:7a:a8:35:
         58:ae:13:cf:5a:e1:02:bd:41:c3:e0:b1:31:1b:03:c0:d4:bc:
         81:de:53:40
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDEUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQzNDUxMTAvBgNVBAUTKEU1MzdEMEMzNDhGRDdEQzQ5RjVGQzNCMDA2NkEzMUM1
ODRGQUUxQUIwHhcNMjUwNDI0MTgyNDM0WhcNMjUwNTAxMTgyNDM0WjAYMRYwFAYD
VQQDEw02ODBhODFlMi1mYTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtTOkErE1MdPW1AW7Pw1dmUpzVYX/HiIJjYjU5LjfBt2Df7TbalPFHIPCNWMX
0RXwzbdZkFtIJM7pjyDFR9dga044oGDg8qUrC894U+W2MZaV5+8gOtsZycreRZ+A
gAo8ABSD5I3uqbep4ZWwHNtdUFh59YOHeh5VwDeWAZc1yHq/xoTs+kABNAM/rQ1Z
RO1xnTOygD136vATwlrwGkFIA58b+qBQ6+mDq4b59/9drCBmoKXxErTtaxJ61cb/
GjKOUs9wGwzswLX2H5Ee8KFQ9E5+nqodFGnypO8u9OZv7NNKePPKp5xovZk+Pi8z
4FVPcAWGVrPTjCYWa6bxHDR9GQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBfjXELz
APiZtwd3zee+udXqoZSuMB8GA1UdIwQYMBaAFOU30MNI/X3En1/DsAZqMcWE+uGr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDM0NS9FQzc4Q0REQTA1
MzgxMUVBQjU4OTc2NjhDNEY5QUUwMi81VGZRdzBqOWZjU2ZYOE93Qm1veHhZVDY0
YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVUZlF3MGo5ZmNTZlg4T3dCbW94eFlUNjRhcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NDM0NS9FQzc4Q0REQTA1MzgxMUVBQjU4OTc2NjhDNEY5QUUwMi81VGZRdzBqOWZj
U2ZYOE93Qm1veHhZVDY0YXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBMzp0cAy93KdyLiy9xXX2B5w5SDNYcgTP2ADwbVgklD5Uv61lhtKOT
ZBVnpRbGdwGwKxTAs4Ue064rqvTSB71MhePFdQuXub/F0+pDEt+zuU81CWALy87a
N7afIQMpeT+McxR+ij7IBjya3xU6pn+h4UYPydGzUkKsfnE7PTZ6j4qC+UBJ5cDS
vDZlTGJiHvnf5LjjefLPe6MgO8dCTLQMEo5r3WTv0nMim+ngQXSgHPiTni6BljP+
ISbNZ5jhWSS5Ivhhl01AHiDK+gCxwlzcAZjo0ATUYurDzLXx6ndX1jW4DI5shPV6
qDVYrhPPWuECvUHD4LExGwPA1LyB3lNA
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:32:33 2025 by rpki-client