Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D51C1/D92E69AAC1EE11EBBFD57E2AC4F9AE02/l7tUs9I8N8PdPgFpypdNJ9up8FA.mft
File:                     l7tUs9I8N8PdPgFpypdNJ9up8FA.mft (raw, json)
Hash identifier:          +OgKQnDXdptM9XDf+imqbM4ebklaupmylGpv+G/tW3o=
Subject key identifier:   5D:27:22:D2:86:96:A4:30:9E:AB:09:DF:DD:6C:48:A6:F0:B7:78:47
Authority key identifier: 97:BB:54:B3:D2:3C:37:C3:DD:3E:01:69:CA:97:4D:27:DB:A9:F0:50
Certificate issuer:       /CN=A91D51C1/serialNumber=97BB54B3D23C37C3DD3E0169CA974D27DBA9F050
Certificate serial:       05F1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l7tUs9I8N8PdPgFpypdNJ9up8FA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D51C1/D92E69AAC1EE11EBBFD57E2AC4F9AE02/l7tUs9I8N8PdPgFpypdNJ9up8FA.mft
Manifest number:          05E8
Signing time:             Mon 04 Aug 2025 23:24:21 +0000
Manifest this update:     Mon 04 Aug 2025 23:24:20 +0000
Manifest next update:     Mon 11 Aug 2025 23:24:20 +0000
Files and hashes:         1: l7tUs9I8N8PdPgFpypdNJ9up8FA.crl (hash: sQu9wTggkv+9Q1msfkN4p7KWYtcDIyOL7osEJJRkfoM=)
                          2: 1E8ADFD0C1F211EBA984726AC4F9AE02.roa (hash: 9l/idt3LJislssNxfPBsqgjifz4U+6PzxoXpIp44G34=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D51C1/D92E69AAC1EE11EBBFD57E2AC4F9AE02/l7tUs9I8N8PdPgFpypdNJ9up8FA.crl
                          rsync://rpki.apnic.net/member_repository/A91D51C1/D92E69AAC1EE11EBBFD57E2AC4F9AE02/l7tUs9I8N8PdPgFpypdNJ9up8FA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l7tUs9I8N8PdPgFpypdNJ9up8FA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 11 Aug 2025 23:24:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1521 (0x5f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D51C1, serialNumber=97BB54B3D23C37C3DD3E0169CA974D27DBA9F050
        Validity
            Not Before: Aug  4 23:24:20 2025 GMT
            Not After : Aug 11 23:24:20 2025 GMT
        Subject: CN=68914124-4144
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:dc:c2:1e:54:4b:01:95:2f:14:af:cd:dc:c2:
                    b0:30:a4:b1:bb:19:ae:a2:cd:9c:a3:cf:13:b6:d2:
                    af:92:1c:75:17:1c:53:42:25:0d:81:35:25:e1:d4:
                    e5:f5:50:95:05:c8:b3:19:e4:58:36:95:2a:aa:57:
                    1a:87:6c:19:48:5a:7d:5f:28:7d:f3:39:d3:7b:e9:
                    2e:83:5e:c8:51:6b:d6:12:bc:3e:d9:fa:b5:79:8c:
                    bb:80:5b:59:d1:01:c5:96:51:e6:6f:9a:31:b7:52:
                    70:9f:38:80:62:d2:18:03:fc:c3:84:40:7d:c3:a8:
                    95:47:0e:f3:f0:b6:ad:2d:82:33:59:1a:5d:90:d9:
                    a6:64:c2:d8:ac:f7:01:5b:89:07:b0:b0:44:2a:2b:
                    33:e7:18:da:10:53:8b:e7:19:fb:85:bc:45:88:b4:
                    00:bb:bd:4f:ab:c2:1a:df:54:41:15:64:8a:73:21:
                    23:d3:86:04:c2:f4:98:b5:f0:f6:e4:be:c6:d4:3e:
                    8e:39:47:25:9a:c9:f4:f2:f6:a0:33:35:a4:d2:57:
                    d9:ab:d1:4d:62:75:c5:d5:a6:c3:df:9b:5e:09:1f:
                    33:66:7c:3e:08:34:3d:35:bf:90:da:86:4f:d0:3e:
                    57:fa:ab:33:c3:e7:f1:0b:97:d4:f7:93:70:ab:e8:
                    81:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:27:22:D2:86:96:A4:30:9E:AB:09:DF:DD:6C:48:A6:F0:B7:78:47
            X509v3 Authority Key Identifier:
                keyid:97:BB:54:B3:D2:3C:37:C3:DD:3E:01:69:CA:97:4D:27:DB:A9:F0:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D51C1/D92E69AAC1EE11EBBFD57E2AC4F9AE02/l7tUs9I8N8PdPgFpypdNJ9up8FA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l7tUs9I8N8PdPgFpypdNJ9up8FA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D51C1/D92E69AAC1EE11EBBFD57E2AC4F9AE02/l7tUs9I8N8PdPgFpypdNJ9up8FA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:c7:64:60:7b:fd:e5:d6:a7:67:44:75:c5:e7:11:ce:0f:ae:
         1c:5f:66:1e:9c:a5:89:a8:e2:97:51:e9:fa:3e:5e:6c:ba:c3:
         e7:cc:91:68:3d:d0:87:b8:2a:5d:d9:bb:df:88:88:11:e2:d6:
         0a:a6:7c:d8:15:ec:c8:c1:c4:05:bd:50:d5:08:9b:43:4e:0a:
         75:54:3f:e2:32:1d:df:3f:e2:1d:ae:19:01:7a:30:67:b4:45:
         63:b9:db:1d:a3:0c:f4:6e:3c:90:1c:5f:38:8e:17:4a:cf:ed:
         0d:e2:2e:14:43:c1:9a:0b:88:93:5b:3c:19:f8:01:b1:bb:20:
         67:0a:4f:a4:e3:c8:1c:78:0a:fd:33:18:92:d1:4c:93:85:94:
         cf:53:1a:81:fa:8b:c6:29:9e:e4:fa:5b:22:7d:1b:db:b0:92:
         5d:bd:36:ff:03:bd:d2:7a:30:47:85:7d:f7:12:06:1b:dd:ac:
         08:f2:22:4b:87:e1:fc:f4:d5:b5:f3:b8:5f:f4:42:aa:22:04:
         49:e4:9b:db:08:5a:b5:42:97:cc:0b:17:00:7d:d7:f1:0e:5f:
         6b:7f:c9:fe:18:cc:79:b9:e0:a6:06:ba:cb:9b:ae:80:c1:48:
         39:d4:24:d5:e3:26:87:07:dc:39:c5:b9:7d:1a:69:36:c4:e1:
         83:b1:74:49
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBfEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDUxQzExMTAvBgNVBAUTKDk3QkI1NEIzRDIzQzM3QzNERDNFMDE2OUNBOTc0RDI3
REJBOUYwNTAwHhcNMjUwODA0MjMyNDIwWhcNMjUwODExMjMyNDIwWjAYMRYwFAYD
VQQDEw02ODkxNDEyNC00MTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyNzCHlRLAZUvFK/N3MKwMKSxuxmuos2co88TttKvkhx1FxxTQiUNgTUl4dTl
9VCVBcizGeRYNpUqqlcah2wZSFp9Xyh98znTe+kug17IUWvWErw+2fq1eYy7gFtZ
0QHFllHmb5oxt1JwnziAYtIYA/zDhEB9w6iVRw7z8LatLYIzWRpdkNmmZMLYrPcB
W4kHsLBEKisz5xjaEFOL5xn7hbxFiLQAu71Pq8Ia31RBFWSKcyEj04YEwvSYtfD2
5L7G1D6OOUclmsn08vagMzWk0lfZq9FNYnXF1abD35teCR8zZnw+CDQ9Nb+Q2oZP
0D5X+qszw+fxC5fU95Nwq+iBLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF0nItKG
lqQwnqsJ391sSKbwt3hHMB8GA1UdIwQYMBaAFJe7VLPSPDfD3T4BacqXTSfbqfBQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTFDMS9EOTJFNjlBQUMx
RUUxMUVCQkZENTdFMkFDNEY5QUUwMi9sN3RVczlJOE44UGRQZ0ZweXBkTko5dXA4
RkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2w3dFVzOUk4TjhQZFBnRnB5cGROSjl1cDhGQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NTFDMS9EOTJFNjlBQUMxRUUxMUVCQkZENTdFMkFDNEY5QUUwMi9sN3RVczlJOE44
UGRQZ0ZweXBkTko5dXA4RkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCUx2Rge/3l1qdnRHXF5xHOD64cX2YenKWJqOKXUen6Pl5susPnzJFo
PdCHuCpd2bvfiIgR4tYKpnzYFezIwcQFvVDVCJtDTgp1VD/iMh3fP+IdrhkBejBn
tEVjudsdowz0bjyQHF84jhdKz+0N4i4UQ8GaC4iTWzwZ+AGxuyBnCk+k48gceAr9
MxiS0UyThZTPUxqB+ovGKZ7k+lsifRvbsJJdvTb/A73SejBHhX33EgYb3awI8iJL
h+H89NW187hf9EKqIgRJ5JvbCFq1QpfMCxcAfdfxDl9rf8n+GMx5ueCmBrrLm66A
wUg51CTV4yaHB9w5xbl9Gmk2xOGDsXRJ
-----END CERTIFICATE-----
Generated at Wed Aug 6 19:37:19 2025 by rpki-client