Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft
File:                     y8ZgM3D76EzM4GToT08m7b7CZ7E.mft (raw, json)
Hash identifier:          /fZRtI9r6KxYEXXfC6l1P9yRbt0WyldEGkryziEcOWk=
Subject key identifier:   C3:F3:4C:C7:7C:DC:44:97:7D:E5:40:59:25:42:59:9D:2D:E9:EE:4A
Authority key identifier: CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1
Certificate issuer:       /CN=A91D9CA8/serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1
Certificate serial:       2C
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft
Manifest number:          2A
Signing time:             Fri 25 Apr 2025 06:43:30 +0000
Manifest this update:     Fri 25 Apr 2025 06:43:29 +0000
Manifest next update:     Fri 02 May 2025 06:43:29 +0000
Files and hashes:         1: y8ZgM3D76EzM4GToT08m7b7CZ7E.crl (hash: gpzJE1gSQlb60wTc1BRfWZIq+CFUJBkZw6e+Ig6Pj50=)
                          2: B97BD74AE4FF11EFB75F5836C4F9AE02.roa (hash: KR4Tx3kFeLSQKCW18mb5WqFjOSaFssRkJQn1FwH+pqg=)
                          3: EF512526E6D711EF8D300475C4F9AE02.roa (hash: G+h7ToXq8XsAorxWYN7LBRMYmAjacElCFrNbKrsrwaE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl
                          rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 02 May 2025 06:43:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 44 (0x2c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D9CA8, serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1
        Validity
            Not Before: Apr 25 06:43:29 2025 GMT
            Not After : May  2 06:43:29 2025 GMT
        Subject: CN=680b2f12-f84c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:a9:c0:24:34:af:62:22:39:73:07:86:5f:69:
                    a2:40:b1:b8:ab:03:db:73:45:08:b8:fe:73:7d:e5:
                    d0:25:e7:34:87:0f:79:80:c9:01:a6:7e:c1:48:fc:
                    4d:fc:cc:40:a4:b4:d0:49:4c:a7:5a:c5:9e:72:d6:
                    4c:ee:56:b8:c5:6c:81:e7:20:3e:9a:52:f1:f2:3d:
                    ab:5b:95:7f:22:29:5d:fc:33:31:9d:04:79:02:c4:
                    22:60:9a:0c:57:4d:c1:9b:6d:03:a2:71:36:70:59:
                    5a:36:cc:63:40:68:b1:83:fd:b6:3f:dd:47:c8:33:
                    7b:b9:4a:c8:c0:63:3c:b5:97:01:12:0d:97:9f:f0:
                    08:15:5d:ad:58:01:bb:d0:23:73:6f:f0:a9:90:0b:
                    a2:25:c4:f8:75:87:7e:85:bb:e3:e0:e0:f2:2f:26:
                    dc:9d:58:7b:5b:13:74:3d:3f:08:c4:34:63:5e:a6:
                    df:c1:91:f9:0a:ae:ce:5b:6d:57:e0:f0:65:47:61:
                    36:6a:f9:14:d2:b4:f0:78:4b:a7:5f:6c:1e:22:d0:
                    b3:2d:d4:7f:45:b9:d1:b6:cd:05:e5:a2:5b:eb:c4:
                    98:ae:fc:9a:0d:ba:6c:16:11:a6:31:df:1e:91:31:
                    27:da:da:2b:ff:e4:53:7a:9a:85:9f:58:3d:f5:23:
                    23:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:F3:4C:C7:7C:DC:44:97:7D:E5:40:59:25:42:59:9D:2D:E9:EE:4A
            X509v3 Authority Key Identifier:
                keyid:CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:73:21:5e:12:47:76:16:2a:f8:a9:68:4b:9f:94:7e:df:cb:
         7f:ee:f6:1f:2c:f8:84:48:d7:6d:90:00:d8:a9:63:34:d9:99:
         ac:75:41:fd:88:11:cd:25:d8:46:6c:03:3f:25:7b:7e:d5:3c:
         f5:d9:27:eb:36:f2:aa:50:13:3c:5d:80:fd:92:68:09:37:19:
         eb:b5:6d:04:a2:7d:85:1a:6a:67:f1:e5:e8:84:1d:99:07:c1:
         b1:e8:70:0e:e6:72:ef:fa:32:64:c3:48:19:1a:0b:4f:4b:30:
         88:db:9f:a2:f8:ed:70:9f:fa:ec:b3:0d:10:ad:b1:6f:bf:8e:
         f5:7a:53:a6:e2:3a:4e:ec:60:cf:34:33:6e:15:9d:ba:e8:30:
         84:4e:1d:1d:9e:04:50:65:79:61:19:5c:72:f3:e5:ca:62:86:
         81:7f:0b:3d:2d:aa:04:a6:98:54:7f:3f:3a:a7:0d:d5:55:a7:
         41:0e:08:de:cb:c4:3f:5b:e0:c0:66:14:dc:c5:f7:a8:db:d1:
         c8:c3:38:aa:cd:ca:a2:ce:bd:11:fe:85:fe:70:bf:a0:19:60:
         42:b6:52:62:6a:75:e2:d3:de:53:8e:b6:5c:0f:77:ed:07:78:
         5b:ed:94:c9:f5:95:b2:86:00:61:4d:46:30:da:00:d4:73:80:
         dd:61:0d:66
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBLDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
OUNBODExMC8GA1UEBRMoQ0JDNjYwMzM3MEZCRTg0Q0NDRTA2NEU4NEY0RjI2RURC
RUMyNjdCMTAeFw0yNTA0MjUwNjQzMjlaFw0yNTA1MDIwNjQzMjlaMBgxFjAUBgNV
BAMTDTY4MGIyZjEyLWY4NGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDxqcAkNK9iIjlzB4ZfaaJAsbirA9tzRQi4/nN95dAl5zSHD3mAyQGmfsFI/E38
zECktNBJTKdaxZ5y1kzuVrjFbIHnID6aUvHyPatblX8iKV38MzGdBHkCxCJgmgxX
TcGbbQOicTZwWVo2zGNAaLGD/bY/3UfIM3u5SsjAYzy1lwESDZef8AgVXa1YAbvQ
I3Nv8KmQC6IlxPh1h36Fu+Pg4PIvJtydWHtbE3Q9PwjENGNept/BkfkKrs5bbVfg
8GVHYTZq+RTStPB4S6dfbB4i0LMt1H9FudG2zQXlolvrxJiu/JoNumwWEaYx3x6R
MSfa2iv/5FN6moWfWD31IyNDAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUw/NMx3zc
RJd95UBZJUJZnS3p7kowHwYDVR0jBBgwFoAUy8ZgM3D76EzM4GToT08m7b7CZ7Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5Q0E4LzIwREEyNzQ2RTRG
RDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6TTRHVG9UMDhtN2I3Q1o3
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIveThaZ00zRDc2RXpNNEdUb1QwOG03YjdDWjdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5
Q0E4LzIwREEyNzQ2RTRGRDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6
TTRHVG9UMDhtN2I3Q1o3RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAEhzIV4SR3YWKvipaEuflH7fy3/u9h8s+IRI122QANipYzTZmax1Qf2I
Ec0l2EZsAz8le37VPPXZJ+s28qpQEzxdgP2SaAk3Geu1bQSifYUaamfx5eiEHZkH
wbHocA7mcu/6MmTDSBkaC09LMIjbn6L47XCf+uyzDRCtsW+/jvV6U6biOk7sYM80
M24VnbroMIROHR2eBFBleWEZXHLz5cpihoF/Cz0tqgSmmFR/PzqnDdVVp0EOCN7L
xD9b4MBmFNzF96jb0cjDOKrNyqLOvRH+hf5wv6AZYEK2UmJqdeLT3lOOtlwPd+0H
eFvtlMn1lbKGAGFNRjDaANRzgN1hDWY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:58:24 2025 by rpki-client