Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft
File:                     y8ZgM3D76EzM4GToT08m7b7CZ7E.mft (raw, json)
Hash identifier:          1rp1qXX3XMGjhzU+pxHLY8UypTJFY/JPU1VzT06ky4M=
Subject key identifier:   D6:B9:9D:4D:6A:AE:E3:EB:EF:2C:88:40:16:23:9F:64:9E:C4:74:BA
Authority key identifier: CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1
Certificate issuer:       /CN=A91D9CA8/serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1
Certificate serial:       2E
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft
Manifest number:          2C
Signing time:             Tue 29 Apr 2025 07:40:57 +0000
Manifest this update:     Tue 29 Apr 2025 07:40:57 +0000
Manifest next update:     Tue 06 May 2025 07:40:57 +0000
Files and hashes:         1: y8ZgM3D76EzM4GToT08m7b7CZ7E.crl (hash: 8++RTM36QYvX8qQ+bUY49RqTRtOLJ2K6T5dx5Qqud5A=)
                          2: B97BD74AE4FF11EFB75F5836C4F9AE02.roa (hash: KR4Tx3kFeLSQKCW18mb5WqFjOSaFssRkJQn1FwH+pqg=)
                          3: EF512526E6D711EF8D300475C4F9AE02.roa (hash: G+h7ToXq8XsAorxWYN7LBRMYmAjacElCFrNbKrsrwaE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl
                          rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 06 May 2025 07:40:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 46 (0x2e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D9CA8, serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1
        Validity
            Not Before: Apr 29 07:40:57 2025 GMT
            Not After : May  6 07:40:57 2025 GMT
        Subject: CN=68108289-61bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f5:fe:f6:e8:e7:b2:5b:f2:39:31:80:ef:d5:
                    6f:21:49:59:cf:7d:91:f4:c2:bd:a7:92:fe:d5:97:
                    16:18:14:54:e4:55:a2:9c:18:23:54:d3:b9:3b:4a:
                    1e:b8:4d:36:b4:0d:d4:30:97:f3:78:19:78:a1:66:
                    3c:64:c7:86:d1:81:a4:f4:78:2e:f6:9b:d1:33:c4:
                    bf:e7:48:c7:0f:a1:e0:84:d1:60:b0:68:3a:a8:08:
                    ca:94:09:d7:f0:98:7d:bf:df:32:d9:2e:90:94:dc:
                    7c:2a:fa:66:a2:8b:f9:e2:1d:b7:11:1f:d4:4a:b3:
                    c6:20:61:59:df:10:a7:52:25:80:24:7c:e8:67:2d:
                    15:f5:bd:02:09:d4:29:31:7d:5d:4a:ea:5c:b2:d1:
                    a7:7d:4c:d1:31:9d:18:a2:71:50:4f:58:b6:26:d7:
                    84:99:d0:b1:d4:2c:28:03:90:05:8b:23:63:46:de:
                    65:2c:9b:f9:31:cd:c3:47:72:e4:a1:e6:de:4c:31:
                    3c:08:44:f2:49:85:6a:57:9e:0a:11:aa:0e:b4:09:
                    19:d0:8f:dd:1c:a9:d3:05:7a:fc:0f:04:11:91:26:
                    f0:ac:07:4b:75:c6:60:ff:89:ec:79:0e:97:1e:45:
                    31:49:aa:eb:6c:fe:c6:fd:82:b5:04:38:6e:7d:da:
                    29:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:B9:9D:4D:6A:AE:E3:EB:EF:2C:88:40:16:23:9F:64:9E:C4:74:BA
            X509v3 Authority Key Identifier:
                keyid:CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:f4:6e:2b:6b:51:07:83:0a:21:15:69:48:26:97:5f:da:c4:
         00:e7:bc:1b:84:70:7b:7f:3e:30:4a:72:61:8b:4f:ad:2d:a1:
         0e:01:e6:c8:c4:43:03:ed:13:04:ef:49:03:ca:58:28:c6:f6:
         bb:ec:ae:d8:3a:ef:54:be:18:32:16:3d:9b:4b:49:c5:7e:7c:
         6d:d7:50:19:f5:74:e3:da:e4:69:f0:fc:0e:32:e3:e2:df:d8:
         1c:81:f9:f9:31:67:7e:2c:d8:a6:db:73:8b:8e:0d:85:0e:60:
         e7:59:36:10:da:d9:11:8c:79:ae:d9:b8:94:61:0e:c9:01:4b:
         b0:b6:e0:7d:0a:3f:13:93:27:ed:6e:f8:87:87:d2:bb:ab:68:
         34:46:f3:a5:1a:ce:13:5c:69:c7:48:10:13:4f:66:63:d0:ef:
         1c:3f:2b:83:3c:10:aa:42:f8:00:19:c1:0e:0f:f7:f5:ff:19:
         d6:2d:33:7f:f8:94:d0:31:68:d4:e8:2c:33:b8:db:51:4a:93:
         26:11:97:eb:6d:29:74:bc:fe:d6:8d:08:ca:8c:92:9c:04:f6:
         21:68:fd:62:ca:28:0a:3e:90:16:b2:66:15:41:a8:43:96:f2:
         b8:68:f0:56:22:5b:ec:00:cd:fb:36:12:ff:f7:a8:63:89:fe:
         dd:0b:73:aa
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
OUNBODExMC8GA1UEBRMoQ0JDNjYwMzM3MEZCRTg0Q0NDRTA2NEU4NEY0RjI2RURC
RUMyNjdCMTAeFw0yNTA0MjkwNzQwNTdaFw0yNTA1MDYwNzQwNTdaMBgxFjAUBgNV
BAMTDTY4MTA4Mjg5LTYxYmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/9f726OeyW/I5MYDv1W8hSVnPfZH0wr2nkv7VlxYYFFTkVaKcGCNU07k7Sh64
TTa0DdQwl/N4GXihZjxkx4bRgaT0eC72m9EzxL/nSMcPoeCE0WCwaDqoCMqUCdfw
mH2/3zLZLpCU3Hwq+maii/niHbcRH9RKs8YgYVnfEKdSJYAkfOhnLRX1vQIJ1Ckx
fV1K6lyy0ad9TNExnRiicVBPWLYm14SZ0LHULCgDkAWLI2NG3mUsm/kxzcNHcuSh
5t5MMTwIRPJJhWpXngoRqg60CRnQj90cqdMFevwPBBGRJvCsB0t1xmD/iex5Dpce
RTFJquts/sb9grUEOG592ikdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1rmdTWqu
4+vvLIhAFiOfZJ7EdLowHwYDVR0jBBgwFoAUy8ZgM3D76EzM4GToT08m7b7CZ7Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5Q0E4LzIwREEyNzQ2RTRG
RDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6TTRHVG9UMDhtN2I3Q1o3
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIveThaZ00zRDc2RXpNNEdUb1QwOG03YjdDWjdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5
Q0E4LzIwREEyNzQ2RTRGRDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6
TTRHVG9UMDhtN2I3Q1o3RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBALf0bitrUQeDCiEVaUgml1/axADnvBuEcHt/PjBKcmGLT60toQ4B5sjE
QwPtEwTvSQPKWCjG9rvsrtg671S+GDIWPZtLScV+fG3XUBn1dOPa5Gnw/A4y4+Lf
2ByB+fkxZ34s2Kbbc4uODYUOYOdZNhDa2RGMea7ZuJRhDskBS7C24H0KPxOTJ+1u
+IeH0ruraDRG86UazhNcacdIEBNPZmPQ7xw/K4M8EKpC+AAZwQ4P9/X/GdYtM3/4
lNAxaNToLDO421FKkyYRl+ttKXS8/taNCMqMkpwE9iFo/WLKKAo+kBayZhVBqEOW
8rho8FYiW+wAzfs2Ev/3qGOJ/t0Lc6o=
-----END CERTIFICATE-----
Generated at Wed Apr 30 09:43:09 2025 by rpki-client