Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft
File:                     2itDzBg8qOD2qPbapUzdcwb4Yig.mft (raw, json)
Hash identifier:          N7iY019vXD63hjoBKeouq7Jbt6EMxHbXvKSxdRDHGIo=
Subject key identifier:   09:59:8F:B5:89:B1:56:7A:CA:D3:AC:F1:5C:A2:A3:AC:53:30:F8:CC
Authority key identifier: DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28
Certificate issuer:       /CN=A91DF0EC/serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228
Certificate serial:       0A2E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft
Manifest number:          0A1D
Signing time:             Fri 08 Aug 2025 20:07:17 +0000
Manifest this update:     Fri 08 Aug 2025 20:07:17 +0000
Manifest next update:     Fri 15 Aug 2025 20:07:17 +0000
Files and hashes:         1: 2itDzBg8qOD2qPbapUzdcwb4Yig.crl (hash: PdE44yS8CC/DKraiXi5SoZhj3pf6nFtGbY9V9vwsp2M=)
                          2: FD114232912711EFBCB4ED6EC4F9AE02.roa (hash: TxCwNFrh+xkaqDR3M5kqqPa5bX7FhYwp1p0wkxa1CxU=)
                          3: 0D6FFE56BA3511ECA20A3817C4F9AE02.roa (hash: JxcjLdYbfNpLt4XJbaeEwHRAAk7SbV4Cw+ExyqNKBV4=)
                          4: C8A0E422831611EA95762453C4F9AE02.roa (hash: yUwouY97arbHx1ysSRkQtB3/fVJX2BMSgtA5eI1eKIg=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl
                          rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2606 (0xa2e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DF0EC, serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228
        Validity
            Not Before: Aug  8 20:07:17 2025 GMT
            Not After : Aug 15 20:07:17 2025 GMT
        Subject: CN=689658f5-c29f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a3:da:44:92:f7:6f:5e:22:96:92:3e:32:9c:
                    59:83:6f:ca:b7:2b:b6:30:ba:1f:16:17:af:44:e3:
                    e9:70:2e:3f:64:4d:f0:af:34:d1:b8:69:45:96:f4:
                    5e:cc:40:c0:d3:a5:ae:2d:ae:ee:68:2a:0d:bd:93:
                    24:9b:29:af:c8:9e:a9:d1:2d:68:1d:7e:c2:71:37:
                    35:60:38:1e:01:7f:41:b4:27:42:1e:0e:73:3c:a7:
                    ac:29:79:0d:ad:d9:e8:f4:4f:98:84:e0:bd:27:6f:
                    07:34:60:21:2f:24:84:43:3e:c1:d6:97:f8:b6:4a:
                    af:29:31:53:1b:ee:dd:8c:69:2d:3d:c6:4a:79:02:
                    65:b4:f4:57:c5:97:a7:f1:29:e6:f3:05:17:09:44:
                    99:04:fc:7e:44:9b:8a:5f:2f:9f:9a:40:7d:33:cf:
                    95:ad:21:71:a0:dd:e2:91:ec:a4:8c:cd:22:cc:37:
                    85:ac:e7:85:42:28:f6:19:28:a1:1b:01:24:26:de:
                    2f:ed:89:34:0c:8d:f8:2a:6a:b4:2b:d1:1a:4b:dd:
                    7b:87:f1:04:94:71:f4:cc:c6:fd:64:36:7f:a8:5a:
                    0b:86:67:82:e8:65:f6:82:59:bc:6d:cb:98:22:74:
                    32:e7:13:0e:04:6b:af:5a:de:e3:cb:9d:63:d4:84:
                    36:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:59:8F:B5:89:B1:56:7A:CA:D3:AC:F1:5C:A2:A3:AC:53:30:F8:CC
            X509v3 Authority Key Identifier:
                keyid:DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:89:67:82:3b:0b:71:41:23:3a:b5:38:79:06:31:a8:77:65:
         17:92:29:3f:1c:37:4b:6b:2f:71:c7:b9:c4:90:54:45:f5:40:
         cf:4e:c6:cb:79:83:87:29:84:4f:a7:1d:26:00:9d:0a:95:30:
         67:75:1f:ea:9c:ea:60:ef:c3:13:f6:39:99:a9:59:cd:71:d1:
         71:d0:e5:07:08:04:eb:87:d3:74:6b:c0:1d:1d:3a:0b:ea:bd:
         1d:6f:79:27:af:7d:5e:de:7a:13:b8:dc:78:fb:63:e0:9a:d1:
         a5:8a:a7:40:64:e6:02:56:c5:7e:77:23:61:d1:26:be:a5:d3:
         e8:0a:df:ef:c5:53:03:b0:65:b4:7a:ee:f6:f4:ae:ac:c4:9c:
         d2:a6:20:b2:e7:79:88:a9:4a:a1:18:66:e4:a9:c1:f1:cd:82:
         fc:2d:10:61:06:91:65:e9:aa:98:e3:54:0a:15:86:89:5c:d3:
         fa:58:a3:7c:b7:ef:37:37:57:b6:f9:c5:71:47:c8:91:ba:64:
         93:27:5c:b1:12:ff:4a:c9:63:d7:ae:09:06:16:25:d2:42:5d:
         58:55:17:89:6e:52:9d:89:82:f2:7e:3c:43:dd:ab:d0:a7:2c:
         5a:fd:80:1f:d0:83:db:ff:a6:2b:91:a9:23:0d:0e:1a:8b:08:
         63:1b:12:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REYwRUMxMTAvBgNVBAUTKERBMkI0M0NDMTgzQ0E4RTBGNkE4RjZEQUE1NENERDcz
MDZGODYyMjgwHhcNMjUwODA4MjAwNzE3WhcNMjUwODE1MjAwNzE3WjAYMRYwFAYD
VQQDEw02ODk2NThmNS1jMjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzKPaRJL3b14ilpI+MpxZg2/Ktyu2MLofFhevROPpcC4/ZE3wrzTRuGlFlvRe
zEDA06WuLa7uaCoNvZMkmymvyJ6p0S1oHX7CcTc1YDgeAX9BtCdCHg5zPKesKXkN
rdno9E+YhOC9J28HNGAhLySEQz7B1pf4tkqvKTFTG+7djGktPcZKeQJltPRXxZen
8Snm8wUXCUSZBPx+RJuKXy+fmkB9M8+VrSFxoN3ikeykjM0izDeFrOeFQij2GSih
GwEkJt4v7Yk0DI34Kmq0K9EaS917h/EElHH0zMb9ZDZ/qFoLhmeC6GX2glm8bcuY
InQy5xMOBGuvWt7jy51j1IQ2KQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAlZj7WJ
sVZ6ytOs8Vyio6xTMPjMMB8GA1UdIwQYMBaAFNorQ8wYPKjg9qj22qVM3XMG+GIo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjBFQy85OTFDRUY3RTc5
NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFPRDJxUGJhcFV6ZGN3YjRZ
aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJpdER6Qmc4cU9EMnFQYmFwVXpkY3diNFlpZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RjBFQy85OTFDRUY3RTc5NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFP
RDJxUGJhcFV6ZGN3YjRZaWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCFiWeCOwtxQSM6tTh5BjGod2UXkik/HDdLay9xx7nEkFRF9UDPTsbL
eYOHKYRPpx0mAJ0KlTBndR/qnOpg78MT9jmZqVnNcdFx0OUHCATrh9N0a8AdHToL
6r0db3knr31e3noTuNx4+2PgmtGliqdAZOYCVsV+dyNh0Sa+pdPoCt/vxVMDsGW0
eu729K6sxJzSpiCy53mIqUqhGGbkqcHxzYL8LRBhBpFl6aqY41QKFYaJXNP6WKN8
t+83N1e2+cVxR8iRumSTJ1yxEv9KyWPXrgkGFiXSQl1YVReJblKdiYLyfjxD3avQ
pyxa/YAf0IPb/6YrkakjDQ4aiwhjGxIE
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:09:09 2025 by rpki-client