Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
File:                     QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft (raw, json)
Hash identifier:          VvAEBcfxS8qpY00fxyMt5Qd+KjB+pv2thiqLkUVJ6WE=
Subject key identifier:   1E:E3:F4:B1:24:D8:86:96:8A:4F:D5:7B:4C:3B:72:FC:82:63:39:8C
Authority key identifier: 41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58
Certificate issuer:       /CN=A91E5D61/serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458
Certificate serial:       127A
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
Manifest number:          4707
Signing time:             Thu 24 Apr 2025 14:21:06 +0000
Manifest this update:     Thu 24 Apr 2025 14:21:05 +0000
Manifest next update:     Thu 01 May 2025 14:21:05 +0000
Files and hashes:         1: QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl (hash: d38HUF/wvzBMC0ZuonZX3RnB4Z1BAtV6GkELdcS78FE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl
                          rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 01 May 2025 14:21:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4730 (0x127a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E5D61, serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458
        Validity
            Not Before: Apr 24 14:21:05 2025 GMT
            Not After : May  1 14:21:05 2025 GMT
        Subject: CN=680a48d1-7939
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:13:b3:9d:90:ec:f2:e5:f4:24:f7:42:c8:ab:
                    fc:70:e4:af:6d:db:34:b7:60:b8:11:e1:eb:5d:82:
                    16:2f:97:dc:10:d9:7a:e1:e5:f6:4e:10:11:56:3c:
                    ef:0a:5e:f0:0b:7b:e7:b0:a5:97:cb:6f:7f:69:2c:
                    2d:a5:01:d1:42:fc:2c:3b:e7:09:cf:44:4a:d1:78:
                    97:a3:96:8b:47:59:73:8d:d8:93:65:3e:a6:8c:6c:
                    49:9e:26:91:09:11:53:a2:fc:47:2b:8b:c2:bc:3c:
                    ed:45:a1:55:5e:ba:96:63:fe:36:60:bd:6a:9f:71:
                    c7:2b:1b:88:5c:13:a7:3f:ed:5b:60:47:7a:d7:8b:
                    64:52:05:d8:63:cf:7f:3e:c0:9c:8d:71:0d:8a:a5:
                    42:50:b3:fb:4f:ca:d1:d8:b6:b2:48:77:37:75:bc:
                    f1:0a:96:e3:c4:ec:d3:b9:7d:9c:6e:f3:42:39:1e:
                    21:3e:10:dd:1d:67:1d:86:03:d2:f0:9b:bb:1c:52:
                    9e:8e:a2:03:4a:a0:42:3a:96:50:90:ca:a9:bc:b6:
                    1a:71:6a:58:06:b7:eb:96:4d:4e:02:30:ef:43:f4:
                    f6:b9:5b:2d:cb:f2:87:af:c7:2e:eb:e4:e6:c4:0b:
                    4d:33:72:7a:e1:2a:ae:b6:05:e7:23:ac:bd:e0:1b:
                    5b:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:E3:F4:B1:24:D8:86:96:8A:4F:D5:7B:4C:3B:72:FC:82:63:39:8C
            X509v3 Authority Key Identifier:
                keyid:41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:db:51:df:24:cb:d7:68:e7:a3:27:de:c4:d6:3a:f7:7e:c8:
         0d:1d:be:45:89:67:6e:14:32:25:a9:5e:95:10:47:94:3e:7f:
         05:83:41:0a:a1:0e:bd:95:4d:29:46:9f:f1:81:4f:5c:85:e6:
         b4:52:ff:68:8d:69:41:a3:5b:80:a1:47:cc:a1:25:f4:6e:e6:
         af:0f:82:8c:c1:9f:0e:da:13:8c:cb:df:32:05:f4:98:b9:10:
         fe:31:a7:88:8d:a6:16:a4:7a:21:bd:fc:f4:57:56:ed:ea:a9:
         d2:25:53:5b:9e:26:c1:69:4b:71:e4:69:2e:1b:cb:24:e0:e5:
         66:d9:ac:53:d7:41:6a:9e:8f:5e:62:70:3d:f2:83:09:6d:98:
         a5:80:08:0f:1a:6a:cb:1c:af:9e:90:6a:05:d0:97:a2:54:76:
         e5:b6:3e:09:c4:ad:22:62:02:4d:d2:64:ba:e4:64:b7:ba:ce:
         55:d5:64:8e:27:42:8e:b8:47:c1:8a:fa:ec:18:75:4e:c3:17:
         8f:b4:5e:85:93:94:d7:11:be:39:ad:75:8b:30:1e:48:b3:f6:
         72:9e:6c:9a:7e:8a:45:cd:15:9a:14:91:6b:49:35:71:c4:2d:
         de:ec:8b:21:2b:ed:b9:d4:98:4c:99:3a:64:10:34:b1:cb:53:
         e3:11:fb:f6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEnowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTVENjExMTAvBgNVBAUTKDQxNkQ2Q0Q2MDM5MEZCN0M5NkVENzlENzhDRTc2RjU0
QUZDRjQ0NTgwHhcNMjUwNDI0MTQyMTA1WhcNMjUwNTAxMTQyMTA1WjAYMRYwFAYD
VQQDEw02ODBhNDhkMS03OTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtBOznZDs8uX0JPdCyKv8cOSvbds0t2C4EeHrXYIWL5fcENl64eX2ThARVjzv
Cl7wC3vnsKWXy29/aSwtpQHRQvwsO+cJz0RK0XiXo5aLR1lzjdiTZT6mjGxJniaR
CRFTovxHK4vCvDztRaFVXrqWY/42YL1qn3HHKxuIXBOnP+1bYEd614tkUgXYY89/
PsCcjXENiqVCULP7T8rR2LaySHc3dbzxCpbjxOzTuX2cbvNCOR4hPhDdHWcdhgPS
8Ju7HFKejqIDSqBCOpZQkMqpvLYacWpYBrfrlk1OAjDvQ/T2uVsty/KHr8cu6+Tm
xAtNM3J64SqutgXnI6y94BtbvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB7j9LEk
2IaWik/Ve0w7cvyCYzmMMB8GA1UdIwQYMBaAFEFtbNYDkPt8lu1514znb1Svz0RY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUQ2MS8yQTdDN0Q5ODFE
NzkxMUUyODc5RTM4QzUwOEIwMkNEMi9RVzFzMWdPUS0zeVc3WG5Yak9kdlZLX1BS
RmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL1FXMXMxZ09RLTN5VzdYblhqT2R2VktfUFJGZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NUQ2MS8yQTdDN0Q5ODFENzkxMUUyODc5RTM4QzUwOEIwMkNEMi9RVzFzMWdPUS0z
eVc3WG5Yak9kdlZLX1BSRmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCT21HfJMvXaOejJ97E1jr3fsgNHb5FiWduFDIlqV6VEEeUPn8Fg0EK
oQ69lU0pRp/xgU9chea0Uv9ojWlBo1uAoUfMoSX0buavD4KMwZ8O2hOMy98yBfSY
uRD+MaeIjaYWpHohvfz0V1bt6qnSJVNbnibBaUtx5GkuG8sk4OVm2axT10Fqno9e
YnA98oMJbZilgAgPGmrLHK+ekGoF0JeiVHbltj4JxK0iYgJN0mS65GS3us5V1WSO
J0KOuEfBivrsGHVOwxePtF6Fk5TXEb45rXWLMB5Is/ZynmyafopFzRWaFJFrSTVx
xC3e7IshK+251JhMmTpkEDSxy1PjEfv2
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:58:13 2025 by rpki-client