Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
File:                     QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft (raw, json)
Hash identifier:          LvAURxuc7RFkRV+nsdTENIyDRNfSaPrhlD8PoGwp19c=
Subject key identifier:   A4:B9:A1:29:E2:E4:75:FD:F9:0C:A5:7E:F9:56:D4:BC:F4:41:36:01
Authority key identifier: 41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58
Certificate issuer:       /CN=A91E5D61/serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458
Certificate serial:       127B
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
Manifest number:          4709
Signing time:             Sat 26 Apr 2025 14:20:58 +0000
Manifest this update:     Sat 26 Apr 2025 14:20:57 +0000
Manifest next update:     Sat 03 May 2025 14:20:57 +0000
Files and hashes:         1: QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl (hash: 74BjDbsa18fPEIMLXPw3ABFo/lwIZdXZ79hufCqzjoI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl
                          rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 03 May 2025 14:20:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4731 (0x127b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E5D61, serialNumber=416D6CD60390FB7C96ED79D78CE76F54AFCF4458
        Validity
            Not Before: Apr 26 14:20:57 2025 GMT
            Not After : May  3 14:20:57 2025 GMT
        Subject: CN=680cebca-0886
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:7b:ae:97:e6:e1:88:01:ba:51:73:c1:8f:d9:
                    b1:cb:ff:02:be:56:15:90:a7:3d:86:5f:13:ec:85:
                    67:93:69:40:00:90:07:43:57:7e:ac:b7:43:a8:05:
                    47:3e:2f:b8:42:71:ab:45:8c:8d:46:b9:32:9d:07:
                    bf:d7:e6:df:3f:cb:19:e9:69:5f:cb:e1:30:aa:42:
                    6c:f4:56:bb:6c:ef:b9:77:41:26:f3:af:00:75:23:
                    c6:48:a9:94:7f:ca:ae:7a:f2:9c:ae:81:88:26:78:
                    a6:40:7b:82:e1:c4:62:a7:fc:20:bc:42:96:1d:9c:
                    e7:ef:2f:dd:cd:d1:43:f6:f6:ec:ee:1b:7b:7b:9e:
                    ed:ae:0a:b3:10:28:68:64:de:13:6b:93:3f:e5:54:
                    f9:23:c6:d4:71:bb:bd:b2:f7:98:e9:22:62:08:d8:
                    1f:0c:a1:48:19:df:fd:bf:b5:48:6d:5c:17:83:86:
                    a6:9a:92:8b:6f:b6:ce:a5:9f:45:3c:6c:b1:d4:ab:
                    04:d7:6f:8b:ea:54:b2:45:c9:02:77:e2:fe:2b:32:
                    96:bf:0b:8b:b3:03:bd:97:37:5d:3a:95:b1:47:39:
                    fb:ba:82:f3:55:97:90:cc:85:f8:2d:69:4a:8a:da:
                    d7:26:93:9a:be:2b:d0:fa:25:22:76:d2:18:eb:c3:
                    3f:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:B9:A1:29:E2:E4:75:FD:F9:0C:A5:7E:F9:56:D4:BC:F4:41:36:01
            X509v3 Authority Key Identifier:
                keyid:41:6D:6C:D6:03:90:FB:7C:96:ED:79:D7:8C:E7:6F:54:AF:CF:44:58

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/2A7C7D981D7911E2879E38C508B02CD2/QW1s1gOQ-3yW7XnXjOdvVK_PRFg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:4b:fa:0d:10:e2:b2:83:2e:46:ef:fa:be:c4:f4:ad:3c:af:
         49:7b:f3:88:62:19:8f:32:2e:86:83:94:09:4d:87:72:26:f4:
         62:da:56:45:fc:7b:f9:02:e8:24:57:14:40:c3:b7:19:72:66:
         12:32:66:10:5e:c5:b4:d5:4a:17:7f:86:b9:bc:f5:a7:7f:1c:
         7d:c8:c2:1e:fc:3e:aa:63:6c:38:17:e3:af:eb:7c:90:76:98:
         13:8f:cd:d8:9d:66:c6:60:4d:72:8b:e2:df:aa:a7:6d:fc:b5:
         fd:40:d8:4f:46:f7:98:f3:52:32:05:3d:1b:c1:c7:ab:4e:aa:
         90:cc:77:20:9c:10:a7:15:68:28:e9:b7:6a:91:69:7f:cb:89:
         a2:31:d7:fa:c1:47:3f:9c:c2:8a:f6:f4:3a:01:b2:ab:cd:89:
         07:57:12:cf:db:28:e6:10:cc:97:82:b5:44:43:a2:d4:04:0d:
         62:4b:1c:f0:6c:9c:f8:53:11:9a:99:46:99:da:6d:e9:f3:6a:
         0a:ac:da:22:2d:95:f6:00:09:58:87:af:73:96:79:a9:8f:24:
         bd:b8:b2:9f:2d:c2:fe:53:10:d6:98:62:17:f7:d6:8e:ea:1b:
         65:44:26:9d:04:99:21:9f:b1:80:60:e7:9d:d1:f9:90:a4:43:
         dd:09:f5:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTVENjExMTAvBgNVBAUTKDQxNkQ2Q0Q2MDM5MEZCN0M5NkVENzlENzhDRTc2RjU0
QUZDRjQ0NTgwHhcNMjUwNDI2MTQyMDU3WhcNMjUwNTAzMTQyMDU3WjAYMRYwFAYD
VQQDEw02ODBjZWJjYS0wODg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAznuul+bhiAG6UXPBj9mxy/8CvlYVkKc9hl8T7IVnk2lAAJAHQ1d+rLdDqAVH
Pi+4QnGrRYyNRrkynQe/1+bfP8sZ6Wlfy+EwqkJs9Fa7bO+5d0Em868AdSPGSKmU
f8quevKcroGIJnimQHuC4cRip/wgvEKWHZzn7y/dzdFD9vbs7ht7e57trgqzECho
ZN4Ta5M/5VT5I8bUcbu9sveY6SJiCNgfDKFIGd/9v7VIbVwXg4ammpKLb7bOpZ9F
PGyx1KsE12+L6lSyRckCd+L+KzKWvwuLswO9lzddOpWxRzn7uoLzVZeQzIX4LWlK
itrXJpOavivQ+iUidtIY68M/YwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKS5oSni
5HX9+QylfvlW1Lz0QTYBMB8GA1UdIwQYMBaAFEFtbNYDkPt8lu1514znb1Svz0RY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUQ2MS8yQTdDN0Q5ODFE
NzkxMUUyODc5RTM4QzUwOEIwMkNEMi9RVzFzMWdPUS0zeVc3WG5Yak9kdlZLX1BS
RmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL1FXMXMxZ09RLTN5VzdYblhqT2R2VktfUFJGZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NUQ2MS8yQTdDN0Q5ODFENzkxMUUyODc5RTM4QzUwOEIwMkNEMi9RVzFzMWdPUS0z
eVc3WG5Yak9kdlZLX1BSRmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBqS/oNEOKygy5G7/q+xPStPK9Je/OIYhmPMi6Gg5QJTYdyJvRi2lZF
/Hv5AugkVxRAw7cZcmYSMmYQXsW01UoXf4a5vPWnfxx9yMIe/D6qY2w4F+Ov63yQ
dpgTj83YnWbGYE1yi+Lfqqdt/LX9QNhPRveY81IyBT0bwcerTqqQzHcgnBCnFWgo
6bdqkWl/y4miMdf6wUc/nMKK9vQ6AbKrzYkHVxLP2yjmEMyXgrVEQ6LUBA1iSxzw
bJz4UxGamUaZ2m3p82oKrNoiLZX2AAlYh69zlnmpjyS9uLKfLcL+UxDWmGIX99aO
6htlRCadBJkhn7GAYOed0fmQpEPdCfW9
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:24:47 2025 by rpki-client