Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft
File:                     Klbs8PH_OfsVFWANEgo0cr4UtzI.mft (raw, json)
Hash identifier:          bsMbnTlRWpHiCxrzM7DOePo54jd22gMyx7CJ13zzbgU=
Subject key identifier:   5D:FF:CC:E0:B4:1C:0D:75:FE:7E:1C:D0:ED:98:2B:A2:7C:2D:28:CB
Authority key identifier: 2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32
Certificate issuer:       /CN=A91EA485/serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732
Certificate serial:       0172
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft
Manifest number:          016E
Signing time:             Sat 09 Aug 2025 04:13:54 +0000
Manifest this update:     Sat 09 Aug 2025 04:13:53 +0000
Manifest next update:     Sat 16 Aug 2025 04:13:53 +0000
Files and hashes:         1: Klbs8PH_OfsVFWANEgo0cr4UtzI.crl (hash: na+W8g0qEKDCM1kCkqTG6hmASML1vOECyMHyQAYySRw=)
                          2: EF31E31847CE11EEB588375DC4F9AE02.roa (hash: kILGmUlpt7DdHWZSLztcZSmK4D+q9rXXCv0iWxnKi6I=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl
                          rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 370 (0x172)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EA485, serialNumber=2A56ECF0F1FF39FB1515600D120A3472BE14B732
        Validity
            Not Before: Aug  9 04:13:53 2025 GMT
            Not After : Aug 16 04:13:53 2025 GMT
        Subject: CN=6896cb02-034c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:6d:76:c5:19:6a:18:0b:fb:96:30:10:3c:cb:
                    67:71:12:20:d8:a9:e4:10:20:e4:6d:5a:bd:07:e0:
                    a4:ca:df:fd:65:1f:f4:58:a7:8a:49:bb:97:98:10:
                    17:7e:f6:05:5f:de:35:cd:de:a7:25:d7:3d:62:75:
                    9b:d3:6e:57:29:23:60:23:1e:bd:21:a1:14:8d:ba:
                    83:c7:f2:63:79:a5:e7:7f:ea:3c:ba:7a:63:7a:d6:
                    63:80:85:1b:05:38:cd:17:a1:ac:31:24:1c:b6:47:
                    b9:50:a9:49:9b:e1:f1:28:00:5d:0e:97:c5:3e:95:
                    28:e3:81:af:d8:74:c1:af:70:8c:e3:b9:9d:b2:f1:
                    5c:83:cf:29:99:8a:ec:c6:6e:3c:7d:20:3f:62:66:
                    cd:ed:11:16:cf:07:df:17:7e:7a:50:67:e1:ac:f9:
                    0f:4c:b9:11:da:30:06:84:cc:56:79:83:52:6e:a9:
                    c7:fa:5e:d7:03:39:45:90:c2:e2:31:59:21:3a:1d:
                    54:e6:19:20:2e:d6:89:d2:12:7c:a5:73:71:86:2d:
                    5a:51:12:86:bf:46:ec:6f:40:fa:83:ea:bc:4b:ac:
                    c7:f1:ef:e4:f4:76:62:fd:b4:24:d3:8f:f1:8f:1b:
                    dd:b0:0f:7e:17:bb:15:37:36:f0:ce:64:23:e4:6a:
                    2d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:FF:CC:E0:B4:1C:0D:75:FE:7E:1C:D0:ED:98:2B:A2:7C:2D:28:CB
            X509v3 Authority Key Identifier:
                keyid:2A:56:EC:F0:F1:FF:39:FB:15:15:60:0D:12:0A:34:72:BE:14:B7:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Klbs8PH_OfsVFWANEgo0cr4UtzI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA485/62A9286647CE11EE86C2385CC4F9AE02/Klbs8PH_OfsVFWANEgo0cr4UtzI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:95:37:3b:91:c8:03:93:31:7a:fd:bd:76:7a:4f:ca:16:a0:
         eb:88:d7:0e:62:49:8f:4f:4d:c0:84:fa:c1:19:74:4e:83:53:
         49:c0:57:18:56:3f:5f:a0:1a:74:d6:07:b7:76:55:4a:16:e4:
         55:d0:3c:7c:7e:c5:9f:2c:f6:03:0f:bf:ed:df:e2:23:ee:b4:
         75:73:0d:38:09:59:96:07:d5:c3:c5:b5:88:3e:98:ba:0d:7e:
         2d:a9:5e:a9:93:2e:6a:18:71:fb:ea:54:12:f2:92:62:8c:fd:
         eb:71:55:58:52:59:bc:37:7c:8e:5a:ca:07:c2:14:d8:6e:be:
         50:f6:e6:35:c8:b1:98:8f:31:a0:18:ee:c1:43:3e:6f:4b:97:
         8c:db:38:44:7d:16:40:33:fa:70:7c:3a:b8:28:84:32:bc:15:
         e7:bc:a7:18:a7:f6:63:77:75:d6:45:84:c9:4f:06:44:5b:a4:
         b8:88:fd:60:44:8c:3d:21:58:5f:bd:81:7e:2e:3d:4e:52:b4:
         f0:44:e5:f9:91:e0:5b:07:a4:4a:a0:f9:9d:22:39:75:4a:f7:
         28:4a:a3:81:b1:94:71:17:c7:97:e0:c6:26:bf:a3:6e:98:da:
         44:b5:fc:eb:df:97:87:0b:63:66:a3:86:31:2f:2e:02:82:70:
         52:eb:e6:4e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE0ODUxMTAvBgNVBAUTKDJBNTZFQ0YwRjFGRjM5RkIxNTE1NjAwRDEyMEEzNDcy
QkUxNEI3MzIwHhcNMjUwODA5MDQxMzUzWhcNMjUwODE2MDQxMzUzWjAYMRYwFAYD
VQQDEw02ODk2Y2IwMi0wMzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnW12xRlqGAv7ljAQPMtncRIg2KnkECDkbVq9B+Ckyt/9ZR/0WKeKSbuXmBAX
fvYFX941zd6nJdc9YnWb025XKSNgIx69IaEUjbqDx/JjeaXnf+o8unpjetZjgIUb
BTjNF6GsMSQctke5UKlJm+HxKABdDpfFPpUo44Gv2HTBr3CM47mdsvFcg88pmYrs
xm48fSA/YmbN7REWzwffF356UGfhrPkPTLkR2jAGhMxWeYNSbqnH+l7XAzlFkMLi
MVkhOh1U5hkgLtaJ0hJ8pXNxhi1aURKGv0bsb0D6g+q8S6zH8e/k9HZi/bQk04/x
jxvdsA9+F7sVNzbwzmQj5GotQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF3/zOC0
HA11/n4c0O2YK6J8LSjLMB8GA1UdIwQYMBaAFCpW7PDx/zn7FRVgDRIKNHK+FLcy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ4NS82MkE5Mjg2NjQ3
Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09mc1ZGV0FORWdvMGNyNFV0
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tsYnM4UEhfT2ZzVkZXQU5FZ28wY3I0VXR6SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QTQ4NS82MkE5Mjg2NjQ3Q0UxMUVFODZDMjM4NUNDNEY5QUUwMi9LbGJzOFBIX09m
c1ZGV0FORWdvMGNyNFV0ekkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCGlTc7kcgDkzF6/b12ek/KFqDriNcOYkmPT03AhPrBGXROg1NJwFcY
Vj9foBp01ge3dlVKFuRV0Dx8fsWfLPYDD7/t3+Ij7rR1cw04CVmWB9XDxbWIPpi6
DX4tqV6pky5qGHH76lQS8pJijP3rcVVYUlm8N3yOWsoHwhTYbr5Q9uY1yLGYjzGg
GO7BQz5vS5eM2zhEfRZAM/pwfDq4KIQyvBXnvKcYp/Zjd3XWRYTJTwZEW6S4iP1g
RIw9IVhfvYF+Lj1OUrTwROX5keBbB6RKoPmdIjl1SvcoSqOBsZRxF8eX4MYmv6Nu
mNpEtfzr35eHC2Nmo4YxLy4CgnBS6+ZO
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:12:00 2025 by rpki-client