Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.mft
File:                     Klm5bDClX71h0iMDc864nR2wGos.mft (raw, json)
Hash identifier:          +jjPg8bv0EjzNgZdrc+Jt+4n46ewozDv6RCVzfUizE0=
Subject key identifier:   1D:49:10:8E:BF:A0:5A:E2:D2:F4:75:47:97:FC:67:38:E1:E9:77:6E
Authority key identifier: 2A:59:B9:6C:30:A5:5F:BD:61:D2:23:03:73:CE:B8:9D:1D:B0:1A:8B
Certificate issuer:       /CN=A91F523F/serialNumber=2A59B96C30A55FBD61D2230373CEB89D1DB01A8B
Certificate serial:       80
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Klm5bDClX71h0iMDc864nR2wGos.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.mft
Manifest number:          7F
Signing time:             Tue 05 Aug 2025 07:17:24 +0000
Manifest this update:     Tue 05 Aug 2025 07:17:24 +0000
Manifest next update:     Tue 12 Aug 2025 07:17:24 +0000
Files and hashes:         1: Klm5bDClX71h0iMDc864nR2wGos.crl (hash: ai9zcQBHWDLLEZFbnkXB7xzazXZ8upFmEXxwxxjbz/s=)
                          2: 607B5F6AB05411EF84C8DC74C4F9AE02.roa (hash: OnMDRT+B6RI2pySK/GT7zK6sSZU+o29fnWCK2xZrKx8=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.crl
                          rsync://rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Klm5bDClX71h0iMDc864nR2wGos.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 12 Aug 2025 07:17:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128 (0x80)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F523F, serialNumber=2A59B96C30A55FBD61D2230373CEB89D1DB01A8B
        Validity
            Not Before: Aug  5 07:17:24 2025 GMT
            Not After : Aug 12 07:17:24 2025 GMT
        Subject: CN=6891b004-5d0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:04:45:10:d9:1f:be:04:a0:8b:b5:8b:9e:fa:
                    e4:00:05:8e:64:ca:28:ad:cf:91:68:79:e3:55:fc:
                    48:64:d7:1a:49:d6:22:d7:98:62:05:9d:b4:9a:b5:
                    5f:dc:0d:ba:52:a8:4d:35:8f:34:1c:1d:ed:6b:73:
                    c0:63:64:76:a2:81:e5:0c:57:a9:23:28:de:e9:a9:
                    1b:a4:c9:41:a3:ba:5e:86:45:cc:d4:23:fe:38:23:
                    ab:13:ae:2f:e8:a7:2e:8f:c7:1f:e6:70:c8:3a:a2:
                    11:5e:25:ea:4f:87:2d:b5:22:43:a1:69:be:7b:b9:
                    d9:f0:3f:20:01:a8:cf:ef:c1:b0:f0:1b:e7:7c:f3:
                    f6:3a:69:92:86:74:78:fe:52:3a:aa:9d:31:b4:45:
                    f9:df:db:30:f5:6c:4e:11:54:06:66:cb:78:0a:93:
                    63:c6:a4:99:68:66:c1:c1:17:59:fb:0e:36:31:5b:
                    1e:8a:03:fa:63:53:39:d6:07:24:95:fa:0b:b4:0f:
                    38:5b:8f:a1:c6:08:f9:bd:dc:f9:cc:b2:17:7b:40:
                    d2:89:b9:66:f6:32:ea:58:6f:0f:05:02:4f:1f:0b:
                    9c:c1:5c:22:3d:46:f7:e4:31:2e:de:43:2e:6f:34:
                    e3:56:7e:12:8d:39:c1:a4:70:72:88:f6:aa:b7:d3:
                    69:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:49:10:8E:BF:A0:5A:E2:D2:F4:75:47:97:FC:67:38:E1:E9:77:6E
            X509v3 Authority Key Identifier:
                keyid:2A:59:B9:6C:30:A5:5F:BD:61:D2:23:03:73:CE:B8:9D:1D:B0:1A:8B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Klm5bDClX71h0iMDc864nR2wGos.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:96:61:d8:4c:23:22:2a:68:17:41:df:d7:c9:1a:6e:f1:75:
         0b:aa:d5:d5:bf:09:32:a6:5d:f7:da:3e:9f:32:ff:26:48:90:
         4a:d2:aa:56:9c:60:6a:8a:e7:0f:5e:a0:8a:a4:00:d5:0c:ce:
         83:08:7a:11:03:86:86:b6:fb:05:09:99:bd:e0:28:c8:45:b7:
         c4:44:68:45:10:0d:6f:1f:2a:52:23:4a:e1:b5:34:dc:76:f6:
         60:46:1d:e0:90:1f:79:f0:a7:1e:90:fc:9d:13:5a:27:19:fb:
         ff:47:b7:96:2a:36:65:5e:10:c0:4f:03:1e:f4:a1:05:7e:1d:
         5b:2c:87:ea:10:67:07:d2:5c:42:13:11:f4:ca:ea:c6:92:86:
         8c:bf:ac:e8:08:60:77:da:f1:77:91:c0:cc:d9:89:01:94:a5:
         69:df:1a:d4:7b:31:c4:34:25:f1:82:24:f5:95:f8:f2:58:05:
         21:b8:85:73:d1:d3:0f:8f:f1:6b:c5:a9:13:17:e9:aa:be:fd:
         8c:d7:cb:23:2b:93:38:b3:57:08:9e:ed:b8:62:47:15:ee:8f:
         13:22:d4:0e:e7:5a:8f:75:fa:08:c2:8d:39:c1:51:c3:23:77:
         19:99:cb:59:02:97:c1:d6:8b:d7:b1:e8:90:3d:13:5d:e3:4a:
         0a:85:63:09
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAIAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjUyM0YxMTAvBgNVBAUTKDJBNTlCOTZDMzBBNTVGQkQ2MUQyMjMwMzczQ0VCODlE
MURCMDFBOEIwHhcNMjUwODA1MDcxNzI0WhcNMjUwODEyMDcxNzI0WjAYMRYwFAYD
VQQDEw02ODkxYjAwNC01ZDBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAywRFENkfvgSgi7WLnvrkAAWOZMoorc+RaHnjVfxIZNcaSdYi15hiBZ20mrVf
3A26UqhNNY80HB3ta3PAY2R2ooHlDFepIyje6akbpMlBo7pehkXM1CP+OCOrE64v
6Kcuj8cf5nDIOqIRXiXqT4cttSJDoWm+e7nZ8D8gAajP78Gw8BvnfPP2OmmShnR4
/lI6qp0xtEX539sw9WxOEVQGZst4CpNjxqSZaGbBwRdZ+w42MVseigP6Y1M51gck
lfoLtA84W4+hxgj5vdz5zLIXe0DSiblm9jLqWG8PBQJPHwucwVwiPUb35DEu3kMu
bzTjVn4SjTnBpHByiPaqt9Np2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB1JEI6/
oFri0vR1R5f8Zzjh6XduMB8GA1UdIwQYMBaAFCpZuWwwpV+9YdIjA3POuJ0dsBqL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTIzRi80RUJBNkIzMkIw
NTMxMUVGOUMyQjhEM0ZDNEY5QUUwMi9LbG01YkRDbFg3MWgwaU1EYzg2NG5SMndH
b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0tsbTViRENsWDcxaDBpTURjODY0blIyd0dvcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NTIzRi80RUJBNkIzMkIwNTMxMUVGOUMyQjhEM0ZDNEY5QUUwMi9LbG01YkRDbFg3
MWgwaU1EYzg2NG5SMndHb3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAwlmHYTCMiKmgXQd/XyRpu8XULqtXVvwkypl332j6fMv8mSJBK0qpW
nGBqiucPXqCKpADVDM6DCHoRA4aGtvsFCZm94CjIRbfERGhFEA1vHypSI0rhtTTc
dvZgRh3gkB958KcekPydE1onGfv/R7eWKjZlXhDATwMe9KEFfh1bLIfqEGcH0lxC
ExH0yurGkoaMv6zoCGB32vF3kcDM2YkBlKVp3xrUezHENCXxgiT1lfjyWAUhuIVz
0dMPj/FrxakTF+mqvv2M18sjK5M4s1cInu24YkcV7o8TItQO51qPdfoIwo05wVHD
I3cZmctZApfB1ovXseiQPRNd40oKhWMJ
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:30:58 2025 by rpki-client