Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft
File:                     GkhD6J8kRLLN24EYqoovRBgOhJg.mft (raw, json)
Hash identifier:          Y3r55gj0tWZN4PaAz9quR8Gw4XuvMRL9VTrPiLPY1rc=
Subject key identifier:   D8:87:C2:58:FF:B8:23:03:EF:A0:22:21:10:FB:BE:98:FD:3A:3C:F8
Authority key identifier: 1A:48:43:E8:9F:24:44:B2:CD:DB:81:18:AA:8A:2F:44:18:0E:84:98
Certificate issuer:       /CN=A91F5280/serialNumber=1A4843E89F2444B2CDDB8118AA8A2F44180E8498
Certificate serial:       0167
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GkhD6J8kRLLN24EYqoovRBgOhJg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft
Manifest number:          0163
Signing time:             Tue 29 Apr 2025 04:02:39 +0000
Manifest this update:     Tue 29 Apr 2025 04:02:38 +0000
Manifest next update:     Tue 06 May 2025 04:02:38 +0000
Files and hashes:         1: GkhD6J8kRLLN24EYqoovRBgOhJg.crl (hash: rhqJ3fr/hhY644+9mmFMFI88b0rCGjOinIjsqFybJtQ=)
                          2: B5569B88096311EE9ECB644DC4F9AE02.roa (hash: r69ry07FlZRyxMcGSskusquMKld1QByFguUcoWDQa3s=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.crl
                          rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GkhD6J8kRLLN24EYqoovRBgOhJg.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 06 May 2025 04:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 359 (0x167)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F5280, serialNumber=1A4843E89F2444B2CDDB8118AA8A2F44180E8498
        Validity
            Not Before: Apr 29 04:02:38 2025 GMT
            Not After : May  6 04:02:38 2025 GMT
        Subject: CN=68104f5e-b5dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:71:70:91:9a:0e:78:44:a2:91:93:01:7e:96:
                    32:a2:96:e5:bf:f9:53:47:2a:f2:2c:3b:0f:f0:70:
                    4d:ca:4d:96:3e:ae:92:03:c9:73:e6:5a:2a:6a:ea:
                    b4:4c:04:75:e4:0a:54:ca:f2:8c:4b:82:1f:d0:2d:
                    bd:d8:f2:36:d6:a7:d2:f8:1c:f2:09:15:64:69:5f:
                    2f:18:31:b8:4c:ad:16:5e:b3:f4:99:34:ae:61:2a:
                    9a:a2:f1:6a:8d:19:79:8b:57:1c:91:ce:ba:93:2a:
                    59:f7:77:0f:a2:f8:29:c9:44:b1:7c:70:ef:05:59:
                    6d:08:6b:c0:02:9e:af:c5:f3:8a:ce:88:70:05:3f:
                    ae:7c:7d:3e:82:4f:7c:a4:8e:99:f9:9b:fa:09:c9:
                    4f:a4:c0:f9:62:de:3b:80:b3:7a:15:75:e9:fa:36:
                    dd:a8:a6:49:15:18:e8:b4:78:b0:cc:cd:27:b6:6a:
                    bc:6f:98:bc:6b:a0:96:53:a9:e5:c1:f9:89:f1:c3:
                    7c:fc:61:63:b2:e3:a7:21:89:8c:c5:6c:23:a2:94:
                    4c:ab:24:f9:57:6e:9c:4d:60:e0:c3:ff:f3:e9:89:
                    82:9d:41:6e:18:8f:d2:0d:ca:d0:ef:4d:9c:23:75:
                    eb:ce:87:10:cb:93:43:90:31:24:c7:68:a8:d5:af:
                    f5:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:87:C2:58:FF:B8:23:03:EF:A0:22:21:10:FB:BE:98:FD:3A:3C:F8
            X509v3 Authority Key Identifier:
                keyid:1A:48:43:E8:9F:24:44:B2:CD:DB:81:18:AA:8A:2F:44:18:0E:84:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GkhD6J8kRLLN24EYqoovRBgOhJg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:8d:6c:dc:9d:42:35:6e:5f:12:1d:49:44:be:fd:9d:da:62:
         c7:60:1d:d0:6c:41:3c:5e:a9:d4:65:d8:68:3e:af:6e:16:fa:
         f2:d2:2c:9f:bb:c8:1d:c4:b2:1f:e7:b0:9e:86:74:7e:7b:9c:
         d8:a4:54:6f:4e:86:c8:bc:17:b2:71:d3:b8:70:f2:07:81:b6:
         34:48:12:04:84:c3:f0:a0:66:42:f9:b3:d7:77:94:2d:d5:51:
         6b:2c:bd:ea:26:5e:94:46:09:83:8b:5f:75:1d:04:ad:39:b9:
         29:52:bb:12:c9:98:f0:43:89:ce:81:df:9b:01:51:f8:d7:38:
         3a:70:bb:5c:99:b7:8b:67:5c:9b:4e:9b:b9:e6:f4:e2:0d:a8:
         a9:2d:8a:b8:ff:04:06:36:31:1e:3b:f4:1c:dc:6b:4b:d7:e8:
         1d:4c:93:7d:51:c6:78:5f:f3:a1:ee:cc:2f:1a:fd:ce:82:26:
         bb:fa:ae:17:d0:f9:aa:da:f8:33:26:c1:f5:59:82:05:e6:35:
         c1:af:f4:c7:d2:87:d5:a0:7f:82:e2:3d:11:b4:cc:b0:8f:0f:
         69:8b:7b:5e:e3:27:cd:a9:74:74:24:0d:b3:6d:79:e5:91:f7:
         bf:72:34:e4:0c:80:00:64:a2:22:82:57:c7:f0:04:e1:ea:ca:
         8f:5d:19:5d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAWcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjUyODAxMTAvBgNVBAUTKDFBNDg0M0U4OUYyNDQ0QjJDRERCODExOEFBOEEyRjQ0
MTgwRTg0OTgwHhcNMjUwNDI5MDQwMjM4WhcNMjUwNTA2MDQwMjM4WjAYMRYwFAYD
VQQDEw02ODEwNGY1ZS1iNWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA53FwkZoOeESikZMBfpYyopblv/lTRyryLDsP8HBNyk2WPq6SA8lz5loqauq0
TAR15ApUyvKMS4If0C292PI21qfS+BzyCRVkaV8vGDG4TK0WXrP0mTSuYSqaovFq
jRl5i1cckc66kypZ93cPovgpyUSxfHDvBVltCGvAAp6vxfOKzohwBT+ufH0+gk98
pI6Z+Zv6CclPpMD5Yt47gLN6FXXp+jbdqKZJFRjotHiwzM0ntmq8b5i8a6CWU6nl
wfmJ8cN8/GFjsuOnIYmMxWwjopRMqyT5V26cTWDgw//z6YmCnUFuGI/SDcrQ702c
I3XrzocQy5NDkDEkx2io1a/1sQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNiHwlj/
uCMD76AiIRD7vpj9Ojz4MB8GA1UdIwQYMBaAFBpIQ+ifJESyzduBGKqKL0QYDoSY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTI4MC9DMDRCMUI3NjA5
NUYxMUVFQUQwRUQwNENDNEY5QUUwMi9Ha2hENko4a1JMTE4yNEVZcW9vdlJCZ09o
SmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0draEQ2SjhrUkxMTjI0RVlxb292UkJnT2hKZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NTI4MC9DMDRCMUI3NjA5NUYxMUVFQUQwRUQwNENDNEY5QUUwMi9Ha2hENko4a1JM
TE4yNEVZcW9vdlJCZ09oSmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBMjWzcnUI1bl8SHUlEvv2d2mLHYB3QbEE8XqnUZdhoPq9uFvry0iyf
u8gdxLIf57CehnR+e5zYpFRvTobIvBeycdO4cPIHgbY0SBIEhMPwoGZC+bPXd5Qt
1VFrLL3qJl6URgmDi191HQStObkpUrsSyZjwQ4nOgd+bAVH41zg6cLtcmbeLZ1yb
Tpu55vTiDaipLYq4/wQGNjEeO/Qc3GtL1+gdTJN9UcZ4X/Oh7swvGv3Ogia7+q4X
0Pmq2vgzJsH1WYIF5jXBr/TH0ofVoH+C4j0RtMywjw9pi3te4yfNqXR0JA2zbXnl
kfe/cjTkDIAAZKIiglfH8ATh6sqPXRld
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:48:03 2025 by rpki-client