Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC4FB/098FE2E8DCDC11EF8E291844C4F9AE02/_yC8N52JoNs75vzykPo91S63-iA.mft
File:                     _yC8N52JoNs75vzykPo91S63-iA.mft (raw, json)
Hash identifier:          /NPJm/a0sUlVBglpewWjoeLmXoJ4Lg3hmAtqpr9MXr0=
Subject key identifier:   EF:94:89:F2:AB:6D:B0:AB:95:04:2D:DF:7C:D2:14:23:F9:9F:0E:B5
Authority key identifier: FF:20:BC:37:9D:89:A0:DB:3B:E6:FC:F2:90:FA:3D:D5:2E:B7:FA:20
Certificate issuer:       /CN=A91FC4FB/serialNumber=FF20BC379D89A0DB3BE6FCF290FA3DD52EB7FA20
Certificate serial:       35
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_yC8N52JoNs75vzykPo91S63-iA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FC4FB/098FE2E8DCDC11EF8E291844C4F9AE02/_yC8N52JoNs75vzykPo91S63-iA.mft
Manifest number:          33
Signing time:             Tue 29 Apr 2025 07:37:22 +0000
Manifest this update:     Tue 29 Apr 2025 07:37:22 +0000
Manifest next update:     Tue 06 May 2025 07:37:22 +0000
Files and hashes:         1: _yC8N52JoNs75vzykPo91S63-iA.crl (hash: TDRRI4B/dp+kPRuOAFUWWNjsf8YyhF75ZwJk+R6qBwg=)
                          2: F20BD4DEDD5C11EFAA80BB1AC4F9AE02.roa (hash: v5aAOYFTKYQs9mswlL+k53rGpICa845yISkOLh9tIAI=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FC4FB/098FE2E8DCDC11EF8E291844C4F9AE02/_yC8N52JoNs75vzykPo91S63-iA.crl
                          rsync://rpki.apnic.net/member_repository/A91FC4FB/098FE2E8DCDC11EF8E291844C4F9AE02/_yC8N52JoNs75vzykPo91S63-iA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_yC8N52JoNs75vzykPo91S63-iA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 06 May 2025 07:37:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53 (0x35)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FC4FB, serialNumber=FF20BC379D89A0DB3BE6FCF290FA3DD52EB7FA20
        Validity
            Not Before: Apr 29 07:37:22 2025 GMT
            Not After : May  6 07:37:22 2025 GMT
        Subject: CN=681081b2-34a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:75:d4:ee:fb:d6:f5:12:f3:31:30:22:a1:cb:
                    94:18:05:87:f0:85:d3:49:ce:a7:ee:fb:17:c0:8d:
                    20:ab:d8:88:16:ac:9b:94:0c:fb:06:d2:42:8f:bf:
                    f5:ee:84:71:64:b4:e0:f5:60:58:0d:99:83:cc:bd:
                    f5:93:ea:aa:cc:7b:d8:9f:5b:9c:5c:f7:98:e4:48:
                    8d:45:68:a8:1e:90:ee:04:6a:58:76:01:cb:65:0d:
                    50:c6:17:20:ba:7c:c9:62:68:b6:20:be:75:2d:66:
                    0e:5c:5f:d5:04:df:a3:89:88:10:b0:81:2c:27:2c:
                    00:a1:e2:89:02:d0:4b:ce:af:43:c5:03:4e:fc:8b:
                    53:5b:db:0b:c4:44:69:11:e7:5f:fa:91:6b:f3:17:
                    d7:64:00:ef:e5:04:fe:a6:9c:ca:ff:6d:11:1d:6b:
                    57:ec:2e:66:69:8c:ac:22:fa:a2:08:4d:26:c5:fd:
                    6e:fd:92:3a:a6:66:81:4a:ad:4e:37:d8:9e:e1:06:
                    af:71:8b:07:dc:5a:0f:af:57:27:98:66:06:ef:ab:
                    d8:d7:2d:48:ca:d9:47:4a:14:0a:1c:2c:63:60:8d:
                    b0:29:df:96:92:de:35:fe:39:a6:7f:df:34:be:9c:
                    cc:9f:2b:ee:b3:b7:12:fd:e5:77:ef:24:0f:0d:92:
                    1b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:94:89:F2:AB:6D:B0:AB:95:04:2D:DF:7C:D2:14:23:F9:9F:0E:B5
            X509v3 Authority Key Identifier:
                keyid:FF:20:BC:37:9D:89:A0:DB:3B:E6:FC:F2:90:FA:3D:D5:2E:B7:FA:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FC4FB/098FE2E8DCDC11EF8E291844C4F9AE02/_yC8N52JoNs75vzykPo91S63-iA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_yC8N52JoNs75vzykPo91S63-iA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC4FB/098FE2E8DCDC11EF8E291844C4F9AE02/_yC8N52JoNs75vzykPo91S63-iA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:46:b5:3e:95:96:80:6d:67:24:36:4b:c7:e6:cb:ff:cf:5e:
         cd:3c:2a:d9:49:0b:c5:27:46:32:df:46:8d:ed:1d:17:74:e2:
         b4:9b:f5:d9:b1:6b:f0:bd:82:94:96:ed:53:85:ee:7d:57:dd:
         49:b6:17:75:f1:99:f6:59:4f:2e:33:96:76:44:1a:e2:88:52:
         e3:34:ab:b3:69:e7:41:bf:9a:45:84:4d:77:e7:60:65:ed:87:
         67:4c:84:cd:1e:3f:a4:5c:a1:fd:07:e6:de:d1:c4:04:16:7a:
         d4:0a:e7:37:38:5e:05:e9:66:1c:07:00:06:3a:7c:98:59:c5:
         20:de:ff:ef:08:5c:d1:7d:75:ef:29:cf:b4:90:13:80:99:07:
         bf:13:67:ad:d2:91:02:aa:69:16:63:80:6a:75:df:31:aa:c8:
         d3:03:22:d5:b4:f7:c2:fa:dc:1e:6e:70:e9:fa:7a:fa:61:c7:
         3f:8f:e5:68:ef:21:00:26:9f:82:e6:9e:f8:5a:54:f6:24:1d:
         62:b3:f2:04:55:93:db:37:d0:e8:c6:c2:f6:e4:c6:1e:a8:eb:
         b1:7b:a0:4a:8e:df:9e:e2:7f:16:95:53:15:be:67:7d:e9:94:
         af:7b:e0:80:19:44:d1:07:ce:74:61:fe:8e:06:5a:20:11:1d:
         e8:59:f5:f1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QzRGQjExMC8GA1UEBRMoRkYyMEJDMzc5RDg5QTBEQjNCRTZGQ0YyOTBGQTNERDUy
RUI3RkEyMDAeFw0yNTA0MjkwNzM3MjJaFw0yNTA1MDYwNzM3MjJaMBgxFjAUBgNV
BAMTDTY4MTA4MWIyLTM0YTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDdddTu+9b1EvMxMCKhy5QYBYfwhdNJzqfu+xfAjSCr2IgWrJuUDPsG0kKPv/Xu
hHFktOD1YFgNmYPMvfWT6qrMe9ifW5xc95jkSI1FaKgekO4Ealh2ActlDVDGFyC6
fMliaLYgvnUtZg5cX9UE36OJiBCwgSwnLACh4okC0EvOr0PFA078i1Nb2wvERGkR
51/6kWvzF9dkAO/lBP6mnMr/bREda1fsLmZpjKwi+qIITSbF/W79kjqmZoFKrU43
2J7hBq9xiwfcWg+vVyeYZgbvq9jXLUjK2UdKFAocLGNgjbAp35aS3jX+OaZ/3zS+
nMyfK+6ztxL95XfvJA8NkhsPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU75SJ8qtt
sKuVBC3ffNIUI/mfDrUwHwYDVR0jBBgwFoAU/yC8N52JoNs75vzykPo91S63+iAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZDNEZCLzA5OEZFMkU4RENE
QzExRUY4RTI5MTg0NEM0RjlBRTAyL195QzhONTJKb05zNzV2enlrUG85MVM2My1p
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvX3lDOE41MkpvTnM3NXZ6eWtQbzkxUzYzLWlBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZD
NEZCLzA5OEZFMkU4RENEQzExRUY4RTI5MTg0NEM0RjlBRTAyL195QzhONTJKb05z
NzV2enlrUG85MVM2My1pQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBALBGtT6VloBtZyQ2S8fmy//PXs08KtlJC8UnRjLfRo3tHRd04rSb9dmx
a/C9gpSW7VOF7n1X3Um2F3XxmfZZTy4zlnZEGuKIUuM0q7Np50G/mkWETXfnYGXt
h2dMhM0eP6Rcof0H5t7RxAQWetQK5zc4XgXpZhwHAAY6fJhZxSDe/+8IXNF9de8p
z7SQE4CZB78TZ63SkQKqaRZjgGp13zGqyNMDItW098L63B5ucOn6evphxz+P5Wjv
IQAmn4LmnvhaVPYkHWKz8gRVk9s30OjGwvbkxh6o67F7oEqO357ifxaVUxW+Z33p
lK974IAZRNEHznRh/o4GWiARHehZ9fE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:53:51 2025 by rpki-client