Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft
File:                     rehZrZQNGhc_pkzXBYZ9SH5nNog.mft (raw, json)
Hash identifier:          aBaEMi1iiQBWiPR/wO+6S5qSFwMFwqmuMrmFcN0YHN0=
Subject key identifier:   80:03:7F:A6:C9:F5:60:26:30:8D:E0:C2:26:CF:7A:2C:16:2F:A3:F6
Authority key identifier: AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88
Certificate issuer:       /CN=A91FDAD4/serialNumber=ADE859AD940D1A173FA64CD705867D487E673688
Certificate serial:       021D
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft
Manifest number:          0218
Signing time:             Sat 09 Aug 2025 00:52:07 +0000
Manifest this update:     Sat 09 Aug 2025 00:52:06 +0000
Manifest next update:     Sat 16 Aug 2025 00:52:06 +0000
Files and hashes:         1: rehZrZQNGhc_pkzXBYZ9SH5nNog.crl (hash: Cg+Lq5Ig69hu1ONnc85cI9BApMuFNFbmDMSZGvMkooc=)
                          2: A99BC9D64CAC11EDA3BF485AC4F9AE02.roa (hash: M0LQ0bOgsXho1IONj8CXX3n4kpo/nKJprHxKVrxONpQ=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl
                          rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 14 Aug 2025 05:57:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 541 (0x21d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FDAD4, serialNumber=ADE859AD940D1A173FA64CD705867D487E673688
        Validity
            Not Before: Aug  9 00:52:06 2025 GMT
            Not After : Aug 16 00:52:06 2025 GMT
        Subject: CN=68969bb6-a601
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:72:b9:ce:7e:77:7e:18:60:a8:c9:a4:fe:6a:
                    2f:b4:ed:66:3b:9d:29:34:8b:be:2d:d8:3d:03:46:
                    82:54:5d:a0:70:d3:67:2c:b0:8e:e9:3f:9c:4e:19:
                    a4:be:e1:68:6c:50:cc:79:a6:88:31:f8:30:70:9c:
                    3d:42:42:c3:7d:bd:a8:44:ea:42:91:a7:09:31:76:
                    06:08:22:8c:e2:fd:56:22:38:88:42:11:2b:75:98:
                    ce:56:2a:dc:9b:86:57:24:d7:98:79:58:a2:f1:d4:
                    e2:3a:66:0d:4f:61:87:2a:3a:24:86:0c:15:42:cf:
                    ac:31:58:8d:b2:cb:73:98:51:a7:42:ca:57:c3:b3:
                    73:96:b9:2c:0a:f2:0e:01:8f:b4:f8:26:01:4f:b2:
                    4d:bb:de:52:0c:10:b9:63:ab:c0:ab:b7:da:a0:bb:
                    4a:1a:43:31:18:59:1c:4b:b5:53:e3:01:09:21:92:
                    74:28:e1:8f:0e:53:74:1d:51:a3:d8:dc:d4:b4:e1:
                    1d:53:72:37:cf:88:94:20:be:55:df:84:d7:d7:7b:
                    9b:10:bf:54:95:cb:ca:e3:66:8c:f3:ea:aa:75:91:
                    61:65:7e:a4:9e:d8:56:bb:cd:13:ed:fb:ce:33:bb:
                    24:ab:d2:2a:24:27:96:79:cb:f5:36:ab:17:51:8e:
                    3b:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:03:7F:A6:C9:F5:60:26:30:8D:E0:C2:26:CF:7A:2C:16:2F:A3:F6
            X509v3 Authority Key Identifier:
                keyid:AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:94:5c:4d:3b:e6:78:5a:7a:d2:12:ee:4a:55:e7:1e:43:ed:
         a0:fa:37:af:48:fb:61:a8:95:68:29:d3:6a:cd:c8:84:5a:ba:
         b9:a7:75:47:21:7c:5b:bc:1b:a0:18:71:73:f7:33:9e:d2:bc:
         f4:77:6d:48:5f:25:87:59:26:3c:61:6f:94:17:7f:8c:ca:c5:
         c8:d2:e5:3f:8f:c4:17:2c:41:9e:fc:72:af:33:0f:35:7f:53:
         10:a1:aa:c7:ee:38:15:2f:a4:d4:4a:85:1d:74:bf:c2:13:c4:
         ca:86:ba:67:46:5d:fb:46:7c:c3:30:fd:b4:2b:2d:2f:ea:62:
         19:4f:b1:c9:a3:17:fd:a2:27:a4:54:a8:d8:f3:97:f8:8d:b5:
         40:aa:e8:1d:e5:91:84:36:43:e4:04:f1:b8:0d:04:7e:1a:94:
         d0:9f:18:d3:1f:28:29:8b:8a:07:c1:0d:90:46:f8:23:11:59:
         78:ae:67:a2:8e:1d:7a:7b:d9:3d:38:44:bc:1f:4a:34:2c:b5:
         d0:ec:2e:e3:d3:da:a2:39:63:c5:22:15:2d:7c:2d:0c:be:51:
         db:30:bb:51:c3:59:d8:18:83:4b:66:8c:51:08:8c:a5:3d:90:
         ac:eb:6a:34:ff:b5:ea:63:f9:ef:3a:37:1f:2b:a7:c9:6a:2d:
         e2:1f:e3:66
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAh0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRBRDQxMTAvBgNVBAUTKEFERTg1OUFEOTQwRDFBMTczRkE2NENENzA1ODY3RDQ4
N0U2NzM2ODgwHhcNMjUwODA5MDA1MjA2WhcNMjUwODE2MDA1MjA2WjAYMRYwFAYD
VQQDEw02ODk2OWJiNi1hNjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6HK5zn53fhhgqMmk/movtO1mO50pNIu+Ldg9A0aCVF2gcNNnLLCO6T+cThmk
vuFobFDMeaaIMfgwcJw9QkLDfb2oROpCkacJMXYGCCKM4v1WIjiIQhErdZjOVirc
m4ZXJNeYeVii8dTiOmYNT2GHKjokhgwVQs+sMViNsstzmFGnQspXw7NzlrksCvIO
AY+0+CYBT7JNu95SDBC5Y6vAq7faoLtKGkMxGFkcS7VT4wEJIZJ0KOGPDlN0HVGj
2NzUtOEdU3I3z4iUIL5V34TX13ubEL9UlcvK42aM8+qqdZFhZX6knthWu80T7fvO
M7skq9IqJCeWecv1NqsXUY47RQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIADf6bJ
9WAmMI3gwibPeiwWL6P2MB8GA1UdIwQYMBaAFK3oWa2UDRoXP6ZM1wWGfUh+ZzaI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREFENC9DODVFODM3QTQz
OTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdoY19wa3pYQllaOVNINW5O
b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL3JlaFpyWlFOR2hjX3BrelhCWVo5U0g1bk5vZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
REFENC9DODVFODM3QTQzOTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdo
Y19wa3pYQllaOVNINW5Ob2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBZlFxNO+Z4WnrSEu5KVeceQ+2g+jevSPthqJVoKdNqzciEWrq5p3VH
IXxbvBugGHFz9zOe0rz0d21IXyWHWSY8YW+UF3+MysXI0uU/j8QXLEGe/HKvMw81
f1MQoarH7jgVL6TUSoUddL/CE8TKhrpnRl37RnzDMP20Ky0v6mIZT7HJoxf9oiek
VKjY85f4jbVAqugd5ZGENkPkBPG4DQR+GpTQnxjTHygpi4oHwQ2QRvgjEVl4rmei
jh16e9k9OES8H0o0LLXQ7C7j09qiOWPFIhUtfC0MvlHbMLtRw1nYGINLZoxRCIyl
PZCs62o0/7XqY/nvOjcfK6fJai3iH+Nm
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:09:33 2025 by rpki-client