Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft
File:                     3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft (raw, json)
Hash identifier:          AUHQFYtrOfE+E2YnKQVf+iS/8iQq0LZ/z2cePzn2RQQ=
Subject key identifier:   03:BD:54:94:7E:AF:FD:0E:47:5B:13:09:D4:7A:0C:7E:59:C4:FE:A1
Authority key identifier: DC:62:20:08:A8:A1:AD:42:BE:2A:25:49:43:49:1A:FA:A8:45:49:A5
Certificate issuer:       /CN=A911035A/serialNumber=DC622008A8A1AD42BE2A254943491AFAA84549A5
Certificate serial:       0A0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GIgCKihrUK-KiVJQ0ka-qhFSaU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft
Manifest number:          09F9
Signing time:             Wed 02 Jul 2025 20:06:46 +0000
Manifest this update:     Wed 02 Jul 2025 20:06:45 +0000
Manifest next update:     Wed 09 Jul 2025 20:06:45 +0000
Files and hashes:         1: 3GIgCKihrUK-KiVJQ0ka-qhFSaU.crl (hash: Qi+jT+IihRvzYDRm2MB/R/iGFMzXaDfC+7W9/y4iCnU=)
                          2: 5B57754A026F11EDBE22EF64C4F9AE02.roa (hash: ihAIG4OoPwthC+h4NtPo2Q0pwt/cIHMn8RF1lo5PumY=)
                          3: 5A472FBA026F11EDBE22EF64C4F9AE02.roa (hash: vIMBF1bBAJdpKyG7NryScSCm1A4V3l1tKWGtKbJDwKU=)
                          4: C1B3DE082BBE11EF809E1831C4F9AE02.roa (hash: lx///Z7Da35SlsWklk353QqekT8yYXigifaMtdugzeQ=)
                          5: E1935B7A36DD11EFB1E53717C4F9AE02.roa (hash: H0HQ+QBIGliAyxj5H0/8pAJ49x4cCntNY4DcwIy3B3Q=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.crl
                          rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GIgCKihrUK-KiVJQ0ka-qhFSaU.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 20:06:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2570 (0xa0a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911035A, serialNumber=DC622008A8A1AD42BE2A254943491AFAA84549A5
        Validity
            Not Before: Jul  2 20:06:45 2025 GMT
            Not After : Jul  9 20:06:45 2025 GMT
        Subject: CN=68659156-d46a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:61:61:aa:66:8a:f3:0e:06:4c:38:ef:7f:75:
                    3e:91:a2:a9:66:03:f7:2f:40:16:c3:a7:00:86:69:
                    6e:51:4c:bc:8f:80:5a:a4:6e:67:04:a1:a2:53:2d:
                    42:9c:68:8d:84:67:7e:57:2b:48:71:a6:af:2f:6d:
                    7e:90:12:17:18:24:7f:61:9a:59:ba:f5:60:b7:9f:
                    d5:24:54:51:2f:89:1a:ed:ce:7a:9d:c5:08:cf:94:
                    7c:85:c2:4b:75:11:ed:c2:f4:dd:51:83:19:9a:1c:
                    25:06:40:f6:c9:17:a6:5a:39:6c:36:d3:cd:da:3a:
                    28:35:d2:f3:65:26:76:18:f1:ab:c1:71:de:91:bf:
                    c9:2d:cd:f7:50:4f:0e:8e:fb:01:b8:10:24:15:fc:
                    03:99:12:4a:bd:1c:1f:f1:9f:05:54:6d:d8:62:4d:
                    68:1e:41:2e:17:3c:5e:8a:3b:50:08:61:72:33:5f:
                    65:00:f4:56:7b:3e:32:48:d8:fd:22:cd:54:29:14:
                    54:55:0a:7c:e6:71:a0:7f:e8:ab:67:ed:cd:19:a2:
                    d2:b2:48:1f:60:61:02:9a:5f:c7:95:43:d4:c6:b9:
                    a9:8d:9c:24:aa:47:dc:12:70:ef:49:1c:20:fc:63:
                    8a:92:7e:58:53:02:b7:1d:98:df:84:ae:67:3c:f6:
                    75:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:BD:54:94:7E:AF:FD:0E:47:5B:13:09:D4:7A:0C:7E:59:C4:FE:A1
            X509v3 Authority Key Identifier:
                keyid:DC:62:20:08:A8:A1:AD:42:BE:2A:25:49:43:49:1A:FA:A8:45:49:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3GIgCKihrUK-KiVJQ0ka-qhFSaU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911035A/3C609B447C6611EA8089F351C4F9AE02/3GIgCKihrUK-KiVJQ0ka-qhFSaU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:c9:e8:c3:58:e8:06:cd:56:a7:e3:72:b6:5a:fb:48:b9:9a:
         c2:68:7c:3a:07:48:66:1e:e6:1b:df:ad:5e:24:72:2f:bc:9b:
         2e:b3:8c:f6:9c:32:8b:57:11:f7:b2:52:ad:a3:5d:61:c2:ae:
         ff:12:9d:ef:64:d6:72:64:41:5f:e7:84:67:05:75:da:19:d2:
         c0:9f:41:c0:34:21:9c:00:26:23:47:b0:75:bb:de:ed:23:a3:
         d0:4d:a4:b3:0e:1d:39:c8:6c:ee:92:23:76:32:ed:2e:f3:d2:
         77:65:9d:10:68:bf:4b:23:f4:32:8d:5f:05:8e:16:9d:c2:8b:
         41:04:1f:25:b8:92:54:65:7d:64:89:18:74:fb:c3:e6:63:1f:
         60:58:d4:4f:74:a5:ea:47:dc:ca:86:0b:d8:f7:c7:fb:3c:e9:
         e7:97:d3:6b:d7:77:17:9f:e7:b6:65:be:d1:17:6d:22:52:3b:
         1e:8b:9e:08:b6:86:46:94:4c:71:4e:44:36:35:87:65:73:d9:
         6f:89:9f:74:f2:ed:17:86:d3:f0:8b:1f:5b:5f:48:24:2d:f3:
         e1:9e:5b:d7:fd:1d:ed:16:c6:0a:34:94:a4:d3:64:fc:15:34:
         24:55:0e:4e:a1:df:a3:54:9c:b7:42:0c:8f:fb:c6:4a:46:e2:
         8d:25:b6:ab
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTAzNUExMTAvBgNVBAUTKERDNjIyMDA4QThBMUFENDJCRTJBMjU0OTQzNDkxQUZB
QTg0NTQ5QTUwHhcNMjUwNzAyMjAwNjQ1WhcNMjUwNzA5MjAwNjQ1WjAYMRYwFAYD
VQQDEw02ODY1OTE1Ni1kNDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9mFhqmaK8w4GTDjvf3U+kaKpZgP3L0AWw6cAhmluUUy8j4BapG5nBKGiUy1C
nGiNhGd+VytIcaavL21+kBIXGCR/YZpZuvVgt5/VJFRRL4ka7c56ncUIz5R8hcJL
dRHtwvTdUYMZmhwlBkD2yRemWjlsNtPN2jooNdLzZSZ2GPGrwXHekb/JLc33UE8O
jvsBuBAkFfwDmRJKvRwf8Z8FVG3YYk1oHkEuFzxeijtQCGFyM19lAPRWez4ySNj9
Is1UKRRUVQp85nGgf+irZ+3NGaLSskgfYGECml/HlUPUxrmpjZwkqkfcEnDvSRwg
/GOKkn5YUwK3HZjfhK5nPPZ1bQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAO9VJR+
r/0OR1sTCdR6DH5ZxP6hMB8GA1UdIwQYMBaAFNxiIAiooa1CviolSUNJGvqoRUml
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMDM1QS8zQzYwOUI0NDdD
NjYxMUVBODA4OUYzNTFDNEY5QUUwMi8zR0lnQ0tpaHJVSy1LaVZKUTBrYS1xaEZT
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNHSWdDS2loclVLLUtpVkpRMGthLXFoRlNhVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MDM1QS8zQzYwOUI0NDdDNjYxMUVBODA4OUYzNTFDNEY5QUUwMi8zR0lnQ0tpaHJV
Sy1LaVZKUTBrYS1xaEZTYVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBsyejDWOgGzVan43K2WvtIuZrCaHw6B0hmHuYb361eJHIvvJsus4z2
nDKLVxH3slKto11hwq7/Ep3vZNZyZEFf54RnBXXaGdLAn0HANCGcACYjR7B1u97t
I6PQTaSzDh05yGzukiN2Mu0u89J3ZZ0QaL9LI/QyjV8FjhadwotBBB8luJJUZX1k
iRh0+8PmYx9gWNRPdKXqR9zKhgvY98f7POnnl9Nr13cXn+e2Zb7RF20iUjsei54I
toZGlExxTkQ2NYdlc9lviZ908u0XhtPwix9bX0gkLfPhnlvX/R3tFsYKNJSk02T8
FTQkVQ5Ood+jVJy3QgyP+8ZKRuKNJbar
-----END CERTIFICATE-----
Generated at Fri Jul 4 08:23:53 2025 by rpki-client