Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91323E4/190B0D06F26211EAA522345AC4F9AE02/QBS8tK-bGBlk17ekDRv51vieCP8.mft
File:                     QBS8tK-bGBlk17ekDRv51vieCP8.mft (raw, json)
Hash identifier:          N/SfcSpqE8tF3RvdhxEiPxgTTu3l/nCTPKTjYrLswyE=
Subject key identifier:   9B:0A:E8:E5:7A:EE:3B:6D:B4:11:12:2F:9D:D4:79:03:22:AB:3B:B8
Authority key identifier: 40:14:BC:B4:AF:9B:18:19:64:D7:B7:A4:0D:1B:F9:D6:F8:9E:08:FF
Certificate issuer:       /CN=A91323E4/serialNumber=4014BCB4AF9B181964D7B7A40D1BF9D6F89E08FF
Certificate serial:       07F8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBS8tK-bGBlk17ekDRv51vieCP8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91323E4/190B0D06F26211EAA522345AC4F9AE02/QBS8tK-bGBlk17ekDRv51vieCP8.mft
Manifest number:          07F7
Signing time:             Fri 22 Aug 2025 21:05:11 +0000
Manifest this update:     Fri 22 Aug 2025 21:05:10 +0000
Manifest next update:     Fri 29 Aug 2025 21:05:10 +0000
Files and hashes:         1: QBS8tK-bGBlk17ekDRv51vieCP8.crl (hash: 4E7B8dAl/wzfSSFE2RLtjq6zLjKQwiojgtHnQQ2bfUU=)
                          2: 6944587246B311F090CDB927C4F9AE02.roa (hash: Xm1qupXC//oXbz29OwYv/8QXpHuz3gLyZUWmRlVaUYU=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91323E4/190B0D06F26211EAA522345AC4F9AE02/QBS8tK-bGBlk17ekDRv51vieCP8.crl
                          rsync://rpki.apnic.net/member_repository/A91323E4/190B0D06F26211EAA522345AC4F9AE02/QBS8tK-bGBlk17ekDRv51vieCP8.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBS8tK-bGBlk17ekDRv51vieCP8.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Aug 2025 21:05:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2040 (0x7f8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91323E4, serialNumber=4014BCB4AF9B181964D7B7A40D1BF9D6F89E08FF
        Validity
            Not Before: Aug 22 21:05:10 2025 GMT
            Not After : Aug 29 21:05:10 2025 GMT
        Subject: CN=68a8db87-c615
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:dd:2a:a7:e8:f4:d0:20:6f:8a:b2:48:27:c8:
                    ad:02:dc:83:1b:70:8f:0f:80:f6:68:82:b2:d6:c6:
                    f1:5c:cb:3e:9d:39:a8:fb:e2:3d:d8:54:47:78:23:
                    54:48:e8:46:70:e9:3c:f5:32:af:eb:0e:2d:a9:6c:
                    8e:a3:e0:98:84:13:0e:b3:8a:ca:b5:7e:56:3d:c5:
                    0c:8b:1c:26:ea:60:88:99:3a:62:20:8a:ae:1b:36:
                    08:bc:20:ad:31:d4:fb:db:7a:8d:26:f7:08:d5:4d:
                    b3:af:01:5b:08:28:00:2b:a8:06:18:d3:00:3c:88:
                    8a:1d:30:8d:9a:b5:53:ea:4d:be:f5:36:28:cd:a9:
                    60:36:d2:ad:e0:79:58:95:07:66:0a:74:a0:92:c0:
                    27:dd:f3:fd:9b:26:32:14:d9:4f:8a:2e:42:a1:04:
                    1b:cc:c9:fc:bf:bc:e6:d2:4a:be:47:ba:1f:3a:1b:
                    ae:79:af:46:8d:4e:48:5c:3c:03:cf:38:24:63:21:
                    b7:ab:73:07:5f:fc:75:9a:04:5e:c4:50:60:49:19:
                    43:78:59:1b:19:08:2f:a9:c2:94:c5:5c:40:23:19:
                    e2:90:20:56:77:ee:41:3a:1f:2c:3b:a1:aa:31:8f:
                    94:23:a2:fb:8b:9f:32:c4:bf:70:05:1d:9f:66:3c:
                    83:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:0A:E8:E5:7A:EE:3B:6D:B4:11:12:2F:9D:D4:79:03:22:AB:3B:B8
            X509v3 Authority Key Identifier:
                keyid:40:14:BC:B4:AF:9B:18:19:64:D7:B7:A4:0D:1B:F9:D6:F8:9E:08:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91323E4/190B0D06F26211EAA522345AC4F9AE02/QBS8tK-bGBlk17ekDRv51vieCP8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBS8tK-bGBlk17ekDRv51vieCP8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91323E4/190B0D06F26211EAA522345AC4F9AE02/QBS8tK-bGBlk17ekDRv51vieCP8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:de:9b:69:11:b2:32:d1:f1:03:c6:b1:ef:c8:3e:5a:1a:60:
         de:b7:40:cb:ce:4d:d6:22:01:a8:0d:3e:f3:e0:01:49:38:05:
         c1:e6:88:e0:46:7c:ec:fd:03:b2:ce:72:ef:a0:ff:dc:a5:09:
         12:31:fe:51:79:f2:16:aa:b2:1f:cd:df:83:2b:9f:98:4a:37:
         49:c1:ee:52:b3:52:b9:07:f3:d5:16:6b:bc:cf:7c:c4:23:70:
         18:f8:20:d2:5c:d5:02:9f:b3:f7:fd:9a:f4:cc:7c:5b:83:7b:
         18:3f:60:cb:bf:14:b9:dd:27:96:ab:67:3a:f5:87:ee:c7:20:
         fb:d3:40:39:7c:01:fa:d1:14:e6:38:46:6a:ae:05:02:13:2f:
         6c:34:f8:fc:bb:d3:59:30:8b:6c:26:d2:f4:86:ee:b0:63:ed:
         72:c9:6d:98:e8:c0:33:a3:26:80:ff:78:c8:8a:95:55:0f:c2:
         36:64:b0:b8:b6:2b:bf:cb:75:64:a9:60:9b:b0:71:f2:67:7d:
         45:05:18:34:05:73:f1:db:4a:36:8f:e7:68:c2:9e:87:da:9b:
         e6:b6:fb:0b:13:f9:4c:a5:c8:e5:e7:71:09:fe:69:d4:d7:d2:
         d0:35:ad:61:39:f7:0d:2b:88:ee:fe:c0:54:de:42:d1:92:19:
         c1:d8:0d:3f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB/gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzIzRTQxMTAvBgNVBAUTKDQwMTRCQ0I0QUY5QjE4MTk2NEQ3QjdBNDBEMUJGOUQ2
Rjg5RTA4RkYwHhcNMjUwODIyMjEwNTEwWhcNMjUwODI5MjEwNTEwWjAYMRYwFAYD
VQQDEw02OGE4ZGI4Ny1jNjE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr90qp+j00CBvirJIJ8itAtyDG3CPD4D2aIKy1sbxXMs+nTmo++I92FRHeCNU
SOhGcOk89TKv6w4tqWyOo+CYhBMOs4rKtX5WPcUMixwm6mCImTpiIIquGzYIvCCt
MdT723qNJvcI1U2zrwFbCCgAK6gGGNMAPIiKHTCNmrVT6k2+9TYozalgNtKt4HlY
lQdmCnSgksAn3fP9myYyFNlPii5CoQQbzMn8v7zm0kq+R7ofOhuuea9GjU5IXDwD
zzgkYyG3q3MHX/x1mgRexFBgSRlDeFkbGQgvqcKUxVxAIxnikCBWd+5BOh8sO6Gq
MY+UI6L7i58yxL9wBR2fZjyDswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJsK6OV6
7jtttBESL53UeQMiqzu4MB8GA1UdIwQYMBaAFEAUvLSvmxgZZNe3pA0b+db4ngj/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjNFNC8xOTBCMEQwNkYy
NjIxMUVBQTUyMjM0NUFDNEY5QUUwMi9RQlM4dEstYkdCbGsxN2VrRFJ2NTF2aWVD
UDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCUzh0Sy1iR0JsazE3ZWtEUnY1MXZpZUNQOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
MjNFNC8xOTBCMEQwNkYyNjIxMUVBQTUyMjM0NUFDNEY5QUUwMi9RQlM4dEstYkdC
bGsxN2VrRFJ2NTF2aWVDUDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAH3ptpEbIy0fEDxrHvyD5aGmDet0DLzk3WIgGoDT7z4AFJOAXB5ojg
Rnzs/QOyznLvoP/cpQkSMf5RefIWqrIfzd+DK5+YSjdJwe5Ss1K5B/PVFmu8z3zE
I3AY+CDSXNUCn7P3/Zr0zHxbg3sYP2DLvxS53SeWq2c69YfuxyD700A5fAH60RTm
OEZqrgUCEy9sNPj8u9NZMItsJtL0hu6wY+1yyW2Y6MAzoyaA/3jIipVVD8I2ZLC4
tiu/y3VkqWCbsHHyZ31FBRg0BXPx20o2j+dowp6H2pvmtvsLE/lMpcjl53EJ/mnU
19LQNa1hOfcNK4ju/sBU3kLRkhnB2A0/
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:46:48 2025 by rpki-client