Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft
File:                     RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft (raw, json)
Hash identifier:          ahMzqOh7CTu8TEPKrP5COzR+7GqzMZ4gXjxErwbZFTI=
Subject key identifier:   1B:CF:5B:70:B4:46:EA:C9:2D:5A:25:3F:3E:0B:A7:6C:AA:56:0A:7F
Authority key identifier: 46:41:90:7F:E5:F4:73:F1:89:06:D4:6A:A2:03:07:ED:ED:A1:9C:9D
Certificate issuer:       /CN=A913647F/serialNumber=4641907FE5F473F18906D46AA20307EDEDA19C9D
Certificate serial:       8D
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkGQf-X0c_GJBtRqogMH7e2hnJ0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft
Manifest number:          8B
Signing time:             Tue 01 Jul 2025 07:16:21 +0000
Manifest this update:     Tue 01 Jul 2025 07:16:21 +0000
Manifest next update:     Tue 08 Jul 2025 07:16:21 +0000
Files and hashes:         1: RkGQf-X0c_GJBtRqogMH7e2hnJ0.crl (hash: +98/+ysRD9+Aj2yHzBLr/TVSZwDOlxlKGPk+KXdAnao=)
                          2: 88A6DB9086E211EF82ACA725C4F9AE02.roa (hash: SgEH7SMyjJ+UziQP4wAobkWL0i1gKH2nK/k2dzRb6pc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.crl
                          rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkGQf-X0c_GJBtRqogMH7e2hnJ0.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 08 Jul 2025 07:16:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 141 (0x8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913647F, serialNumber=4641907FE5F473F18906D46AA20307EDEDA19C9D
        Validity
            Not Before: Jul  1 07:16:21 2025 GMT
            Not After : Jul  8 07:16:21 2025 GMT
        Subject: CN=68638b45-bddc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c0:34:b5:88:aa:66:fe:cc:1c:1e:90:30:c1:
                    e0:8d:f8:f7:11:4b:2b:c2:3b:b8:31:2c:08:75:4e:
                    b8:55:5d:41:9e:f7:39:41:a7:47:30:65:49:23:5b:
                    63:0b:07:bd:59:64:8a:19:47:5d:83:ff:0d:d1:c2:
                    dd:ee:3f:b4:53:3f:ff:a5:e4:eb:ad:c0:0b:65:91:
                    06:5d:e0:67:9c:7c:0a:3f:c6:02:05:a0:ba:ea:93:
                    98:57:2f:dd:4c:49:49:83:3f:e4:8e:b4:06:fa:c6:
                    aa:5a:90:98:77:72:e5:85:40:b1:86:6e:67:34:0b:
                    c8:45:dc:69:b9:2f:0b:95:99:68:76:3f:e8:b5:7d:
                    8c:dc:12:6c:95:32:e0:ff:a2:ca:2f:e7:64:62:cb:
                    0d:01:77:b9:be:44:94:ac:7d:21:24:7d:86:a5:14:
                    d2:23:af:d5:90:26:64:35:4a:42:9a:b7:db:7c:83:
                    3b:3e:7d:69:13:14:e9:bd:e1:10:3b:5f:fa:8e:3b:
                    ca:7b:55:67:a4:c9:be:bf:a2:49:3c:4d:11:72:d1:
                    1b:96:5a:0a:6e:71:8e:86:90:c9:5d:63:88:34:42:
                    14:9f:c9:72:98:63:7d:70:8f:d9:f6:08:23:45:bd:
                    23:bd:14:c5:2e:c0:f2:b3:8b:4b:24:c0:9e:4a:d5:
                    ea:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:CF:5B:70:B4:46:EA:C9:2D:5A:25:3F:3E:0B:A7:6C:AA:56:0A:7F
            X509v3 Authority Key Identifier:
                keyid:46:41:90:7F:E5:F4:73:F1:89:06:D4:6A:A2:03:07:ED:ED:A1:9C:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkGQf-X0c_GJBtRqogMH7e2hnJ0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:4f:e9:64:95:67:8e:d1:08:e8:61:79:1d:10:2b:71:df:0c:
         42:ec:bd:0a:de:6c:02:56:38:99:a3:89:b1:ac:7f:ac:84:20:
         0b:5f:4e:61:03:06:f5:7d:3c:c3:a6:d9:70:41:64:0c:04:ba:
         08:32:50:80:37:31:06:98:9f:e3:31:f7:a4:70:23:2a:e6:07:
         50:14:03:8a:86:e2:37:9b:5a:ed:c8:6d:e6:21:c2:2c:27:05:
         16:53:1d:ad:d8:3e:9a:e5:1d:16:94:9d:cc:2a:61:6f:66:cb:
         ec:43:86:7d:39:55:34:d9:e4:4f:59:0d:d0:6f:89:e4:50:13:
         ad:98:a5:25:16:70:25:3b:bf:2a:09:a0:8c:5f:aa:25:e2:92:
         bb:0b:a5:6a:f9:21:bd:d9:b1:e6:67:bd:04:02:9c:be:08:27:
         35:90:e3:67:8c:63:6d:b2:9c:e0:dc:c0:2d:56:79:2b:89:d7:
         a7:07:61:a3:b2:88:33:e0:d8:ef:70:88:86:e8:63:22:c5:5e:
         c3:f9:30:d4:e2:26:6f:69:be:ca:cc:d6:24:f9:eb:dd:4f:e2:
         ff:9a:9d:13:54:f1:ee:2d:f9:d9:97:3f:89:a3:7f:ea:2b:44:
         42:3d:4a:60:f0:f2:e0:a5:57:aa:61:cd:14:92:b0:8e:1b:56:
         23:8c:3f:f4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzY0N0YxMTAvBgNVBAUTKDQ2NDE5MDdGRTVGNDczRjE4OTA2RDQ2QUEyMDMwN0VE
RURBMTlDOUQwHhcNMjUwNzAxMDcxNjIxWhcNMjUwNzA4MDcxNjIxWjAYMRYwFAYD
VQQDEw02ODYzOGI0NS1iZGRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvMA0tYiqZv7MHB6QMMHgjfj3EUsrwju4MSwIdU64VV1Bnvc5QadHMGVJI1tj
Cwe9WWSKGUddg/8N0cLd7j+0Uz//peTrrcALZZEGXeBnnHwKP8YCBaC66pOYVy/d
TElJgz/kjrQG+saqWpCYd3LlhUCxhm5nNAvIRdxpuS8LlZlodj/otX2M3BJslTLg
/6LKL+dkYssNAXe5vkSUrH0hJH2GpRTSI6/VkCZkNUpCmrfbfIM7Pn1pExTpveEQ
O1/6jjvKe1VnpMm+v6JJPE0RctEblloKbnGOhpDJXWOINEIUn8lymGN9cI/Z9ggj
Rb0jvRTFLsDys4tLJMCeStXqpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBvPW3C0
RurJLVolPz4Lp2yqVgp/MB8GA1UdIwQYMBaAFEZBkH/l9HPxiQbUaqIDB+3toZyd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjQ3Ri9COTFBQUE3NDg2
REIxMUVGQkE0RDVGMjZDNEY5QUUwMi9Sa0dRZi1YMGNfR0pCdFJxb2dNSDdlMmhu
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1JrR1FmLVgwY19HSkJ0UnFvZ01IN2UyaG5KMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
NjQ3Ri9COTFBQUE3NDg2REIxMUVGQkE0RDVGMjZDNEY5QUUwMi9Sa0dRZi1YMGNf
R0pCdFJxb2dNSDdlMmhuSjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBGT+lklWeO0QjoYXkdECtx3wxC7L0K3mwCVjiZo4mxrH+shCALX05h
Awb1fTzDptlwQWQMBLoIMlCANzEGmJ/jMfekcCMq5gdQFAOKhuI3m1rtyG3mIcIs
JwUWUx2t2D6a5R0WlJ3MKmFvZsvsQ4Z9OVU02eRPWQ3Qb4nkUBOtmKUlFnAlO78q
CaCMX6ol4pK7C6Vq+SG92bHmZ70EApy+CCc1kONnjGNtspzg3MAtVnkridenB2Gj
sogz4NjvcIiG6GMixV7D+TDU4iZvab7KzNYk+evdT+L/mp0TVPHuLfnZlz+Jo3/q
K0RCPUpg8PLgpVeqYc0UkrCOG1YjjD/0
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:02:23 2025 by rpki-client