Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft
File:                     NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft (raw, json)
Hash identifier:          fzoZC5JUr89oiujwJt+YwTn8VznolUR3QUJHui3siao=
Subject key identifier:   DB:2E:4D:EF:5F:96:A8:43:95:19:B9:3B:E1:92:63:9B:7E:9F:C9:32
Authority key identifier: 34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5
Certificate issuer:       /CN=A9148DB2/serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5
Certificate serial:       02C7
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft
Manifest number:          02C2
Signing time:             Tue 01 Jul 2025 02:06:08 +0000
Manifest this update:     Tue 01 Jul 2025 02:06:08 +0000
Manifest next update:     Tue 08 Jul 2025 02:06:08 +0000
Files and hashes:         1: NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl (hash: V4QO+ald/BT3cifljqrXYAPKo5dYJlqo/wqQMg+jIUw=)
                          2: F343C4ECF93911ECBD1E663DC4F9AE02.roa (hash: k5i1VxrRa6a+sKSG0LLgxBEmMPYmBZK6pl0sMM04Q2o=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl
                          rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 08 Jul 2025 02:06:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 711 (0x2c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9148DB2, serialNumber=34ABEF846474BBDA0C556465DD7E9EC0FA674BB5
        Validity
            Not Before: Jul  1 02:06:08 2025 GMT
            Not After : Jul  8 02:06:08 2025 GMT
        Subject: CN=68634290-d2e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:eb:02:4f:25:97:49:13:b4:3e:f6:6f:c5:f3:
                    2c:3e:e5:fd:e1:3b:a6:c7:97:52:80:34:d8:1f:ef:
                    69:71:c6:12:89:71:ab:5f:45:dd:61:fe:70:59:33:
                    a4:56:37:fc:99:80:8e:fd:60:8a:36:39:1d:48:c0:
                    19:62:cc:7f:2f:95:83:ae:9f:0f:87:7f:6b:97:a7:
                    fb:ea:71:95:44:5c:ea:e2:e5:cd:87:e9:d2:db:d3:
                    49:85:64:de:ab:2b:2b:c3:c5:f9:66:c2:32:3e:80:
                    93:f4:6c:55:b1:df:06:57:e9:49:e7:b2:c0:74:d9:
                    86:4f:b7:02:2d:20:c0:8a:93:3d:73:fd:bd:ac:0f:
                    b7:fb:52:a0:ef:f4:89:e9:2e:95:3a:b4:57:8c:92:
                    5e:6e:e5:79:4d:3d:e4:bc:36:8e:af:39:ed:51:e6:
                    aa:0b:04:c0:61:9a:d3:c2:70:f8:e8:77:33:cc:80:
                    bc:33:85:9a:42:85:2e:49:94:1a:e6:d4:65:b3:b4:
                    2a:66:03:94:bb:ee:a8:88:51:b8:d8:25:da:8d:3e:
                    41:db:c7:60:0d:e3:87:59:4d:10:1e:e1:45:02:31:
                    c2:58:3b:bf:ce:9e:11:82:0e:ff:1e:98:84:07:de:
                    57:b6:02:3d:95:3b:4f:b2:6c:9b:77:33:92:e1:c1:
                    b1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:2E:4D:EF:5F:96:A8:43:95:19:B9:3B:E1:92:63:9B:7E:9F:C9:32
            X509v3 Authority Key Identifier:
                keyid:34:AB:EF:84:64:74:BB:DA:0C:55:64:65:DD:7E:9E:C0:FA:67:4B:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NKvvhGR0u9oMVWRl3X6ewPpnS7U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148DB2/047DC388F93611EC921B810EC4F9AE02/NKvvhGR0u9oMVWRl3X6ewPpnS7U.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:58:ad:36:09:49:a2:d5:dd:8c:13:ba:29:7b:28:d7:f8:08:
         f1:44:2a:64:f8:70:86:c6:d7:f0:a0:5f:64:86:5d:42:f4:84:
         53:62:9d:92:0c:8c:68:01:e4:53:05:41:6e:e2:3c:e4:40:ed:
         31:00:5a:6b:00:6e:15:9f:71:e8:9b:cc:65:db:ac:c2:85:69:
         f3:6a:74:e0:80:81:ec:df:2e:db:1e:e5:5e:8d:de:fa:9c:e8:
         b3:d5:12:99:5d:b7:6a:8d:0c:22:d1:f2:c3:e4:50:ca:5b:93:
         39:5d:13:6d:26:cb:69:10:9f:6e:03:3b:b7:29:24:51:a5:cb:
         b9:ac:93:05:b8:df:d0:6a:be:11:7c:c4:da:ca:93:cc:50:cf:
         65:4a:7d:ad:20:56:0e:fe:8e:7b:db:15:71:b2:62:7e:f9:5b:
         71:5d:a7:48:c8:43:74:0b:71:e6:b7:86:22:00:fb:0e:71:61:
         11:31:3f:87:04:10:08:e8:ac:a4:64:eb:a2:2c:01:c3:63:c2:
         42:5d:17:54:ea:ad:f8:54:18:6b:bd:39:c4:65:48:2c:88:40:
         60:67:c2:a8:9c:32:b7:6a:dc:e5:87:a7:f4:c9:82:63:5f:df:
         79:ea:e7:67:78:97:b8:6b:51:f5:e4:12:60:f3:7f:3b:39:01:
         01:a1:ff:34
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhEQjIxMTAvBgNVBAUTKDM0QUJFRjg0NjQ3NEJCREEwQzU1NjQ2NUREN0U5RUMw
RkE2NzRCQjUwHhcNMjUwNzAxMDIwNjA4WhcNMjUwNzA4MDIwNjA4WjAYMRYwFAYD
VQQDEw02ODYzNDI5MC1kMmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvusCTyWXSRO0PvZvxfMsPuX94Tumx5dSgDTYH+9pccYSiXGrX0XdYf5wWTOk
Vjf8mYCO/WCKNjkdSMAZYsx/L5WDrp8Ph39rl6f76nGVRFzq4uXNh+nS29NJhWTe
qysrw8X5ZsIyPoCT9GxVsd8GV+lJ57LAdNmGT7cCLSDAipM9c/29rA+3+1Kg7/SJ
6S6VOrRXjJJebuV5TT3kvDaOrzntUeaqCwTAYZrTwnD46HczzIC8M4WaQoUuSZQa
5tRls7QqZgOUu+6oiFG42CXajT5B28dgDeOHWU0QHuFFAjHCWDu/zp4Rgg7/HpiE
B95XtgI9lTtPsmybdzOS4cGxsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNsuTe9f
lqhDlRm5O+GSY5t+n8kyMB8GA1UdIwQYMBaAFDSr74RkdLvaDFVkZd1+nsD6Z0u1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OERCMi8wNDdEQzM4OEY5
MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5b01WV1JsM1g2ZXdQcG5T
N1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05LdnZoR1IwdTlvTVZXUmwzWDZld1BwblM3VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OERCMi8wNDdEQzM4OEY5MzYxMUVDOTIxQjgxMEVDNEY5QUUwMi9OS3Z2aEdSMHU5
b01WV1JsM1g2ZXdQcG5TN1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCEWK02CUmi1d2ME7opeyjX+AjxRCpk+HCGxtfwoF9khl1C9IRTYp2S
DIxoAeRTBUFu4jzkQO0xAFprAG4Vn3Hom8xl26zChWnzanTggIHs3y7bHuVejd76
nOiz1RKZXbdqjQwi0fLD5FDKW5M5XRNtJstpEJ9uAzu3KSRRpcu5rJMFuN/Qar4R
fMTaypPMUM9lSn2tIFYO/o572xVxsmJ++VtxXadIyEN0C3Hmt4YiAPsOcWERMT+H
BBAI6KykZOuiLAHDY8JCXRdU6q34VBhrvTnEZUgsiEBgZ8KonDK3atzlh6f0yYJj
X9956udneJe4a1H15BJg8387OQEBof80
-----END CERTIFICATE-----
Generated at Wed Jul 2 13:22:20 2025 by rpki-client