Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft
File:                     D96C0nlIVMmvzdhe-37-ScR9Lu4.mft (raw, json)
Hash identifier:          /uDJhl5tM02vCgjajCVdRpAxrJO8icWcq4kqBuhrlNM=
Subject key identifier:   8A:AE:29:94:01:DE:4B:19:60:86:0F:97:6F:F6:C3:3A:10:E0:EC:31
Authority key identifier: 0F:DE:82:D2:79:48:54:C9:AF:CD:D8:5E:FB:7E:FE:49:C4:7D:2E:EE
Certificate issuer:       /CN=A914C33A/serialNumber=0FDE82D2794854C9AFCDD85EFB7EFE49C47D2EEE
Certificate serial:       0CF5
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D96C0nlIVMmvzdhe-37-ScR9Lu4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft
Manifest number:          0CEA
Signing time:             Wed 02 Jul 2025 15:41:15 +0000
Manifest this update:     Wed 02 Jul 2025 15:41:14 +0000
Manifest next update:     Wed 09 Jul 2025 15:41:14 +0000
Files and hashes:         1: D96C0nlIVMmvzdhe-37-ScR9Lu4.crl (hash: pveRY1Vj6lwQlwBd6ZkJ35OPw8UNBGq2bKHUoSMFQRs=)
                          2: 0DF331C28F9411EAA5E7B573C4F9AE02.roa (hash: lu8oWRNPgJxFZ7Lozlet3TlMRukqbbGr2PrraLSuCsA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.crl
                          rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D96C0nlIVMmvzdhe-37-ScR9Lu4.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 15:41:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3317 (0xcf5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914C33A, serialNumber=0FDE82D2794854C9AFCDD85EFB7EFE49C47D2EEE
        Validity
            Not Before: Jul  2 15:41:14 2025 GMT
            Not After : Jul  9 15:41:14 2025 GMT
        Subject: CN=6865531b-f07f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:75:d5:42:3c:79:99:97:8d:f8:dc:d1:9b:4c:
                    fd:79:65:8f:ba:b6:6c:24:42:eb:f9:19:fe:ee:35:
                    19:20:db:62:4f:f9:6b:f9:6f:b5:ca:18:21:c3:ea:
                    bd:9d:88:76:e8:86:70:06:79:45:85:5c:b2:b0:90:
                    82:ee:7a:f7:e0:f3:82:32:26:e3:25:d0:ef:23:54:
                    ce:39:3a:69:66:a1:a9:b4:83:63:fa:4f:95:e1:e4:
                    ca:1a:d7:00:f3:fd:a4:63:93:bb:b3:6b:d7:99:5a:
                    2f:e1:9b:42:ac:d5:ca:64:c7:e6:dd:32:04:19:60:
                    19:07:43:b3:20:e5:89:35:fb:18:14:02:47:a9:61:
                    a6:d5:cc:b2:27:62:01:56:f8:f7:f3:cc:84:90:02:
                    3d:41:9f:c8:bf:19:ab:6b:10:f5:8f:68:bc:8a:0c:
                    da:1f:b5:5e:c7:bb:32:c3:25:e0:79:55:71:9d:c4:
                    06:66:84:bf:0e:e0:72:5c:e4:40:b7:41:01:9d:27:
                    c4:56:ef:05:2d:1f:d6:a5:10:9e:11:2a:58:59:af:
                    0d:a7:8f:62:9a:c9:e9:a0:79:09:84:39:c7:89:0d:
                    9e:be:1f:54:27:37:cf:a0:42:61:ae:d4:be:f0:23:
                    0c:26:b1:82:ce:3e:d9:71:57:87:d2:fe:54:83:14:
                    81:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:AE:29:94:01:DE:4B:19:60:86:0F:97:6F:F6:C3:3A:10:E0:EC:31
            X509v3 Authority Key Identifier:
                keyid:0F:DE:82:D2:79:48:54:C9:AF:CD:D8:5E:FB:7E:FE:49:C4:7D:2E:EE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D96C0nlIVMmvzdhe-37-ScR9Lu4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C33A/8F47A9FAE97D11E9A9DB5E52C4F9AE02/D96C0nlIVMmvzdhe-37-ScR9Lu4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:0f:6c:b0:c5:6e:b8:90:08:2b:3c:a5:f4:27:1f:16:14:fc:
         fb:45:5a:2d:6b:af:bb:b6:f8:81:76:d9:97:d9:92:3d:0a:92:
         0a:dc:24:a6:29:46:ff:c2:bc:64:50:10:c8:f4:1e:0d:27:8a:
         d5:e9:bf:71:1e:2e:3c:08:5d:12:f5:d8:b6:a1:d9:86:ec:7d:
         39:1a:ab:7f:52:5b:95:a5:e4:fa:d6:73:13:67:7d:40:bf:c6:
         a2:b7:fc:b1:7c:6b:af:b5:28:a9:33:08:a6:3f:63:0d:31:d7:
         77:c3:a1:30:4d:be:59:50:13:ac:f7:b9:42:4c:b7:81:69:c2:
         49:e2:d9:29:d8:69:91:d7:d2:d7:5d:93:c5:08:7d:8e:c3:60:
         08:43:3d:9f:82:9a:64:6c:1f:4e:13:97:b2:ef:88:99:64:f0:
         8e:0e:e1:9d:d0:f4:32:a0:12:ae:71:9c:65:03:74:f5:4d:dd:
         5a:16:4a:5f:0d:32:8d:db:38:fa:23:3e:eb:2e:b5:24:a3:bf:
         68:4e:b2:86:4e:7b:29:98:73:b5:75:6a:d7:9e:8f:1e:20:88:
         f6:64:34:35:0c:ff:0c:ee:4b:da:c7:4f:d0:ff:37:e7:b3:54:
         28:33:51:df:11:2a:50:20:20:04:2f:7e:ee:d9:1f:ed:d5:ce:
         05:d8:57:a7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEMzM0ExMTAvBgNVBAUTKDBGREU4MkQyNzk0ODU0QzlBRkNERDg1RUZCN0VGRTQ5
QzQ3RDJFRUUwHhcNMjUwNzAyMTU0MTE0WhcNMjUwNzA5MTU0MTE0WjAYMRYwFAYD
VQQDEw02ODY1NTMxYi1mMDdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtHXVQjx5mZeN+NzRm0z9eWWPurZsJELr+Rn+7jUZINtiT/lr+W+1yhghw+q9
nYh26IZwBnlFhVyysJCC7nr34POCMibjJdDvI1TOOTppZqGptINj+k+V4eTKGtcA
8/2kY5O7s2vXmVov4ZtCrNXKZMfm3TIEGWAZB0OzIOWJNfsYFAJHqWGm1cyyJ2IB
Vvj388yEkAI9QZ/IvxmraxD1j2i8igzaH7Vex7sywyXgeVVxncQGZoS/DuByXORA
t0EBnSfEVu8FLR/WpRCeESpYWa8Np49imsnpoHkJhDnHiQ2evh9UJzfPoEJhrtS+
8CMMJrGCzj7ZcVeH0v5UgxSBTwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIquKZQB
3ksZYIYPl2/2wzoQ4OwxMB8GA1UdIwQYMBaAFA/egtJ5SFTJr83YXvt+/knEfS7u
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzMzQS84RjQ3QTlGQUU5
N0QxMUU5QTlEQjVFNTJDNEY5QUUwMi9EOTZDMG5sSVZNbXZ6ZGhlLTM3LVNjUjlM
dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL0Q5NkMwbmxJVk1tdnpkaGUtMzctU2NSOUx1NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QzMzQS84RjQ3QTlGQUU5N0QxMUU5QTlEQjVFNTJDNEY5QUUwMi9EOTZDMG5sSVZN
bXZ6ZGhlLTM3LVNjUjlMdTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBCD2ywxW64kAgrPKX0Jx8WFPz7RVota6+7tviBdtmX2ZI9CpIK3CSm
KUb/wrxkUBDI9B4NJ4rV6b9xHi48CF0S9di2odmG7H05Gqt/UluVpeT61nMTZ31A
v8ait/yxfGuvtSipMwimP2MNMdd3w6EwTb5ZUBOs97lCTLeBacJJ4tkp2GmR19LX
XZPFCH2Ow2AIQz2fgppkbB9OE5ey74iZZPCODuGd0PQyoBKucZxlA3T1Td1aFkpf
DTKN2zj6Iz7rLrUko79oTrKGTnspmHO1dWrXno8eIIj2ZDQ1DP8M7kvax0/Q/zfn
s1QoM1HfESpQICAEL37u2R/t1c4F2Fen
-----END CERTIFICATE-----
Generated at Thu Jul 3 22:58:11 2025 by rpki-client