Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft
File:                     ihHrdksVeFOdbtOykDv2H0wIAHw.mft (raw, json)
Hash identifier:          LQ+IiU6XI/EsXAR1NRMDKzeUqlxm7gcXGClHVaRE8kM=
Subject key identifier:   40:83:ED:3F:3E:F3:8B:98:E1:EE:79:EA:4C:14:39:30:E6:56:38:A3
Authority key identifier: 8A:11:EB:76:4B:15:78:53:9D:6E:D3:B2:90:3B:F6:1F:4C:08:00:7C
Certificate issuer:       /CN=A914CC0F/serialNumber=8A11EB764B1578539D6ED3B2903BF61F4C08007C
Certificate serial:       20
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft
Manifest number:          20
Signing time:             Wed 02 Jul 2025 20:24:23 +0000
Manifest this update:     Wed 02 Jul 2025 20:24:22 +0000
Manifest next update:     Wed 09 Jul 2025 20:24:22 +0000
Files and hashes:         1: ihHrdksVeFOdbtOykDv2H0wIAHw.crl (hash: xyx+PYxMmFKlZ2nhpzeLVknTEXd0hp+yX9LB4N9rXsc=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.crl
                          rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 20:24:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32 (0x20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914CC0F, serialNumber=8A11EB764B1578539D6ED3B2903BF61F4C08007C
        Validity
            Not Before: Jul  2 20:24:22 2025 GMT
            Not After : Jul  9 20:24:22 2025 GMT
        Subject: CN=68659576-159d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a5:be:20:9d:8a:e9:4a:c4:0e:c3:d6:2f:e2:
                    57:9a:56:d7:80:36:00:3f:eb:6a:40:02:27:bb:d1:
                    93:e0:a1:39:a2:56:29:03:7a:fa:97:fc:82:2a:c9:
                    38:2f:77:b9:0a:d4:88:38:99:11:40:f7:ff:74:dc:
                    88:9a:59:16:87:63:f7:9a:28:14:7b:c0:9e:88:e5:
                    36:9b:c9:8c:39:92:de:84:b5:3b:40:29:67:90:15:
                    b9:a3:8d:be:1d:13:94:2f:17:17:3a:b0:74:1b:59:
                    c8:3e:3d:86:b6:9e:bf:7d:54:08:bb:69:0c:2d:f3:
                    37:39:ba:4b:47:cf:e9:f8:69:da:09:57:a4:11:24:
                    7b:c8:23:78:40:f4:cd:30:9c:ed:8b:04:30:cb:73:
                    31:79:7c:8e:e4:c9:97:da:1e:8b:f3:91:ce:3a:fd:
                    88:bf:0e:cb:dd:1f:8a:e8:7e:9b:4f:38:cf:50:1b:
                    77:5b:97:52:dd:82:3a:68:62:e2:68:90:76:05:33:
                    9a:b5:4d:25:12:23:58:f9:a8:07:53:fe:85:1d:7d:
                    5a:75:4d:24:94:79:2e:a7:8a:1a:b5:2d:b4:37:1d:
                    09:e7:c3:c0:6d:24:41:15:8b:5f:67:95:a6:8a:41:
                    b3:52:b9:7c:a1:2e:e5:aa:0c:6b:2e:a3:af:49:50:
                    d7:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:83:ED:3F:3E:F3:8B:98:E1:EE:79:EA:4C:14:39:30:E6:56:38:A3
            X509v3 Authority Key Identifier:
                keyid:8A:11:EB:76:4B:15:78:53:9D:6E:D3:B2:90:3B:F6:1F:4C:08:00:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:32:16:18:45:9f:2c:3b:f7:64:eb:ec:68:7d:45:84:72:45:
         3f:7b:53:4d:61:94:e5:23:a7:0d:5e:65:d1:55:4f:6f:15:dc:
         b1:f0:63:e1:f9:8f:e2:90:30:bc:7d:3a:93:f6:a7:ef:ba:0e:
         0d:77:b8:ee:f5:50:f3:24:60:ab:9a:c7:1c:bd:2b:85:2a:b7:
         ac:8c:2e:86:11:a8:2d:8e:05:8f:af:d1:87:12:4d:ae:93:45:
         b8:c9:70:f7:fa:a1:a5:97:dd:fb:be:19:ac:b1:18:80:0f:61:
         50:ec:2e:c4:54:bb:a3:0a:13:f8:5e:a9:91:89:fe:66:fd:8d:
         15:9a:9b:5f:9f:25:51:28:42:51:a3:64:42:99:27:bc:1f:5d:
         0e:ee:36:67:03:0a:3a:45:de:e1:ba:70:03:27:98:7d:a0:49:
         55:06:1c:22:26:1b:ec:da:7b:af:84:77:f8:a3:9c:0d:62:fc:
         d0:6b:56:35:94:14:fc:6b:a0:0f:30:ea:7b:a6:d0:ed:85:71:
         59:c3:b2:61:08:7b:28:95:ac:7b:d5:9f:ad:9f:d8:95:c8:3c:
         1d:db:6f:37:17:49:a9:82:e8:fb:49:a3:77:db:80:54:fc:a6:
         3c:f3:c2:f8:31:14:b2:5a:1c:76:b9:f5:3b:94:a5:ad:b3:5e:
         25:d3:6f:ea
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
Q0MwRjExMC8GA1UEBRMoOEExMUVCNzY0QjE1Nzg1MzlENkVEM0IyOTAzQkY2MUY0
QzA4MDA3QzAeFw0yNTA3MDIyMDI0MjJaFw0yNTA3MDkyMDI0MjJaMBgxFjAUBgNV
BAMTDTY4NjU5NTc2LTE1OWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZpb4gnYrpSsQOw9Yv4leaVteANgA/62pAAie70ZPgoTmiVikDevqX/IIqyTgv
d7kK1Ig4mRFA9/903IiaWRaHY/eaKBR7wJ6I5TabyYw5kt6EtTtAKWeQFbmjjb4d
E5QvFxc6sHQbWcg+PYa2nr99VAi7aQwt8zc5uktHz+n4adoJV6QRJHvII3hA9M0w
nO2LBDDLczF5fI7kyZfaHovzkc46/Yi/DsvdH4rofptPOM9QG3dbl1LdgjpoYuJo
kHYFM5q1TSUSI1j5qAdT/oUdfVp1TSSUeS6nihq1LbQ3HQnnw8BtJEEVi19nlaaK
QbNSuXyhLuWqDGsuo69JUNchAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUQIPtPz7z
i5jh7nnqTBQ5MOZWOKMwHwYDVR0jBBgwFoAUihHrdksVeFOdbtOykDv2H0wIAHww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRDQzBGLzQ5RTk5NkM0MkM2
MjExRjBBOUIxQzY1QUM0RjlBRTAyL2loSHJka3NWZUZPZGJ0T3lrRHYySDB3SUFI
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvaWhIcmRrc1ZlRk9kYnRPeWtEdjJIMHdJQUh3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRD
QzBGLzQ5RTk5NkM0MkM2MjExRjBBOUIxQzY1QUM0RjlBRTAyL2loSHJka3NWZUZP
ZGJ0T3lrRHYySDB3SUFIdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAJgyFhhFnyw792Tr7Gh9RYRyRT97U01hlOUjpw1eZdFVT28V3LHwY+H5
j+KQMLx9OpP2p++6Dg13uO71UPMkYKuaxxy9K4Uqt6yMLoYRqC2OBY+v0YcSTa6T
RbjJcPf6oaWX3fu+GayxGIAPYVDsLsRUu6MKE/heqZGJ/mb9jRWam1+fJVEoQlGj
ZEKZJ7wfXQ7uNmcDCjpF3uG6cAMnmH2gSVUGHCImG+zae6+Ed/ijnA1i/NBrVjWU
FPxroA8w6num0O2FcVnDsmEIeyiVrHvVn62f2JXIPB3bbzcXSamC6PtJo3fbgFT8
pjzzwvgxFLJaHHa59TuUpa2zXiXTb+o=
-----END CERTIFICATE-----
Generated at Thu Jul 3 21:49:03 2025 by rpki-client