Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft
File:                     ihHrdksVeFOdbtOykDv2H0wIAHw.mft (raw, json)
Hash identifier:          MWk9A/88BZa3USthrFKOthTnRg/OiTEDVFRmI3yFQsU=
Subject key identifier:   3E:B7:75:10:A5:A3:E9:64:07:73:1F:47:18:FD:FA:21:3A:57:AC:7D
Authority key identifier: 8A:11:EB:76:4B:15:78:53:9D:6E:D3:B2:90:3B:F6:1F:4C:08:00:7C
Certificate issuer:       /CN=A914CC0F/serialNumber=8A11EB764B1578539D6ED3B2903BF61F4C08007C
Certificate serial:       06
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft
Manifest number:          06
Signing time:             Fri 16 May 2025 20:29:10 +0000
Manifest this update:     Fri 16 May 2025 20:29:10 +0000
Manifest next update:     Fri 23 May 2025 20:29:10 +0000
Files and hashes:         1: ihHrdksVeFOdbtOykDv2H0wIAHw.crl (hash: eMD8/YEvcXuOD1GYfxZF32AcVB6WLxbix5j4B2Fg42A=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.crl
                          rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 23 May 2025 20:29:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914CC0F, serialNumber=8A11EB764B1578539D6ED3B2903BF61F4C08007C
        Validity
            Not Before: May 16 20:29:10 2025 GMT
            Not After : May 23 20:29:10 2025 GMT
        Subject: CN=6827a016-9f49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c6:49:5f:d4:81:6e:2b:92:f7:9d:c4:20:7a:
                    21:20:8f:9b:e1:cf:8b:6f:f9:4b:61:64:fe:8b:0c:
                    90:0e:e8:06:81:bb:09:71:93:f6:b0:89:75:b9:1c:
                    bd:43:f4:fd:15:59:16:91:b4:c7:44:bb:43:cf:40:
                    65:52:ab:2d:da:ee:80:1f:6c:fe:13:ee:ab:81:a4:
                    19:ff:9b:f0:f6:4a:1c:1f:89:e9:3d:46:c2:78:df:
                    23:f6:f6:cc:ee:70:6d:cc:7e:d6:c9:cd:f0:ed:65:
                    4c:6a:a0:1e:e8:86:1f:31:82:b2:e5:e8:3d:95:6a:
                    4a:69:46:12:a6:3b:ec:9c:e6:91:8e:e2:78:49:db:
                    86:4a:43:bc:25:64:03:d5:6d:ba:94:08:da:9f:62:
                    50:c9:72:f5:be:d4:a9:60:11:af:f0:b9:d2:09:bd:
                    e9:55:3d:16:9a:fe:e4:0e:a6:6f:49:bc:9f:ff:a8:
                    39:78:e0:e5:e3:0e:08:34:b3:ff:b0:bb:f9:df:8c:
                    05:63:3e:f1:be:2c:bf:34:c8:b9:40:97:03:1d:01:
                    c3:cc:0e:a0:79:44:72:10:48:2e:a6:29:4e:fb:03:
                    e5:27:d8:47:01:0e:ee:e3:bb:0c:95:3a:55:af:3c:
                    29:14:49:42:52:47:ca:70:74:8c:00:f5:cb:3e:d7:
                    52:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:B7:75:10:A5:A3:E9:64:07:73:1F:47:18:FD:FA:21:3A:57:AC:7D
            X509v3 Authority Key Identifier:
                keyid:8A:11:EB:76:4B:15:78:53:9D:6E:D3:B2:90:3B:F6:1F:4C:08:00:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         d5:af:5b:49:56:ec:1b:e7:f5:ff:01:db:0c:64:50:ca:d7:8e:
         f6:ca:db:fa:53:cf:04:5b:3a:2b:06:ca:2a:e1:21:a6:80:71:
         d3:ab:65:80:b1:e6:26:94:28:0f:65:02:7c:1e:96:41:7b:50:
         3f:b7:ef:c7:74:a3:93:81:ea:9d:cd:83:db:3b:79:3a:aa:38:
         c2:cf:78:66:ab:cf:13:d8:6c:f9:40:ab:d9:c6:fb:80:51:c9:
         a5:fc:35:62:af:e3:2d:ec:fb:97:2a:54:65:9a:4e:68:3e:78:
         35:10:86:45:d5:de:5a:db:21:7c:8a:a2:b4:14:20:75:af:0c:
         a7:d3:e4:b8:4b:9c:d0:6c:42:de:52:ec:85:2f:87:57:2a:8b:
         46:79:42:ac:0d:d1:e3:d2:2a:d5:6b:a9:09:3f:6d:45:51:2e:
         bb:e3:ee:92:1e:61:96:03:70:46:2d:03:27:1a:86:e5:1f:47:
         f9:e0:ab:cc:d8:01:da:b4:6a:5f:e9:7e:da:7a:9b:c8:77:81:
         41:7e:b1:21:16:40:a2:87:f4:0b:85:47:48:2c:53:86:e7:bc:
         67:6b:6a:27:81:ae:ac:88:b2:d5:c6:b9:32:79:0b:17:94:2f:
         b2:34:66:1b:7b:ef:be:f5:16:fb:1a:8d:29:96:98:27:20:ba:
         29:08:ef:26
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
Q0MwRjExMC8GA1UEBRMoOEExMUVCNzY0QjE1Nzg1MzlENkVEM0IyOTAzQkY2MUY0
QzA4MDA3QzAeFw0yNTA1MTYyMDI5MTBaFw0yNTA1MjMyMDI5MTBaMBgxFjAUBgNV
BAMTDTY4MjdhMDE2LTlmNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJxklf1IFuK5L3ncQgeiEgj5vhz4tv+UthZP6LDJAO6AaBuwlxk/awiXW5HL1D
9P0VWRaRtMdEu0PPQGVSqy3a7oAfbP4T7quBpBn/m/D2Shwfiek9RsJ43yP29szu
cG3MftbJzfDtZUxqoB7ohh8xgrLl6D2VakppRhKmO+yc5pGO4nhJ24ZKQ7wlZAPV
bbqUCNqfYlDJcvW+1KlgEa/wudIJvelVPRaa/uQOpm9JvJ//qDl44OXjDgg0s/+w
u/nfjAVjPvG+LL80yLlAlwMdAcPMDqB5RHIQSC6mKU77A+Un2EcBDu7juwyVOlWv
PCkUSUJSR8pwdIwA9cs+11KpAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUPrd1EKWj
6WQHcx9HGP36ITpXrH0wHwYDVR0jBBgwFoAUihHrdksVeFOdbtOykDv2H0wIAHww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRDQzBGLzQ5RTk5NkM0MkM2
MjExRjBBOUIxQzY1QUM0RjlBRTAyL2loSHJka3NWZUZPZGJ0T3lrRHYySDB3SUFI
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvaWhIcmRrc1ZlRk9kYnRPeWtEdjJIMHdJQUh3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRD
QzBGLzQ5RTk5NkM0MkM2MjExRjBBOUIxQzY1QUM0RjlBRTAyL2loSHJka3NWZUZP
ZGJ0T3lrRHYySDB3SUFIdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBANWvW0lW7Bvn9f8B2wxkUMrXjvbK2/pTzwRbOisGyirhIaaAcdOrZYCx
5iaUKA9lAnwelkF7UD+378d0o5OB6p3Ng9s7eTqqOMLPeGarzxPYbPlAq9nG+4BR
yaX8NWKv4y3s+5cqVGWaTmg+eDUQhkXV3lrbIXyKorQUIHWvDKfT5LhLnNBsQt5S
7IUvh1cqi0Z5QqwN0ePSKtVrqQk/bUVRLrvj7pIeYZYDcEYtAycahuUfR/ngq8zY
Adq0al/pftp6m8h3gUF+sSEWQKKH9AuFR0gsU4bnvGdraieBrqyIstXGuTJ5CxeU
L7I0Zht77771FvsajSmWmCcguikI7yY=
-----END CERTIFICATE-----
Generated at Sun May 18 01:59:45 2025 by rpki-client