Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft
File:                     dOW7m208x_jCmoO9yEkrllnw7hc.mft (raw, json)
Hash identifier:          my72i0dILm+HZPjVnUT74CIULEpyCLfyJzecXTC3DTo=
Subject key identifier:   82:1E:B8:08:FA:C4:A7:11:CB:CE:49:20:3B:F3:B4:7C:60:AE:E0:13
Authority key identifier: 74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17
Certificate issuer:       /CN=A91620E0/serialNumber=74E5BB9B6D3CC7F8C29A83BDC8492B9659F0EE17
Certificate serial:       0EA5
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft
Manifest number:          0D67
Signing time:             Wed 02 Jul 2025 19:16:57 +0000
Manifest this update:     Wed 02 Jul 2025 19:16:56 +0000
Manifest next update:     Wed 09 Jul 2025 19:16:56 +0000
Files and hashes:         1: dOW7m208x_jCmoO9yEkrllnw7hc.crl (hash: 0VMuZwCqVcLGSfOEmHbtM4y+g6P6zfYcD033M9MG5bY=)
                          2: 1CC3EA9EF83911EF9736296CC4F9AE02.roa (hash: FUaxIwT8oQPFQvtlBuPBG4NZ0X8Kt1OafVy1ZW0KAks=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.crl
                          rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 19:16:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3749 (0xea5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91620E0, serialNumber=74E5BB9B6D3CC7F8C29A83BDC8492B9659F0EE17
        Validity
            Not Before: Jul  2 19:16:56 2025 GMT
            Not After : Jul  9 19:16:56 2025 GMT
        Subject: CN=686585a8-25a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a4:28:95:f8:4b:fd:2f:ae:7c:6d:4f:8a:58:
                    4e:30:62:a1:bf:c4:b0:46:40:f6:16:df:c6:b4:d9:
                    c3:cf:4e:f9:cd:33:e0:c8:8e:14:b5:a5:f6:a6:6b:
                    30:00:eb:f4:90:52:22:c5:aa:ea:60:95:21:31:08:
                    2b:76:7e:76:60:ed:83:60:44:8f:b3:97:f9:16:b0:
                    cd:48:22:dd:2d:03:06:29:98:a7:a8:68:da:9b:42:
                    16:5b:34:d9:00:79:3c:90:38:25:5a:81:a1:d8:d1:
                    92:73:cf:dd:40:77:1a:ba:01:2a:17:82:7b:68:4a:
                    e0:15:3f:55:b8:ac:0f:46:f0:ff:00:cd:cb:06:8c:
                    4e:7f:b5:9f:7a:c1:3d:64:ca:17:45:db:b3:09:b4:
                    7f:81:fa:31:1c:eb:e7:c3:a7:34:e4:8f:1b:84:3d:
                    f2:6e:cd:ed:6c:7c:e4:e9:29:75:02:2e:53:ca:0b:
                    34:40:e7:3c:1b:c2:07:ff:dc:95:4e:b2:f0:db:1a:
                    a8:9c:3d:0d:80:3c:c8:9e:1b:20:65:63:0c:16:a7:
                    92:8a:e9:e5:95:75:a1:e3:d9:d2:c1:26:31:66:8f:
                    dd:89:2d:b3:27:aa:4b:74:ea:e0:46:5f:8c:cb:4f:
                    e0:ce:e6:3e:5e:34:5e:97:a0:07:b1:42:b1:39:a7:
                    38:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:1E:B8:08:FA:C4:A7:11:CB:CE:49:20:3B:F3:B4:7C:60:AE:E0:13
            X509v3 Authority Key Identifier:
                keyid:74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:12:a7:52:11:1b:0e:9e:4c:2a:c4:ce:de:ef:fe:0d:30:11:
         81:7b:69:cb:f4:7d:62:1a:76:0e:11:29:c3:21:d1:a9:72:89:
         55:55:3b:44:44:f8:0d:0b:67:dd:2d:e0:2e:1e:b4:2e:11:34:
         89:50:c6:19:3e:6e:f2:41:23:79:8b:02:8b:7f:10:cb:77:ff:
         d7:c0:54:11:38:ed:7f:14:86:e4:04:ab:e2:30:ca:b6:89:26:
         d2:7e:4c:ac:4d:d2:09:af:d9:f4:96:a8:89:6d:28:0e:44:17:
         61:1c:5e:3f:11:12:c0:f8:2f:c4:b1:8d:38:f8:ea:3d:20:96:
         b2:64:9e:38:04:3d:53:01:80:2b:8b:a2:6b:f5:c7:31:57:ec:
         20:c7:94:aa:4a:ce:d3:f3:a4:69:37:fd:fb:26:28:12:60:00:
         fc:74:b6:62:e4:95:90:f9:27:de:e8:ce:56:40:fa:ed:6b:ba:
         91:52:45:77:75:a2:83:1a:f5:5d:14:d6:a8:ae:37:54:04:81:
         d8:81:6a:ba:69:cf:c6:1d:b7:e8:ce:1f:41:ba:57:22:72:e8:
         d0:2a:bd:00:93:0e:8f:a2:9d:fa:83:d9:8b:35:33:ff:2d:38:
         ca:3a:8c:fb:da:e7:32:90:13:f9:75:64:40:bc:ad:1f:cd:db:
         e9:04:92:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDqUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjIwRTAxMTAvBgNVBAUTKDc0RTVCQjlCNkQzQ0M3RjhDMjlBODNCREM4NDkyQjk2
NTlGMEVFMTcwHhcNMjUwNzAyMTkxNjU2WhcNMjUwNzA5MTkxNjU2WjAYMRYwFAYD
VQQDEw02ODY1ODVhOC0yNWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtqQolfhL/S+ufG1PilhOMGKhv8SwRkD2Ft/GtNnDz075zTPgyI4UtaX2pmsw
AOv0kFIixarqYJUhMQgrdn52YO2DYESPs5f5FrDNSCLdLQMGKZinqGjam0IWWzTZ
AHk8kDglWoGh2NGSc8/dQHcaugEqF4J7aErgFT9VuKwPRvD/AM3LBoxOf7WfesE9
ZMoXRduzCbR/gfoxHOvnw6c05I8bhD3ybs3tbHzk6Sl1Ai5Tygs0QOc8G8IH/9yV
TrLw2xqonD0NgDzInhsgZWMMFqeSiunllXWh49nSwSYxZo/diS2zJ6pLdOrgRl+M
y0/gzuY+XjRel6AHsUKxOac4LQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIIeuAj6
xKcRy85JIDvztHxgruATMB8GA1UdIwQYMBaAFHTlu5ttPMf4wpqDvchJK5ZZ8O4X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjBFMC9EOTY0QjQ4MjMx
MEUxMUVBOUMzQ0U3MkZDNEY5QUUwMi9kT1c3bTIwOHhfakNtb085eUVrcmxsbnc3
aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2RPVzdtMjA4eF9qQ21vTzl5RWtybGxudzdoYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MjBFMC9EOTY0QjQ4MjMxMEUxMUVBOUMzQ0U3MkZDNEY5QUUwMi9kT1c3bTIwOHhf
akNtb085eUVrcmxsbnc3aGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCmEqdSERsOnkwqxM7e7/4NMBGBe2nL9H1iGnYOESnDIdGpcolVVTtE
RPgNC2fdLeAuHrQuETSJUMYZPm7yQSN5iwKLfxDLd//XwFQROO1/FIbkBKviMMq2
iSbSfkysTdIJr9n0lqiJbSgORBdhHF4/ERLA+C/EsY04+Oo9IJayZJ44BD1TAYAr
i6Jr9ccxV+wgx5SqSs7T86RpN/37JigSYAD8dLZi5JWQ+Sfe6M5WQPrta7qRUkV3
daKDGvVdFNaorjdUBIHYgWq6ac/GHbfozh9BulcicujQKr0Akw6Pop36g9mLNTP/
LTjKOoz72ucykBP5dWRAvK0fzdvpBJII
-----END CERTIFICATE-----
Generated at Thu Jul 3 23:37:50 2025 by rpki-client