Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft
File:                     XctT6r5qkI7KhlLekkgHxQnFLTA.mft (raw, json)
Hash identifier:          kKSlW0/4YoyPFPUOREnN13kxgAnFewXpXXeufyDnQqs=
Subject key identifier:   56:3B:37:AC:EE:D1:C9:AA:1C:44:65:CF:41:BC:3D:B3:B5:D7:2B:03
Authority key identifier: 5D:CB:53:EA:BE:6A:90:8E:CA:86:52:DE:92:48:07:C5:09:C5:2D:30
Certificate issuer:       /CN=A918560D/serialNumber=5DCB53EABE6A908ECA8652DE924807C509C52D30
Certificate serial:       0CFC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XctT6r5qkI7KhlLekkgHxQnFLTA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft
Manifest number:          0CF3
Signing time:             Wed 02 Jul 2025 18:18:42 +0000
Manifest this update:     Wed 02 Jul 2025 18:18:42 +0000
Manifest next update:     Wed 09 Jul 2025 18:18:42 +0000
Files and hashes:         1: XctT6r5qkI7KhlLekkgHxQnFLTA.crl (hash: BsPamA9EH6it/sTEdCQ+5yA/2VOOFCm+4E4spYL3Vf0=)
                          2: 41A8E738045111EA9C7DF516C4F9AE02.roa (hash: 549cEJi0czWRyHHS6o5u4NQ6YCs80VKq9MH5xptp8mg=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.crl
                          rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XctT6r5qkI7KhlLekkgHxQnFLTA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 18:18:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3324 (0xcfc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918560D, serialNumber=5DCB53EABE6A908ECA8652DE924807C509C52D30
        Validity
            Not Before: Jul  2 18:18:42 2025 GMT
            Not After : Jul  9 18:18:42 2025 GMT
        Subject: CN=68657802-9182
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:b1:f7:7c:59:cd:c6:1c:52:7b:a3:8d:12:3c:
                    20:ce:a6:08:13:f9:d1:a7:ba:60:c4:35:38:bf:27:
                    cc:cf:d3:29:02:11:94:94:86:ea:7c:f4:a8:9b:db:
                    d8:2a:34:d4:47:6f:a6:5c:79:00:ab:fd:66:c9:b7:
                    3c:2c:0f:b2:c5:15:77:27:40:3a:e6:27:36:11:68:
                    d6:f8:c7:bd:0b:5d:a4:95:67:cd:8e:84:a8:25:c5:
                    69:ce:80:df:d5:aa:5d:2b:29:d5:0d:1e:66:12:30:
                    b2:80:6d:3c:15:74:fb:c6:6c:25:08:b6:1a:14:80:
                    61:d6:84:ed:ae:48:37:0b:4d:c2:85:ef:e8:c6:de:
                    1d:d7:48:89:f2:8d:fe:6f:8b:a7:ab:bd:54:77:fe:
                    89:bd:5e:42:c7:85:c7:04:58:e9:ba:01:8a:af:b4:
                    79:3b:4e:31:a4:e9:26:12:7f:80:66:20:26:91:aa:
                    b9:bf:da:cc:4f:43:77:db:f6:eb:ae:42:8d:e6:42:
                    59:82:eb:8c:f3:a0:42:02:15:32:98:51:1a:7f:ce:
                    20:c1:3e:97:c7:66:5c:c1:76:ca:0a:37:d4:fd:1f:
                    d5:4a:48:af:02:b4:68:8e:a0:74:55:dc:8c:76:d3:
                    8b:30:32:fa:4b:a1:24:49:2b:5c:3d:c0:4d:93:2a:
                    06:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:3B:37:AC:EE:D1:C9:AA:1C:44:65:CF:41:BC:3D:B3:B5:D7:2B:03
            X509v3 Authority Key Identifier:
                keyid:5D:CB:53:EA:BE:6A:90:8E:CA:86:52:DE:92:48:07:C5:09:C5:2D:30

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XctT6r5qkI7KhlLekkgHxQnFLTA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:51:38:1c:c8:b9:86:e3:e2:a1:6f:b3:64:fc:3a:e5:aa:fa:
         c7:4a:dc:1e:36:49:a1:c0:04:9e:f7:0f:62:8a:5f:ed:f5:19:
         2b:50:df:92:93:9f:fd:93:57:10:17:9b:6a:87:4b:36:5e:c6:
         54:24:bc:d6:63:42:30:56:21:61:ac:04:1f:2e:1c:74:6d:e5:
         81:d2:8f:f8:e9:23:c3:9c:f5:2b:1d:e1:f1:e4:5a:e1:be:20:
         ed:a0:b8:30:26:da:5c:33:bb:fe:bb:47:a4:9c:2c:99:7a:39:
         14:e0:96:d1:58:6f:39:9d:de:69:9d:35:09:5b:91:5b:dd:ee:
         80:b2:08:a2:3f:8b:b3:b5:a0:f0:e4:ca:df:4c:31:fa:f0:88:
         62:5c:35:7d:e8:c3:1c:57:5f:8b:2a:7f:29:d5:45:ad:32:e5:
         f4:0a:a5:c1:c8:34:31:6d:81:c1:fb:97:04:d1:53:ff:87:00:
         e6:2c:ca:c5:ef:e5:1e:75:39:d8:73:01:ce:e5:da:b6:c8:5d:
         11:91:28:38:65:26:eb:fe:76:eb:5d:6c:4e:fd:13:b0:87:a9:
         ee:d7:95:02:15:f5:b4:c8:7d:15:6b:d6:f2:4c:ef:bb:89:07:
         d5:2e:5f:9d:e9:d5:c3:e2:17:32:1b:51:1f:8c:90:54:2c:48:
         5e:3d:71:3d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODU2MEQxMTAvBgNVBAUTKDVEQ0I1M0VBQkU2QTkwOEVDQTg2NTJERTkyNDgwN0M1
MDlDNTJEMzAwHhcNMjUwNzAyMTgxODQyWhcNMjUwNzA5MTgxODQyWjAYMRYwFAYD
VQQDEw02ODY1NzgwMi05MTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2rH3fFnNxhxSe6ONEjwgzqYIE/nRp7pgxDU4vyfMz9MpAhGUlIbqfPSom9vY
KjTUR2+mXHkAq/1mybc8LA+yxRV3J0A65ic2EWjW+Me9C12klWfNjoSoJcVpzoDf
1apdKynVDR5mEjCygG08FXT7xmwlCLYaFIBh1oTtrkg3C03Che/oxt4d10iJ8o3+
b4unq71Ud/6JvV5Cx4XHBFjpugGKr7R5O04xpOkmEn+AZiAmkaq5v9rMT0N32/br
rkKN5kJZguuM86BCAhUymFEaf84gwT6Xx2ZcwXbKCjfU/R/VSkivArRojqB0VdyM
dtOLMDL6S6EkSStcPcBNkyoGSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFY7N6zu
0cmqHERlz0G8PbO11ysDMB8GA1UdIwQYMBaAFF3LU+q+apCOyoZS3pJIB8UJxS0w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTYwRC9GNURDQTZENEU1
QjgxMUU5OEE3NjEyMEVDNEY5QUUwMi9YY3RUNnI1cWtJN0tobExla2tnSHhRbkZM
VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hjdFQ2cjVxa0k3S2hsTGVra2dIeFFuRkxUQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NTYwRC9GNURDQTZENEU1QjgxMUU5OEE3NjEyMEVDNEY5QUUwMi9YY3RUNnI1cWtJ
N0tobExla2tnSHhRbkZMVEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCqUTgcyLmG4+Khb7Nk/DrlqvrHStweNkmhwASe9w9iil/t9RkrUN+S
k5/9k1cQF5tqh0s2XsZUJLzWY0IwViFhrAQfLhx0beWB0o/46SPDnPUrHeHx5Frh
viDtoLgwJtpcM7v+u0eknCyZejkU4JbRWG85nd5pnTUJW5Fb3e6AsgiiP4uztaDw
5MrfTDH68IhiXDV96MMcV1+LKn8p1UWtMuX0CqXByDQxbYHB+5cE0VP/hwDmLMrF
7+UedTnYcwHO5dq2yF0RkSg4ZSbr/nbrXWxO/ROwh6nu15UCFfW0yH0Va9byTO+7
iQfVLl+d6dXD4hcyG1EfjJBULEhePXE9
-----END CERTIFICATE-----
Generated at Thu Jul 3 14:57:52 2025 by rpki-client