Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.mft
File:                     J5KVmyX7-evckzm6nH01VXJpaas.mft (raw, json)
Hash identifier:          pHQ7lo6nw1wXkB8yyW90rkbvvPm/CHQMg/lHLymQ3hs=
Subject key identifier:   EE:34:4B:8E:56:CB:F6:1C:44:B0:EB:34:70:4F:AC:8F:E5:2E:B2:90
Authority key identifier: 27:92:95:9B:25:FB:F9:EB:DC:93:39:BA:9C:7D:35:55:72:69:69:AB
Certificate issuer:       /CN=A9189261/serialNumber=2792959B25FBF9EBDC9339BA9C7D3555726969AB
Certificate serial:       0685
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J5KVmyX7-evckzm6nH01VXJpaas.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.mft
Manifest number:          0680
Signing time:             Fri 22 Aug 2025 22:32:43 +0000
Manifest this update:     Fri 22 Aug 2025 22:32:42 +0000
Manifest next update:     Fri 29 Aug 2025 22:32:42 +0000
Files and hashes:         1: J5KVmyX7-evckzm6nH01VXJpaas.crl (hash: 3j8B3eNJlXXBxLgV3Lm56J5ThYqmaCe0yAN4Vi1K0e4=)
                          2: CDACEC3686AD11EBBDFD106EC4F9AE02.roa (hash: U3xUizSTWdJYMjLLq4qIbC/HRkla7mf9lgp0wntQ29I=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.crl
                          rsync://rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J5KVmyX7-evckzm6nH01VXJpaas.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Aug 2025 22:32:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1669 (0x685)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9189261, serialNumber=2792959B25FBF9EBDC9339BA9C7D3555726969AB
        Validity
            Not Before: Aug 22 22:32:42 2025 GMT
            Not After : Aug 29 22:32:42 2025 GMT
        Subject: CN=68a8f00a-3dc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:99:b8:93:92:dc:06:25:23:39:a1:ea:a4:04:
                    69:83:7d:6b:ef:cc:51:c8:d3:6b:0f:9d:a7:01:39:
                    05:3f:35:ef:4d:42:47:27:15:98:10:4d:cf:c9:47:
                    82:98:ce:19:08:f5:50:10:6b:c7:2d:dc:e5:bc:1b:
                    e1:a8:3f:09:9c:83:bf:04:38:a9:81:55:08:19:39:
                    44:61:e3:cf:97:68:09:ff:61:6d:e1:e3:d2:6e:34:
                    d5:85:9b:86:ba:02:01:fe:b7:ab:32:34:4d:2c:75:
                    06:56:12:0b:f5:89:93:4a:2c:1e:fa:61:1a:d8:ce:
                    ec:15:00:a8:b7:da:98:c3:f1:f1:12:19:07:a3:b7:
                    bf:e8:b6:97:41:82:55:0e:6e:d3:22:58:a4:de:0e:
                    94:b3:15:2a:76:e0:36:fa:5b:5f:11:a5:51:c7:16:
                    c6:7f:be:04:31:67:80:4a:be:30:46:35:f7:0b:bd:
                    e7:41:53:3f:b3:7d:79:e9:3d:e2:ad:f5:90:a0:d4:
                    11:02:a9:e4:3f:0b:d5:21:a6:57:f7:04:93:5a:34:
                    19:46:94:86:c3:33:a5:e7:93:4b:d8:f4:3e:63:3b:
                    84:19:96:79:64:88:98:76:58:a9:c2:36:b3:57:6b:
                    11:6d:07:ee:5a:91:b5:b6:ce:a1:dd:46:aa:0d:e9:
                    4b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:34:4B:8E:56:CB:F6:1C:44:B0:EB:34:70:4F:AC:8F:E5:2E:B2:90
            X509v3 Authority Key Identifier:
                keyid:27:92:95:9B:25:FB:F9:EB:DC:93:39:BA:9C:7D:35:55:72:69:69:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J5KVmyX7-evckzm6nH01VXJpaas.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189261/90B6F72E86AB11EBA9086350C4F9AE02/J5KVmyX7-evckzm6nH01VXJpaas.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:12:d8:95:31:c9:37:7a:3a:92:c1:3b:1b:de:7c:f8:eb:f5:
         44:6b:60:de:eb:f1:a8:5f:8f:90:4c:06:40:96:5d:94:5e:8f:
         38:6f:ad:bf:e0:5d:04:95:e6:e5:a8:d2:0b:e0:41:05:0c:89:
         ee:a9:fa:f3:4a:b2:46:88:28:5b:36:c7:e0:a7:62:1a:0a:3c:
         fb:43:9e:47:f3:33:7b:e4:9d:1f:2c:cd:9e:a7:fd:87:13:c4:
         53:42:67:41:57:e0:55:27:e0:1a:57:fe:1a:5e:47:ae:21:35:
         fc:83:2f:f6:56:a0:e4:99:00:07:c9:97:b6:cf:29:81:af:6b:
         59:e0:2e:91:ed:70:df:b2:d3:d2:4f:c8:db:08:03:e3:84:8d:
         f2:11:c8:29:9f:76:a5:d0:84:d9:59:6f:94:b9:52:62:8d:9a:
         d8:c2:c6:be:84:ac:be:58:da:39:f3:3e:00:07:4b:ff:84:6a:
         62:be:d8:51:63:b6:7c:cc:41:18:12:8b:31:4c:b1:ce:3b:44:
         35:45:27:11:6b:8e:30:6e:66:2c:09:01:15:fb:b7:32:d5:32:
         23:61:d9:73:ff:80:d2:ee:c6:7c:2a:38:cb:0a:ca:ee:0e:50:
         91:51:1e:b5:39:65:97:83:e7:f3:dd:73:7f:3a:c2:67:b8:ce:
         47:bd:e8:fc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODkyNjExMTAvBgNVBAUTKDI3OTI5NTlCMjVGQkY5RUJEQzkzMzlCQTlDN0QzNTU1
NzI2OTY5QUIwHhcNMjUwODIyMjIzMjQyWhcNMjUwODI5MjIzMjQyWjAYMRYwFAYD
VQQDEw02OGE4ZjAwYS0zZGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0Jm4k5LcBiUjOaHqpARpg31r78xRyNNrD52nATkFPzXvTUJHJxWYEE3PyUeC
mM4ZCPVQEGvHLdzlvBvhqD8JnIO/BDipgVUIGTlEYePPl2gJ/2Ft4ePSbjTVhZuG
ugIB/rerMjRNLHUGVhIL9YmTSiwe+mEa2M7sFQCot9qYw/HxEhkHo7e/6LaXQYJV
Dm7TIlik3g6UsxUqduA2+ltfEaVRxxbGf74EMWeASr4wRjX3C73nQVM/s3156T3i
rfWQoNQRAqnkPwvVIaZX9wSTWjQZRpSGwzOl55NL2PQ+YzuEGZZ5ZIiYdlipwjaz
V2sRbQfuWpG1ts6h3UaqDelLzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO40S45W
y/YcRLDrNHBPrI/lLrKQMB8GA1UdIwQYMBaAFCeSlZsl+/nr3JM5upx9NVVyaWmr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4OTI2MS85MEI2RjcyRTg2
QUIxMUVCQTkwODYzNTBDNEY5QUUwMi9KNUtWbXlYNy1ldmNrem02bkgwMVZYSnBh
YXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0o1S1ZteVg3LWV2Y2t6bTZuSDAxVlhKcGFhcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
OTI2MS85MEI2RjcyRTg2QUIxMUVCQTkwODYzNTBDNEY5QUUwMi9KNUtWbXlYNy1l
dmNrem02bkgwMVZYSnBhYXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCxEtiVMck3ejqSwTsb3nz46/VEa2De6/GoX4+QTAZAll2UXo84b62/
4F0EleblqNIL4EEFDInuqfrzSrJGiChbNsfgp2IaCjz7Q55H8zN75J0fLM2ep/2H
E8RTQmdBV+BVJ+AaV/4aXkeuITX8gy/2VqDkmQAHyZe2zymBr2tZ4C6R7XDfstPS
T8jbCAPjhI3yEcgpn3al0ITZWW+UuVJijZrYwsa+hKy+WNo58z4AB0v/hGpivthR
Y7Z8zEEYEosxTLHOO0Q1RScRa44wbmYsCQEV+7cy1TIjYdlz/4DS7sZ8KjjLCsru
DlCRUR61OWWXg+fz3XN/OsJnuM5Hvej8
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:25:10 2025 by rpki-client