Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.mft
File:                     hav4SAyQlji9zKZTrx5pD1crI-E.mft (raw, json)
Hash identifier:          llJ9H05qUm1c1b6vBYcpIiJMKSUr1sl51p1Rj3Pf+ck=
Subject key identifier:   91:FB:EA:D0:0A:7D:52:D0:C8:69:C2:F7:31:31:66:9A:3D:9A:21:57
Authority key identifier: 85:AB:F8:48:0C:90:96:38:BD:CC:A6:53:AF:1E:69:0F:57:2B:23:E1
Certificate issuer:       /CN=A91A03CB/serialNumber=85ABF8480C909638BDCCA653AF1E690F572B23E1
Certificate serial:       34AD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.mft
Manifest number:          34A4
Signing time:             Wed 02 Jul 2025 14:53:06 +0000
Manifest this update:     Wed 02 Jul 2025 14:53:06 +0000
Manifest next update:     Wed 09 Jul 2025 14:53:06 +0000
Files and hashes:         1: hav4SAyQlji9zKZTrx5pD1crI-E.crl (hash: MbYJXaqLviuIsXxXop6P5FlqB75D8BPJ3QZi80Q7Enc=)
                          2: ABF3C76E0C4B11EF87D4886FC4F9AE02.roa (hash: 4D8Gd5fcPnmWPe8Yaf2DxYR0OtX+KheAxOMoPi97yp8=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.crl
                          rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 14:53:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13485 (0x34ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A03CB, serialNumber=85ABF8480C909638BDCCA653AF1E690F572B23E1
        Validity
            Not Before: Jul  2 14:53:06 2025 GMT
            Not After : Jul  9 14:53:06 2025 GMT
        Subject: CN=686547d2-0a5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e7:20:77:5e:1e:f3:56:94:68:db:14:f4:76:
                    01:c1:26:7d:60:bd:92:1d:1c:3a:4f:12:1b:e3:2b:
                    0d:d3:03:97:f6:22:7a:6e:02:41:b6:75:cc:f6:5f:
                    48:f2:50:0b:8f:47:57:72:9b:91:a6:95:39:c5:8e:
                    e7:f6:46:76:56:6d:b0:cf:ef:8b:a0:a7:0e:0b:72:
                    1e:f8:a5:00:9a:83:5c:bc:01:fa:2c:d0:86:b1:d3:
                    48:7f:f0:eb:74:c7:23:66:17:f9:5e:3d:86:b6:bc:
                    aa:f8:4e:ec:04:44:09:70:8a:40:30:a1:eb:a9:b1:
                    b2:d0:b6:49:c1:f8:96:6c:1e:74:77:34:99:46:ba:
                    9d:f6:18:f0:b8:b0:32:82:92:72:3e:aa:7d:84:8b:
                    a9:29:8e:ae:91:b7:10:1f:c4:25:c7:36:c9:43:02:
                    dc:c4:50:88:78:6e:3b:af:63:02:6f:11:c7:01:8d:
                    21:98:82:c4:72:fa:37:09:3e:b6:50:9e:50:9e:0e:
                    0a:39:4e:f6:62:43:59:44:2d:7b:7f:1c:c9:d9:a8:
                    28:3d:e2:ab:98:fb:c3:ff:73:0a:6c:82:88:2f:c8:
                    05:9c:46:4e:16:df:48:e8:1f:14:b2:59:a9:c4:fa:
                    ba:e7:de:ad:19:77:8b:1b:8e:90:d0:41:71:b8:95:
                    de:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:FB:EA:D0:0A:7D:52:D0:C8:69:C2:F7:31:31:66:9A:3D:9A:21:57
            X509v3 Authority Key Identifier:
                keyid:85:AB:F8:48:0C:90:96:38:BD:CC:A6:53:AF:1E:69:0F:57:2B:23:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:60:45:d6:60:6d:c1:10:c1:64:5e:e7:88:c0:5a:23:79:68:
         f8:cd:b1:c0:b0:69:f5:44:07:eb:f1:cd:cc:ca:9c:ab:bf:16:
         15:67:cd:bd:c3:6a:01:1a:4b:d4:2c:56:02:f7:5d:6d:07:30:
         20:e0:5d:88:15:47:d6:78:f5:62:24:75:2b:a7:09:75:f6:15:
         63:29:e8:9e:38:a5:b5:41:de:a8:ff:18:37:15:84:67:32:18:
         fa:09:8c:a7:93:aa:4b:97:74:ea:91:19:4c:de:cc:8a:71:a0:
         50:c3:c1:6a:67:7f:51:1a:2d:bc:d6:52:36:57:aa:67:e0:f2:
         56:f8:b2:29:d1:19:2c:bd:1a:f4:59:49:34:d0:ce:89:84:90:
         26:7e:54:da:6d:65:68:9e:e0:76:d5:2a:a5:ad:41:cc:cf:db:
         58:b7:5b:44:9a:a9:25:39:58:92:57:5d:cc:e2:41:d3:79:f0:
         95:f6:b6:b4:d7:06:b5:2c:d2:93:a3:b2:61:81:30:bf:51:3f:
         e0:2d:fa:8d:f3:5f:69:3f:a7:c6:eb:7e:2b:e1:40:f6:45:9c:
         03:a5:32:b3:00:5c:4b:58:02:26:5b:9f:92:38:d8:bb:5e:4b:
         9e:bb:99:be:7a:a2:ea:cc:45:cc:8a:d6:52:d0:a9:d3:b4:72:
         74:f1:ac:3a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAzQ0IxMTAvBgNVBAUTKDg1QUJGODQ4MEM5MDk2MzhCRENDQTY1M0FGMUU2OTBG
NTcyQjIzRTEwHhcNMjUwNzAyMTQ1MzA2WhcNMjUwNzA5MTQ1MzA2WjAYMRYwFAYD
VQQDEw02ODY1NDdkMi0wYTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ecgd14e81aUaNsU9HYBwSZ9YL2SHRw6TxIb4ysN0wOX9iJ6bgJBtnXM9l9I
8lALj0dXcpuRppU5xY7n9kZ2Vm2wz++LoKcOC3Ie+KUAmoNcvAH6LNCGsdNIf/Dr
dMcjZhf5Xj2Gtryq+E7sBEQJcIpAMKHrqbGy0LZJwfiWbB50dzSZRrqd9hjwuLAy
gpJyPqp9hIupKY6ukbcQH8QlxzbJQwLcxFCIeG47r2MCbxHHAY0hmILEcvo3CT62
UJ5Qng4KOU72YkNZRC17fxzJ2agoPeKrmPvD/3MKbIKIL8gFnEZOFt9I6B8Uslmp
xPq6596tGXeLG46Q0EFxuJXecQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJH76tAK
fVLQyGnC9zExZpo9miFXMB8GA1UdIwQYMBaAFIWr+EgMkJY4vcymU68eaQ9XKyPh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDNDQi84MUQ5RTRBMDFE
OTYxMUUyQUFDMjE0N0YwOEIwMkNEMi9oYXY0U0F5UWxqaTl6S1pUcng1cEQxY3JJ
LUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hhdjRTQXlRbGppOXpLWlRyeDVwRDFjckktRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MDNDQi84MUQ5RTRBMDFEOTYxMUUyQUFDMjE0N0YwOEIwMkNEMi9oYXY0U0F5UWxq
aTl6S1pUcng1cEQxY3JJLUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAjYEXWYG3BEMFkXueIwFojeWj4zbHAsGn1RAfr8c3MypyrvxYVZ829
w2oBGkvULFYC911tBzAg4F2IFUfWePViJHUrpwl19hVjKeieOKW1Qd6o/xg3FYRn
Mhj6CYynk6pLl3TqkRlM3syKcaBQw8FqZ39RGi281lI2V6pn4PJW+LIp0RksvRr0
WUk00M6JhJAmflTabWVonuB21SqlrUHMz9tYt1tEmqklOViSV13M4kHTefCV9ra0
1wa1LNKTo7JhgTC/UT/gLfqN819pP6fG634r4UD2RZwDpTKzAFxLWAImW5+SONi7
Xkueu5m+eqLqzEXMitZS0KnTtHJ08aw6
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:59:33 2025 by rpki-client