Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A2F33/E6EC2D92809111EAABCDFF6CC4F9AE02/FOZzxKcds0p1aBNYfkghLaLnczA.mft
File:                     FOZzxKcds0p1aBNYfkghLaLnczA.mft (raw, json)
Hash identifier:          +MAIg1G6faMir0NlSal9kt8M2XYN1j+wbIfPe70275E=
Subject key identifier:   67:9A:42:B6:0A:A7:02:36:B9:77:C7:2F:0E:AE:C2:A5:50:AB:B7:B4
Authority key identifier: 14:E6:73:C4:A7:1D:B3:4A:75:68:13:58:7E:48:21:2D:A2:E7:73:30
Certificate issuer:       /CN=A91A2F33/serialNumber=14E673C4A71DB34A756813587E48212DA2E77330
Certificate serial:       0A0E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FOZzxKcds0p1aBNYfkghLaLnczA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A2F33/E6EC2D92809111EAABCDFF6CC4F9AE02/FOZzxKcds0p1aBNYfkghLaLnczA.mft
Manifest number:          09F4
Signing time:             Wed 02 Jul 2025 20:09:08 +0000
Manifest this update:     Wed 02 Jul 2025 20:09:08 +0000
Manifest next update:     Wed 09 Jul 2025 20:09:08 +0000
Files and hashes:         1: FOZzxKcds0p1aBNYfkghLaLnczA.crl (hash: DWkb3yGZvdP25wIejm2eIaqgmT5k0r095cXfY5uLd6Q=)
                          2: 344644CC1DC511EF95607948C4F9AE02.roa (hash: rkDHfwPM1DT0Lu0jNtn8nf16whUr6uH9MCf0inhJdfs=)
                          3: ED99CAA81DC411EF9E620C48C4F9AE02.roa (hash: p62MlJx+4H10Goj45fvAZ4d/rgVHWdc/FettBrr2SX0=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91A2F33/E6EC2D92809111EAABCDFF6CC4F9AE02/FOZzxKcds0p1aBNYfkghLaLnczA.crl
                          rsync://rpki.apnic.net/member_repository/A91A2F33/E6EC2D92809111EAABCDFF6CC4F9AE02/FOZzxKcds0p1aBNYfkghLaLnczA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FOZzxKcds0p1aBNYfkghLaLnczA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 20:09:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2574 (0xa0e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A2F33, serialNumber=14E673C4A71DB34A756813587E48212DA2E77330
        Validity
            Not Before: Jul  2 20:09:08 2025 GMT
            Not After : Jul  9 20:09:08 2025 GMT
        Subject: CN=686591e4-3627
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:0a:69:8e:dc:e7:d0:19:0e:72:4d:65:02:97:
                    f2:43:f0:38:17:88:48:14:d5:56:81:a8:03:e9:88:
                    38:33:87:ac:e4:91:25:f5:2c:db:c9:86:df:d6:1c:
                    03:f4:d1:b0:3e:fa:25:b1:4e:2e:91:d3:ad:bd:09:
                    5d:5c:c8:e7:b4:68:2a:2d:6b:db:2f:c8:13:7c:05:
                    db:8e:9b:11:d2:c3:24:82:93:cf:d4:d5:53:8f:a4:
                    92:cd:d5:0d:6d:b9:c2:54:98:02:f0:c3:e0:57:cc:
                    7b:65:1f:d9:ca:74:e8:e4:9c:2d:b4:fb:4f:96:1c:
                    c3:a7:55:19:71:90:62:7f:c3:70:f9:61:f6:62:50:
                    ba:64:ff:03:3c:de:b5:88:e4:b7:4c:a6:72:f6:cb:
                    a9:88:b5:a4:05:b0:b9:97:22:7f:60:a6:b2:ab:20:
                    ac:37:61:cc:70:f8:a4:84:05:d0:80:dd:41:51:c9:
                    bb:f0:d5:ef:45:d9:b2:b6:59:78:08:e1:61:30:e4:
                    02:3e:bb:10:56:e2:96:ab:f4:f2:07:b3:72:8b:7a:
                    2e:87:56:81:c9:92:0e:6a:a0:b3:13:bf:60:38:7a:
                    ba:52:aa:f7:41:59:1b:b5:4a:6b:2b:6a:aa:6a:ee:
                    c5:a4:49:0b:e4:b6:b4:c8:00:cd:fe:3c:da:3b:f3:
                    d2:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:9A:42:B6:0A:A7:02:36:B9:77:C7:2F:0E:AE:C2:A5:50:AB:B7:B4
            X509v3 Authority Key Identifier:
                keyid:14:E6:73:C4:A7:1D:B3:4A:75:68:13:58:7E:48:21:2D:A2:E7:73:30

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A2F33/E6EC2D92809111EAABCDFF6CC4F9AE02/FOZzxKcds0p1aBNYfkghLaLnczA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FOZzxKcds0p1aBNYfkghLaLnczA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A2F33/E6EC2D92809111EAABCDFF6CC4F9AE02/FOZzxKcds0p1aBNYfkghLaLnczA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:53:47:22:03:3f:fa:cb:3c:98:e5:a1:64:3b:ef:54:0d:e5:
         4c:99:a8:43:fa:4d:d6:16:4e:88:15:8f:96:9e:c0:85:96:a4:
         57:c6:bc:f4:2a:ac:80:39:34:64:26:de:12:73:cd:3e:ae:e8:
         55:b8:a0:b1:13:bd:a3:8c:b2:b2:bb:9f:13:d5:c5:bc:14:b1:
         64:48:92:3b:1e:04:66:80:23:be:96:d3:b5:9f:18:18:76:c0:
         af:d9:1e:f2:18:fe:f7:8b:69:02:fd:1a:7e:f6:64:ee:3f:aa:
         50:fe:a9:54:1f:4d:05:0d:21:1d:53:04:3c:22:8f:4b:c0:c4:
         b3:73:f7:41:50:9a:39:d6:5e:21:2d:ca:dd:d7:9b:6f:71:da:
         66:ca:f0:5a:ac:09:82:15:23:be:ae:a3:14:09:46:49:1d:91:
         7b:74:a5:27:12:64:98:07:fc:8e:b9:c0:77:dd:8a:57:b2:fb:
         4a:bf:4a:60:4b:fc:3e:37:9c:f5:2a:66:91:96:0d:7f:0b:7a:
         66:d0:93:30:6d:71:06:6f:cf:f8:62:64:03:df:2d:a2:87:3c:
         3b:37:73:a1:41:ab:ae:c2:8f:e3:49:09:77:c2:98:a9:e0:b6:
         41:a9:73:85:76:84:56:12:4a:55:10:ca:b7:b6:d1:7f:e2:95:
         f7:05:a1:ad
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCg4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTJGMzMxMTAvBgNVBAUTKDE0RTY3M0M0QTcxREIzNEE3NTY4MTM1ODdFNDgyMTJE
QTJFNzczMzAwHhcNMjUwNzAyMjAwOTA4WhcNMjUwNzA5MjAwOTA4WjAYMRYwFAYD
VQQDEw02ODY1OTFlNC0zNjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2wppjtzn0BkOck1lApfyQ/A4F4hIFNVWgagD6Yg4M4es5JEl9SzbyYbf1hwD
9NGwPvolsU4ukdOtvQldXMjntGgqLWvbL8gTfAXbjpsR0sMkgpPP1NVTj6SSzdUN
bbnCVJgC8MPgV8x7ZR/ZynTo5JwttPtPlhzDp1UZcZBif8Nw+WH2YlC6ZP8DPN61
iOS3TKZy9supiLWkBbC5lyJ/YKayqyCsN2HMcPikhAXQgN1BUcm78NXvRdmytll4
COFhMOQCPrsQVuKWq/TyB7Nyi3ouh1aByZIOaqCzE79gOHq6Uqr3QVkbtUprK2qq
au7FpEkL5La0yADN/jzaO/PSkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGeaQrYK
pwI2uXfHLw6uwqVQq7e0MB8GA1UdIwQYMBaAFBTmc8SnHbNKdWgTWH5IIS2i53Mw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMkYzMy9FNkVDMkQ5Mjgw
OTExMUVBQUJDREZGNkNDNEY5QUUwMi9GT1p6eEtjZHMwcDFhQk5ZZmtnaExhTG5j
ekEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZPWnp4S2NkczBwMWFCTllma2doTGFMbmN6QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MkYzMy9FNkVDMkQ5MjgwOTExMUVBQUJDREZGNkNDNEY5QUUwMi9GT1p6eEtjZHMw
cDFhQk5ZZmtnaExhTG5jekEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAiU0ciAz/6yzyY5aFkO+9UDeVMmahD+k3WFk6IFY+WnsCFlqRXxrz0
KqyAOTRkJt4Sc80+ruhVuKCxE72jjLKyu58T1cW8FLFkSJI7HgRmgCO+ltO1nxgY
dsCv2R7yGP73i2kC/Rp+9mTuP6pQ/qlUH00FDSEdUwQ8Io9LwMSzc/dBUJo51l4h
Lcrd15tvcdpmyvBarAmCFSO+rqMUCUZJHZF7dKUnEmSYB/yOucB33YpXsvtKv0pg
S/w+N5z1KmaRlg1/C3pm0JMwbXEGb8/4YmQD3y2ihzw7N3OhQauuwo/jSQl3wpip
4LZBqXOFdoRWEkpVEMq3ttF/4pX3BaGt
-----END CERTIFICATE-----
Generated at Thu Jul 3 23:58:40 2025 by rpki-client