Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft
File:                     5bRMaejecz32GWYFbn5BXsfHDSo.mft (raw, json)
Hash identifier:          yQNSmYIkC7HVLhtxF2GRu+Ih4f9myw7NGBJrlo43AWk=
Subject key identifier:   E9:30:3C:7B:ED:98:1F:A3:C4:07:1A:5B:53:04:CE:2B:54:90:CC:AB
Authority key identifier: E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A
Certificate issuer:       /CN=A91B4873/serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A
Certificate serial:       D8
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft
Manifest number:          D6
Signing time:             Sat 23 Aug 2025 05:44:06 +0000
Manifest this update:     Sat 23 Aug 2025 05:44:06 +0000
Manifest next update:     Sat 30 Aug 2025 05:44:06 +0000
Files and hashes:         1: 5bRMaejecz32GWYFbn5BXsfHDSo.crl (hash: h+Fgyc3AvhIu8IoSSW80Z6aVzL2K41HsLvnuv1uOodE=)
                          2: 01F62A6438F011EF9A82662BC4F9AE02.roa (hash: qNBV2PTtzm82Ja2P5dgUf+ogJinB9ZCYKNbddsnAs34=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl
                          rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Aug 2025 05:44:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 216 (0xd8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B4873, serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A
        Validity
            Not Before: Aug 23 05:44:06 2025 GMT
            Not After : Aug 30 05:44:06 2025 GMT
        Subject: CN=68a95526-869b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c2:c0:12:9c:32:8c:e7:fe:b6:07:1b:58:94:
                    e7:95:ef:42:b4:70:5d:75:6c:c9:d8:7a:6a:f1:04:
                    e0:4f:e3:ba:66:10:1b:62:b8:36:b2:2f:65:74:a1:
                    bd:88:56:9f:5a:e6:a1:ee:7a:64:ba:6c:a4:68:89:
                    6f:f6:4c:9c:c0:50:68:4d:de:87:0c:8d:94:1c:a5:
                    7e:d5:ed:99:a0:b3:1f:fd:15:8c:01:e6:e5:32:39:
                    9e:e4:34:62:03:c4:63:a2:0c:50:c6:ad:35:6b:a8:
                    df:54:23:50:fb:97:09:de:c3:cf:5e:a2:11:43:91:
                    d8:f5:b5:46:83:dc:ae:46:71:8a:39:b0:f6:a8:08:
                    b4:36:2a:ef:17:f8:13:e0:a2:d0:55:d9:6e:82:4a:
                    2c:21:e2:a9:35:1c:b5:2a:55:b0:15:c3:85:96:c2:
                    cf:29:1a:dd:f3:47:fc:55:75:54:24:65:22:b7:fb:
                    8f:ee:52:96:e5:b8:bf:4d:08:36:1b:98:6d:0c:cd:
                    9f:51:af:ea:30:5d:12:c5:be:26:81:dc:82:cb:d4:
                    d9:65:45:17:86:eb:e8:98:f8:b6:f3:67:72:10:b0:
                    d5:33:cd:59:af:8f:49:2a:b8:0d:9b:c5:38:c1:3b:
                    32:c0:ed:4e:07:3e:88:19:7a:46:1c:c6:96:77:31:
                    6a:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:30:3C:7B:ED:98:1F:A3:C4:07:1A:5B:53:04:CE:2B:54:90:CC:AB
            X509v3 Authority Key Identifier:
                keyid:E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:58:1e:7b:61:ec:d6:f6:30:8f:43:3b:79:27:a9:1f:72:20:
         92:b5:fa:23:00:0f:d0:b3:67:99:8f:f0:26:96:cf:52:4c:ab:
         a7:bf:08:35:24:b1:7b:60:6e:62:fd:75:3c:3b:1b:09:db:9b:
         97:47:c3:1f:05:c1:8c:6e:4f:fa:16:90:e1:11:d9:96:1b:4f:
         c5:68:e2:4f:7e:f5:86:09:f1:60:e7:ed:26:8a:f8:65:9c:b7:
         5e:b5:dd:68:1c:dc:da:9f:b4:c9:90:4a:3b:dc:69:b6:e5:fe:
         e0:d2:ac:59:17:43:7c:18:f1:15:9e:d9:ef:ff:69:e8:e7:77:
         4e:25:0e:d8:5d:0e:11:72:4b:79:4c:ac:97:af:60:ea:6b:52:
         42:21:e1:94:22:06:92:7c:f5:8d:72:78:00:24:a4:17:8f:66:
         43:ed:ab:b3:57:be:2c:32:a4:d0:b0:1f:16:32:60:65:70:7a:
         36:cc:0a:8d:1e:6e:7b:c7:b5:5b:bc:1d:3e:9c:d3:4c:6d:89:
         28:25:02:9e:5e:f7:17:07:55:20:43:26:63:08:a8:9d:d1:c0:
         6f:35:98:12:50:33:70:27:08:2d:39:e4:1e:e0:e7:e9:68:e1:
         c7:8f:21:f0:d0:10:96:27:53:d3:86:5d:36:de:63:19:bf:4a:
         7f:45:5d:aa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICANgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ4NzMxMTAvBgNVBAUTKEU1QjQ0QzY5RThERTczM0RGNjE5NjYwNTZFN0U0MTVF
QzdDNzBEMkEwHhcNMjUwODIzMDU0NDA2WhcNMjUwODMwMDU0NDA2WjAYMRYwFAYD
VQQDEw02OGE5NTUyNi04NjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApcLAEpwyjOf+tgcbWJTnle9CtHBddWzJ2Hpq8QTgT+O6ZhAbYrg2si9ldKG9
iFafWuah7npkumykaIlv9kycwFBoTd6HDI2UHKV+1e2ZoLMf/RWMAeblMjme5DRi
A8RjogxQxq01a6jfVCNQ+5cJ3sPPXqIRQ5HY9bVGg9yuRnGKObD2qAi0NirvF/gT
4KLQVdlugkosIeKpNRy1KlWwFcOFlsLPKRrd80f8VXVUJGUit/uP7lKW5bi/TQg2
G5htDM2fUa/qMF0Sxb4mgdyCy9TZZUUXhuvomPi282dyELDVM81Zr49JKrgNm8U4
wTsywO1OBz6IGXpGHMaWdzFqNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOkwPHvt
mB+jxAcaW1MEzitUkMyrMB8GA1UdIwQYMBaAFOW0TGno3nM99hlmBW5+QV7Hxw0q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDg3My80RTI1QzhCQzM4
RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6MzJHV1lGYm41QlhzZkhE
U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzViUk1hZWplY3ozMkdXWUZibjVCWHNmSERTby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NDg3My80RTI1QzhCQzM4RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6
MzJHV1lGYm41QlhzZkhEU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCJWB57YezW9jCPQzt5J6kfciCStfojAA/Qs2eZj/Amls9STKunvwg1
JLF7YG5i/XU8OxsJ25uXR8MfBcGMbk/6FpDhEdmWG0/FaOJPfvWGCfFg5+0mivhl
nLdetd1oHNzan7TJkEo73Gm25f7g0qxZF0N8GPEVntnv/2no53dOJQ7YXQ4Rckt5
TKyXr2Dqa1JCIeGUIgaSfPWNcngAJKQXj2ZD7auzV74sMqTQsB8WMmBlcHo2zAqN
Hm57x7VbvB0+nNNMbYkoJQKeXvcXB1UgQyZjCKid0cBvNZgSUDNwJwgtOeQe4Ofp
aOHHjyHw0BCWJ1PThl023mMZv0p/RV2q
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:25:13 2025 by rpki-client