Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft
File:                     U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft (raw, json)
Hash identifier:          rB3nv1smf6OFeoUp4QQvF2fclWl5EtBp1pUvyqBtzqM=
Subject key identifier:   9E:5A:02:28:7F:CD:D0:95:89:F5:85:3B:B8:EC:B3:F6:A0:41:5C:14
Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52
Certificate issuer:       /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752
Certificate serial:       3571
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft
Manifest number:          34F5
Signing time:             Mon 30 Jun 2025 14:28:06 +0000
Manifest this update:     Mon 30 Jun 2025 14:28:06 +0000
Manifest next update:     Mon 07 Jul 2025 14:28:06 +0000
Files and hashes:         1: U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl (hash: 9Uh/t9PzraaZ8eWXYxjL1CaZjw2V0wYUCAX6E5PXUhk=)
                          2: DF8602D05E5B11ED994E491CC4F9AE02.roa (hash: KKCg2NooRoQGuF3KYpzz51c9C/45UUPObnLo2e5njhU=)
                          3: D0886954188811EC8E86754FC4F9AE02.roa (hash: yPv2xJqSMbxdqO3CUxzFvtSmE89AHilhOo/061TH8FU=)
                          4: AB9889725E5E11EDB5361D3BC4F9AE02.roa (hash: nfNjfg1IXDDhMM0k16fT6xDTUZvLHRQ/C+xvVXQFUFE=)
                          5: 99CF729E221011ED980A6F47C4F9AE02.roa (hash: iSQxLeiRN1fYoIns2yWqQhKW9w0d7Bh4Hi7g+FcoiAo=)
                          6: 491E49AECDCA11ED8F57D386C4F9AE02.roa (hash: GOobL3IcAmOzxEXI8Av9eECmrglVLT+e8Yk36aU9ns8=)
                          7: 9F3A919468D811EFB2FE405FC4F9AE02.roa (hash: ZaxlSh3XWBv2fOJrVopMAyhJjHEvnP8TGG96c6iuXcg=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl
                          rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 07 Jul 2025 14:28:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13681 (0x3571)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B6F47, serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752
        Validity
            Not Before: Jun 30 14:28:06 2025 GMT
            Not After : Jul  7 14:28:06 2025 GMT
        Subject: CN=68629ef6-bd15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:fa:6c:de:00:41:1c:a7:a6:58:d6:2d:47:4b:
                    0a:2e:df:3c:e0:7b:b9:c2:99:55:f9:23:62:44:61:
                    e8:0f:9d:fe:b5:9f:d4:f6:d1:89:95:16:d0:8b:a3:
                    8b:98:71:ec:3c:2d:a8:db:95:36:19:b7:e6:8e:53:
                    a2:2c:c1:87:d9:e9:52:fb:8c:e3:cb:15:d7:c8:d4:
                    34:a9:8f:0c:a5:63:80:81:c5:3c:25:00:8a:4a:7e:
                    ab:f2:0c:e5:f3:97:9d:c3:e6:3f:1d:4f:03:10:f3:
                    f4:66:45:95:3b:08:05:fd:69:de:87:98:12:7c:10:
                    d5:6c:7b:ea:00:df:0a:af:42:22:64:c8:7f:22:d3:
                    3e:1f:66:73:2c:ba:68:a4:3c:47:34:fa:cf:06:35:
                    62:1d:cd:20:6c:d8:70:25:f6:a9:28:3a:7f:8b:aa:
                    d3:a2:fe:f3:4d:ff:c5:ac:a3:c6:3e:ba:2a:0d:b2:
                    70:98:46:04:7e:64:31:0a:3c:6f:32:45:23:2b:05:
                    42:09:23:a8:8c:bd:73:36:80:43:93:54:00:8f:bc:
                    f8:d1:b4:ac:8b:56:d7:da:ef:8c:65:c6:29:43:2e:
                    5a:af:16:ac:fa:b9:00:34:29:00:9e:a1:f3:ef:69:
                    09:6d:be:c6:21:0f:40:4d:fc:f1:90:93:c5:2e:09:
                    2b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:5A:02:28:7F:CD:D0:95:89:F5:85:3B:B8:EC:B3:F6:A0:41:5C:14
            X509v3 Authority Key Identifier:
                keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:df:af:fd:38:61:97:84:78:38:a3:2b:62:24:77:f5:06:6a:
         c1:10:46:35:07:99:4e:94:de:38:16:5f:21:84:d7:91:73:93:
         dd:8b:25:69:08:06:40:83:56:e4:36:7e:03:d4:b3:a2:43:e5:
         94:a7:c9:6d:c4:90:75:8c:b1:13:77:19:49:b6:03:1c:dd:76:
         e2:ff:3c:10:49:ce:0c:de:c8:66:b9:7e:9d:ee:a6:57:46:f1:
         25:67:fd:18:7b:38:eb:49:4a:37:37:13:12:50:f8:60:19:a5:
         2a:18:18:f7:75:9b:1f:1c:99:5b:06:42:b9:d3:94:81:1a:30:
         9c:f4:97:ac:d5:d0:61:19:77:af:71:47:db:ef:17:70:36:62:
         56:69:d9:40:5a:fb:b5:0b:03:4b:d4:6a:28:73:08:e4:c7:69:
         44:dd:8c:f7:3e:1a:fb:44:c8:f8:54:6a:ca:38:6b:60:45:28:
         12:b8:70:c0:55:48:10:1d:e2:3a:a0:63:25:e9:26:d3:46:9a:
         01:0d:15:1c:6c:bd:3d:03:2f:73:19:e4:ab:c9:33:ed:a0:3d:
         03:fb:8d:43:16:39:ee:4c:18:3c:55:64:f8:2b:15:bc:62:ba:
         6d:8c:7d:52:60:05:69:90:02:19:9d:59:1d:a3:51:0c:3e:62:
         46:b0:82:7b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNXEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5
MEZFNzM3NTIwHhcNMjUwNjMwMTQyODA2WhcNMjUwNzA3MTQyODA2WjAYMRYwFAYD
VQQDEw02ODYyOWVmNi1iZDE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwfps3gBBHKemWNYtR0sKLt884Hu5wplV+SNiRGHoD53+tZ/U9tGJlRbQi6OL
mHHsPC2o25U2GbfmjlOiLMGH2elS+4zjyxXXyNQ0qY8MpWOAgcU8JQCKSn6r8gzl
85edw+Y/HU8DEPP0ZkWVOwgF/Wneh5gSfBDVbHvqAN8Kr0IiZMh/ItM+H2ZzLLpo
pDxHNPrPBjViHc0gbNhwJfapKDp/i6rTov7zTf/FrKPGProqDbJwmEYEfmQxCjxv
MkUjKwVCCSOojL1zNoBDk1QAj7z40bSsi1bX2u+MZcYpQy5arxas+rkANCkAnqHz
72kJbb7GIQ9ATfzxkJPFLgkrnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ5aAih/
zdCVifWFO7jss/agQVwUMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE
ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O
MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NkY0Ny9CNEE4NkMzODFEODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQ
cmlsd3lWUS1oSnFRX25OMUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA736/9OGGXhHg4oytiJHf1BmrBEEY1B5lOlN44Fl8hhNeRc5PdiyVp
CAZAg1bkNn4D1LOiQ+WUp8ltxJB1jLETdxlJtgMc3Xbi/zwQSc4M3shmuX6d7qZX
RvElZ/0YezjrSUo3NxMSUPhgGaUqGBj3dZsfHJlbBkK505SBGjCc9Jes1dBhGXev
cUfb7xdwNmJWadlAWvu1CwNL1Goocwjkx2lE3Yz3Phr7RMj4VGrKOGtgRSgSuHDA
VUgQHeI6oGMl6SbTRpoBDRUcbL09Ay9zGeSryTPtoD0D+41DFjnuTBg8VWT4KxW8
YrptjH1SYAVpkAIZnVkdo1EMPmJGsIJ7
-----END CERTIFICATE-----
Generated at Wed Jul 2 11:39:53 2025 by rpki-client