Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CC561/86C30482E73411E99D8EAF47C4F9AE02/4idah1qSyusBBPicRvSlhbet9bY.mft
File:                     4idah1qSyusBBPicRvSlhbet9bY.mft (raw, json)
Hash identifier:          ksk0sgOIX0NzEjUK+zGHTHCX1+rNmKrLc1+Vb+YULYk=
Subject key identifier:   7F:DA:90:BC:C9:72:23:48:6F:AB:B2:DC:13:E9:A5:48:0D:26:27:98
Authority key identifier: E2:27:5A:87:5A:92:CA:EB:01:04:F8:9C:46:F4:A5:85:B7:AD:F5:B6
Certificate issuer:       /CN=A91CC561/serialNumber=E2275A875A92CAEB0104F89C46F4A585B7ADF5B6
Certificate serial:       0D00
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4idah1qSyusBBPicRvSlhbet9bY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CC561/86C30482E73411E99D8EAF47C4F9AE02/4idah1qSyusBBPicRvSlhbet9bY.mft
Manifest number:          0CF4
Signing time:             Wed 02 Jul 2025 18:19:10 +0000
Manifest this update:     Wed 02 Jul 2025 18:19:09 +0000
Manifest next update:     Wed 09 Jul 2025 18:19:09 +0000
Files and hashes:         1: 4idah1qSyusBBPicRvSlhbet9bY.crl (hash: as6v26K9yDO+KsaW4TcAo9lc9m2qwyen4DwdU4Pheog=)
                          2: 5A395E26E2DB11EB8608EA87C4F9AE02.roa (hash: qxCxFSPkCJMsK7i3RHMxc9Lr9Tcp57aZA1WThFY3ZFw=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91CC561/86C30482E73411E99D8EAF47C4F9AE02/4idah1qSyusBBPicRvSlhbet9bY.crl
                          rsync://rpki.apnic.net/member_repository/A91CC561/86C30482E73411E99D8EAF47C4F9AE02/4idah1qSyusBBPicRvSlhbet9bY.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4idah1qSyusBBPicRvSlhbet9bY.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 18:19:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3328 (0xd00)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CC561, serialNumber=E2275A875A92CAEB0104F89C46F4A585B7ADF5B6
        Validity
            Not Before: Jul  2 18:19:09 2025 GMT
            Not After : Jul  9 18:19:09 2025 GMT
        Subject: CN=6865781d-3422
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:2c:c1:6e:23:07:de:f8:a9:fe:e2:66:98:64:
                    da:69:a6:bf:44:dc:33:26:e1:97:20:8a:a0:c4:2c:
                    97:2c:f1:ff:63:de:a9:19:9f:b6:6c:b8:04:dd:00:
                    ea:b4:4d:6c:da:6e:a6:30:e9:38:9a:62:8e:40:48:
                    0a:28:3c:61:16:87:29:12:b6:dd:23:b4:19:17:89:
                    b5:eb:5c:6e:1a:a9:cb:1e:44:89:c7:e3:a5:9b:fb:
                    d1:fb:7f:30:56:62:11:1e:55:bc:21:81:88:c6:e9:
                    a4:78:4a:50:06:65:eb:92:97:9d:da:b9:44:d8:98:
                    0c:16:aa:a4:d1:b5:39:46:13:7e:72:66:a1:16:c4:
                    bc:97:4a:ce:c3:b1:bd:87:2a:0e:45:ec:65:e7:18:
                    d1:44:53:11:5b:35:28:aa:88:71:83:3f:3b:7b:02:
                    09:66:ca:83:9e:c7:76:de:32:24:a7:65:20:2a:11:
                    01:38:e6:b2:e5:27:30:0f:ac:8f:e4:cf:6d:bb:b7:
                    cb:e6:03:37:ea:0c:52:7d:ed:78:35:70:5e:56:d3:
                    3b:e4:85:d0:64:ef:4b:1b:01:6a:4a:69:36:7f:98:
                    f6:f3:20:e1:7c:b4:5c:64:29:b0:98:0a:04:dc:b5:
                    2c:b0:09:8c:17:86:b2:a2:25:5f:c0:0c:bd:fb:57:
                    fa:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:DA:90:BC:C9:72:23:48:6F:AB:B2:DC:13:E9:A5:48:0D:26:27:98
            X509v3 Authority Key Identifier:
                keyid:E2:27:5A:87:5A:92:CA:EB:01:04:F8:9C:46:F4:A5:85:B7:AD:F5:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CC561/86C30482E73411E99D8EAF47C4F9AE02/4idah1qSyusBBPicRvSlhbet9bY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4idah1qSyusBBPicRvSlhbet9bY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CC561/86C30482E73411E99D8EAF47C4F9AE02/4idah1qSyusBBPicRvSlhbet9bY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:c5:24:e6:3c:63:73:ba:63:4f:73:f4:e6:f3:11:00:8a:c5:
         28:1f:a7:31:14:27:c8:e4:17:65:fb:0f:e7:0d:1c:a2:6e:ca:
         cc:00:9c:bd:bd:bc:5e:b3:3f:72:5f:cc:e0:c7:5d:36:16:4c:
         01:4e:c5:49:c7:c8:3e:66:9a:08:b7:7b:82:a4:6e:1d:6b:f6:
         61:84:a6:62:b0:4f:12:38:3b:69:fc:e0:86:45:8c:bf:25:f5:
         ac:de:a1:15:39:fb:a1:cb:46:d1:b5:92:3e:ce:20:2f:94:6f:
         b1:fd:46:60:4b:b5:ac:8d:fb:b6:fa:5f:b0:93:6a:6d:74:78:
         56:a7:bc:35:fc:35:30:ae:ba:a0:f6:1e:7e:9a:2e:55:73:8e:
         17:d5:07:ff:64:27:7e:a9:12:76:b4:42:fc:04:bf:ba:1c:be:
         f3:17:01:c0:da:98:fb:13:db:15:68:c7:3a:28:40:a2:61:ae:
         3e:ce:ba:56:1a:6a:d2:a7:e3:7b:ef:a6:0c:b4:89:25:a4:22:
         b2:72:e1:0f:b9:85:0d:6d:99:a4:50:27:23:7e:81:21:03:de:
         6e:83:4d:25:ab:93:65:b6:60:21:cb:da:b2:10:a4:d5:7d:74:
         4b:6e:bf:0e:6b:c5:58:2b:fc:00:3d:35:64:e3:95:88:3e:7b:
         bb:5d:04:0c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDQAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0M1NjExMTAvBgNVBAUTKEUyMjc1QTg3NUE5MkNBRUIwMTA0Rjg5QzQ2RjRBNTg1
QjdBREY1QjYwHhcNMjUwNzAyMTgxOTA5WhcNMjUwNzA5MTgxOTA5WjAYMRYwFAYD
VQQDEw02ODY1NzgxZC0zNDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxizBbiMH3vip/uJmmGTaaaa/RNwzJuGXIIqgxCyXLPH/Y96pGZ+2bLgE3QDq
tE1s2m6mMOk4mmKOQEgKKDxhFocpErbdI7QZF4m161xuGqnLHkSJx+Olm/vR+38w
VmIRHlW8IYGIxumkeEpQBmXrkped2rlE2JgMFqqk0bU5RhN+cmahFsS8l0rOw7G9
hyoORexl5xjRRFMRWzUoqohxgz87ewIJZsqDnsd23jIkp2UgKhEBOOay5ScwD6yP
5M9tu7fL5gM36gxSfe14NXBeVtM75IXQZO9LGwFqSmk2f5j28yDhfLRcZCmwmAoE
3LUssAmMF4ayoiVfwAy9+1f6bwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH/akLzJ
ciNIb6uy3BPppUgNJieYMB8GA1UdIwQYMBaAFOInWodaksrrAQT4nEb0pYW3rfW2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQzU2MS84NkMzMDQ4MkU3
MzQxMUU5OUQ4RUFGNDdDNEY5QUUwMi80aWRhaDFxU3l1c0JCUGljUnZTbGhiZXQ5
YlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRpZGFoMXFTeXVzQkJQaWNSdlNsaGJldDliWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
QzU2MS84NkMzMDQ4MkU3MzQxMUU5OUQ4RUFGNDdDNEY5QUUwMi80aWRhaDFxU3l1
c0JCUGljUnZTbGhiZXQ5YlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCKxSTmPGNzumNPc/Tm8xEAisUoH6cxFCfI5Bdl+w/nDRyibsrMAJy9
vbxesz9yX8zgx102FkwBTsVJx8g+ZpoIt3uCpG4da/ZhhKZisE8SODtp/OCGRYy/
JfWs3qEVOfuhy0bRtZI+ziAvlG+x/UZgS7Wsjfu2+l+wk2ptdHhWp7w1/DUwrrqg
9h5+mi5Vc44X1Qf/ZCd+qRJ2tEL8BL+6HL7zFwHA2pj7E9sVaMc6KECiYa4+zrpW
GmrSp+N776YMtIklpCKycuEPuYUNbZmkUCcjfoEhA95ug00lq5NltmAhy9qyEKTV
fXRLbr8Oa8VYK/wAPTVk45WIPnu7XQQM
-----END CERTIFICATE-----
Generated at Thu Jul 3 21:48:59 2025 by rpki-client