Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.mft
File:                     Gg0L-hkZEfhVtbq9-gO5wH_dIoI.mft (raw, json)
Hash identifier:          pUU/c+2sX3P9Fvvp0nMpKqGAbwaXCGkqplnY2rCR4p0=
Subject key identifier:   68:1B:C1:F5:91:DA:F1:AA:18:7C:55:04:AA:BA:C7:74:C5:70:06:7D
Authority key identifier: 1A:0D:0B:FA:19:19:11:F8:55:B5:BA:BD:FA:03:B9:C0:7F:DD:22:82
Certificate issuer:       /CN=A91D3834/serialNumber=1A0D0BFA191911F855B5BABDFA03B9C07FDD2282
Certificate serial:       074B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.mft
Manifest number:          0738
Signing time:             Wed 02 Jul 2025 22:05:22 +0000
Manifest this update:     Wed 02 Jul 2025 22:05:21 +0000
Manifest next update:     Wed 09 Jul 2025 22:05:21 +0000
Files and hashes:         1: Gg0L-hkZEfhVtbq9-gO5wH_dIoI.crl (hash: khHJPaSftewC9xTvqfi7i4HqS4K90Mii/mYOj9iAnDs=)
                          2: F26505A6A7EA11EF8CBCCF2CC4F9AE02.roa (hash: EkwWJK2JMsgrSqPZGShXj+awl3UUP/bSxj5kv4pCabE=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.crl
                          rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 22:05:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1867 (0x74b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D3834, serialNumber=1A0D0BFA191911F855B5BABDFA03B9C07FDD2282
        Validity
            Not Before: Jul  2 22:05:21 2025 GMT
            Not After : Jul  9 22:05:21 2025 GMT
        Subject: CN=6865ad21-71e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:34:23:d7:ad:ea:48:f6:73:f5:15:e9:80:43:
                    65:50:db:52:24:93:55:ec:5f:80:fe:04:ea:16:69:
                    64:a8:ff:ec:18:f0:b2:25:b4:08:ad:9a:06:88:f0:
                    d6:59:dc:84:c3:ee:88:ee:7b:75:62:06:5d:32:59:
                    5a:a3:01:50:19:cf:d0:8f:65:88:73:5d:c2:06:c8:
                    12:14:ec:da:ad:49:8e:51:e6:8f:8d:d5:d0:76:37:
                    11:cf:2a:27:39:54:68:0d:a3:47:b8:d0:91:b4:b5:
                    ca:c2:6e:ee:a8:cf:70:2c:a4:08:eb:ec:89:d8:e6:
                    34:6a:d5:43:55:dc:9a:29:93:5d:fb:02:ef:63:26:
                    60:a5:28:55:7d:6a:d6:36:87:62:3b:9a:35:d3:1f:
                    05:a0:35:f1:b0:06:2b:c4:b2:45:f1:e2:ea:0b:b4:
                    c4:f8:59:b2:e4:0d:ef:25:46:73:13:8c:8c:80:9c:
                    94:ec:3c:34:7b:cd:c1:0e:18:ba:40:15:55:19:34:
                    6c:b5:a8:ed:88:6e:0b:02:b6:d0:82:f0:75:7b:3d:
                    46:50:15:66:75:9c:88:b2:cd:68:05:8b:26:27:7e:
                    62:0f:35:02:64:03:3c:46:b4:1a:33:ca:31:3e:03:
                    0e:c6:4b:2b:5e:07:6b:50:14:14:e5:66:6c:81:36:
                    3a:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:1B:C1:F5:91:DA:F1:AA:18:7C:55:04:AA:BA:C7:74:C5:70:06:7D
            X509v3 Authority Key Identifier:
                keyid:1A:0D:0B:FA:19:19:11:F8:55:B5:BA:BD:FA:03:B9:C0:7F:DD:22:82

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3834/8BC2EDB03A4111EB83B57F14C4F9AE02/Gg0L-hkZEfhVtbq9-gO5wH_dIoI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:6f:96:05:a5:a0:60:84:01:b2:5c:9a:72:14:e7:f6:ee:36:
         a2:3a:71:7d:36:4b:c8:c1:80:8d:70:21:43:68:bc:54:51:e9:
         ed:47:54:8a:1a:46:2c:1a:01:2f:e0:e5:f6:55:2e:ec:a0:99:
         35:df:49:29:94:ad:50:2a:43:45:32:2e:2b:17:57:d2:26:76:
         77:11:0f:75:ae:86:54:c9:5f:4e:20:03:b2:ad:97:ab:1a:eb:
         20:63:b3:ad:b2:50:63:56:6f:c0:3c:44:08:93:3a:62:58:67:
         a4:47:24:ee:31:88:8e:c9:1e:38:23:ef:a4:39:20:8d:50:be:
         49:82:04:82:f0:6a:e7:6d:d8:69:e2:89:31:ea:71:19:d2:64:
         c7:23:84:b2:d8:3c:71:ca:2f:ac:d0:40:07:9f:0f:7b:37:74:
         a7:67:2c:de:5c:d8:9e:9b:c9:6b:d1:85:f0:7f:28:e1:68:50:
         2c:d0:d5:af:c5:78:f2:d2:fe:2a:fb:18:51:2a:5d:6b:71:8e:
         5c:de:1a:cf:f7:be:dc:5a:c2:c2:8b:e8:42:86:ce:bc:2c:36:
         dc:2f:a3:01:00:e4:7f:50:d4:b2:a1:38:d8:d0:da:98:96:f3:
         cc:ab:cc:a6:6b:a6:0d:58:a3:4f:ae:1a:eb:71:30:a0:9f:03:
         8d:44:64:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB0swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM4MzQxMTAvBgNVBAUTKDFBMEQwQkZBMTkxOTExRjg1NUI1QkFCREZBMDNCOUMw
N0ZERDIyODIwHhcNMjUwNzAyMjIwNTIxWhcNMjUwNzA5MjIwNTIxWjAYMRYwFAYD
VQQDEw02ODY1YWQyMS03MWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsDQj163qSPZz9RXpgENlUNtSJJNV7F+A/gTqFmlkqP/sGPCyJbQIrZoGiPDW
WdyEw+6I7nt1YgZdMllaowFQGc/Qj2WIc13CBsgSFOzarUmOUeaPjdXQdjcRzyon
OVRoDaNHuNCRtLXKwm7uqM9wLKQI6+yJ2OY0atVDVdyaKZNd+wLvYyZgpShVfWrW
NodiO5o10x8FoDXxsAYrxLJF8eLqC7TE+Fmy5A3vJUZzE4yMgJyU7Dw0e83BDhi6
QBVVGTRstajtiG4LArbQgvB1ez1GUBVmdZyIss1oBYsmJ35iDzUCZAM8RrQaM8ox
PgMOxksrXgdrUBQU5WZsgTY6uQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGgbwfWR
2vGqGHxVBKq6x3TFcAZ9MB8GA1UdIwQYMBaAFBoNC/oZGRH4VbW6vfoDucB/3SKC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzgzNC84QkMyRURCMDNB
NDExMUVCODNCNTdGMTRDNEY5QUUwMi9HZzBMLWhrWkVmaFZ0YnE5LWdPNXdIX2RJ
b0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dnMEwtaGtaRWZoVnRicTktZ081d0hfZElvSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MzgzNC84QkMyRURCMDNBNDExMUVCODNCNTdGMTRDNEY5QUUwMi9HZzBMLWhrWkVm
aFZ0YnE5LWdPNXdIX2RJb0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCXb5YFpaBghAGyXJpyFOf27jaiOnF9NkvIwYCNcCFDaLxUUentR1SK
GkYsGgEv4OX2VS7soJk130kplK1QKkNFMi4rF1fSJnZ3EQ91roZUyV9OIAOyrZer
GusgY7OtslBjVm/APEQIkzpiWGekRyTuMYiOyR44I++kOSCNUL5JggSC8Grnbdhp
4okx6nEZ0mTHI4Sy2Dxxyi+s0EAHnw97N3SnZyzeXNiem8lr0YXwfyjhaFAs0NWv
xXjy0v4q+xhRKl1rcY5c3hrP977cWsLCi+hChs68LDbcL6MBAOR/UNSyoTjY0NqY
lvPMq8yma6YNWKNPrhrrcTCgnwONRGTc
-----END CERTIFICATE-----
Generated at Thu Jul 3 23:37:50 2025 by rpki-client