Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft
File:                     iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft (raw, json)
Hash identifier:          UnGupcuZH3T6ArLiL+5+fW1i382dH7nmqj5cI8hUBsY=
Subject key identifier:   59:F5:A3:6E:10:00:7A:13:B5:25:D7:8C:AA:D4:4F:8F:5F:D7:AB:F1
Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E
Certificate issuer:       /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E
Certificate serial:       0AA1
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft
Manifest number:          2B68
Signing time:             Wed 02 Jul 2025 16:04:10 +0000
Manifest this update:     Wed 02 Jul 2025 16:04:10 +0000
Manifest next update:     Wed 09 Jul 2025 16:04:10 +0000
Files and hashes:         1: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl (hash: jJjDT0KBBlxjMQR7gxVF7zvhX5XSvWjeTNGtTIWCQAk=)
                          2: DD7FC172E17D11EFAC0A7E29C4F9AE02.roa (hash: iuR0hKy1te9ReiQAcpbPM6UF6bcHMIJQ871N78hvW5A=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl
                          rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 16:04:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2721 (0xaa1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D4413, serialNumber=8AA8786526852346839372631DFB09984BC3005E
        Validity
            Not Before: Jul  2 16:04:10 2025 GMT
            Not After : Jul  9 16:04:10 2025 GMT
        Subject: CN=6865587a-6428
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:9a:0a:f1:68:aa:69:2e:e3:6e:ca:91:16:96:
                    9c:f0:2a:93:9f:31:8a:bc:02:f4:b1:4c:6b:68:97:
                    0a:6e:59:d8:87:8c:cb:f0:b5:98:89:10:cb:75:85:
                    b8:a8:1e:bd:4a:1b:61:c9:8e:ff:5a:f7:a4:39:a7:
                    ae:fc:fb:49:e1:b7:eb:14:54:eb:21:5c:f5:e2:5d:
                    61:b1:a5:04:89:ed:55:07:01:23:d3:94:a4:63:3d:
                    b3:b0:e9:c7:52:94:1d:17:59:01:8c:73:97:90:b8:
                    d8:56:70:57:be:2d:f0:39:df:7c:33:fe:b4:90:81:
                    00:98:87:a8:bc:02:be:2c:42:ca:14:19:d9:e5:2c:
                    2c:f4:a3:cf:4f:37:90:10:1f:49:e4:d1:a9:d1:b7:
                    15:59:5a:8d:63:a5:e1:80:57:5d:b0:64:db:4d:fd:
                    6e:f7:7f:8e:6a:79:e9:63:25:65:78:99:7b:07:de:
                    ab:ae:66:50:bd:ee:6f:7e:fe:b3:37:d8:cf:f3:08:
                    ea:72:19:45:a0:ad:8b:45:9d:6c:13:39:73:48:6c:
                    5f:3d:3c:13:ca:5f:db:85:fb:b6:2b:20:1a:1a:d5:
                    82:9c:85:79:63:6f:4c:0b:34:1e:7d:0b:04:26:25:
                    eb:61:21:8d:b6:50:87:0a:62:d1:4d:1a:05:30:bf:
                    5d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:F5:A3:6E:10:00:7A:13:B5:25:D7:8C:AA:D4:4F:8F:5F:D7:AB:F1
            X509v3 Authority Key Identifier:
                keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:96:d4:fa:1a:6b:3b:71:45:a3:ec:e8:30:40:33:eb:35:9e:
         60:f2:19:18:24:3b:32:01:f3:27:09:52:0c:bc:12:41:97:48:
         a8:f1:e5:48:b6:1e:b7:81:0a:73:82:a1:3e:7e:ff:e0:4d:ec:
         82:60:08:41:c5:40:44:4b:ce:14:be:43:55:bd:46:6a:61:76:
         f3:e9:67:c3:38:ff:00:01:4a:90:51:09:d4:0e:89:ea:67:6a:
         54:96:c5:d8:34:0d:e6:ac:03:4a:0f:b2:85:36:79:a7:48:bb:
         c7:85:a6:22:1a:b0:4e:8e:58:13:02:12:36:ad:17:28:44:c2:
         06:0f:fb:79:1a:49:58:30:dd:d0:9b:ab:62:c4:79:94:54:16:
         e8:b9:f8:4b:bc:77:2c:96:70:97:da:25:ff:4e:6c:b2:c3:29:
         ad:71:ae:95:12:ff:db:22:32:1e:67:c2:89:e4:e3:c8:6c:d7:
         f3:2f:f4:29:1a:fb:3d:76:c0:bf:92:85:97:ad:65:21:c5:82:
         44:89:a5:b8:74:e1:b3:51:a0:be:52:35:16:b5:f7:e3:4e:4e:
         42:a6:ee:67:7d:ac:70:ad:f5:91:a5:ab:72:06:d6:68:ab:01:
         4f:90:be:76:af:ce:e4:c3:4e:fd:17:7f:51:81:9d:9a:2e:1b:
         db:8e:f9:cf
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCqEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4
NEJDMzAwNUUwHhcNMjUwNzAyMTYwNDEwWhcNMjUwNzA5MTYwNDEwWjAYMRYwFAYD
VQQDEw02ODY1NTg3YS02NDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5JoK8WiqaS7jbsqRFpac8CqTnzGKvAL0sUxraJcKblnYh4zL8LWYiRDLdYW4
qB69ShthyY7/WvekOaeu/PtJ4bfrFFTrIVz14l1hsaUEie1VBwEj05SkYz2zsOnH
UpQdF1kBjHOXkLjYVnBXvi3wOd98M/60kIEAmIeovAK+LELKFBnZ5Sws9KPPTzeQ
EB9J5NGp0bcVWVqNY6XhgFddsGTbTf1u93+OannpYyVleJl7B96rrmZQve5vfv6z
N9jP8wjqchlFoK2LRZ1sEzlzSGxfPTwTyl/bhfu2KyAaGtWCnIV5Y29MCzQefQsE
JiXrYSGNtlCHCmLRTRoFML9dSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFn1o24Q
AHoTtSXXjKrUT49f16vxMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG
QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB
RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NDQxMy8wODE2RTc1NEZGQjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkw
YURrM0pqSGZzSm1FdkRBRjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCVltT6Gms7cUWj7OgwQDPrNZ5g8hkYJDsyAfMnCVIMvBJBl0io8eVI
th63gQpzgqE+fv/gTeyCYAhBxUBES84UvkNVvUZqYXbz6WfDOP8AAUqQUQnUDonq
Z2pUlsXYNA3mrANKD7KFNnmnSLvHhaYiGrBOjlgTAhI2rRcoRMIGD/t5GklYMN3Q
m6tixHmUVBboufhLvHcslnCX2iX/Tmyywymtca6VEv/bIjIeZ8KJ5OPIbNfzL/Qp
Gvs9dsC/koWXrWUhxYJEiaW4dOGzUaC+UjUWtffjTk5Cpu5nfaxwrfWRpatyBtZo
qwFPkL52r87kw079F39RgZ2aLhvbjvnP
-----END CERTIFICATE-----
Generated at Thu Jul 3 23:37:53 2025 by rpki-client