Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft
File:                     2itDzBg8qOD2qPbapUzdcwb4Yig.mft (raw, json)
Hash identifier:          e5bjxs76+EQ1iOB/Du9gk/++WRXFmzkXlc0+s2mNneQ=
Subject key identifier:   F6:21:56:81:B0:95:C7:25:B1:A9:CF:82:8B:43:05:4F:3D:9D:BF:8D
Authority key identifier: DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28
Certificate issuer:       /CN=A91DF0EC/serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228
Certificate serial:       0A1B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft
Manifest number:          0A0A
Signing time:             Wed 02 Jul 2025 20:04:23 +0000
Manifest this update:     Wed 02 Jul 2025 20:04:23 +0000
Manifest next update:     Wed 09 Jul 2025 20:04:23 +0000
Files and hashes:         1: 2itDzBg8qOD2qPbapUzdcwb4Yig.crl (hash: cuv7TaKYRQ9yLyGQlWpXNZLBhWhuCeC4FFZVW343Q4U=)
                          2: FD114232912711EFBCB4ED6EC4F9AE02.roa (hash: TxCwNFrh+xkaqDR3M5kqqPa5bX7FhYwp1p0wkxa1CxU=)
                          3: 0D6FFE56BA3511ECA20A3817C4F9AE02.roa (hash: JxcjLdYbfNpLt4XJbaeEwHRAAk7SbV4Cw+ExyqNKBV4=)
                          4: C8A0E422831611EA95762453C4F9AE02.roa (hash: yUwouY97arbHx1ysSRkQtB3/fVJX2BMSgtA5eI1eKIg=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl
                          rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 20:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2587 (0xa1b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DF0EC, serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228
        Validity
            Not Before: Jul  2 20:04:23 2025 GMT
            Not After : Jul  9 20:04:23 2025 GMT
        Subject: CN=686590c7-27de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:aa:5d:2f:eb:5e:25:88:5d:3b:ac:a2:c1:6a:
                    38:fc:36:f5:c2:b2:34:e2:a3:61:21:30:46:c2:58:
                    51:9c:12:6e:94:a3:3d:50:97:fe:8e:77:30:18:fa:
                    50:72:a2:f0:c7:9e:f6:4f:b8:ff:2c:6e:e8:c5:fe:
                    43:c7:97:02:e9:de:83:15:36:13:92:78:55:38:86:
                    01:53:02:8c:1d:c9:c6:ec:70:ab:eb:9a:da:8e:70:
                    46:f0:79:db:90:af:49:d4:e1:54:19:f6:6d:9d:d0:
                    9a:35:03:ec:06:34:d2:5f:48:22:06:9d:5a:58:0c:
                    ae:e8:1e:ff:a9:d7:87:86:cb:1a:f5:7c:63:8a:8f:
                    d7:be:b5:93:e8:9f:c2:50:67:ed:16:dd:38:62:f4:
                    6e:5b:36:d7:ac:91:ab:72:1c:73:b2:59:37:74:b7:
                    52:fa:2a:07:4e:de:64:ce:90:fb:72:04:67:5f:3f:
                    44:3b:72:3f:ac:9c:d4:38:b1:42:87:9d:09:54:71:
                    7f:83:8d:e3:9e:04:ac:11:fa:b0:70:e2:bd:9f:76:
                    22:be:9d:06:1f:19:0a:10:6c:3c:dc:fd:22:a5:bd:
                    72:b4:3d:93:e9:25:51:3c:e6:e3:f6:8e:88:15:30:
                    7f:be:98:3d:a1:07:f4:74:bd:b3:1c:ef:1f:7e:25:
                    d3:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:21:56:81:B0:95:C7:25:B1:A9:CF:82:8B:43:05:4F:3D:9D:BF:8D
            X509v3 Authority Key Identifier:
                keyid:DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:e6:c3:d0:ac:de:c8:77:15:fb:26:79:d9:bd:72:b5:b1:27:
         46:76:b9:db:5e:38:79:75:60:6f:9a:48:75:e2:99:3b:8e:3e:
         48:4a:4b:30:06:25:c2:16:ae:03:c6:a7:ed:cc:a3:5a:c6:bd:
         54:dd:13:dd:d3:f5:4d:4e:0f:49:03:b6:45:07:03:49:6a:c9:
         94:b7:cf:e8:e9:f0:2f:01:6b:f5:ca:72:ad:f7:e9:e0:43:d7:
         b7:1a:82:3a:60:8a:0a:ca:8d:34:e4:45:5a:cd:c2:97:a9:58:
         d2:c4:c4:f5:5b:a1:75:29:3f:b8:eb:1d:7b:c7:0a:cc:fd:9e:
         e2:5b:99:18:0f:77:97:9f:50:fa:84:3b:4e:11:d0:d2:6b:62:
         35:07:e8:b2:66:5d:39:06:1b:f9:3b:74:5d:7c:1d:d4:8b:99:
         ac:e1:fa:d9:6a:92:ad:89:d8:0b:61:67:7b:bd:6b:69:5f:59:
         d7:8d:17:c6:1d:b8:00:f5:47:81:79:0e:ed:04:14:b1:24:00:
         6b:a0:79:3a:e9:71:28:8f:ce:52:7f:d5:01:56:12:2d:f6:45:
         2d:c8:19:8e:57:33:69:f0:61:e2:12:f0:bf:88:69:eb:52:58:
         6b:df:28:85:b0:f7:61:64:df:ce:27:cc:35:13:42:d4:44:3d:
         05:00:77:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICChswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REYwRUMxMTAvBgNVBAUTKERBMkI0M0NDMTgzQ0E4RTBGNkE4RjZEQUE1NENERDcz
MDZGODYyMjgwHhcNMjUwNzAyMjAwNDIzWhcNMjUwNzA5MjAwNDIzWjAYMRYwFAYD
VQQDEw02ODY1OTBjNy0yN2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0qpdL+teJYhdO6yiwWo4/Db1wrI04qNhITBGwlhRnBJulKM9UJf+jncwGPpQ
cqLwx572T7j/LG7oxf5Dx5cC6d6DFTYTknhVOIYBUwKMHcnG7HCr65rajnBG8Hnb
kK9J1OFUGfZtndCaNQPsBjTSX0giBp1aWAyu6B7/qdeHhssa9Xxjio/XvrWT6J/C
UGftFt04YvRuWzbXrJGrchxzslk3dLdS+ioHTt5kzpD7cgRnXz9EO3I/rJzUOLFC
h50JVHF/g43jngSsEfqwcOK9n3Yivp0GHxkKEGw83P0ipb1ytD2T6SVRPObj9o6I
FTB/vpg9oQf0dL2zHO8ffiXTLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPYhVoGw
lcclsanPgotDBU89nb+NMB8GA1UdIwQYMBaAFNorQ8wYPKjg9qj22qVM3XMG+GIo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjBFQy85OTFDRUY3RTc5
NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFPRDJxUGJhcFV6ZGN3YjRZ
aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJpdER6Qmc4cU9EMnFQYmFwVXpkY3diNFlpZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
RjBFQy85OTFDRUY3RTc5NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFP
RDJxUGJhcFV6ZGN3YjRZaWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAH5sPQrN7IdxX7JnnZvXK1sSdGdrnbXjh5dWBvmkh14pk7jj5ISksw
BiXCFq4DxqftzKNaxr1U3RPd0/VNTg9JA7ZFBwNJasmUt8/o6fAvAWv1ynKt9+ng
Q9e3GoI6YIoKyo005EVazcKXqVjSxMT1W6F1KT+46x17xwrM/Z7iW5kYD3eXn1D6
hDtOEdDSa2I1B+iyZl05Bhv5O3RdfB3Ui5ms4frZapKtidgLYWd7vWtpX1nXjRfG
HbgA9UeBeQ7tBBSxJABroHk66XEoj85Sf9UBVhIt9kUtyBmOVzNp8GHiEvC/iGnr
Ulhr3yiFsPdhZN/OJ8w1E0LURD0FAHcA
-----END CERTIFICATE-----
Generated at Fri Jul 4 14:32:24 2025 by rpki-client