Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft
File:                     z4nWqxHn1Hqhe0MJxypytxy6R64.mft (raw, json)
Hash identifier:          scWXCjDoU8Zd7gw7HFUHO8Mf3YhemIov1VgnlUCRbnQ=
Subject key identifier:   B4:33:13:E4:7E:F7:9F:D9:DB:45:5C:C1:13:74:82:86:EA:91:A1:43
Authority key identifier: CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE
Certificate issuer:       /CN=A91E4D9B/serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE
Certificate serial:       087B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft
Manifest number:          0871
Signing time:             Wed 02 Jul 2025 20:56:43 +0000
Manifest this update:     Wed 02 Jul 2025 20:56:42 +0000
Manifest next update:     Wed 09 Jul 2025 20:56:42 +0000
Files and hashes:         1: z4nWqxHn1Hqhe0MJxypytxy6R64.crl (hash: vK+P1IDDKrKHVc3gdcxgjDTjFMk6ElndK+ZAYDm737o=)
                          2: CCF7B8AA22B811ECAD21FB20C4F9AE02.roa (hash: jP9WQeUuHByQOgvhcc4yViwwc1IsiLi4j4kFeZuXSLA=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl
                          rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 09 Jul 2025 20:56:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2171 (0x87b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E4D9B, serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE
        Validity
            Not Before: Jul  2 20:56:42 2025 GMT
            Not After : Jul  9 20:56:42 2025 GMT
        Subject: CN=68659d0a-8ec7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e9:51:47:1f:11:98:54:c1:52:16:b6:a3:be:
                    50:bc:ee:19:4b:2e:b6:89:5a:93:77:33:77:48:24:
                    20:d0:66:4b:91:ec:35:12:17:c2:a6:fb:91:40:25:
                    09:9a:c3:c1:22:2b:80:e5:52:61:f0:44:0d:fd:cd:
                    e7:7b:8f:a3:a3:2f:1f:70:42:d6:dd:4a:0a:9d:52:
                    a2:42:86:a4:a1:d4:b7:e7:4f:58:64:e1:72:06:78:
                    4e:e1:e5:cb:69:84:ff:d8:97:f1:2a:26:e5:19:01:
                    74:d8:a2:44:db:20:7f:e4:66:df:1b:21:00:a0:4e:
                    af:0a:6f:2a:9a:07:e1:32:00:3e:75:63:0b:85:37:
                    37:2b:88:11:03:44:17:5a:f8:bd:76:dd:e7:e7:47:
                    09:24:ea:f0:be:83:f7:00:d5:6d:14:89:61:37:cc:
                    43:42:93:5d:a6:a3:3f:82:6b:fa:9b:b3:e9:64:56:
                    ce:00:dd:4b:b0:17:7e:03:1a:ed:55:96:02:a3:ac:
                    56:cd:71:47:03:95:4e:56:96:ec:d3:ce:c8:a2:8c:
                    78:c8:4a:6c:a9:f6:88:d3:69:80:c3:ac:bf:26:d4:
                    c0:66:d0:58:a2:7b:3e:ef:9e:e5:3f:20:b9:24:11:
                    23:89:61:2e:43:90:91:3e:c4:04:72:d8:cc:65:85:
                    30:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:33:13:E4:7E:F7:9F:D9:DB:45:5C:C1:13:74:82:86:EA:91:A1:43
            X509v3 Authority Key Identifier:
                keyid:CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:b2:51:70:d3:2d:40:7b:f6:ec:00:9d:27:20:46:2b:e7:fc:
         c3:9f:c3:0b:bc:98:fa:cd:10:25:df:4f:de:69:eb:24:42:05:
         ac:5e:1c:be:e8:32:53:e2:e9:73:af:5a:09:d4:2c:07:77:d5:
         43:9d:8b:f3:b7:29:0e:5b:b0:95:a2:e5:d6:26:fc:85:02:fc:
         91:f3:6b:2d:93:f8:89:02:9f:59:27:08:26:44:04:29:77:ad:
         fe:f6:2d:7f:29:c2:b9:96:66:dd:7a:5a:dd:18:bf:94:0b:ea:
         b8:25:9d:c9:03:da:64:e4:98:92:e1:ee:a3:7e:31:00:f0:ea:
         0e:ce:9f:70:a9:fc:f6:46:5b:c4:b3:57:b9:9a:4f:8b:86:1e:
         2f:ed:6e:f2:90:30:6d:7d:43:29:8c:da:f8:c4:81:40:a2:7d:
         d5:31:aa:b3:e9:c4:f0:e1:7f:8d:e5:11:3a:0f:11:ad:98:1f:
         5b:25:cd:57:cd:c9:c2:27:14:eb:0b:a8:81:aa:9e:0d:ca:b8:
         aa:d5:cc:36:2e:28:ba:0f:fe:e9:1d:a9:04:7c:de:f9:10:ae:
         c1:3f:64:ee:fc:d0:fe:6d:bd:db:a4:85:f1:72:91:21:21:69:
         fd:7e:da:38:fb:a6:fb:53:30:cf:a9:ae:d4:37:d0:af:39:79:
         9e:ce:4c:32
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCHswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTREOUIxMTAvBgNVBAUTKENGODlENkFCMTFFN0Q0N0FBMTdCNDMwOUM3MkE3MkI3
MUNCQTQ3QUUwHhcNMjUwNzAyMjA1NjQyWhcNMjUwNzA5MjA1NjQyWjAYMRYwFAYD
VQQDEw02ODY1OWQwYS04ZWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArulRRx8RmFTBUha2o75QvO4ZSy62iVqTdzN3SCQg0GZLkew1EhfCpvuRQCUJ
msPBIiuA5VJh8EQN/c3ne4+joy8fcELW3UoKnVKiQoakodS3509YZOFyBnhO4eXL
aYT/2JfxKiblGQF02KJE2yB/5GbfGyEAoE6vCm8qmgfhMgA+dWMLhTc3K4gRA0QX
Wvi9dt3n50cJJOrwvoP3ANVtFIlhN8xDQpNdpqM/gmv6m7PpZFbOAN1LsBd+Axrt
VZYCo6xWzXFHA5VOVpbs087Ioox4yEpsqfaI02mAw6y/JtTAZtBYons+757lPyC5
JBEjiWEuQ5CRPsQEctjMZYUwoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLQzE+R+
95/Z20VcwRN0gobqkaFDMB8GA1UdIwQYMBaAFM+J1qsR59R6oXtDCccqcrccukeu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQ5Qi9GNUJBQTNEOEM4
MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFIcWhlME1KeHlweXR4eTZS
NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3o0bldxeEhuMUhxaGUwTUp4eXB5dHh5NlI2NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
NEQ5Qi9GNUJBQTNEOEM4MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFI
cWhlME1KeHlweXR4eTZSNjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBoslFw0y1Ae/bsAJ0nIEYr5/zDn8MLvJj6zRAl30/eaeskQgWsXhy+
6DJT4ulzr1oJ1CwHd9VDnYvztykOW7CVouXWJvyFAvyR82stk/iJAp9ZJwgmRAQp
d63+9i1/KcK5lmbdelrdGL+UC+q4JZ3JA9pk5JiS4e6jfjEA8OoOzp9wqfz2RlvE
s1e5mk+Lhh4v7W7ykDBtfUMpjNr4xIFAon3VMaqz6cTw4X+N5RE6DxGtmB9bJc1X
zcnCJxTrC6iBqp4Nyriq1cw2Lii6D/7pHakEfN75EK7BP2Tu/ND+bb3bpIXxcpEh
IWn9fto4+6b7UzDPqa7UN9CvOXmezkwy
-----END CERTIFICATE-----
Generated at Thu Jul 3 14:57:49 2025 by rpki-client