Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F79A2/1A05E6EE2D2E11EFA54C8042C4F9AE02/kTOsvs_e7PTaOiIigng09bc6-qc.mft
File:                     kTOsvs_e7PTaOiIigng09bc6-qc.mft (raw, json)
Hash identifier:          4rV/sYx14R01oEHR9YQUxQJS7s26LgUfNy7S6OhC5WU=
Subject key identifier:   3A:2B:74:2E:C6:A3:D7:B3:B2:FC:23:F4:6B:DD:66:FA:20:34:51:C4
Authority key identifier: 91:33:AC:BE:CF:DE:EC:F4:DA:3A:22:22:82:78:34:F5:B7:3A:FA:A7
Certificate issuer:       /CN=A91F79A2/serialNumber=9133ACBECFDEECF4DA3A2222827834F5B73AFAA7
Certificate serial:       C7
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kTOsvs_e7PTaOiIigng09bc6-qc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F79A2/1A05E6EE2D2E11EFA54C8042C4F9AE02/kTOsvs_e7PTaOiIigng09bc6-qc.mft
Manifest number:          C5
Signing time:             Thu 03 Jul 2025 05:55:40 +0000
Manifest this update:     Thu 03 Jul 2025 05:55:39 +0000
Manifest next update:     Thu 10 Jul 2025 05:55:39 +0000
Files and hashes:         1: kTOsvs_e7PTaOiIigng09bc6-qc.crl (hash: yfOw6fdC6Syr9VqKJpA28s4tXrJ5/sPZiu7LSBLXufY=)
                          2: 6B9D491C379A11F0B3AC7740C4F9AE02.roa (hash: RLph3rOI+XvGrIXc+VEb/mig9QwsOBw+jIRI25aGTLo=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91F79A2/1A05E6EE2D2E11EFA54C8042C4F9AE02/kTOsvs_e7PTaOiIigng09bc6-qc.crl
                          rsync://rpki.apnic.net/member_repository/A91F79A2/1A05E6EE2D2E11EFA54C8042C4F9AE02/kTOsvs_e7PTaOiIigng09bc6-qc.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kTOsvs_e7PTaOiIigng09bc6-qc.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 10 Jul 2025 03:15:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 199 (0xc7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F79A2, serialNumber=9133ACBECFDEECF4DA3A2222827834F5B73AFAA7
        Validity
            Not Before: Jul  3 05:55:39 2025 GMT
            Not After : Jul 10 05:55:39 2025 GMT
        Subject: CN=68661b5c-d46e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:ab:e6:9a:eb:43:dc:e5:1b:68:36:cf:09:dc:
                    21:23:3a:bd:c8:d0:71:44:a4:c8:fa:7d:32:c1:c5:
                    aa:43:c7:ab:c5:30:4f:88:de:7a:ec:f3:6c:f1:4a:
                    d9:b5:46:1e:bc:d8:9b:d2:24:cf:ae:ea:45:1a:3e:
                    94:17:0a:ed:1b:79:13:a4:c2:a0:d9:a1:7d:6b:3e:
                    41:05:2a:c0:52:b0:12:4d:c6:f8:fe:23:1d:8e:39:
                    7e:c9:4c:5b:1c:5d:31:6f:5a:2e:19:72:7a:1a:46:
                    89:c7:33:c9:97:4b:9c:91:c1:1b:dd:46:6a:52:6b:
                    58:b4:a4:2f:f6:23:7c:51:07:b5:e2:af:1c:7c:74:
                    51:f4:9b:50:48:e0:16:d6:0e:05:1c:eb:8c:64:a5:
                    e3:18:16:d1:b8:79:41:45:21:94:13:e9:1b:86:51:
                    cc:b9:f5:e4:84:27:30:17:f4:39:4c:7d:6c:2e:4f:
                    f2:13:a3:7c:c3:0a:d1:a0:cb:73:98:a2:58:64:78:
                    ed:aa:46:ed:b6:24:d2:14:44:97:a0:65:79:6f:aa:
                    db:e1:c2:86:06:40:ab:79:4f:76:35:5c:d5:23:e8:
                    8e:6a:53:0b:1d:02:2f:57:6c:88:eb:54:d0:0d:38:
                    a3:56:50:81:cc:bf:35:c8:64:95:fd:e1:04:7e:f8:
                    c9:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:2B:74:2E:C6:A3:D7:B3:B2:FC:23:F4:6B:DD:66:FA:20:34:51:C4
            X509v3 Authority Key Identifier:
                keyid:91:33:AC:BE:CF:DE:EC:F4:DA:3A:22:22:82:78:34:F5:B7:3A:FA:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F79A2/1A05E6EE2D2E11EFA54C8042C4F9AE02/kTOsvs_e7PTaOiIigng09bc6-qc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kTOsvs_e7PTaOiIigng09bc6-qc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F79A2/1A05E6EE2D2E11EFA54C8042C4F9AE02/kTOsvs_e7PTaOiIigng09bc6-qc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:43:d0:9d:25:92:07:12:ef:25:ee:4b:95:36:b7:f0:30:f0:
         4d:0d:85:f7:67:ee:d9:75:3a:83:98:75:1e:42:1e:3f:4d:4c:
         3f:fb:61:57:28:0f:40:f4:bb:0e:9c:3a:74:f5:ff:c2:8d:1e:
         b4:00:71:28:9f:95:80:40:ee:b7:1c:2f:a8:e9:27:9c:22:47:
         bc:d6:29:bb:43:be:6a:37:d8:89:bc:b3:17:e6:d9:c8:bc:fe:
         97:ab:02:f7:99:82:bb:ba:d3:d1:fd:f3:d8:5e:ff:98:0b:e1:
         33:cb:8e:0a:eb:64:d6:b1:91:67:e7:ce:ba:0d:87:30:48:da:
         31:2a:fc:3d:d2:35:bd:bf:2d:53:dd:a5:ff:a8:11:87:2f:c9:
         b2:2d:3c:c7:ce:67:11:84:a4:44:71:fc:03:56:ab:36:d5:a4:
         e1:47:f6:12:4b:33:6c:89:dd:60:2d:a7:1d:c1:c0:6d:d7:a0:
         15:10:15:75:4c:1f:e6:7b:34:e1:d7:e5:8f:e4:13:54:81:c3:
         f7:f5:6f:b4:c2:17:61:b0:a9:d3:7a:c2:ef:e9:99:d5:66:58:
         90:d2:fc:34:78:b0:e6:a2:b6:34:17:c6:44:a0:f2:64:e5:6c:
         b3:61:04:1a:2d:0c:6b:2d:f5:8f:bc:64:06:40:e2:f3:7b:20:
         3f:1a:27:79
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAMcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjc5QTIxMTAvBgNVBAUTKDkxMzNBQ0JFQ0ZERUVDRjREQTNBMjIyMjgyNzgzNEY1
QjczQUZBQTcwHhcNMjUwNzAzMDU1NTM5WhcNMjUwNzEwMDU1NTM5WjAYMRYwFAYD
VQQDEw02ODY2MWI1Yy1kNDZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7KvmmutD3OUbaDbPCdwhIzq9yNBxRKTI+n0ywcWqQ8erxTBPiN567PNs8UrZ
tUYevNib0iTPrupFGj6UFwrtG3kTpMKg2aF9az5BBSrAUrASTcb4/iMdjjl+yUxb
HF0xb1ouGXJ6GkaJxzPJl0uckcEb3UZqUmtYtKQv9iN8UQe14q8cfHRR9JtQSOAW
1g4FHOuMZKXjGBbRuHlBRSGUE+kbhlHMufXkhCcwF/Q5TH1sLk/yE6N8wwrRoMtz
mKJYZHjtqkbttiTSFESXoGV5b6rb4cKGBkCreU92NVzVI+iOalMLHQIvV2yI61TQ
DTijVlCBzL81yGSV/eEEfvjJiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDordC7G
o9ezsvwj9GvdZvogNFHEMB8GA1UdIwQYMBaAFJEzrL7P3uz02joiIoJ4NPW3Ovqn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzlBMi8xQTA1RTZFRTJE
MkUxMUVGQTU0QzgwNDJDNEY5QUUwMi9rVE9zdnNfZTdQVGFPaUlpZ25nMDliYzYt
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2tUT3N2c19lN1BUYU9pSWlnbmcwOWJjNi1xYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NzlBMi8xQTA1RTZFRTJEMkUxMUVGQTU0QzgwNDJDNEY5QUUwMi9rVE9zdnNfZTdQ
VGFPaUlpZ25nMDliYzYtcWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBfQ9CdJZIHEu8l7kuVNrfwMPBNDYX3Z+7ZdTqDmHUeQh4/TUw/+2FX
KA9A9LsOnDp09f/CjR60AHEon5WAQO63HC+o6SecIke81im7Q75qN9iJvLMX5tnI
vP6XqwL3mYK7utPR/fPYXv+YC+Ezy44K62TWsZFn5866DYcwSNoxKvw90jW9vy1T
3aX/qBGHL8myLTzHzmcRhKREcfwDVqs21aThR/YSSzNsid1gLacdwcBt16AVEBV1
TB/mezTh1+WP5BNUgcP39W+0whdhsKnTesLv6ZnVZliQ0vw0eLDmorY0F8ZEoPJk
5WyzYQQaLQxrLfWPvGQGQOLzeyA/Gid5
-----END CERTIFICATE-----
Generated at Thu Jul 3 22:58:30 2025 by rpki-client