Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
File:                     GhpArZOkpDB-1yZNR9JSyvYt7_0.mft (raw, json)
Hash identifier:          gCWmtsOEUEDR2cnHIfrMpv+EWay/Um6f1p0qn5I/kpo=
Subject key identifier:   8E:51:F2:85:F6:8E:3E:F5:7E:15:B5:6E:60:A7:99:ED:C5:37:90:43
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Certificate issuer:       /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial:       0C1F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
Manifest number:          0C0F
Signing time:             Fri 31 Jan 2025 18:29:40 +0000
Manifest this update:     Fri 31 Jan 2025 18:29:40 +0000
Manifest next update:     Fri 07 Feb 2025 18:29:40 +0000
Files and hashes:         1: GhpArZOkpDB-1yZNR9JSyvYt7_0.crl (hash: aQ2egGqiycPdjNqcP3BAqwAhRlfI9LRTGB/3VPmNgPs=)
                          2: 3D19A90810AD11ED9FFCFC56C4F9AE02.roa (hash: hqZNi8jb9PfIBZ40ivFfM9w6K9/28vEma8/dZXwTKh4=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3103 (0xc1f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
        Validity
            Not Before: Jan 31 18:29:40 2025 GMT
            Not After : Feb  7 18:29:40 2025 GMT
        Subject: CN=679d1694-f6ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:b8:8d:5b:22:3d:13:b0:85:ff:e4:1c:1f:83:
                    73:cd:2d:d9:aa:ec:ee:ca:3b:de:df:ae:81:73:23:
                    66:6e:99:61:0e:c6:93:84:07:8b:3d:22:9b:3f:f9:
                    72:c8:bf:2a:cd:e9:b3:ae:19:7f:2d:e6:05:13:0a:
                    30:03:b1:ea:d6:4c:40:07:18:c4:9e:44:32:8d:ae:
                    5a:f0:fe:83:75:04:1f:5b:b3:72:d1:59:ef:f8:c1:
                    d1:03:2d:34:34:37:e5:8e:c2:45:98:9d:63:32:d1:
                    40:e1:69:a3:2d:ed:d1:64:fd:6a:32:d6:61:40:4a:
                    ad:ce:88:90:be:54:1c:cb:1b:c3:2f:58:ea:2c:cd:
                    2e:eb:15:22:90:49:5c:9a:b7:5f:e5:d9:d2:54:b2:
                    7c:f4:fc:80:2e:fe:9a:06:7d:83:31:a8:72:9f:82:
                    67:ed:f8:84:d5:e5:08:85:b6:8e:4b:3c:d2:dd:ee:
                    45:ce:88:1e:d9:86:87:89:1c:89:7a:ab:7d:cb:8c:
                    a9:60:96:12:da:5e:1c:6c:42:18:58:b4:d1:a4:e3:
                    a3:6e:eb:64:3e:77:e5:21:9d:27:70:f1:c9:db:f5:
                    a5:60:6e:2d:0d:c3:14:24:29:90:2c:db:d6:f8:bd:
                    86:da:52:69:fa:23:d5:3e:95:5c:d9:52:41:b5:4e:
                    68:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:51:F2:85:F6:8E:3E:F5:7E:15:B5:6E:60:A7:99:ED:C5:37:90:43
            X509v3 Authority Key Identifier:
                keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:27:ea:c5:5d:0a:d9:76:31:b3:33:04:ff:27:c8:95:12:73:
         c2:82:63:3b:ab:59:5c:f4:6e:d1:ea:ef:29:9b:9c:ef:a8:7f:
         c6:77:51:86:0b:52:27:7c:cf:d8:98:64:48:e8:c2:78:79:a7:
         bb:16:6d:0a:3f:2b:9c:37:e6:a2:e5:55:26:34:a9:c0:40:a8:
         07:d4:63:54:d6:b4:a8:83:ee:4c:e5:b4:e8:3c:04:d7:e4:4c:
         a3:a6:8d:9f:c9:1d:ed:f5:33:18:aa:a9:fa:18:91:58:60:92:
         72:8d:a6:d0:40:b8:09:58:6d:79:83:ec:e1:fc:ce:43:03:65:
         75:ac:2c:c0:e0:5d:11:0e:47:c3:9b:68:b7:70:8d:31:14:d2:
         c7:91:32:e5:77:1d:60:b9:8c:81:d3:61:45:b0:9e:e2:08:40:
         6e:69:00:26:94:dd:30:8f:3f:a9:49:ec:20:49:1d:11:0d:17:
         35:7f:c7:34:19:9b:c9:e5:fb:d3:76:ae:62:2a:75:26:03:97:
         8f:e6:ba:5c:04:03:f9:26:b0:a7:32:d6:d6:f0:55:80:c2:8c:
         af:79:fc:63:99:8a:4b:30:43:13:f8:ac:8c:0f:1f:2c:4f:0c:
         33:38:4a:78:06:64:0b:0f:9b:48:79:45:42:98:f4:8c:d2:13:
         27:b6:d1:f3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjUwMTMxMTgyOTQwWhcNMjUwMjA3MTgyOTQwWjAYMRYwFAYD
VQQDEw02NzlkMTY5NC1mNmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsriNWyI9E7CF/+QcH4NzzS3Zquzuyjve366BcyNmbplhDsaThAeLPSKbP/ly
yL8qzemzrhl/LeYFEwowA7Hq1kxABxjEnkQyja5a8P6DdQQfW7Ny0Vnv+MHRAy00
NDfljsJFmJ1jMtFA4WmjLe3RZP1qMtZhQEqtzoiQvlQcyxvDL1jqLM0u6xUikElc
mrdf5dnSVLJ89PyALv6aBn2DMahyn4Jn7fiE1eUIhbaOSzzS3e5Fzoge2YaHiRyJ
eqt9y4ypYJYS2l4cbEIYWLTRpOOjbutkPnflIZ0ncPHJ2/WlYG4tDcMUJCmQLNvW
+L2G2lJp+iPVPpVc2VJBtU5oCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI5R8oX2
jj71fhW1bmCnme3FN5BDMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RDc1Qy8yQkM1RkQ0MDA2QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BE
Qi0xeVpOUjlKU3l2WXQ3XzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCTJ+rFXQrZdjGzMwT/J8iVEnPCgmM7q1lc9G7R6u8pm5zvqH/Gd1GG
C1InfM/YmGRI6MJ4eae7Fm0KPyucN+ai5VUmNKnAQKgH1GNU1rSog+5M5bToPATX
5Eyjpo2fyR3t9TMYqqn6GJFYYJJyjabQQLgJWG15g+zh/M5DA2V1rCzA4F0RDkfD
m2i3cI0xFNLHkTLldx1guYyB02FFsJ7iCEBuaQAmlN0wjz+pSewgSR0RDRc1f8c0
GZvJ5fvTdq5iKnUmA5eP5rpcBAP5JrCnMtbW8FWAwoyvefxjmYpLMEMT+KyMDx8s
TwwzOEp4BmQLD5tIeUVCmPSM0hMnttHz
-----END CERTIFICATE-----