Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft
File:                     hkxROVpl1d5w7NMKrSemn0ubIrw.mft (raw, json)
Hash identifier:          IMu+9kzBIfAjveAqO2YZbpj+5TRh6Wnn7ctthbnakdM=
Subject key identifier:   12:ED:09:7D:C2:D3:45:04:68:6D:64:01:9A:2B:BC:20:18:8B:CD:D9
Authority key identifier: 86:4C:51:39:5A:65:D5:DE:70:EC:D3:0A:AD:27:A6:9F:4B:9B:22:BC
Certificate issuer:       /CN=A9125E1B/serialNumber=864C51395A65D5DE70ECD30AAD27A69F4B9B22BC
Certificate serial:       EF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft
Manifest number:          E9
Signing time:             Fri 31 Jan 2025 04:30:25 +0000
Manifest this update:     Fri 31 Jan 2025 04:30:24 +0000
Manifest next update:     Fri 07 Feb 2025 04:30:24 +0000
Files and hashes:         1: hkxROVpl1d5w7NMKrSemn0ubIrw.crl (hash: xeriHCAwQYOPG/WdmC4BH28uXaXl0w/Ix9lzGo4ikjQ=)
                          2: BA3E92207D2311EEA3696814C4F9AE02.roa (hash: UKOODE+aPAFflvFmKVNYOJaCaH8V6bUeZIgoCqj/k80=)
                          3: B9CAD7A47D2311EEA3696814C4F9AE02.roa (hash: IP+1b1MWNwsXEa5/Ri8CW/cM8GMHLYMixTxcrnkax+s=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 239 (0xef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9125E1B/serialNumber=864C51395A65D5DE70ECD30AAD27A69F4B9B22BC
        Validity
            Not Before: Jan 31 04:30:24 2025 GMT
            Not After : Feb  7 04:30:24 2025 GMT
        Subject: CN=679c51e0-bdb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:40:65:93:05:18:0f:d0:ed:db:d5:91:cb:21:
                    54:2a:ee:21:c9:6d:29:41:33:28:1a:85:0a:cc:08:
                    db:50:e1:c3:29:50:88:ae:ae:5e:d1:28:d0:5f:4f:
                    27:00:26:f2:80:30:30:89:ee:9f:cc:61:bb:0b:c2:
                    b4:d8:c9:8b:80:48:59:08:b2:33:a6:d4:13:06:d1:
                    a3:88:ff:75:82:0a:36:00:ef:38:fa:70:71:c8:69:
                    3a:5a:8c:2b:da:ba:dd:61:96:a0:20:a1:23:9b:76:
                    7f:fc:8a:04:73:f5:7c:71:ea:3b:97:d3:12:3d:61:
                    5d:f1:3c:2f:5f:32:03:46:d3:42:fe:71:ee:e0:ce:
                    5f:12:2e:fb:9f:3b:0c:1a:66:2e:41:a1:dc:32:76:
                    b0:12:14:b0:d4:4e:9f:64:b5:37:09:54:3a:a3:46:
                    16:23:74:c0:f4:1e:48:73:5b:94:d7:79:19:c5:90:
                    a2:ed:36:78:16:24:c8:ca:bf:08:c1:dc:65:b6:6c:
                    a7:0e:61:a1:a5:3f:d9:45:10:18:0a:46:13:3a:2c:
                    35:c7:20:d2:63:67:61:8b:6e:12:04:cd:75:69:63:
                    47:76:3f:90:5f:d6:48:5e:d7:35:11:8c:eb:88:74:
                    a1:6f:e0:f5:54:1a:f0:f3:5d:30:dc:13:18:c2:67:
                    a1:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:ED:09:7D:C2:D3:45:04:68:6D:64:01:9A:2B:BC:20:18:8B:CD:D9
            X509v3 Authority Key Identifier:
                keyid:86:4C:51:39:5A:65:D5:DE:70:EC:D3:0A:AD:27:A6:9F:4B:9B:22:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:cc:ef:43:ed:74:cc:81:44:c2:6d:f7:4f:79:e9:5a:72:f0:
         d1:df:20:20:44:3b:ed:af:1f:7d:b7:b8:21:61:c0:ff:82:b5:
         64:be:ae:e5:9f:0a:33:d2:82:32:b8:2e:92:51:14:31:df:f8:
         c9:4e:2f:6c:87:ec:24:44:29:33:72:54:50:1d:87:ab:10:0e:
         c6:fa:26:d7:15:4c:cf:5c:fb:41:8c:99:5d:d5:b1:80:d2:9d:
         c1:50:27:00:ff:b6:ac:03:54:71:dd:fa:13:fc:ce:57:fd:0f:
         7e:89:17:b3:bc:4b:df:e1:89:50:0c:6b:27:35:69:d4:84:e2:
         08:b7:e7:a7:12:74:66:e3:a1:88:b4:8d:4e:b8:dd:91:53:aa:
         fd:b4:92:78:26:ea:03:4a:3f:11:16:f5:b7:03:0e:15:d2:09:
         46:52:4c:44:3e:b2:d1:34:f3:b9:56:8b:e7:3d:c5:60:f0:48:
         5c:ea:fe:5c:3f:66:d0:48:50:91:ad:8e:61:e8:6a:ac:56:51:
         f7:5e:47:ff:10:ca:2b:d5:34:20:8e:d2:9d:aa:58:f6:1f:49:
         c2:e7:aa:bb:26:b7:4a:76:71:1d:9d:94:72:21:4a:74:5d:51:
         2c:3d:ea:58:b9:bf:90:9f:ec:e6:97:4b:84:e3:4a:55:e7:0e:
         05:28:7f:4d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjVFMUIxMTAvBgNVBAUTKDg2NEM1MTM5NUE2NUQ1REU3MEVDRDMwQUFEMjdBNjlG
NEI5QjIyQkMwHhcNMjUwMTMxMDQzMDI0WhcNMjUwMjA3MDQzMDI0WjAYMRYwFAYD
VQQDEw02NzljNTFlMC1iZGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxUBlkwUYD9Dt29WRyyFUKu4hyW0pQTMoGoUKzAjbUOHDKVCIrq5e0SjQX08n
ACbygDAwie6fzGG7C8K02MmLgEhZCLIzptQTBtGjiP91ggo2AO84+nBxyGk6Wowr
2rrdYZagIKEjm3Z//IoEc/V8ceo7l9MSPWFd8TwvXzIDRtNC/nHu4M5fEi77nzsM
GmYuQaHcMnawEhSw1E6fZLU3CVQ6o0YWI3TA9B5Ic1uU13kZxZCi7TZ4FiTIyr8I
wdxltmynDmGhpT/ZRRAYCkYTOiw1xyDSY2dhi24SBM11aWNHdj+QX9ZIXtc1EYzr
iHShb+D1VBrw810w3BMYwmehkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBLtCX3C
00UEaG1kAZorvCAYi83ZMB8GA1UdIwQYMBaAFIZMUTlaZdXecOzTCq0npp9LmyK8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUUxQi83NDk1MjUxNDdE
MjIxMUVFQTdCMDc0NjBDNEY5QUUwMi9oa3hST1ZwbDFkNXc3Tk1LclNlbW4wdWJJ
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hreFJPVnBsMWQ1dzdOTUtyU2VtbjB1Yklydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
NUUxQi83NDk1MjUxNDdEMjIxMUVFQTdCMDc0NjBDNEY5QUUwMi9oa3hST1ZwbDFk
NXc3Tk1LclNlbW4wdWJJcncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBZzO9D7XTMgUTCbfdPeelacvDR3yAgRDvtrx99t7ghYcD/grVkvq7l
nwoz0oIyuC6SURQx3/jJTi9sh+wkRCkzclRQHYerEA7G+ibXFUzPXPtBjJld1bGA
0p3BUCcA/7asA1Rx3foT/M5X/Q9+iRezvEvf4YlQDGsnNWnUhOIIt+enEnRm46GI
tI1OuN2RU6r9tJJ4JuoDSj8RFvW3Aw4V0glGUkxEPrLRNPO5VovnPcVg8Ehc6v5c
P2bQSFCRrY5h6GqsVlH3Xkf/EMor1TQgjtKdqlj2H0nC56q7JrdKdnEdnZRyIUp0
XVEsPepYub+Qn+zml0uE40pV5w4FKH9N
-----END CERTIFICATE-----