Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft
File:                     YfjH66e1XnGy5rF3QJFCUdiM8KY.mft (raw, json)
Hash identifier:          2QtJ2Y16w2DD8DwXDydbrg68Hq6GQO0xGatvfeCsuN8=
Subject key identifier:   9E:94:DE:DF:B7:87:10:CE:FB:36:9C:7C:F5:DA:03:9B:71:21:E9:67
Authority key identifier: 61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6
Certificate issuer:       /CN=A9158491/serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6
Certificate serial:       05
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft
Manifest number:          03
Signing time:             Fri 31 Jan 2025 07:43:22 +0000
Manifest this update:     Fri 31 Jan 2025 07:43:22 +0000
Manifest next update:     Fri 07 Feb 2025 07:43:22 +0000
Files and hashes:         1: YfjH66e1XnGy5rF3QJFCUdiM8KY.crl (hash: ZoJsSECi1YxPNjQkkc5Ns7Ww7zT2mkifjRWDNZhyuOQ=)
                          2: 09E08BBCDFA711EFB305A80EC4F9AE02.roa (hash: kdTdufTqi4/CKXCIUHkp52fvUV+UlD83IYSyuA6QqEg=)
                          3: E4FC4F1CDFA511EF93B65B0AC4F9AE02.roa (hash: lwxlYfJwBM2WoyisFPS9YFXhsPwv4A9ecH2vc8Qrf5A=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9158491/serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6
        Validity
            Not Before: Jan 31 07:43:22 2025 GMT
            Not After : Feb  7 07:43:22 2025 GMT
        Subject: CN=679c7f1a-17f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:f1:60:59:d6:ec:00:b8:2b:1d:52:98:24:f6:
                    7f:a8:d0:a7:4c:7b:7c:05:fb:64:72:16:c5:c9:5b:
                    c4:85:b2:13:51:74:c1:c9:95:ad:9c:d4:cf:3e:9c:
                    79:94:74:ce:68:20:f0:74:ea:89:3a:4f:95:c2:d4:
                    61:05:a6:67:27:64:fa:0f:24:f8:7d:a6:df:03:7e:
                    51:d7:b7:30:8d:df:df:93:2c:90:ea:8d:f3:c0:74:
                    6c:88:84:c4:33:25:60:55:58:50:01:8b:00:06:c7:
                    73:39:45:0b:fe:66:2e:8a:0a:bf:7b:07:12:74:f3:
                    cc:b4:db:b1:7f:47:f8:e8:ca:0c:a2:20:65:f3:ca:
                    03:60:c9:ca:c0:78:2e:b7:21:8d:05:00:a2:3c:31:
                    d3:1e:75:ea:5f:07:74:09:99:60:c0:87:6f:d8:12:
                    24:26:5d:f4:07:ea:04:1a:1b:e6:1d:97:48:5f:57:
                    8b:45:7e:92:58:62:47:50:20:2f:e7:61:30:bb:67:
                    e0:14:8a:88:8a:33:c3:d1:48:37:9a:69:00:aa:1b:
                    dd:45:b8:f2:d2:5b:4a:98:eb:8a:24:0e:ae:5c:e4:
                    b3:c9:da:4d:e1:9f:a1:c6:50:70:7d:03:1b:96:51:
                    56:05:b1:a7:26:cd:80:71:12:30:51:23:b4:d3:37:
                    a0:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:94:DE:DF:B7:87:10:CE:FB:36:9C:7C:F5:DA:03:9B:71:21:E9:67
            X509v3 Authority Key Identifier:
                keyid:61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:fb:0b:53:68:a2:32:89:d6:6a:36:4d:38:fb:be:ac:b9:75:
         53:18:10:f7:6b:be:61:4f:b1:a0:9e:4d:b6:d7:ea:26:46:05:
         da:0e:e2:17:1e:e6:f2:e1:72:cd:dc:cf:46:3a:b9:46:d8:a0:
         2f:5b:b2:cf:d8:2f:10:9b:f1:63:c9:62:1e:09:17:c9:81:77:
         67:af:ce:38:98:8e:38:55:51:a7:aa:ef:e7:ed:eb:40:4d:e7:
         d0:68:6b:e6:81:be:91:77:e5:2c:56:60:ab:f9:75:89:20:b3:
         ff:fd:52:78:ff:e1:bc:d0:64:e5:12:51:e8:01:58:b3:8e:b6:
         7d:b8:49:24:e5:34:d3:2a:cc:37:9b:f0:fb:50:cf:f7:f7:f9:
         d4:ab:9c:cf:d8:8f:35:40:b5:42:00:d0:e1:f8:29:a5:60:1b:
         0d:68:17:46:6c:1f:ad:73:74:8f:01:9d:63:4c:b9:12:3f:9b:
         a9:55:a6:e1:67:07:df:03:bf:16:c6:0f:75:c1:66:5e:45:fb:
         5d:63:0e:92:90:4f:8e:f3:63:48:7f:26:91:3c:17:5a:f0:b6:
         5a:fb:5a:48:51:79:39:75:df:ca:fd:0d:c0:1b:da:73:f9:5e:
         f8:73:d6:f9:1e:bb:61:c6:cd:2d:02:de:0d:62:53:8b:28:a0:
         cc:1a:c7:85
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
ODQ5MTExMC8GA1UEBRMoNjFGOEM3RUJBN0I1NUU3MUIyRTZCMTc3NDA5MTQyNTFE
ODhDRjBBNjAeFw0yNTAxMzEwNzQzMjJaFw0yNTAyMDcwNzQzMjJaMBgxFjAUBgNV
BAMTDTY3OWM3ZjFhLTE3ZjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDv8WBZ1uwAuCsdUpgk9n+o0KdMe3wF+2RyFsXJW8SFshNRdMHJla2c1M8+nHmU
dM5oIPB06ok6T5XC1GEFpmcnZPoPJPh9pt8DflHXtzCN39+TLJDqjfPAdGyIhMQz
JWBVWFABiwAGx3M5RQv+Zi6KCr97BxJ088y027F/R/joygyiIGXzygNgycrAeC63
IY0FAKI8MdMedepfB3QJmWDAh2/YEiQmXfQH6gQaG+Ydl0hfV4tFfpJYYkdQIC/n
YTC7Z+AUioiKM8PRSDeaaQCqG91FuPLSW0qY64okDq5c5LPJ2k3hn6HGUHB9AxuW
UVYFsacmzYBxEjBRI7TTN6B3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUnpTe37eH
EM77Npx89doDm3Eh6WcwHwYDVR0jBBgwFoAUYfjH66e1XnGy5rF3QJFCUdiM8KYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4NDkxLzYwREE1M0ZBREZB
NTExRUY4QkQ0OUY4N0M0RjlBRTAyL1lmakg2NmUxWG5HeTVyRjNRSkZDVWRpTThL
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWWZqSDY2ZTFYbkd5NXJGM1FKRkNVZGlNOEtZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4
NDkxLzYwREE1M0ZBREZBNTExRUY4QkQ0OUY4N0M0RjlBRTAyL1lmakg2NmUxWG5H
eTVyRjNRSkZDVWRpTThLWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAHn7C1NoojKJ1mo2TTj7vqy5dVMYEPdrvmFPsaCeTbbX6iZGBdoO4hce
5vLhcs3cz0Y6uUbYoC9bss/YLxCb8WPJYh4JF8mBd2evzjiYjjhVUaeq7+ft60BN
59Boa+aBvpF35SxWYKv5dYkgs//9Unj/4bzQZOUSUegBWLOOtn24SSTlNNMqzDeb
8PtQz/f3+dSrnM/YjzVAtUIA0OH4KaVgGw1oF0ZsH61zdI8BnWNMuRI/m6lVpuFn
B98DvxbGD3XBZl5F+11jDpKQT47zY0h/JpE8F1rwtlr7WkhReTl138r9DcAb2nP5
Xvhz1vkeu2HGzS0C3g1iU4sooMwax4U=
-----END CERTIFICATE-----