Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/ghDUN1ZlSxBwXVqz83vwGni3jEc.mft
File:                     ghDUN1ZlSxBwXVqz83vwGni3jEc.mft (raw, json)
Hash identifier:          wosLZt0DXsF0Q8bT8mHWSh8X1VOuY6qW6y+iROjoEBM=
Subject key identifier:   27:30:3C:CE:82:38:2A:73:AB:5B:17:97:85:F5:ED:C3:46:A0:61:47
Authority key identifier: 82:10:D4:37:56:65:4B:10:70:5D:5A:B3:F3:7B:F0:1A:78:B7:8C:47
Certificate issuer:       /CN=A915B536/serialNumber=8210D43756654B10705D5AB3F37BF01A78B78C47
Certificate serial:       07F2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ghDUN1ZlSxBwXVqz83vwGni3jEc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/ghDUN1ZlSxBwXVqz83vwGni3jEc.mft
Manifest number:          07B8
Signing time:             Thu 30 Jan 2025 21:09:12 +0000
Manifest this update:     Thu 30 Jan 2025 21:09:11 +0000
Manifest next update:     Thu 06 Feb 2025 21:09:11 +0000
Files and hashes:         1: ghDUN1ZlSxBwXVqz83vwGni3jEc.crl (hash: rwn1fGLSzjSswN56qxGB1Hj67oBEsVxo6twcw1aP/Lo=)
                          2: 1361FD26EC2011EA8DFD251FC4F9AE02.roa (hash: nsaH5I08UA9S7pBWJEs95VRVtj6VDnIyoLGMkyvaxCM=)
                          3: FF0025F80B7811EEB2EFC643C4F9AE02.roa (hash: jtwXRDg4ifzB5YeF9ItYPDeteiV3n1oUq/L6Q79DerA=)
                          4: D8B25C54EC2211EA84C17E26C4F9AE02.roa (hash: G8R2HGhEO91zZJR3k6r/R5FFkuswRD4+38OOZJqUih0=)
                          5: 36CDE30CEC2411EA8B0DDA2CC4F9AE02.roa (hash: MlL6AakK7qGzM8DE1JwJUAOkQ8rpfwcCeXJ1v0Bdnow=)
                          6: F652771EEB7611EA8235FB4AC4F9AE02.roa (hash: 6GaYypzIsDgZggW9KzGhSmmLldD0h0OUbEZlMHiCV0M=)
                          7: 5056827E1D1711EB9918046AC4F9AE02.roa (hash: /t87PANjNW6EpQXUSbODbYse7J1TpUCr6EqoPlENnyw=)
                          8: 35A8CF1EEC2411EA8B0DDA2CC4F9AE02.roa (hash: NeWDXo15SqJ2L5IjpW3UHQXI0L4NJwn7CVOw91aHuUU=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2034 (0x7f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915B536/serialNumber=8210D43756654B10705D5AB3F37BF01A78B78C47
        Validity
            Not Before: Jan 30 21:09:11 2025 GMT
            Not After : Feb  6 21:09:11 2025 GMT
        Subject: CN=679bea77-5918
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:4c:27:65:6f:cd:7c:fc:b6:72:ae:f6:f2:53:
                    17:44:94:cd:31:c9:b6:24:03:57:ea:6e:19:10:f3:
                    52:0b:50:d3:79:87:91:9c:c9:b9:f0:b2:5d:d9:a2:
                    96:ba:5d:64:61:2a:82:46:aa:36:a6:77:61:72:3d:
                    98:39:d0:d3:65:85:d5:e0:c5:f4:de:81:8c:f2:91:
                    ec:8b:4c:f1:72:34:98:cc:28:4d:49:c7:6a:f8:9e:
                    fc:32:5b:54:dd:26:64:23:cf:e8:b8:f0:c0:e4:24:
                    12:2a:df:4e:3e:b8:b3:51:53:81:f9:7f:c9:ea:89:
                    b8:a8:9f:c7:1b:df:19:59:0d:62:ff:d3:d8:ea:fc:
                    61:e2:b2:21:7a:bc:a5:3c:a6:43:56:9e:e8:14:d6:
                    93:8d:9b:bb:a1:80:4e:0b:55:73:de:0d:f3:e9:f1:
                    e9:9e:c6:f6:5d:45:ce:96:b6:08:47:58:3f:76:04:
                    e2:ad:05:e8:c3:0a:3e:e7:39:db:76:d5:5f:de:3e:
                    c5:42:dd:4c:4e:3b:bf:5e:0c:bf:b7:a8:5b:46:f8:
                    d7:20:f6:53:6e:5b:fe:20:59:8e:d4:e5:9c:09:46:
                    03:89:ab:d5:32:27:86:e0:ec:0c:73:c1:44:2d:38:
                    5c:89:3f:f4:46:d8:4a:a2:02:85:2e:25:2e:b3:e6:
                    a4:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:30:3C:CE:82:38:2A:73:AB:5B:17:97:85:F5:ED:C3:46:A0:61:47
            X509v3 Authority Key Identifier:
                keyid:82:10:D4:37:56:65:4B:10:70:5D:5A:B3:F3:7B:F0:1A:78:B7:8C:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/ghDUN1ZlSxBwXVqz83vwGni3jEc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ghDUN1ZlSxBwXVqz83vwGni3jEc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915B536/E4C88972EB7411EABA0A9E48C4F9AE02/ghDUN1ZlSxBwXVqz83vwGni3jEc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:84:53:22:d7:cf:49:88:39:7f:df:fe:87:56:b4:27:e8:61:
         a3:07:53:60:1a:c8:22:fe:6f:49:41:dc:f8:16:2d:9a:94:33:
         79:d9:0a:ff:48:35:36:4c:3b:da:28:b5:59:5e:ca:14:a8:fe:
         98:62:02:ad:e1:e1:dd:14:19:9d:38:e9:ed:3c:73:85:ad:81:
         7f:84:a5:0b:79:b6:57:b7:0d:a9:f3:5d:82:3b:53:ef:01:7e:
         64:13:31:e3:07:43:2b:8c:e8:7e:2f:d8:62:e7:f2:eb:51:db:
         a7:18:4d:62:61:67:dc:54:d1:51:b2:e3:c3:3b:78:4f:02:85:
         af:3a:01:5a:28:16:42:35:a8:c6:e4:0b:94:4a:1b:db:b8:ba:
         f7:3b:1d:77:50:5b:a9:81:69:cc:e8:26:e4:fa:b9:83:89:47:
         d9:22:4b:08:47:a1:da:ad:00:09:21:f1:2a:33:c5:6d:bb:5e:
         74:49:49:22:e4:9d:f8:d9:7e:54:50:5d:05:9d:5f:83:19:43:
         fa:d9:a6:7d:09:ed:45:a4:a7:58:07:bd:4b:41:e7:55:27:7c:
         e4:1b:99:c2:fd:7e:3f:46:b5:29:4d:88:71:bf:b1:b5:4d:16:
         cf:15:54:5f:3b:b7:d0:42:8a:c7:1e:85:7d:99:d6:c5:fe:ee:
         97:11:12:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB/IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUI1MzYxMTAvBgNVBAUTKDgyMTBENDM3NTY2NTRCMTA3MDVENUFCM0YzN0JGMDFB
NzhCNzhDNDcwHhcNMjUwMTMwMjEwOTExWhcNMjUwMjA2MjEwOTExWjAYMRYwFAYD
VQQDEw02NzliZWE3Ny01OTE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArUwnZW/NfPy2cq728lMXRJTNMcm2JANX6m4ZEPNSC1DTeYeRnMm58LJd2aKW
ul1kYSqCRqo2pndhcj2YOdDTZYXV4MX03oGM8pHsi0zxcjSYzChNScdq+J78MltU
3SZkI8/ouPDA5CQSKt9OPrizUVOB+X/J6om4qJ/HG98ZWQ1i/9PY6vxh4rIheryl
PKZDVp7oFNaTjZu7oYBOC1Vz3g3z6fHpnsb2XUXOlrYIR1g/dgTirQXowwo+5znb
dtVf3j7FQt1MTju/Xgy/t6hbRvjXIPZTblv+IFmO1OWcCUYDiavVMieG4OwMc8FE
LThciT/0RthKogKFLiUus+ak8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCcwPM6C
OCpzq1sXl4X17cNGoGFHMB8GA1UdIwQYMBaAFIIQ1DdWZUsQcF1as/N78Bp4t4xH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QjUzNi9FNEM4ODk3MkVC
NzQxMUVBQkEwQTlFNDhDNEY5QUUwMi9naERVTjFabFN4QndYVnF6ODN2d0duaTNq
RWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2doRFVOMVpsU3hCd1hWcXo4M3Z3R25pM2pFYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QjUzNi9FNEM4ODk3MkVCNzQxMUVBQkEwQTlFNDhDNEY5QUUwMi9naERVTjFabFN4
QndYVnF6ODN2d0duaTNqRWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC/hFMi189JiDl/3/6HVrQn6GGjB1NgGsgi/m9JQdz4Fi2alDN52Qr/
SDU2TDvaKLVZXsoUqP6YYgKt4eHdFBmdOOntPHOFrYF/hKULebZXtw2p812CO1Pv
AX5kEzHjB0MrjOh+L9hi5/LrUdunGE1iYWfcVNFRsuPDO3hPAoWvOgFaKBZCNajG
5AuUShvbuLr3Ox13UFupgWnM6Cbk+rmDiUfZIksIR6HarQAJIfEqM8Vtu150SUki
5J342X5UUF0FnV+DGUP62aZ9Ce1FpKdYB71LQedVJ3zkG5nC/X4/RrUpTYhxv7G1
TRbPFVRfO7fQQorHHoV9mdbF/u6XERLA
-----END CERTIFICATE-----