Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A916CA70/A7125D7603AA11EB8C158229C4F9AE02/wS8PVy2jONITRB7wfKUR0anIm20.mft
File:                     wS8PVy2jONITRB7wfKUR0anIm20.mft (raw, json)
Hash identifier:          1KrBpa2mSFXMEBhvaRX/wPUYMwxTuAHdIO4E24TDWGA=
Subject key identifier:   D8:8C:00:29:BE:2D:60:61:A7:20:5B:9D:FF:1A:C3:F7:3D:0D:A9:DE
Authority key identifier: C1:2F:0F:57:2D:A3:38:D2:13:44:1E:F0:7C:A5:11:D1:A9:C8:9B:6D
Certificate issuer:       /CN=A916CA70/serialNumber=C12F0F572DA338D213441EF07CA511D1A9C89B6D
Certificate serial:       076E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wS8PVy2jONITRB7wfKUR0anIm20.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916CA70/A7125D7603AA11EB8C158229C4F9AE02/wS8PVy2jONITRB7wfKUR0anIm20.mft
Manifest number:          0768
Signing time:             Thu 30 Jan 2025 21:24:00 +0000
Manifest this update:     Thu 30 Jan 2025 21:23:59 +0000
Manifest next update:     Thu 06 Feb 2025 21:23:59 +0000
Files and hashes:         1: wS8PVy2jONITRB7wfKUR0anIm20.crl (hash: 6T85528kxJnAS58iwIMX9z3UE4bGMv8rE5ER4g0+3+w=)
                          2: 1E4394CC03AC11EBBA025F2BC4F9AE02.roa (hash: hCxFygIxGBaZzO8/d0Vcf9NqUsTf/UZgA3mXuGpyT3g=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1902 (0x76e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916CA70/serialNumber=C12F0F572DA338D213441EF07CA511D1A9C89B6D
        Validity
            Not Before: Jan 30 21:23:59 2025 GMT
            Not After : Feb  6 21:23:59 2025 GMT
        Subject: CN=679bedef-5dd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ba:6b:4e:d4:3b:71:26:af:3a:6a:eb:3f:ac:
                    4c:70:43:41:21:38:b7:d8:47:d8:4d:39:5d:b3:91:
                    fe:58:15:76:71:0b:cf:8f:4e:05:bb:a6:49:8c:11:
                    90:4e:34:72:18:a3:31:76:eb:d2:8c:42:87:f8:55:
                    9a:4b:e3:3d:91:93:00:da:b6:04:d6:7d:68:01:77:
                    7e:e9:34:1d:40:3b:d9:b2:0d:d8:4e:b2:b8:fd:31:
                    c8:b8:86:b5:cb:aa:d9:98:d1:af:db:76:18:7f:eb:
                    d1:a0:27:ba:a9:00:e4:39:36:46:b4:8b:01:3c:c7:
                    d3:74:e4:20:60:16:cb:aa:4e:2f:1b:6c:06:b3:14:
                    98:ef:4b:b6:b6:84:58:82:67:79:f7:ca:3c:74:6d:
                    b9:e8:f4:c1:14:6f:86:2c:33:0e:4f:fb:5c:6e:d2:
                    f7:e4:e8:9f:ad:aa:4d:37:5a:cb:18:2b:6c:8c:92:
                    4b:30:d9:ff:65:c3:cb:d6:ed:b0:47:69:31:de:60:
                    81:28:eb:0f:96:f0:60:52:8c:ae:91:dc:9e:56:6b:
                    82:bd:83:9c:08:bb:c7:e0:70:8b:a8:ec:57:eb:eb:
                    b8:a1:f0:fc:12:65:49:21:8a:d5:58:57:56:7a:87:
                    68:f6:b9:9c:ad:86:7a:fc:de:13:8e:d2:4b:75:5b:
                    a8:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:8C:00:29:BE:2D:60:61:A7:20:5B:9D:FF:1A:C3:F7:3D:0D:A9:DE
            X509v3 Authority Key Identifier:
                keyid:C1:2F:0F:57:2D:A3:38:D2:13:44:1E:F0:7C:A5:11:D1:A9:C8:9B:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916CA70/A7125D7603AA11EB8C158229C4F9AE02/wS8PVy2jONITRB7wfKUR0anIm20.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wS8PVy2jONITRB7wfKUR0anIm20.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916CA70/A7125D7603AA11EB8C158229C4F9AE02/wS8PVy2jONITRB7wfKUR0anIm20.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:49:27:33:8d:f7:ae:5a:f1:dd:47:dc:fd:4b:73:0b:fe:1b:
         87:7b:0b:3d:96:97:3b:8d:37:5e:f0:f3:47:d7:69:9e:87:59:
         c1:1d:6e:77:87:5b:81:0f:9b:cc:4e:32:af:d1:f9:2d:00:ba:
         33:14:41:de:1b:35:fd:7c:2e:f8:e4:0b:11:d6:62:d2:6b:a4:
         c0:ba:09:db:bd:59:c6:f4:3b:d1:c3:68:41:52:d4:77:6a:94:
         5a:50:78:9a:f0:1c:33:21:45:33:71:9e:bd:12:95:c6:fc:fb:
         d9:fc:f4:74:9d:a6:6a:b1:f2:a3:27:0b:19:78:2f:d5:e0:f4:
         f5:3b:73:b7:f9:91:6e:28:59:4f:b0:f6:79:62:c2:68:c9:6e:
         bc:08:df:09:cd:14:eb:b4:1b:8d:4e:f2:60:e7:3e:f7:3a:6d:
         34:11:75:f4:04:20:46:b6:ee:54:62:07:df:ad:cf:d9:fb:a6:
         58:e7:5f:32:0f:1d:82:04:a9:ca:22:e4:cc:65:e5:76:68:e6:
         16:bb:eb:0d:d1:73:cb:bb:0f:38:c3:38:6d:b1:78:0a:33:97:
         ef:6f:4a:c0:f9:f0:83:3d:e8:3e:75:37:81:34:5a:8d:0b:0a:
         e8:25:a5:7a:79:41:5c:18:14:83:c1:96:cb:6d:30:67:98:ec:
         bc:d5:4c:9d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB24wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkNBNzAxMTAvBgNVBAUTKEMxMkYwRjU3MkRBMzM4RDIxMzQ0MUVGMDdDQTUxMUQx
QTlDODlCNkQwHhcNMjUwMTMwMjEyMzU5WhcNMjUwMjA2MjEyMzU5WjAYMRYwFAYD
VQQDEw02NzliZWRlZi01ZGQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsbprTtQ7cSavOmrrP6xMcENBITi32EfYTTlds5H+WBV2cQvPj04Fu6ZJjBGQ
TjRyGKMxduvSjEKH+FWaS+M9kZMA2rYE1n1oAXd+6TQdQDvZsg3YTrK4/THIuIa1
y6rZmNGv23YYf+vRoCe6qQDkOTZGtIsBPMfTdOQgYBbLqk4vG2wGsxSY70u2toRY
gmd598o8dG256PTBFG+GLDMOT/tcbtL35OifrapNN1rLGCtsjJJLMNn/ZcPL1u2w
R2kx3mCBKOsPlvBgUoyukdyeVmuCvYOcCLvH4HCLqOxX6+u4ofD8EmVJIYrVWFdW
eodo9rmcrYZ6/N4TjtJLdVuowwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNiMACm+
LWBhpyBbnf8aw/c9DaneMB8GA1UdIwQYMBaAFMEvD1ctozjSE0Qe8HylEdGpyJtt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Q0E3MC9BNzEyNUQ3NjAz
QUExMUVCOEMxNTgyMjlDNEY5QUUwMi93UzhQVnkyak9OSVRSQjd3ZktVUjBhbklt
MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dTOFBWeTJqT05JVFJCN3dmS1VSMGFuSW0yMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
Q0E3MC9BNzEyNUQ3NjAzQUExMUVCOEMxNTgyMjlDNEY5QUUwMi93UzhQVnkyak9O
SVRSQjd3ZktVUjBhbkltMjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBuSSczjfeuWvHdR9z9S3ML/huHews9lpc7jTde8PNH12meh1nBHW53
h1uBD5vMTjKv0fktALozFEHeGzX9fC745AsR1mLSa6TAugnbvVnG9DvRw2hBUtR3
apRaUHia8BwzIUUzcZ69EpXG/PvZ/PR0naZqsfKjJwsZeC/V4PT1O3O3+ZFuKFlP
sPZ5YsJoyW68CN8JzRTrtBuNTvJg5z73Om00EXX0BCBGtu5UYgffrc/Z+6ZY518y
Dx2CBKnKIuTMZeV2aOYWu+sN0XPLuw84wzhtsXgKM5fvb0rA+fCDPeg+dTeBNFqN
CwroJaV6eUFcGBSDwZbLbTBnmOy81Uyd
-----END CERTIFICATE-----