Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.mft
File:                     2H4ClpVGrcVaesygjK2yh5vGmck.mft (raw, json)
Hash identifier:          3hsXi6I1zGqzv04fwfvGutJAIS9cdHKoS/8ZV3ls4+g=
Subject key identifier:   DD:5E:34:2A:EB:4D:5A:8E:11:0B:4A:EC:C1:9B:61:16:73:BA:92:9E
Authority key identifier: D8:7E:02:96:95:46:AD:C5:5A:7A:CC:A0:8C:AD:B2:87:9B:C6:99:C9
Certificate issuer:       /CN=A9185B5F/serialNumber=D87E02969546ADC55A7ACCA08CADB2879BC699C9
Certificate serial:       0148
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2H4ClpVGrcVaesygjK2yh5vGmck.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.mft
Manifest number:          0145
Signing time:             Fri 31 Jan 2025 03:32:12 +0000
Manifest this update:     Fri 31 Jan 2025 03:32:11 +0000
Manifest next update:     Fri 07 Feb 2025 03:32:11 +0000
Files and hashes:         1: 2H4ClpVGrcVaesygjK2yh5vGmck.crl (hash: AUNYAkqCOEfT1hB26S474/u5zAOZXRTD0Bsz9Anq0CU=)
                          2: A4B0D326F0A311ED99A1471CC4F9AE02.roa (hash: YT1DLrJvP+2w7lodtwm2stNsNaNoq+ytHid9uR561S8=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 328 (0x148)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9185B5F/serialNumber=D87E02969546ADC55A7ACCA08CADB2879BC699C9
        Validity
            Not Before: Jan 31 03:32:11 2025 GMT
            Not After : Feb  7 03:32:11 2025 GMT
        Subject: CN=679c443c-68b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:e4:5c:1b:a0:46:2f:95:6f:dc:f2:50:e4:7d:
                    5b:de:51:fb:6b:d0:82:eb:05:8d:6a:a9:7f:f0:3e:
                    1a:aa:8d:e7:9f:d0:8c:17:dc:c9:d0:1f:83:37:4f:
                    84:0b:83:03:69:7f:68:41:63:5d:cb:e3:d4:90:cf:
                    e3:75:eb:f8:4d:85:35:0e:76:57:1d:af:f7:10:7c:
                    28:03:c3:ff:15:38:41:7f:53:55:c8:86:f3:dd:15:
                    46:fd:3c:24:aa:f9:26:a3:a4:78:4e:a4:3d:31:9f:
                    ba:cc:40:40:61:d7:65:c5:5e:2f:90:0d:bc:b7:5a:
                    64:79:4a:b7:37:9d:fd:80:ee:e4:30:e2:06:20:71:
                    47:ff:17:5a:f7:f7:7a:a5:9b:6d:e7:cc:ea:6a:ed:
                    3f:3c:55:d1:7b:18:9e:fe:51:41:d9:d9:0d:37:06:
                    53:91:56:75:59:c8:1a:40:29:4c:38:2c:f8:f4:c7:
                    12:eb:3c:c8:97:f3:b5:eb:43:7d:00:43:73:ce:d5:
                    54:48:ba:34:1d:57:54:e9:3c:17:99:af:b1:b2:5d:
                    ac:f1:7f:d8:6d:3e:e7:fb:4c:9a:48:70:b6:62:7c:
                    b8:46:52:1f:ee:c8:86:4a:83:76:32:49:5f:bb:7c:
                    be:0d:46:2c:2c:df:a0:f3:f2:91:d0:73:d1:1a:bf:
                    ae:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:5E:34:2A:EB:4D:5A:8E:11:0B:4A:EC:C1:9B:61:16:73:BA:92:9E
            X509v3 Authority Key Identifier:
                keyid:D8:7E:02:96:95:46:AD:C5:5A:7A:CC:A0:8C:AD:B2:87:9B:C6:99:C9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2H4ClpVGrcVaesygjK2yh5vGmck.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:56:11:f4:7b:69:fc:26:3e:60:63:8d:5d:3c:b7:8a:e8:38:
         2c:ab:11:70:d9:01:6e:7a:a5:ee:b7:9c:9a:a6:61:40:71:60:
         d8:af:d6:a0:29:49:2a:90:2b:fa:e8:77:63:a0:30:8a:68:07:
         2d:34:48:ae:09:31:8f:9b:8c:18:a9:83:d8:6a:4f:b0:f8:1f:
         e3:57:80:0d:ea:fe:b4:a0:4d:d1:5a:9a:ff:e4:8a:7b:2e:ce:
         0c:83:56:2c:79:59:fd:d3:4f:c3:ba:25:0e:16:81:de:5c:4d:
         92:f8:37:f1:d8:56:f1:eb:6d:f8:b4:bd:9f:39:c1:de:1d:82:
         af:b5:91:35:70:f1:b7:6b:01:9b:5e:e4:f0:1d:52:cd:97:2a:
         96:bf:5d:16:80:4f:cd:3c:e9:5b:e2:0c:a0:c1:f9:47:14:de:
         c1:a1:97:21:6b:c2:49:17:02:bf:60:76:64:9e:68:89:94:a6:
         37:bf:6e:c4:57:fd:d7:0c:1a:3a:a3:dd:a3:8a:71:c6:e6:ba:
         08:54:dd:06:5a:cd:05:db:6a:08:b0:77:86:f4:c5:74:84:b4:
         d9:07:aa:fa:eb:44:6d:2b:91:80:ac:7b:2b:cd:32:66:6e:42:
         1f:c4:3e:13:7d:ce:60:57:38:b6:79:34:34:66:02:91:23:4e:
         ab:73:17:24
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAUgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODVCNUYxMTAvBgNVBAUTKEQ4N0UwMjk2OTU0NkFEQzU1QTdBQ0NBMDhDQURCMjg3
OUJDNjk5QzkwHhcNMjUwMTMxMDMzMjExWhcNMjUwMjA3MDMzMjExWjAYMRYwFAYD
VQQDEw02NzljNDQzYy02OGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6uRcG6BGL5Vv3PJQ5H1b3lH7a9CC6wWNaql/8D4aqo3nn9CMF9zJ0B+DN0+E
C4MDaX9oQWNdy+PUkM/jdev4TYU1DnZXHa/3EHwoA8P/FThBf1NVyIbz3RVG/Twk
qvkmo6R4TqQ9MZ+6zEBAYddlxV4vkA28t1pkeUq3N539gO7kMOIGIHFH/xda9/d6
pZtt58zqau0/PFXRexie/lFB2dkNNwZTkVZ1WcgaQClMOCz49McS6zzIl/O160N9
AENzztVUSLo0HVdU6TwXma+xsl2s8X/YbT7n+0yaSHC2Yny4RlIf7siGSoN2Mklf
u3y+DUYsLN+g8/KR0HPRGr+uzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN1eNCrr
TVqOEQtK7MGbYRZzupKeMB8GA1UdIwQYMBaAFNh+ApaVRq3FWnrMoIytsoebxpnJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUI1Ri84RTQxODAyMEYw
OUIxMUVEQTYwNkJENjJDNEY5QUUwMi8ySDRDbHBWR3JjVmFlc3lnaksyeWg1dkdt
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJINENscFZHcmNWYWVzeWdqSzJ5aDV2R21jay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NUI1Ri84RTQxODAyMEYwOUIxMUVEQTYwNkJENjJDNEY5QUUwMi8ySDRDbHBWR3Jj
VmFlc3lnaksyeWg1dkdtY2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBHVhH0e2n8Jj5gY41dPLeK6DgsqxFw2QFueqXut5yapmFAcWDYr9ag
KUkqkCv66HdjoDCKaActNEiuCTGPm4wYqYPYak+w+B/jV4AN6v60oE3RWpr/5Ip7
Ls4Mg1YseVn900/DuiUOFoHeXE2S+Dfx2Fbx6234tL2fOcHeHYKvtZE1cPG3awGb
XuTwHVLNlyqWv10WgE/NPOlb4gygwflHFN7BoZcha8JJFwK/YHZknmiJlKY3v27E
V/3XDBo6o92jinHG5roIVN0GWs0F22oIsHeG9MV0hLTZB6r660RtK5GArHsrzTJm
bkIfxD4Tfc5gVzi2eTQ0ZgKRI06rcxck
-----END CERTIFICATE-----