Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/_0KzQ2BElUaW_-CLDuGXXGxbjW0.mft
File:                     _0KzQ2BElUaW_-CLDuGXXGxbjW0.mft (raw, json)
Hash identifier:          g0WdzvE9pE+3ll7+3J1WX9YMtC9VTTdYXsLatirZgrY=
Subject key identifier:   1B:9E:05:DA:3F:29:B1:B5:03:F7:56:3D:DC:6F:B2:85:A5:B7:E8:95
Authority key identifier: FF:42:B3:43:60:44:95:46:96:FF:E0:8B:0E:E1:97:5C:6C:5B:8D:6D
Certificate issuer:       /CN=A91864A7/serialNumber=FF42B3436044954696FFE08B0EE1975C6C5B8D6D
Certificate serial:       0174
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0KzQ2BElUaW_-CLDuGXXGxbjW0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/_0KzQ2BElUaW_-CLDuGXXGxbjW0.mft
Manifest number:          0168
Signing time:             Fri 31 Jan 2025 03:16:08 +0000
Manifest this update:     Fri 31 Jan 2025 03:16:08 +0000
Manifest next update:     Fri 07 Feb 2025 03:16:08 +0000
Files and hashes:         1: _0KzQ2BElUaW_-CLDuGXXGxbjW0.crl (hash: EN46S5xQfdSGxoi8fuBfGiDOHZpI4BeZT0B15+exy8w=)
                          2: BCAE303EF6C611EE8AA17A87C4F9AE02.roa (hash: b9dTa2nX+qFG6d7y+XsHyu+bx2asCK2u/yxDxyFKOqQ=)
                          3: B34D1A26F6C811EEBC4BE00BC4F9AE02.roa (hash: wwr+xiQ0ICFC4K2aFb1fxrN51KszvejW5t2iwGw5e3Y=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 372 (0x174)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91864A7/serialNumber=FF42B3436044954696FFE08B0EE1975C6C5B8D6D
        Validity
            Not Before: Jan 31 03:16:08 2025 GMT
            Not After : Feb  7 03:16:08 2025 GMT
        Subject: CN=679c4078-905d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:a4:9a:ed:60:1a:6f:b1:06:56:8e:1f:ae:80:
                    18:c8:3b:40:e4:0a:b1:49:82:b0:60:00:e2:65:6d:
                    dd:bc:d3:c5:c2:f9:ec:27:5a:79:e7:4f:35:49:ed:
                    11:d1:83:a6:0e:67:95:e4:49:13:78:bc:22:d0:73:
                    53:50:8b:75:1d:55:2d:c1:b3:25:b1:75:23:d3:4c:
                    40:57:e3:f3:94:69:21:f4:f2:8b:9f:74:62:61:19:
                    a5:78:34:3e:af:89:66:b9:38:a1:ac:49:19:d1:3a:
                    03:81:2c:02:3e:ef:aa:41:9a:76:28:49:f4:ab:eb:
                    f7:1c:ca:4c:11:1d:ad:09:35:32:3e:a7:e5:77:07:
                    af:15:85:92:ba:74:71:38:74:02:e2:38:1d:2a:90:
                    60:cf:ac:e9:f1:19:7a:f7:ec:53:5d:45:e2:cc:ba:
                    2a:b2:e1:d5:35:c0:71:86:5c:a4:e2:fe:f6:cc:89:
                    d0:74:75:39:cc:04:3a:b1:8e:c0:f9:b9:c7:de:c1:
                    de:0d:7c:9f:94:88:bb:5a:2c:4b:b0:bb:28:62:cb:
                    42:ea:f7:d0:f3:b0:39:b7:b0:a0:e9:7a:62:4f:4f:
                    a5:27:bd:0b:b9:50:d1:2c:09:1d:f8:18:96:6c:74:
                    43:d9:9a:2e:9a:db:aa:aa:da:90:e0:d3:b8:06:e1:
                    61:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:9E:05:DA:3F:29:B1:B5:03:F7:56:3D:DC:6F:B2:85:A5:B7:E8:95
            X509v3 Authority Key Identifier:
                keyid:FF:42:B3:43:60:44:95:46:96:FF:E0:8B:0E:E1:97:5C:6C:5B:8D:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/_0KzQ2BElUaW_-CLDuGXXGxbjW0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_0KzQ2BElUaW_-CLDuGXXGxbjW0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91864A7/C8055FD6C92511ED80936149C4F9AE02/_0KzQ2BElUaW_-CLDuGXXGxbjW0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:7f:7a:6b:6e:a3:65:e1:cb:21:47:f6:ae:b4:05:93:86:64:
         19:a7:0e:94:c2:b6:36:0c:6d:26:f4:b0:9f:ae:32:c5:be:35:
         7a:f7:cd:36:5a:06:a9:7e:13:03:fe:bf:84:d8:ad:a6:5c:22:
         de:cf:01:94:d8:93:60:c7:96:b0:9b:c1:c5:9c:1d:4a:7a:15:
         48:e5:d0:9e:b0:4e:11:55:d9:bd:c9:01:c4:7a:c8:e7:11:79:
         81:e5:d0:04:95:33:7f:39:3a:08:bf:83:3e:0d:9c:a0:1f:d0:
         bc:ee:79:d1:7b:3d:46:42:1e:8f:0e:a1:f2:8e:2a:ae:27:27:
         cc:d0:ec:3e:59:51:66:82:33:3d:d1:ba:45:b2:d7:6a:be:41:
         48:e0:96:d2:96:61:5e:55:e0:cf:29:87:8a:2a:07:b2:d8:13:
         82:57:c9:cb:a7:b9:0d:84:a2:a8:5c:dd:2d:af:c5:bf:ea:94:
         16:39:40:79:ef:ec:8b:d3:fc:b0:95:a1:2d:e9:d3:f4:86:09:
         b9:8a:40:43:1f:3c:32:c7:9b:d2:84:10:10:79:b2:33:e4:84:
         44:c4:4d:19:2c:19:b6:5f:19:38:7e:74:12:84:68:a1:6a:5e:
         42:ce:df:e1:a1:b8:11:22:d1:3c:ce:34:83:cd:d6:53:c0:65:
         51:60:ae:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODY0QTcxMTAvBgNVBAUTKEZGNDJCMzQzNjA0NDk1NDY5NkZGRTA4QjBFRTE5NzVD
NkM1QjhENkQwHhcNMjUwMTMxMDMxNjA4WhcNMjUwMjA3MDMxNjA4WjAYMRYwFAYD
VQQDEw02NzljNDA3OC05MDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxKSa7WAab7EGVo4froAYyDtA5AqxSYKwYADiZW3dvNPFwvnsJ1p55081Se0R
0YOmDmeV5EkTeLwi0HNTUIt1HVUtwbMlsXUj00xAV+PzlGkh9PKLn3RiYRmleDQ+
r4lmuTihrEkZ0ToDgSwCPu+qQZp2KEn0q+v3HMpMER2tCTUyPqfldwevFYWSunRx
OHQC4jgdKpBgz6zp8Rl69+xTXUXizLoqsuHVNcBxhlyk4v72zInQdHU5zAQ6sY7A
+bnH3sHeDXyflIi7WixLsLsoYstC6vfQ87A5t7Cg6XpiT0+lJ70LuVDRLAkd+BiW
bHRD2ZoumtuqqtqQ4NO4BuFhiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBueBdo/
KbG1A/dWPdxvsoWlt+iVMB8GA1UdIwQYMBaAFP9Cs0NgRJVGlv/giw7hl1xsW41t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjRBNy9DODA1NUZENkM5
MjUxMUVEODA5MzYxNDlDNEY5QUUwMi9fMEt6UTJCRWxVYVdfLUNMRHVHWFhHeGJq
VzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18wS3pRMkJFbFVhV18tQ0xEdUdYWEd4YmpXMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NjRBNy9DODA1NUZENkM5MjUxMUVEODA5MzYxNDlDNEY5QUUwMi9fMEt6UTJCRWxV
YVdfLUNMRHVHWFhHeGJqVzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBOf3prbqNl4cshR/autAWThmQZpw6UwrY2DG0m9LCfrjLFvjV69802
WgapfhMD/r+E2K2mXCLezwGU2JNgx5awm8HFnB1KehVI5dCesE4RVdm9yQHEesjn
EXmB5dAElTN/OToIv4M+DZygH9C87nnRez1GQh6PDqHyjiquJyfM0Ow+WVFmgjM9
0bpFstdqvkFI4JbSlmFeVeDPKYeKKgey2BOCV8nLp7kNhKKoXN0tr8W/6pQWOUB5
7+yL0/ywlaEt6dP0hgm5ikBDHzwyx5vShBAQebIz5IRExE0ZLBm2Xxk4fnQShGih
al5Czt/hobgRItE8zjSDzdZTwGVRYK6E
-----END CERTIFICATE-----