Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft
File:                     oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft (raw, json)
Hash identifier:          79wnDPHf35ScwyR4kmZV3u42f5W7mRthNkj6i2VZ4qU=
Subject key identifier:   06:05:31:19:35:FB:7B:14:5F:79:7B:56:90:DA:85:EB:15:91:58:7D
Authority key identifier: A2:DA:36:37:D3:25:3F:89:97:D8:8D:0B:D8:DA:95:98:F7:83:F9:91
Certificate issuer:       /CN=A918AAA1/serialNumber=A2DA3637D3253F8997D88D0BD8DA9598F783F991
Certificate serial:       010B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft
Manifest number:          0109
Signing time:             Fri 31 Jan 2025 04:05:19 +0000
Manifest this update:     Fri 31 Jan 2025 04:05:18 +0000
Manifest next update:     Fri 07 Feb 2025 04:05:18 +0000
Files and hashes:         1: oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl (hash: IsPHAQqsQghNHM0/PF3j2bSTKI8QmxVGmMlGTez1ZGg=)
                          2: E6EB2B10486E11EEB4D5FF2DC4F9AE02.roa (hash: P1qwhAicU6zPENCwTGFasnrb3+NFivcUL5Wq4dABBCM=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 267 (0x10b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918AAA1/serialNumber=A2DA3637D3253F8997D88D0BD8DA9598F783F991
        Validity
            Not Before: Jan 31 04:05:18 2025 GMT
            Not After : Feb  7 04:05:18 2025 GMT
        Subject: CN=679c4bfe-dee7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:80:f4:97:9e:60:90:cd:42:ae:c8:15:9d:d9:
                    b3:33:c7:74:85:a8:21:b5:3b:9d:27:3c:be:1b:b6:
                    09:ed:6b:ce:63:ba:25:8a:28:7d:ce:ea:fd:fa:4d:
                    44:66:ac:01:7b:cc:8f:0e:1f:b1:12:9a:9a:4e:a1:
                    9f:0a:0c:84:6f:ab:2c:bf:f0:54:c5:d5:b6:8e:be:
                    2e:57:cb:c9:18:8e:ee:9b:e0:de:32:fb:d2:2a:3d:
                    0d:88:d9:ec:35:d8:95:db:c7:bc:fc:54:c5:36:4d:
                    b3:dc:95:3e:be:7e:04:7c:37:76:e1:69:18:a2:08:
                    12:dd:12:8e:9f:e8:15:bc:db:0d:91:7a:06:43:6c:
                    dd:04:bc:f8:d9:cf:01:25:9f:fa:69:e8:f3:e6:fc:
                    03:74:7c:ee:49:d7:7c:a6:45:71:81:de:54:16:7f:
                    a7:5d:aa:d9:d2:a1:7f:7d:ec:c4:98:08:a5:af:ec:
                    cb:e4:e3:d3:6f:54:67:a4:fa:69:35:62:83:d2:4e:
                    32:91:40:d5:8d:ab:10:fa:b7:c5:cb:31:fb:0b:b6:
                    d8:2f:db:38:ae:e5:b2:15:4f:31:81:96:bc:59:a4:
                    48:38:90:b1:a4:be:00:19:8f:42:db:83:23:19:01:
                    07:3f:6a:27:f5:0a:19:a4:76:47:7a:86:e5:18:22:
                    1c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:05:31:19:35:FB:7B:14:5F:79:7B:56:90:DA:85:EB:15:91:58:7D
            X509v3 Authority Key Identifier:
                keyid:A2:DA:36:37:D3:25:3F:89:97:D8:8D:0B:D8:DA:95:98:F7:83:F9:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oto2N9MlP4mX2I0L2NqVmPeD-ZE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AAA1/8114C79C486E11EEA960942CC4F9AE02/oto2N9MlP4mX2I0L2NqVmPeD-ZE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:62:ff:ed:40:b5:b0:24:1d:b4:e7:39:63:06:99:a4:11:95:
         98:d0:aa:84:c6:bb:ad:d5:e7:72:a9:5b:d8:7c:74:a0:33:70:
         a8:db:4c:b0:cf:04:73:56:2d:d1:d0:9e:e6:8e:39:b1:96:3a:
         9b:47:b9:82:9c:6c:dc:a5:b1:51:54:20:65:d0:b0:6d:43:55:
         8d:48:da:ba:ff:ba:32:26:b0:0f:c7:7c:f6:4f:d8:0b:03:73:
         d9:7d:eb:58:7a:8a:ba:1e:1e:db:fc:ca:fa:f8:f3:78:26:51:
         b4:91:d2:f7:78:1f:c5:1e:53:92:f7:08:f0:95:f3:f4:a4:b3:
         53:bd:cf:ed:83:44:b4:ce:48:a4:36:ec:b6:68:f5:dd:39:63:
         8f:9c:12:15:8d:6d:a2:41:f7:96:71:ae:02:c1:e0:7a:b4:c2:
         23:3d:97:80:04:5a:99:0e:e6:ca:34:c1:30:1e:02:a6:0d:e4:
         d0:f3:ff:1c:c2:a0:0e:74:b9:8c:b8:6a:ea:3c:9f:f0:57:ab:
         6c:f4:c0:0f:b3:a1:ba:57:82:bb:af:e9:15:13:62:c7:aa:9b:
         1a:96:70:3e:20:cd:c3:5e:55:4e:33:1c:4f:94:34:64:23:58:
         14:fb:d4:7c:ef:fb:8b:57:13:92:f8:e9:36:b8:6d:34:fa:f2:
         90:21:5e:5a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEFBQTExMTAvBgNVBAUTKEEyREEzNjM3RDMyNTNGODk5N0Q4OEQwQkQ4REE5NTk4
Rjc4M0Y5OTEwHhcNMjUwMTMxMDQwNTE4WhcNMjUwMjA3MDQwNTE4WjAYMRYwFAYD
VQQDEw02NzljNGJmZS1kZWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv4D0l55gkM1CrsgVndmzM8d0haghtTudJzy+G7YJ7WvOY7oliih9zur9+k1E
ZqwBe8yPDh+xEpqaTqGfCgyEb6ssv/BUxdW2jr4uV8vJGI7um+DeMvvSKj0NiNns
NdiV28e8/FTFNk2z3JU+vn4EfDd24WkYoggS3RKOn+gVvNsNkXoGQ2zdBLz42c8B
JZ/6aejz5vwDdHzuSdd8pkVxgd5UFn+nXarZ0qF/fezEmAilr+zL5OPTb1RnpPpp
NWKD0k4ykUDVjasQ+rfFyzH7C7bYL9s4ruWyFU8xgZa8WaRIOJCxpL4AGY9C24Mj
GQEHP2on9QoZpHZHeoblGCIcaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAYFMRk1
+3sUX3l7VpDahesVkVh9MB8GA1UdIwQYMBaAFKLaNjfTJT+Jl9iNC9jalZj3g/mR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUFBMS84MTE0Qzc5QzQ4
NkUxMUVFQTk2MDk0MkNDNEY5QUUwMi9vdG8yTjlNbFA0bVgySTBMMk5xVm1QZUQt
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL290bzJOOU1sUDRtWDJJMEwyTnFWbVBlRC1aRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QUFBMS84MTE0Qzc5QzQ4NkUxMUVFQTk2MDk0MkNDNEY5QUUwMi9vdG8yTjlNbFA0
bVgySTBMMk5xVm1QZUQtWkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA4Yv/tQLWwJB205zljBpmkEZWY0KqExrut1edyqVvYfHSgM3Co20yw
zwRzVi3R0J7mjjmxljqbR7mCnGzcpbFRVCBl0LBtQ1WNSNq6/7oyJrAPx3z2T9gL
A3PZfetYeoq6Hh7b/Mr6+PN4JlG0kdL3eB/FHlOS9wjwlfP0pLNTvc/tg0S0zkik
Nuy2aPXdOWOPnBIVjW2iQfeWca4CweB6tMIjPZeABFqZDubKNMEwHgKmDeTQ8/8c
wqAOdLmMuGrqPJ/wV6ts9MAPs6G6V4K7r+kVE2LHqpsalnA+IM3DXlVOMxxPlDRk
I1gU+9R87/uLVxOS+Ok2uG00+vKQIV5a
-----END CERTIFICATE-----