Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.mft
File:                     70A2Q-qYIK5tnWIvmu_XpMkVTyQ.mft (raw, json)
Hash identifier:          YnbKt+SYgjnU2VhGjKbeWPakj0jBuu4jiulrqAgO3xs=
Subject key identifier:   87:41:CD:07:5F:72:E1:5A:DA:0D:E7:C1:72:82:C0:60:29:8E:C6:A8
Authority key identifier: EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24
Certificate issuer:       /CN=A918BB4D/serialNumber=EF403643EA9820AE6D9D622F9AEFD7A4C9154F24
Certificate serial:       0687
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.mft
Manifest number:          0676
Signing time:             Thu 30 Jan 2025 22:23:07 +0000
Manifest this update:     Thu 30 Jan 2025 22:23:06 +0000
Manifest next update:     Thu 06 Feb 2025 22:23:06 +0000
Files and hashes:         1: 70A2Q-qYIK5tnWIvmu_XpMkVTyQ.crl (hash: C2+GWgcL13TTy7vlmO5ea9jPH05fBE9rUSlTY0QcIvE=)
                          2: 05F05106586011EE9399A92EC4F9AE02.roa (hash: ZoyzDGshP3Xcoohd0LXUFxcHdBCls9Mtr+7VfTCfHng=)
                          3: 3524F8BCD75511EF80E68A39C4F9AE02.roa (hash: atNvogMajVgrPoutiUYnbQeZE/aQ+6Wia9GfoJ31M8o=)
                          4: 34956990D75511EF80E68A39C4F9AE02.roa (hash: h81pLQ3f9taD4ZqBYBRt4RndKbd9f7ld0NnWuyDorBE=)
                          5: 35A4EFE0D75511EF80E68A39C4F9AE02.roa (hash: Ugt+4UcuNweFOll74GevcYAxRnvyyr25SWxXtIDRBOs=)
                          6: 5997C4D0719A11EEBBA64415C4F9AE02.roa (hash: Hp/eOFNkR2xgWHtgC9ufiwjj3RXaiKIv6Ds84jBh4w8=)
                          7: C0681BF2CF4911EF8531B085C4F9AE02.roa (hash: 1+LvjWYI9J8a4Eg8H2uslKbRbyLwQqWNXS1h5+rfIco=)
                          8: 58EBEC82719A11EEBBA64415C4F9AE02.roa (hash: KBvqkQdj5OAEkzL6ogJ3+9HoBsBkMOAMwsqEyeP/iq8=)
                          9: 364089B4D75511EF80E68A39C4F9AE02.roa (hash: +GfFG8a92/6/e1SPONilMIvPHcJ1t193OnonNOBg/KI=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1671 (0x687)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918BB4D/serialNumber=EF403643EA9820AE6D9D622F9AEFD7A4C9154F24
        Validity
            Not Before: Jan 30 22:23:06 2025 GMT
            Not After : Feb  6 22:23:06 2025 GMT
        Subject: CN=679bfbca-4fac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:76:5e:50:f6:2d:3c:c8:5d:17:ed:1d:ab:c8:
                    30:25:96:e2:34:25:a7:fe:b0:31:74:70:ba:cc:98:
                    24:44:e4:00:f6:12:5f:30:2c:8d:ea:5f:61:ea:66:
                    75:a2:4b:35:38:46:ae:8f:ec:ea:a9:c0:fb:52:12:
                    34:4e:a5:be:c5:c4:2a:4c:ca:4c:d2:ee:28:06:ff:
                    fc:0a:6c:67:ef:52:0a:4c:a7:35:88:f8:99:91:a7:
                    48:fa:ab:27:c5:26:dd:9e:5e:61:9b:c8:46:1c:f2:
                    fd:7a:2a:8a:21:63:bb:3b:52:d1:1e:0e:04:37:27:
                    12:6a:97:4d:c7:3d:77:39:25:7c:40:14:c6:34:63:
                    4f:51:87:2e:c1:0c:ac:a5:82:04:9b:bb:16:d6:c5:
                    6c:9b:df:1f:87:2f:e9:0a:be:d5:4a:af:1c:f0:54:
                    af:ca:26:48:6c:ab:73:3c:ad:1a:71:78:83:86:47:
                    58:46:a0:9a:5b:5a:79:77:23:8c:87:91:c2:04:f9:
                    c0:1c:6a:4b:5c:64:6e:e5:1b:73:19:cb:66:8c:94:
                    87:09:5b:4e:44:49:20:b2:f4:2b:3f:0c:c7:3b:80:
                    ea:30:d5:07:25:41:73:91:10:e9:83:eb:c3:00:a6:
                    c3:9e:d4:19:93:ab:bb:56:d4:0b:6a:04:d3:b7:65:
                    30:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:41:CD:07:5F:72:E1:5A:DA:0D:E7:C1:72:82:C0:60:29:8E:C6:A8
            X509v3 Authority Key Identifier:
                keyid:EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:97:9a:16:02:a1:59:af:ee:30:98:70:99:13:60:cc:bd:62:
         97:b8:fe:f3:fa:0b:05:3b:d7:d3:a4:1d:dc:68:2e:d3:16:7d:
         70:93:3c:b9:17:33:58:54:6d:3b:d1:14:fb:f9:dd:f6:d0:77:
         fc:ab:11:56:1a:53:23:9c:4e:50:23:9e:ad:7c:b5:27:24:1c:
         aa:c6:72:08:77:ae:4c:c1:2a:0f:da:b7:fe:d4:37:c9:88:5e:
         10:77:e5:91:35:06:63:12:fe:79:52:32:c1:32:ec:7a:10:99:
         b9:26:85:b4:a5:61:3c:57:6d:94:56:bf:b7:64:e1:3c:d3:dd:
         d1:3b:65:81:99:71:27:b7:48:98:08:c5:e2:2b:41:f5:42:a3:
         27:0f:57:f6:80:d5:c4:11:26:c7:19:ed:8c:37:47:40:50:50:
         9a:d2:b6:d1:11:81:51:50:1f:95:2f:93:f2:f6:66:30:9c:d2:
         a4:5c:d8:d3:70:62:ce:e8:49:0e:aa:c9:4b:61:2b:53:cd:b2:
         27:34:59:58:21:3f:f5:f9:f3:ab:a8:08:eb:8a:be:11:1a:90:
         cb:de:df:de:4f:52:e1:43:a7:41:f8:06:55:36:ba:b6:8a:e4:
         0f:b1:ce:f5:5b:53:dd:58:30:7d:16:38:1a:ed:93:e2:d8:35:
         3d:7b:13:14
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEJCNEQxMTAvBgNVBAUTKEVGNDAzNjQzRUE5ODIwQUU2RDlENjIyRjlBRUZEN0E0
QzkxNTRGMjQwHhcNMjUwMTMwMjIyMzA2WhcNMjUwMjA2MjIyMzA2WjAYMRYwFAYD
VQQDEw02NzliZmJjYS00ZmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt3ZeUPYtPMhdF+0dq8gwJZbiNCWn/rAxdHC6zJgkROQA9hJfMCyN6l9h6mZ1
oks1OEauj+zqqcD7UhI0TqW+xcQqTMpM0u4oBv/8Cmxn71IKTKc1iPiZkadI+qsn
xSbdnl5hm8hGHPL9eiqKIWO7O1LRHg4ENycSapdNxz13OSV8QBTGNGNPUYcuwQys
pYIEm7sW1sVsm98fhy/pCr7VSq8c8FSvyiZIbKtzPK0acXiDhkdYRqCaW1p5dyOM
h5HCBPnAHGpLXGRu5RtzGctmjJSHCVtOREkgsvQrPwzHO4DqMNUHJUFzkRDpg+vD
AKbDntQZk6u7VtQLagTTt2Uw9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIdBzQdf
cuFa2g3nwXKCwGApjsaoMB8GA1UdIwQYMBaAFO9ANkPqmCCubZ1iL5rv16TJFU8k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkI0RC9DQTU2M0JFODY1
MjIxMUVCODBGNkU5NEJDNEY5QUUwMi83MEEyUS1xWUlLNXRuV0l2bXVfWHBNa1ZU
eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcwQTJRLXFZSUs1dG5XSXZtdV9YcE1rVlR5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QkI0RC9DQTU2M0JFODY1MjIxMUVCODBGNkU5NEJDNEY5QUUwMi83MEEyUS1xWUlL
NXRuV0l2bXVfWHBNa1ZUeVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCil5oWAqFZr+4wmHCZE2DMvWKXuP7z+gsFO9fTpB3caC7TFn1wkzy5
FzNYVG070RT7+d320Hf8qxFWGlMjnE5QI56tfLUnJByqxnIId65MwSoP2rf+1DfJ
iF4Qd+WRNQZjEv55UjLBMux6EJm5JoW0pWE8V22UVr+3ZOE8093RO2WBmXEnt0iY
CMXiK0H1QqMnD1f2gNXEESbHGe2MN0dAUFCa0rbREYFRUB+VL5Py9mYwnNKkXNjT
cGLO6EkOqslLYStTzbInNFlYIT/1+fOrqAjrir4RGpDL3t/eT1LhQ6dB+AZVNrq2
iuQPsc71W1PdWDB9Fjga7ZPi2DU9exMU
-----END CERTIFICATE-----