Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A918E6B7/B6A9F26046AC11E996088348C4F9AE02/IjvhmJLm5stAbl-plW3bzqlcu0Y.mft
File:                     IjvhmJLm5stAbl-plW3bzqlcu0Y.mft (raw, json)
Hash identifier:          YAOaxfrQQNgrGb2cBfoGYGoHCtx69sDUbBjIr0sNtDI=
Subject key identifier:   66:25:C5:22:51:A5:DE:71:61:DA:37:ED:2C:A0:C9:00:39:87:68:5E
Authority key identifier: 22:3B:E1:98:92:E6:E6:CB:40:6E:5F:A9:95:6D:DB:CE:A9:5C:BB:46
Certificate issuer:       /CN=A918E6B7/serialNumber=223BE19892E6E6CB406E5FA9956DDBCEA95CBB46
Certificate serial:       0FDB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IjvhmJLm5stAbl-plW3bzqlcu0Y.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A918E6B7/B6A9F26046AC11E996088348C4F9AE02/IjvhmJLm5stAbl-plW3bzqlcu0Y.mft
Manifest number:          0FD1
Signing time:             Fri 31 Jan 2025 17:27:33 +0000
Manifest this update:     Fri 31 Jan 2025 17:27:32 +0000
Manifest next update:     Fri 07 Feb 2025 17:27:32 +0000
Files and hashes:         1: IjvhmJLm5stAbl-plW3bzqlcu0Y.crl (hash: L3oO1Q9irjDsnyo58tlUl39/MPHJGvkVNwFNdChB9kU=)
                          2: 42CBE6BE29F111EEAECAED6FC4F9AE02.roa (hash: Mc3Q9wmukgUIJT3q9J5EygK6/IHcoyR/RZQ0Eut8nLU=)
                          3: 608836D046B111E98B793856C4F9AE02.roa (hash: rltN2xhTkn/8LBf4ssPkcwToahSO3m8NAPpsxdmLbos=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4059 (0xfdb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A918E6B7/serialNumber=223BE19892E6E6CB406E5FA9956DDBCEA95CBB46
        Validity
            Not Before: Jan 31 17:27:32 2025 GMT
            Not After : Feb  7 17:27:32 2025 GMT
        Subject: CN=679d0804-7151
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:82:2f:9e:07:48:b1:89:f7:6f:df:b7:ba:12:
                    53:a3:99:cd:39:30:a5:f8:e0:35:3b:35:72:79:55:
                    63:f0:77:65:dc:9f:2c:43:39:17:60:46:f0:8f:48:
                    ee:7b:5c:2e:a7:12:81:8a:44:de:b3:06:6e:14:b6:
                    37:2b:38:b7:cc:06:64:a1:31:af:c7:ba:04:06:53:
                    65:fd:24:a9:46:91:58:3b:98:b6:18:28:c9:eb:5a:
                    7c:dc:e1:45:27:40:7c:4f:29:76:3e:5a:1a:a9:c0:
                    af:a4:e8:cd:c2:31:51:57:06:77:6d:d2:d1:a8:13:
                    6d:75:79:57:42:23:ce:73:28:c1:ad:07:88:2b:ac:
                    98:e8:1c:c9:30:63:77:bd:d8:36:f2:a5:4c:53:cc:
                    06:5f:8b:e3:db:3a:ae:2a:0e:a8:a9:ae:57:bd:5b:
                    7f:6a:36:ad:f5:c1:c4:4d:39:b9:9e:31:c5:48:9a:
                    60:07:f7:5a:62:84:8d:7f:86:77:76:46:e1:42:6b:
                    16:85:4b:5a:41:f1:62:c5:e0:a3:72:c2:42:2b:2e:
                    d0:fd:e1:33:17:b2:46:27:f9:b2:69:34:2b:66:97:
                    b1:1e:f5:e3:4d:4c:92:90:39:64:00:96:f0:e7:e0:
                    92:2d:93:c7:4d:9c:c3:87:7e:aa:7e:20:cf:f1:82:
                    ae:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:25:C5:22:51:A5:DE:71:61:DA:37:ED:2C:A0:C9:00:39:87:68:5E
            X509v3 Authority Key Identifier:
                keyid:22:3B:E1:98:92:E6:E6:CB:40:6E:5F:A9:95:6D:DB:CE:A9:5C:BB:46

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A918E6B7/B6A9F26046AC11E996088348C4F9AE02/IjvhmJLm5stAbl-plW3bzqlcu0Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IjvhmJLm5stAbl-plW3bzqlcu0Y.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E6B7/B6A9F26046AC11E996088348C4F9AE02/IjvhmJLm5stAbl-plW3bzqlcu0Y.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:f3:29:e3:6a:ca:d0:3f:34:d2:26:66:1d:89:db:51:8f:51:
         00:24:73:3e:49:0f:7f:9a:b0:8e:15:d8:fd:4d:0b:cc:eb:c1:
         95:c9:14:7f:cf:db:56:bf:54:13:e4:0e:0e:ad:21:22:1d:91:
         8f:f6:08:2d:c1:79:da:13:4b:c1:58:2e:41:9e:8e:63:63:e8:
         ba:b5:4f:37:f5:de:fa:b4:83:d5:6f:71:9f:c0:49:80:a4:de:
         90:6a:0a:86:63:7f:c1:36:b9:87:4c:81:31:6e:50:c9:a9:d1:
         32:dc:ca:49:77:43:d5:fd:8d:a0:19:a6:50:b3:8f:94:aa:ef:
         b7:47:9b:68:da:17:96:04:da:13:ba:ff:81:c5:70:91:92:6d:
         4c:2e:58:5a:2b:5f:a0:dd:5a:e1:8f:bc:d4:78:43:59:b1:12:
         db:80:b5:6d:96:2b:7a:c2:70:ee:6c:2c:9b:8e:eb:4b:17:c0:
         04:af:77:98:c5:03:ac:44:a4:12:83:d8:c4:7b:c5:f6:84:19:
         f1:bb:89:05:03:91:92:e3:5a:6c:4b:4c:46:64:77:de:13:63:
         5b:f7:58:1f:25:ba:cb:ae:87:e3:cb:7c:a0:fa:f5:87:8f:b5:
         fb:a8:44:db:e2:89:9a:ef:04:5d:fe:9e:bb:91:98:0f:e3:c9:
         7d:71:34:02
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICD9swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEU2QjcxMTAvBgNVBAUTKDIyM0JFMTk4OTJFNkU2Q0I0MDZFNUZBOTk1NkREQkNF
QTk1Q0JCNDYwHhcNMjUwMTMxMTcyNzMyWhcNMjUwMjA3MTcyNzMyWjAYMRYwFAYD
VQQDEw02NzlkMDgwNC03MTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuYIvngdIsYn3b9+3uhJTo5nNOTCl+OA1OzVyeVVj8Hdl3J8sQzkXYEbwj0ju
e1wupxKBikTeswZuFLY3Kzi3zAZkoTGvx7oEBlNl/SSpRpFYO5i2GCjJ61p83OFF
J0B8Tyl2PloaqcCvpOjNwjFRVwZ3bdLRqBNtdXlXQiPOcyjBrQeIK6yY6BzJMGN3
vdg28qVMU8wGX4vj2zquKg6oqa5XvVt/ajat9cHETTm5njHFSJpgB/daYoSNf4Z3
dkbhQmsWhUtaQfFixeCjcsJCKy7Q/eEzF7JGJ/myaTQrZpexHvXjTUySkDlkAJbw
5+CSLZPHTZzDh36qfiDP8YKuxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGYlxSJR
pd5xYdo37SygyQA5h2heMB8GA1UdIwQYMBaAFCI74ZiS5ubLQG5fqZVt286pXLtG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTZCNy9CNkE5RjI2MDQ2
QUMxMUU5OTYwODgzNDhDNEY5QUUwMi9JanZobUpMbTVzdEFibC1wbFczYnpxbGN1
MFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lqdmhtSkxtNXN0QWJsLXBsVzNienFsY3UwWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RTZCNy9CNkE5RjI2MDQ2QUMxMUU5OTYwODgzNDhDNEY5QUUwMi9JanZobUpMbTVz
dEFibC1wbFczYnpxbGN1MFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAJ8ynjasrQPzTSJmYdidtRj1EAJHM+SQ9/mrCOFdj9TQvM68GVyRR/
z9tWv1QT5A4OrSEiHZGP9ggtwXnaE0vBWC5Bno5jY+i6tU839d76tIPVb3GfwEmA
pN6QagqGY3/BNrmHTIExblDJqdEy3MpJd0PV/Y2gGaZQs4+Uqu+3R5to2heWBNoT
uv+BxXCRkm1MLlhaK1+g3Vrhj7zUeENZsRLbgLVtlit6wnDubCybjutLF8AEr3eY
xQOsRKQSg9jEe8X2hBnxu4kFA5GS41psS0xGZHfeE2Nb91gfJbrLrofjy3yg+vWH
j7X7qETb4oma7wRd/p67kZgP48l9cTQC
-----END CERTIFICATE-----