Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft
File:                     2en59z7k9bHN8XYsLfODKVCja30.mft (raw, json)
Hash identifier:          pjrfW4byrevbRGJemQgP0kN/Uurg+RqAkBA4Ya9HNuI=
Subject key identifier:   D1:21:7E:09:84:16:63:45:21:22:57:D0:D6:43:63:46:5C:DE:08:5D
Authority key identifier: D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D
Certificate issuer:       /CN=A91AACB2/serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D
Certificate serial:       3452
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft
Manifest number:          344D
Signing time:             Fri 31 Jan 2025 15:01:56 +0000
Manifest this update:     Fri 31 Jan 2025 15:01:56 +0000
Manifest next update:     Fri 07 Feb 2025 15:01:56 +0000
Files and hashes:         1: 2en59z7k9bHN8XYsLfODKVCja30.crl (hash: wnXuTHfCK9sHT3Snv3+woGs8T/Qoybx63WiZ26WSM7I=)
                          2: 76B5C744B45E11EAB71DF94AC4F9AE02.roa (hash: QZJWJH8ffRS/84lld/jGevk5cgpEhPMCEoE6pSD5XIs=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13394 (0x3452)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AACB2/serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D
        Validity
            Not Before: Jan 31 15:01:56 2025 GMT
            Not After : Feb  7 15:01:56 2025 GMT
        Subject: CN=679ce5e4-d84f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:b1:b1:4a:41:76:0d:45:c8:bd:f8:c6:f2:55:
                    ea:f0:c1:78:2d:63:4b:9b:df:b3:5b:f5:44:27:25:
                    83:f4:0b:97:73:15:13:c6:19:1b:45:47:08:b4:40:
                    6f:f6:8c:5c:92:42:e0:d6:24:22:ff:a1:c0:8f:17:
                    35:e0:f7:f7:bb:3e:4e:2d:77:a0:1e:49:32:22:dd:
                    48:12:3e:d1:4e:a4:0f:ab:a7:89:18:97:f7:d4:73:
                    79:15:9e:d3:34:8e:42:87:2f:ca:3e:7a:40:d5:85:
                    32:8a:eb:d8:a4:64:02:92:e9:9b:4b:2b:c3:c5:30:
                    a9:e5:c9:f8:8f:9f:96:6d:b4:ae:45:92:80:d6:70:
                    70:60:db:7a:76:d9:53:dd:4d:69:78:31:14:48:d2:
                    d0:7e:ef:49:d7:65:ed:bc:73:48:ee:44:7d:0a:48:
                    6c:c9:34:64:7b:38:58:91:07:e8:42:0b:24:53:94:
                    fa:06:85:34:b5:07:9e:d3:bd:11:06:42:28:65:b6:
                    e3:eb:cf:22:ca:57:f1:b7:89:67:56:d1:bd:a1:a9:
                    5a:8e:09:ae:af:77:f1:c1:ed:37:f6:5d:6a:e7:37:
                    5c:54:f5:30:ff:4e:8f:42:00:b5:ef:15:8d:c3:ea:
                    c5:14:e0:03:07:b4:00:12:78:69:c0:67:f8:48:8c:
                    20:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:21:7E:09:84:16:63:45:21:22:57:D0:D6:43:63:46:5C:DE:08:5D
            X509v3 Authority Key Identifier:
                keyid:D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:8d:8f:83:31:6e:b1:20:94:b4:73:4a:ad:17:d3:34:7b:bd:
         af:9a:b4:98:b5:ae:f4:02:10:f7:b4:61:a1:6a:42:87:a9:70:
         58:fa:2a:f6:c9:0f:f5:18:1b:96:1a:2f:7e:9b:53:0b:33:72:
         0a:6a:31:a9:f9:8d:9c:66:2e:bc:2a:c6:0a:fc:b4:1f:15:62:
         41:34:21:cf:46:f3:bc:66:07:e4:6a:47:63:bd:8a:e7:09:3b:
         b5:f6:26:c0:94:28:ae:6e:eb:2c:f5:6d:eb:50:5c:f8:5f:74:
         20:14:44:c1:ec:af:ed:b4:32:e3:84:9a:ab:39:e7:01:54:26:
         e5:e8:b4:fa:25:7b:42:ef:40:da:93:aa:f6:c8:c6:6b:61:17:
         5e:3f:4f:0b:43:8e:a9:aa:0f:0c:15:28:2c:07:94:30:3e:6d:
         81:11:fe:63:28:98:c4:88:4a:a8:a8:06:42:a4:85:74:11:d9:
         4d:92:a5:46:15:fd:f3:57:5d:2b:3b:a6:c7:19:2d:76:05:82:
         5d:29:3a:9b:a5:20:97:67:57:ca:a8:05:02:78:dd:8c:33:ec:
         84:8b:f8:89:3d:0d:57:67:db:bb:06:61:ba:9e:f5:85:fc:54:
         76:d9:7c:5f:4b:05:dc:26:d3:20:7c:40:f4:66:6a:8f:7f:be:
         67:56:b4:e1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFDQjIxMTAvBgNVBAUTKEQ5RTlGOUY3M0VFNEY1QjFDREYxNzYyQzJERjM4MzI5
NTBBMzZCN0QwHhcNMjUwMTMxMTUwMTU2WhcNMjUwMjA3MTUwMTU2WjAYMRYwFAYD
VQQDEw02NzljZTVlNC1kODRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3LGxSkF2DUXIvfjG8lXq8MF4LWNLm9+zW/VEJyWD9AuXcxUTxhkbRUcItEBv
9oxckkLg1iQi/6HAjxc14Pf3uz5OLXegHkkyIt1IEj7RTqQPq6eJGJf31HN5FZ7T
NI5Chy/KPnpA1YUyiuvYpGQCkumbSyvDxTCp5cn4j5+WbbSuRZKA1nBwYNt6dtlT
3U1peDEUSNLQfu9J12XtvHNI7kR9CkhsyTRkezhYkQfoQgskU5T6BoU0tQee070R
BkIoZbbj688iylfxt4lnVtG9oalajgmur3fxwe039l1q5zdcVPUw/06PQgC17xWN
w+rFFOADB7QAEnhpwGf4SIwgpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNEhfgmE
FmNFISJX0NZDY0Zc3ghdMB8GA1UdIwQYMBaAFNnp+fc+5PWxzfF2LC3zgylQo2t9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUNCMi8zN0Q1QTNERTFE
OUMxMUUyODkyRThCOEEwOEIwMkNEMi8yZW41OXo3azliSE44WFlzTGZPREtWQ2ph
MzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJlbjU5ejdrOWJITjhYWXNMZk9ES1ZDamEzMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QUNCMi8zN0Q1QTNERTFEOUMxMUUyODkyRThCOEEwOEIwMkNEMi8yZW41OXo3azli
SE44WFlzTGZPREtWQ2phMzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAdjY+DMW6xIJS0c0qtF9M0e72vmrSYta70AhD3tGGhakKHqXBY+ir2
yQ/1GBuWGi9+m1MLM3IKajGp+Y2cZi68KsYK/LQfFWJBNCHPRvO8ZgfkakdjvYrn
CTu19ibAlCiubuss9W3rUFz4X3QgFETB7K/ttDLjhJqrOecBVCbl6LT6JXtC70Da
k6r2yMZrYRdeP08LQ46pqg8MFSgsB5QwPm2BEf5jKJjEiEqoqAZCpIV0EdlNkqVG
Ff3zV10rO6bHGS12BYJdKTqbpSCXZ1fKqAUCeN2MM+yEi/iJPQ1XZ9u7BmG6nvWF
/FR22XxfSwXcJtMgfED0ZmqPf75nVrTh
-----END CERTIFICATE-----