Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft
File:                     cJdlx9TTMfTDasa-NH-mah8CNJA.mft (raw, json)
Hash identifier:          EvDQFnWixjlSwkLMcjusZBRrbdvAEM06BvH22hEcAw0=
Subject key identifier:   75:8C:2A:0B:0F:60:D1:37:2A:BC:7E:67:D8:DC:74:3D:BC:FC:87:89
Authority key identifier: 70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90
Certificate issuer:       /CN=A91AE85E/serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490
Certificate serial:       34AA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft
Manifest number:          3477
Signing time:             Fri 31 Jan 2025 14:18:06 +0000
Manifest this update:     Fri 31 Jan 2025 14:18:06 +0000
Manifest next update:     Fri 07 Feb 2025 14:18:06 +0000
Files and hashes:         1: cJdlx9TTMfTDasa-NH-mah8CNJA.crl (hash: QCIn16k4fbrODu+phzNMIMoWVTg3vv3rO9Mxwwq8K1M=)
                          2: 392987D254F611E79DF7E643C4F9AE02.roa (hash: E8L7EMY++G+/jL4fto/6X8FIxPH0nU/qyOAGKr50fbg=)
                          3: 09E2DC32B12B11E59337F35AC4F9AE02.roa (hash: cZP7pPe4Y/msfUjF/3Xl+aRlpqp1LPFsqoN3iYA504I=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13482 (0x34aa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AE85E/serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490
        Validity
            Not Before: Jan 31 14:18:06 2025 GMT
            Not After : Feb  7 14:18:06 2025 GMT
        Subject: CN=679cdb9e-068b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:cd:dd:a2:59:df:e0:33:c4:db:dd:58:22:94:
                    02:ec:a3:a5:22:92:45:24:df:24:dd:e6:89:7b:5c:
                    9b:b7:78:cd:20:d3:92:43:f3:2d:f3:c9:1e:b1:f3:
                    41:6e:2f:d0:0b:ad:67:c2:26:d9:f5:81:5a:61:61:
                    08:f3:93:e2:f4:1b:6e:d0:ac:53:e7:cd:21:81:7f:
                    ff:30:bd:9a:ab:4b:5f:2c:ae:b3:fd:23:7d:0c:7f:
                    1a:40:5e:60:a6:a1:a0:66:d0:76:50:b1:19:2e:08:
                    02:b2:df:27:e4:86:c0:87:ed:f0:ee:75:56:ed:1f:
                    da:0b:56:6b:b9:fa:4c:79:ed:7a:bb:e0:5c:3a:14:
                    9e:e8:c8:b1:0f:93:c0:99:71:23:36:0c:53:28:69:
                    f9:50:ce:e6:89:fb:cd:a4:54:76:08:0c:98:99:1a:
                    7c:60:24:dd:65:62:f3:90:22:69:4d:04:66:e0:9f:
                    36:d7:90:33:b2:b0:8c:26:10:38:5b:31:3d:20:f6:
                    dd:1e:ab:07:39:7a:dc:f5:12:70:c7:5a:2f:f8:62:
                    43:06:42:02:50:66:64:6a:97:e2:2c:75:e7:f9:9a:
                    a8:86:92:4d:3b:fc:0a:2a:0b:d7:66:ae:4b:69:90:
                    11:10:c8:45:a1:70:60:40:c9:9f:ee:07:5c:07:94:
                    4c:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:8C:2A:0B:0F:60:D1:37:2A:BC:7E:67:D8:DC:74:3D:BC:FC:87:89
            X509v3 Authority Key Identifier:
                keyid:70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:33:a5:65:8c:fe:0a:ff:c2:c6:f4:55:41:ab:45:a3:a0:1f:
         e7:21:03:67:b6:35:13:f5:85:5a:80:32:da:37:d2:ec:11:27:
         cb:95:11:b1:ff:bd:36:31:e3:c4:48:dd:0c:2a:b9:4c:da:4c:
         c4:03:f7:a2:fb:91:42:61:3d:58:1b:fd:12:48:2c:98:20:30:
         d7:c6:c8:3d:1b:01:20:05:f1:3d:1c:e6:bc:27:fb:59:85:51:
         fe:77:39:65:db:00:f5:43:0d:28:48:67:3e:8f:85:de:60:0f:
         d6:95:9e:f6:19:e0:97:92:a7:eb:92:fd:39:ac:fc:22:9a:66:
         e0:5d:24:fd:a5:75:4c:6a:5d:96:3e:96:43:1b:47:36:4b:6e:
         01:18:2d:32:65:b8:78:5b:8e:19:dc:31:62:ee:80:b0:6f:4a:
         00:ea:c3:7a:b5:db:43:99:dc:7c:18:f0:aa:6f:15:c2:b8:d7:
         a3:00:8c:2f:4b:0e:1e:41:cb:d3:ad:a7:c9:c1:9f:b1:1c:21:
         1d:da:53:63:27:d4:36:38:ac:a3:a6:e1:95:bd:b7:af:41:d9:
         5f:b4:08:9c:9e:4c:d6:1f:fa:7a:e2:21:06:44:fc:1a:79:4b:
         a7:8f:c6:f9:db:5d:83:d4:44:b6:b4:63:34:6b:12:93:ca:fd:
         4f:ea:6e:f7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUU4NUUxMTAvBgNVBAUTKDcwOTc2NUM3RDREMzMxRjRDMzZBQzZCRTM0N0ZBNjZB
MUYwMjM0OTAwHhcNMjUwMTMxMTQxODA2WhcNMjUwMjA3MTQxODA2WjAYMRYwFAYD
VQQDEw02NzljZGI5ZS0wNjhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoc3dolnf4DPE291YIpQC7KOlIpJFJN8k3eaJe1ybt3jNINOSQ/Mt88kesfNB
bi/QC61nwibZ9YFaYWEI85Pi9Btu0KxT580hgX//ML2aq0tfLK6z/SN9DH8aQF5g
pqGgZtB2ULEZLggCst8n5IbAh+3w7nVW7R/aC1ZrufpMee16u+BcOhSe6MixD5PA
mXEjNgxTKGn5UM7mifvNpFR2CAyYmRp8YCTdZWLzkCJpTQRm4J8215AzsrCMJhA4
WzE9IPbdHqsHOXrc9RJwx1ov+GJDBkICUGZkapfiLHXn+ZqohpJNO/wKKgvXZq5L
aZAREMhFoXBgQMmf7gdcB5RMsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHWMKgsP
YNE3Krx+Z9jcdD28/IeJMB8GA1UdIwQYMBaAFHCXZcfU0zH0w2rGvjR/pmofAjSQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTg1RS8wQkVEMzUyNjFE
NkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1mVERhc2EtTkgtbWFoOENO
SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NKZGx4OVRUTWZURGFzYS1OSC1tYWg4Q05KQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RTg1RS8wQkVEMzUyNjFENkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1m
VERhc2EtTkgtbWFoOENOSkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAFM6VljP4K/8LG9FVBq0WjoB/nIQNntjUT9YVagDLaN9LsESfLlRGx
/702MePESN0MKrlM2kzEA/ei+5FCYT1YG/0SSCyYIDDXxsg9GwEgBfE9HOa8J/tZ
hVH+dzll2wD1Qw0oSGc+j4XeYA/WlZ72GeCXkqfrkv05rPwimmbgXST9pXVMal2W
PpZDG0c2S24BGC0yZbh4W44Z3DFi7oCwb0oA6sN6tdtDmdx8GPCqbxXCuNejAIwv
Sw4eQcvTrafJwZ+xHCEd2lNjJ9Q2OKyjpuGVvbevQdlftAicnkzWH/p64iEGRPwa
eUunj8b5212D1ES2tGM0axKTyv1P6m73
-----END CERTIFICATE-----