Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft
File:                     XdRoWi6WsUFvfNM1zetK0YIvfes.mft (raw, json)
Hash identifier:          6QhR8+L9ZuraRyPsoQ8kjDnYozDe1uV/jo6oOQY1Z9I=
Subject key identifier:   3F:9A:7D:F7:69:41:13:16:4F:E2:60:FB:2B:A9:99:97:A4:1A:68:CB
Authority key identifier: 5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB
Certificate issuer:       /CN=A91AF01C/serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB
Certificate serial:       014B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft
Manifest number:          0144
Signing time:             Fri 31 Jan 2025 03:34:47 +0000
Manifest this update:     Fri 31 Jan 2025 03:34:47 +0000
Manifest next update:     Fri 07 Feb 2025 03:34:47 +0000
Files and hashes:         1: XdRoWi6WsUFvfNM1zetK0YIvfes.crl (hash: 460mqHeZmi7tv+IHusSDdkmoGtbUm1rIJe+cVwgR5pE=)
                          2: 3474AD64FAD311ED9CEE0E29C4F9AE02.roa (hash: 6NUoQsi6MufbTG0wg5lLW6EPmg3seRvoOTXJysh5OoQ=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 331 (0x14b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AF01C/serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB
        Validity
            Not Before: Jan 31 03:34:47 2025 GMT
            Not After : Feb  7 03:34:47 2025 GMT
        Subject: CN=679c44d7-0829
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:23:24:c3:73:b7:48:7e:74:c1:bd:52:56:55:
                    03:6d:59:5f:fe:54:4d:21:b7:fa:d5:41:7a:33:b5:
                    df:05:73:de:d4:8f:c8:05:9d:4d:9f:35:16:fc:0c:
                    b4:61:fd:b7:77:0d:06:0a:80:dd:f2:60:0a:c3:d5:
                    5c:59:52:8e:d7:f1:51:c0:c2:95:6d:90:1c:46:dd:
                    de:6e:e2:06:e3:cd:7e:3c:f1:9b:00:40:80:5d:ae:
                    68:ce:3b:98:cb:56:17:85:f1:3b:a1:61:8b:b2:c4:
                    05:27:1a:cc:36:8b:8f:02:07:7b:fd:cc:c5:8b:4c:
                    29:a0:fc:e0:b4:7f:c4:bf:9d:e1:88:eb:04:12:19:
                    d9:a9:a6:33:ed:42:4d:6f:dd:b3:0e:29:23:6b:08:
                    34:d4:85:5a:7d:df:82:7b:27:f7:0e:ed:f9:1a:cc:
                    d0:de:46:ce:00:d7:18:04:5b:22:8f:f4:3d:32:03:
                    be:54:1d:55:ef:3c:d9:a0:e5:a6:ab:4d:d2:ab:8a:
                    70:63:d7:cd:d1:8b:14:5a:b4:02:5a:a4:95:76:96:
                    12:8e:3c:5e:9c:af:a7:61:0c:f9:b4:5f:ed:bd:61:
                    e2:6a:ee:4a:c1:cb:d6:cb:94:70:4c:59:eb:5a:8c:
                    9f:9d:d9:35:80:28:7c:21:75:72:66:fb:d3:21:fa:
                    26:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:9A:7D:F7:69:41:13:16:4F:E2:60:FB:2B:A9:99:97:A4:1A:68:CB
            X509v3 Authority Key Identifier:
                keyid:5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:b9:23:b5:c1:67:4c:85:06:a0:5f:b9:9c:c2:74:95:ea:41:
         17:ab:cb:a6:67:33:9a:b6:65:bd:1a:4f:87:c1:a9:13:20:9f:
         e1:3d:17:22:b4:22:a6:2e:37:00:68:9a:a2:56:ca:e1:a9:c0:
         7b:2f:de:4d:80:bd:7f:49:b4:4b:b2:63:b3:2e:79:07:c4:66:
         db:6e:29:36:55:c8:a6:56:9a:c0:fc:c9:81:6c:ce:9f:d1:c5:
         d0:42:96:e7:d3:74:6f:7d:4d:18:10:dd:45:53:c9:92:7a:b8:
         0d:5d:f3:35:fa:8f:89:32:51:09:f5:da:f8:5c:07:b2:ff:78:
         3d:7c:d4:97:fd:7e:0c:60:a4:58:13:4b:23:14:a4:ff:49:87:
         8e:56:90:71:19:f7:39:81:1c:3f:c3:b5:32:aa:c8:83:2d:51:
         b0:47:3b:3f:5d:f0:e1:31:a7:8c:b0:5b:24:df:0b:d6:2a:77:
         58:9d:a3:b3:b3:fc:2f:c3:f2:70:71:eb:2a:c5:57:ee:01:98:
         f0:1c:de:9f:cb:53:27:c1:9f:56:60:ec:7c:62:ba:82:d3:7b:
         0b:e0:df:bf:22:1f:56:fd:90:46:5a:0e:ab:a9:28:15:4f:ea:
         5b:f1:d4:59:60:ea:1b:af:12:51:cd:98:c8:5f:79:63:55:4a:
         2e:6f:be:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUYwMUMxMTAvBgNVBAUTKDVERDQ2ODVBMkU5NkIxNDE2RjdDRDMzNUNERUI0QUQx
ODIyRjdERUIwHhcNMjUwMTMxMDMzNDQ3WhcNMjUwMjA3MDMzNDQ3WjAYMRYwFAYD
VQQDEw02NzljNDRkNy0wODI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5CMkw3O3SH50wb1SVlUDbVlf/lRNIbf61UF6M7XfBXPe1I/IBZ1NnzUW/Ay0
Yf23dw0GCoDd8mAKw9VcWVKO1/FRwMKVbZAcRt3ebuIG481+PPGbAECAXa5ozjuY
y1YXhfE7oWGLssQFJxrMNouPAgd7/czFi0wpoPzgtH/Ev53hiOsEEhnZqaYz7UJN
b92zDikjawg01IVafd+Ceyf3Du35GszQ3kbOANcYBFsij/Q9MgO+VB1V7zzZoOWm
q03Sq4pwY9fN0YsUWrQCWqSVdpYSjjxenK+nYQz5tF/tvWHiau5KwcvWy5RwTFnr
Woyfndk1gCh8IXVyZvvTIfomyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD+affdp
QRMWT+Jg+yupmZekGmjLMB8GA1UdIwQYMBaAFF3UaFoulrFBb3zTNc3rStGCL33r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjAxQy9FNUQ5RTczNEZB
Q0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NVRnZmTk0xemV0SzBZSXZm
ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hkUm9XaTZXc1VGdmZOTTF6ZXRLMFlJdmZlcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RjAxQy9FNUQ5RTczNEZBQ0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NV
RnZmTk0xemV0SzBZSXZmZXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQABuSO1wWdMhQagX7mcwnSV6kEXq8umZzOatmW9Gk+HwakTIJ/hPRci
tCKmLjcAaJqiVsrhqcB7L95NgL1/SbRLsmOzLnkHxGbbbik2VcimVprA/MmBbM6f
0cXQQpbn03RvfU0YEN1FU8mSergNXfM1+o+JMlEJ9dr4XAey/3g9fNSX/X4MYKRY
E0sjFKT/SYeOVpBxGfc5gRw/w7UyqsiDLVGwRzs/XfDhMaeMsFsk3wvWKndYnaOz
s/wvw/JwcesqxVfuAZjwHN6fy1MnwZ9WYOx8YrqC03sL4N+/Ih9W/ZBGWg6rqSgV
T+pb8dRZYOobrxJRzZjIX3ljVUoub75V
-----END CERTIFICATE-----