Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE5A6/B37497105B3F11EE8F1D3D6EC4F9AE02/AJko8LjNMO2gVjCoumdOdiqdKDM.mft
File:                     AJko8LjNMO2gVjCoumdOdiqdKDM.mft (raw, json)
Hash identifier:          FN65/oThpNM050pDH4d6fPCVGD9SrpD5lD7Z11EeSCg=
Subject key identifier:   11:3C:C7:4B:5C:44:B1:76:F6:86:72:17:E0:EC:84:01:B2:46:A1:FD
Authority key identifier: 00:99:28:F0:B8:CD:30:ED:A0:56:30:A8:BA:67:4E:76:2A:9D:28:33
Certificate issuer:       /CN=A91CE5A6/serialNumber=009928F0B8CD30EDA05630A8BA674E762A9D2833
Certificate serial:       010C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AJko8LjNMO2gVjCoumdOdiqdKDM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CE5A6/B37497105B3F11EE8F1D3D6EC4F9AE02/AJko8LjNMO2gVjCoumdOdiqdKDM.mft
Manifest number:          0105
Signing time:             Fri 31 Jan 2025 04:13:37 +0000
Manifest this update:     Fri 31 Jan 2025 04:13:36 +0000
Manifest next update:     Fri 07 Feb 2025 04:13:36 +0000
Files and hashes:         1: AJko8LjNMO2gVjCoumdOdiqdKDM.crl (hash: MeL7dN5GXl2SfwGiuhjMo7E9a+brVKLLL/xqR5fUtew=)
                          2: EC56413A5B4B11EE9A031C81C4F9AE02.roa (hash: IYdEuH2XgAZOwJVJ/PgjJYy0V8hqTD9vcLpljNcDdl8=)
                          3: 7022F6EE5B4611EE9093F11EC4F9AE02.roa (hash: e0200w8zEsZ5WKCdPwZ5CedunKufXXzWVfu8693DHy8=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 268 (0x10c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CE5A6/serialNumber=009928F0B8CD30EDA05630A8BA674E762A9D2833
        Validity
            Not Before: Jan 31 04:13:36 2025 GMT
            Not After : Feb  7 04:13:36 2025 GMT
        Subject: CN=679c4df1-ea47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a1:4d:8e:ba:f3:33:ee:e7:4b:00:b3:ca:77:
                    53:95:00:7a:9d:07:da:17:0c:5f:65:76:76:b8:3a:
                    3a:c8:d2:95:b4:d2:71:45:6e:86:3a:6b:d9:53:5c:
                    7b:88:eb:52:7a:3b:5c:81:aa:d2:5d:0b:ca:8f:38:
                    11:00:d0:0e:d8:b5:4f:38:bb:c8:df:35:e2:70:41:
                    55:5b:16:70:26:4a:f1:41:ca:e1:c3:f3:90:c4:e5:
                    a7:4b:2c:e8:d7:17:29:c8:87:a1:b3:2f:1d:67:43:
                    a6:65:5d:69:1c:38:75:c7:6f:6a:a6:c9:c0:07:46:
                    a6:65:d1:0c:6d:4b:b7:cb:ad:a3:db:89:c9:49:98:
                    7f:a2:29:c4:f6:e5:77:f3:50:72:43:73:8d:85:77:
                    ef:57:9f:a6:17:1f:ac:8d:0f:89:d6:e3:4f:bd:58:
                    fe:e6:b3:d9:65:72:04:1f:69:aa:82:c2:da:1c:67:
                    ea:35:76:2f:58:f2:f7:95:e7:d2:30:4c:ba:42:fc:
                    b0:8d:20:8a:1f:b6:e7:c6:0d:e8:9d:8b:a7:89:44:
                    21:3d:25:e4:20:b1:e0:ca:15:5d:7a:30:20:55:08:
                    86:42:ca:e3:ab:ed:01:46:0e:1d:5c:96:03:43:23:
                    f9:01:43:1a:ee:17:ac:4a:84:58:e9:b6:57:0b:aa:
                    6a:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:3C:C7:4B:5C:44:B1:76:F6:86:72:17:E0:EC:84:01:B2:46:A1:FD
            X509v3 Authority Key Identifier:
                keyid:00:99:28:F0:B8:CD:30:ED:A0:56:30:A8:BA:67:4E:76:2A:9D:28:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CE5A6/B37497105B3F11EE8F1D3D6EC4F9AE02/AJko8LjNMO2gVjCoumdOdiqdKDM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AJko8LjNMO2gVjCoumdOdiqdKDM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE5A6/B37497105B3F11EE8F1D3D6EC4F9AE02/AJko8LjNMO2gVjCoumdOdiqdKDM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:25:20:ee:aa:5a:32:dd:68:3f:f8:16:67:69:6f:a9:d6:8f:
         2c:ba:11:f2:f1:c2:26:55:b8:6e:76:d6:6f:43:12:71:df:c8:
         ba:8c:02:e0:1a:d0:32:67:bc:5c:c0:39:00:7e:1d:44:34:b5:
         79:63:d1:27:72:18:6d:18:05:a9:09:98:f5:e7:d9:0f:4e:a2:
         ef:a4:85:35:e5:b4:f8:c4:52:bb:0a:ee:a5:68:26:c6:ff:d5:
         88:31:1b:d3:78:b8:66:7f:22:e9:00:dc:fb:e1:80:2d:55:6c:
         e8:eb:7d:cc:8f:50:06:1a:41:ed:bb:66:c4:68:dc:6c:e3:c6:
         5a:df:e4:ac:b0:1c:72:02:c8:25:51:5b:08:c9:37:77:31:62:
         27:e3:44:5e:da:9b:d3:84:99:59:be:d0:39:84:f2:27:5c:dc:
         75:ad:ad:52:27:72:c0:69:f6:5c:0b:2d:ec:03:6f:a4:4c:1a:
         47:c2:3d:3e:7d:d2:3e:df:96:bf:e1:b1:48:35:75:4e:0c:37:
         36:c8:be:f6:d1:09:8c:72:ae:a5:b5:12:98:aa:16:7a:4d:27:
         f9:de:01:92:f8:20:eb:1a:8a:37:2b:ac:44:9d:3d:ab:14:71:
         90:34:ce:3a:cf:3f:30:ef:15:c8:e0:bc:d4:49:71:f6:d1:58:
         a7:0f:32:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAQwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0U1QTYxMTAvBgNVBAUTKDAwOTkyOEYwQjhDRDMwRURBMDU2MzBBOEJBNjc0RTc2
MkE5RDI4MzMwHhcNMjUwMTMxMDQxMzM2WhcNMjUwMjA3MDQxMzM2WjAYMRYwFAYD
VQQDEw02NzljNGRmMS1lYTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyqFNjrrzM+7nSwCzyndTlQB6nQfaFwxfZXZ2uDo6yNKVtNJxRW6GOmvZU1x7
iOtSejtcgarSXQvKjzgRANAO2LVPOLvI3zXicEFVWxZwJkrxQcrhw/OQxOWnSyzo
1xcpyIehsy8dZ0OmZV1pHDh1x29qpsnAB0amZdEMbUu3y62j24nJSZh/oinE9uV3
81ByQ3ONhXfvV5+mFx+sjQ+J1uNPvVj+5rPZZXIEH2mqgsLaHGfqNXYvWPL3lefS
MEy6QvywjSCKH7bnxg3onYuniUQhPSXkILHgyhVdejAgVQiGQsrjq+0BRg4dXJYD
QyP5AUMa7hesSoRY6bZXC6pqkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBE8x0tc
RLF29oZyF+DshAGyRqH9MB8GA1UdIwQYMBaAFACZKPC4zTDtoFYwqLpnTnYqnSgz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTVBNi9CMzc0OTcxMDVC
M0YxMUVFOEYxRDNENkVDNEY5QUUwMi9BSmtvOExqTk1PMmdWakNvdW1kT2RpcWRL
RE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FKa284TGpOTU8yZ1ZqQ291bWRPZGlxZEtETS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RTVBNi9CMzc0OTcxMDVCM0YxMUVFOEYxRDNENkVDNEY5QUUwMi9BSmtvOExqTk1P
MmdWakNvdW1kT2RpcWRLRE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAHJSDuqloy3Wg/+BZnaW+p1o8suhHy8cImVbhudtZvQxJx38i6jALg
GtAyZ7xcwDkAfh1ENLV5Y9EnchhtGAWpCZj159kPTqLvpIU15bT4xFK7Cu6laCbG
/9WIMRvTeLhmfyLpANz74YAtVWzo633Mj1AGGkHtu2bEaNxs48Za3+SssBxyAsgl
UVsIyTd3MWIn40Re2pvThJlZvtA5hPInXNx1ra1SJ3LAafZcCy3sA2+kTBpHwj0+
fdI+35a/4bFINXVODDc2yL720QmMcq6ltRKYqhZ6TSf53gGS+CDrGoo3K6xEnT2r
FHGQNM46zz8w7xXI4LzUSXH20VinDzJ4
-----END CERTIFICATE-----