Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D873B/4A16BBDAC60411ECAA94594BC4F9AE02/A72QmhoVpFA9-tWUw8bem5RgTmY.mft
File:                     A72QmhoVpFA9-tWUw8bem5RgTmY.mft (raw, json)
Hash identifier:          D8e3d2NNyDjGQXOgntG8TtIgTXgNShnLEj5LMg/giOU=
Subject key identifier:   18:B3:77:0E:05:31:A7:7A:54:B7:B0:4F:B0:CF:AA:A4:5F:0D:F5:4D
Authority key identifier: 03:BD:90:9A:1A:15:A4:50:3D:FA:D5:94:C3:C6:DE:9B:94:60:4E:66
Certificate issuer:       /CN=A91D873B/serialNumber=03BD909A1A15A4503DFAD594C3C6DE9B94604E66
Certificate serial:       02FB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A72QmhoVpFA9-tWUw8bem5RgTmY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D873B/4A16BBDAC60411ECAA94594BC4F9AE02/A72QmhoVpFA9-tWUw8bem5RgTmY.mft
Manifest number:          02F4
Signing time:             Fri 31 Jan 2025 01:22:55 +0000
Manifest this update:     Fri 31 Jan 2025 01:22:55 +0000
Manifest next update:     Fri 07 Feb 2025 01:22:55 +0000
Files and hashes:         1: A72QmhoVpFA9-tWUw8bem5RgTmY.crl (hash: Dizn3h5dlNGILVO3fJ0sQaFaoHlftTjSCerY2IKm4Oo=)
                          2: E15CC33CD55011EFB17CB022C4F9AE02.roa (hash: YkgVY3NySYm4wFHmOVUk89wTvIIkdJt3TNVnKoMCNEA=)
                          3: 5409C188C6CB11ECB185E43EC4F9AE02.roa (hash: qkNJcqJasGm5DqRK6RDLwIc76BxJl9ChsFknMyrjOEQ=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 763 (0x2fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D873B/serialNumber=03BD909A1A15A4503DFAD594C3C6DE9B94604E66
        Validity
            Not Before: Jan 31 01:22:55 2025 GMT
            Not After : Feb  7 01:22:55 2025 GMT
        Subject: CN=679c25ef-08e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:01:30:04:eb:ae:42:dd:9a:85:d5:cc:ec:b7:
                    ce:97:a9:73:5a:ad:e4:b6:84:37:96:dc:62:09:e0:
                    af:e2:64:8d:ec:31:26:da:86:8a:a3:6a:2f:9f:7b:
                    9e:18:ae:d8:a6:a2:22:0c:f0:97:90:9b:a3:d9:cb:
                    7b:8c:0d:87:b6:36:ed:36:4c:8c:7e:bf:e9:4c:8c:
                    09:97:26:40:79:b1:75:a5:f3:2b:6c:f9:b0:af:6f:
                    16:20:ff:d3:df:f7:be:18:a6:d1:53:2a:c9:ff:c6:
                    59:f0:9a:16:5e:da:55:83:26:1f:26:cc:89:18:9e:
                    5e:e9:5d:c7:53:a3:dc:ea:c3:3b:33:d3:d0:6d:9d:
                    af:cf:9d:37:55:95:4b:7b:d3:69:11:41:e4:ef:30:
                    09:88:35:e3:09:00:d1:d3:c2:e8:b3:2e:1b:bf:d3:
                    57:aa:58:81:88:ae:4f:57:e7:9b:8f:49:9a:bd:ca:
                    bc:57:dc:86:7c:21:9e:d0:25:0e:3c:a9:d8:32:3c:
                    46:20:d1:90:b5:54:73:77:4c:60:1e:d2:09:88:23:
                    1e:01:d3:c9:11:23:df:de:17:64:eb:57:36:80:7e:
                    04:90:d1:f9:54:5a:4f:3e:91:b3:86:51:4a:d2:c3:
                    8a:98:e7:63:fa:0e:c5:47:8d:97:18:36:4d:66:a1:
                    96:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:B3:77:0E:05:31:A7:7A:54:B7:B0:4F:B0:CF:AA:A4:5F:0D:F5:4D
            X509v3 Authority Key Identifier:
                keyid:03:BD:90:9A:1A:15:A4:50:3D:FA:D5:94:C3:C6:DE:9B:94:60:4E:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D873B/4A16BBDAC60411ECAA94594BC4F9AE02/A72QmhoVpFA9-tWUw8bem5RgTmY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A72QmhoVpFA9-tWUw8bem5RgTmY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D873B/4A16BBDAC60411ECAA94594BC4F9AE02/A72QmhoVpFA9-tWUw8bem5RgTmY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:d9:f3:f2:e9:48:3e:6b:35:b9:68:4e:0b:eb:97:ac:cd:8b:
         b5:3b:56:00:f5:75:8a:bf:b3:9b:76:29:20:99:4b:34:b2:71:
         e4:5b:cd:0a:5a:bf:37:90:ba:40:52:6c:dc:3a:fb:73:34:9a:
         ac:4f:a8:13:b9:f3:80:61:60:af:b9:03:2a:81:d5:81:7c:34:
         17:75:4e:aa:ba:cb:f4:41:eb:e5:f4:7a:0f:7c:2e:1a:43:52:
         8c:af:64:30:9c:ee:46:5c:52:a2:eb:5f:26:bd:97:7c:7f:a1:
         4a:4e:7a:f0:77:5c:d8:5a:5b:eb:22:44:b3:90:0c:5a:99:d7:
         c2:bc:d6:1d:7b:38:72:cb:48:8b:80:82:cc:ad:8e:02:21:84:
         9b:f8:1c:09:d4:fb:d4:7b:64:39:7d:19:ff:73:be:d4:9c:a8:
         f0:e2:cb:8e:2c:93:38:6b:e8:35:c6:2a:7a:46:e6:87:2b:64:
         ea:8a:e8:2b:24:42:09:42:8e:79:23:5a:06:df:60:55:91:7f:
         31:c0:7d:dc:43:90:8b:a0:91:a7:b2:32:82:47:6c:42:75:37:
         00:df:22:aa:b6:66:d5:de:38:09:3d:39:2b:d0:fe:0c:10:85:
         50:34:3a:fe:47:43:cf:de:8a:5c:26:03:9e:b4:d1:ab:96:18:
         5a:fa:ce:d0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDg3M0IxMTAvBgNVBAUTKDAzQkQ5MDlBMUExNUE0NTAzREZBRDU5NEMzQzZERTlC
OTQ2MDRFNjYwHhcNMjUwMTMxMDEyMjU1WhcNMjUwMjA3MDEyMjU1WjAYMRYwFAYD
VQQDEw02NzljMjVlZi0wOGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxQEwBOuuQt2ahdXM7LfOl6lzWq3ktoQ3ltxiCeCv4mSN7DEm2oaKo2ovn3ue
GK7YpqIiDPCXkJuj2ct7jA2HtjbtNkyMfr/pTIwJlyZAebF1pfMrbPmwr28WIP/T
3/e+GKbRUyrJ/8ZZ8JoWXtpVgyYfJsyJGJ5e6V3HU6Pc6sM7M9PQbZ2vz503VZVL
e9NpEUHk7zAJiDXjCQDR08Losy4bv9NXqliBiK5PV+ebj0mavcq8V9yGfCGe0CUO
PKnYMjxGINGQtVRzd0xgHtIJiCMeAdPJESPf3hdk61c2gH4EkNH5VFpPPpGzhlFK
0sOKmOdj+g7FR42XGDZNZqGWRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBizdw4F
Mad6VLewT7DPqqRfDfVNMB8GA1UdIwQYMBaAFAO9kJoaFaRQPfrVlMPG3puUYE5m
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODczQi80QTE2QkJEQUM2
MDQxMUVDQUE5NDU5NEJDNEY5QUUwMi9BNzJRbWhvVnBGQTktdFdVdzhiZW01UmdU
bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0E3MlFtaG9WcEZBOS10V1V3OGJlbTVSZ1RtWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
ODczQi80QTE2QkJEQUM2MDQxMUVDQUE5NDU5NEJDNEY5QUUwMi9BNzJRbWhvVnBG
QTktdFdVdzhiZW01UmdUbVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAj2fPy6Ug+azW5aE4L65eszYu1O1YA9XWKv7ObdikgmUs0snHkW80K
Wr83kLpAUmzcOvtzNJqsT6gTufOAYWCvuQMqgdWBfDQXdU6qusv0Qevl9HoPfC4a
Q1KMr2QwnO5GXFKi618mvZd8f6FKTnrwd1zYWlvrIkSzkAxamdfCvNYdezhyy0iL
gILMrY4CIYSb+BwJ1PvUe2Q5fRn/c77UnKjw4suOLJM4a+g1xip6RuaHK2Tqiugr
JEIJQo55I1oG32BVkX8xwH3cQ5CLoJGnsjKCR2xCdTcA3yKqtmbV3jgJPTkr0P4M
EIVQNDr+R0PP3opcJgOetNGrlhha+s7Q
-----END CERTIFICATE-----