Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3814/2542B4225D7111EC9908914DC4F9AE02/kROhaGm30B54nuCf4m5q-jfPPkc.mft
File:                     kROhaGm30B54nuCf4m5q-jfPPkc.mft (raw, json)
Hash identifier:          ol+WPF9iFfF4iGeehXslT4DvgMdIJY194y/17y4JFOE=
Subject key identifier:   19:89:B6:28:06:AF:74:16:DB:70:B7:44:DA:2E:3F:30:B5:98:A8:77
Authority key identifier: 91:13:A1:68:69:B7:D0:1E:78:9E:E0:9F:E2:6E:6A:FA:37:CF:3E:47
Certificate issuer:       /CN=A91E3814/serialNumber=9113A16869B7D01E789EE09FE26E6AFA37CF3E47
Certificate serial:       0409
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kROhaGm30B54nuCf4m5q-jfPPkc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E3814/2542B4225D7111EC9908914DC4F9AE02/kROhaGm30B54nuCf4m5q-jfPPkc.mft
Manifest number:          0401
Signing time:             Fri 31 Jan 2025 00:33:25 +0000
Manifest this update:     Fri 31 Jan 2025 00:33:25 +0000
Manifest next update:     Fri 07 Feb 2025 00:33:24 +0000
Files and hashes:         1: kROhaGm30B54nuCf4m5q-jfPPkc.crl (hash: GbgsuJEIx76rMjom7nLwRLCqwbNZI9yEB2yHvfllbH0=)
                          2: 4E9E48C6B0C111EFBFFB5A24C4F9AE02.roa (hash: jU4GIVtGPEKm3mzNhsxPRH4vQ1ZUdRKxQVrd2WqVW8g=)
                          3: 2F74D644ABC711EF9CD3CE81C4F9AE02.roa (hash: GJE94mU6Sr8CoGwsF6tCrZgMYHj9w/NGptO5MRYqwuE=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1033 (0x409)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E3814/serialNumber=9113A16869B7D01E789EE09FE26E6AFA37CF3E47
        Validity
            Not Before: Jan 31 00:33:25 2025 GMT
            Not After : Feb  7 00:33:24 2025 GMT
        Subject: CN=679c1a55-0083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:c0:2f:6e:50:32:24:46:fc:cc:e2:ef:13:40:
                    04:e8:16:2c:09:fc:a3:c2:2e:f5:05:64:52:4b:61:
                    0e:c3:4d:c5:ba:ac:ed:2f:3e:2a:1a:d2:1b:d7:90:
                    30:51:67:c0:9e:4d:eb:e1:93:55:d4:45:d7:9a:a6:
                    42:9a:a4:14:9f:74:0a:51:3b:fd:e1:36:a4:44:c8:
                    3a:20:7f:6c:dd:83:3c:81:32:fc:cf:fe:48:11:dd:
                    19:42:11:80:14:2e:71:e5:8c:da:cc:42:21:51:47:
                    d7:21:aa:51:b9:94:4b:53:6c:c9:4d:df:40:6e:39:
                    d8:40:69:75:f4:87:d8:dc:f3:60:53:02:3f:3b:e4:
                    9f:69:67:7c:91:2e:aa:75:38:5d:ce:95:4e:77:c1:
                    b7:02:1e:da:5f:28:3c:8e:ad:60:ce:62:87:08:c1:
                    d8:dc:31:af:a0:22:f3:c4:15:04:27:d9:2e:80:39:
                    cb:73:b5:f9:45:08:7d:b6:fe:d6:20:46:32:d8:15:
                    51:ca:48:87:bc:b9:4c:7d:f5:e1:91:47:47:da:1c:
                    10:27:d7:59:25:77:71:cc:13:f2:8f:4a:8a:e2:b9:
                    0e:6a:0c:b7:ed:f5:73:6e:5c:55:ab:50:bc:89:b8:
                    09:5e:22:66:d7:17:e7:e4:16:63:a7:38:8b:39:e1:
                    81:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:89:B6:28:06:AF:74:16:DB:70:B7:44:DA:2E:3F:30:B5:98:A8:77
            X509v3 Authority Key Identifier:
                keyid:91:13:A1:68:69:B7:D0:1E:78:9E:E0:9F:E2:6E:6A:FA:37:CF:3E:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E3814/2542B4225D7111EC9908914DC4F9AE02/kROhaGm30B54nuCf4m5q-jfPPkc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kROhaGm30B54nuCf4m5q-jfPPkc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3814/2542B4225D7111EC9908914DC4F9AE02/kROhaGm30B54nuCf4m5q-jfPPkc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:9f:10:00:37:6b:a0:7e:f6:8e:cb:e8:ed:d7:cf:85:35:b3:
         9f:79:43:d6:58:42:4f:91:2a:23:29:59:a0:2a:23:35:3f:dc:
         6f:82:d0:67:d6:2d:98:2f:e0:71:56:45:9b:ec:4b:24:6f:c3:
         ea:4c:61:67:2f:c2:d8:c0:51:b7:21:84:cc:10:4d:c0:c3:19:
         a8:45:15:2f:bd:7e:a0:c3:1c:23:09:18:7d:bb:88:47:f4:92:
         a4:22:05:3c:8d:71:ea:cb:54:b6:fa:ad:57:5e:e1:60:b6:36:
         1f:0e:e5:69:88:ee:c0:b9:d0:fa:81:29:96:36:4c:de:bd:da:
         57:fb:bd:54:99:db:ef:57:3e:53:d0:22:9f:d2:8f:a7:eb:c7:
         85:a6:0a:6c:38:c7:a7:a1:f3:16:38:80:2e:b8:42:02:85:87:
         d1:e8:aa:18:b7:9b:56:cf:67:3d:34:f6:8a:75:3a:e1:06:dd:
         1e:72:d6:dd:3d:c8:9b:43:cb:d6:5f:c7:c1:14:60:c1:65:43:
         52:b0:bf:36:cb:1f:88:b5:70:50:62:b4:54:87:98:b8:86:eb:
         ae:be:db:4c:32:45:89:93:10:02:ba:d2:b1:27:d2:7a:70:25:
         99:93:e3:cf:69:35:73:43:a1:7e:91:ac:d9:c7:15:81:02:0c:
         65:73:60:de
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTM4MTQxMTAvBgNVBAUTKDkxMTNBMTY4NjlCN0QwMUU3ODlFRTA5RkUyNkU2QUZB
MzdDRjNFNDcwHhcNMjUwMTMxMDAzMzI1WhcNMjUwMjA3MDAzMzI0WjAYMRYwFAYD
VQQDEw02NzljMWE1NS0wMDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArsAvblAyJEb8zOLvE0AE6BYsCfyjwi71BWRSS2EOw03FuqztLz4qGtIb15Aw
UWfAnk3r4ZNV1EXXmqZCmqQUn3QKUTv94TakRMg6IH9s3YM8gTL8z/5IEd0ZQhGA
FC5x5YzazEIhUUfXIapRuZRLU2zJTd9AbjnYQGl19IfY3PNgUwI/O+SfaWd8kS6q
dThdzpVOd8G3Ah7aXyg8jq1gzmKHCMHY3DGvoCLzxBUEJ9kugDnLc7X5RQh9tv7W
IEYy2BVRykiHvLlMffXhkUdH2hwQJ9dZJXdxzBPyj0qK4rkOagy37fVzblxVq1C8
ibgJXiJm1xfn5BZjpziLOeGBMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBmJtigG
r3QW23C3RNouPzC1mKh3MB8GA1UdIwQYMBaAFJEToWhpt9AeeJ7gn+Juavo3zz5H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMzgxNC8yNTQyQjQyMjVE
NzExMUVDOTkwODkxNERDNEY5QUUwMi9rUk9oYUdtMzBCNTRudUNmNG01cS1qZlBQ
a2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tST2hhR20zMEI1NG51Q2Y0bTVxLWpmUFBrYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MzgxNC8yNTQyQjQyMjVENzExMUVDOTkwODkxNERDNEY5QUUwMi9rUk9oYUdtMzBC
NTRudUNmNG01cS1qZlBQa2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCTnxAAN2ugfvaOy+jt18+FNbOfeUPWWEJPkSojKVmgKiM1P9xvgtBn
1i2YL+BxVkWb7Eskb8PqTGFnL8LYwFG3IYTMEE3AwxmoRRUvvX6gwxwjCRh9u4hH
9JKkIgU8jXHqy1S2+q1XXuFgtjYfDuVpiO7AudD6gSmWNkzevdpX+71UmdvvVz5T
0CKf0o+n68eFpgpsOMenofMWOIAuuEIChYfR6KoYt5tWz2c9NPaKdTrhBt0ectbd
PcibQ8vWX8fBFGDBZUNSsL82yx+ItXBQYrRUh5i4huuuvttMMkWJkxACutKxJ9J6
cCWZk+PPaTVzQ6F+kazZxxWBAgxlc2De
-----END CERTIFICATE-----