Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft
File:                     KQN7v5LysPTDMKHN1KdiVs16VCI.mft (raw, json)
Hash identifier:          Kubqfqb5GYiCcw6goqvKzz8VxTNyNpmdEfGZfTCUGkM=
Subject key identifier:   37:56:2C:28:6B:BD:BB:0B:CD:E0:3F:3E:11:19:40:AC:59:24:D1:A7
Authority key identifier: 29:03:7B:BF:92:F2:B0:F4:C3:30:A1:CD:D4:A7:62:56:CD:7A:54:22
Certificate issuer:       /CN=A91E9B89/serialNumber=29037BBF92F2B0F4C330A1CDD4A76256CD7A5422
Certificate serial:       4F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft
Manifest number:          4E
Signing time:             Fri 31 Jan 2025 06:21:28 +0000
Manifest this update:     Fri 31 Jan 2025 06:21:27 +0000
Manifest next update:     Fri 07 Feb 2025 06:21:27 +0000
Files and hashes:         1: KQN7v5LysPTDMKHN1KdiVs16VCI.crl (hash: iHE8z7LgPUSpC6zb36LUtt85HEedXhnnwjZrKH8shJI=)
                          2: 2025BD6C6C3311EF99E0EF34C4F9AE02.roa (hash: v8gSdO2Oyevi0udRA9oSIzZPAk2F5XphTGY0llKdCYI=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79 (0x4f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E9B89/serialNumber=29037BBF92F2B0F4C330A1CDD4A76256CD7A5422
        Validity
            Not Before: Jan 31 06:21:27 2025 GMT
            Not After : Feb  7 06:21:27 2025 GMT
        Subject: CN=679c6be8-258a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:29:ff:19:99:db:86:cf:b2:a9:3b:90:62:dd:
                    c1:0d:4d:2b:bc:7c:bd:3e:4f:6a:b5:e3:00:6c:8d:
                    e3:24:af:42:8a:54:eb:95:e2:5c:ce:4f:d6:ac:87:
                    26:42:71:a7:93:0f:fb:96:58:07:33:cf:fc:65:52:
                    cf:dc:94:e2:79:36:e4:a6:28:0e:21:af:a8:78:94:
                    7b:4d:68:3b:3a:df:33:8a:32:32:cb:9f:fc:84:97:
                    5a:e4:06:5d:82:d7:de:2e:e7:de:9e:71:a9:17:c7:
                    33:5f:a7:6d:9c:34:57:ab:29:a9:89:e9:56:31:31:
                    8a:d6:83:84:1e:ce:c3:0b:5d:63:21:20:e7:d5:41:
                    2f:f3:a5:75:4d:5b:6c:4c:52:b3:fb:a5:e2:42:ee:
                    76:bd:67:89:dc:37:5a:15:20:56:8d:e2:9e:7f:4c:
                    5b:54:65:da:ff:cd:1d:83:61:23:2f:32:6c:9a:68:
                    bc:1d:fa:1d:b4:23:d3:ef:32:b6:9f:92:47:5a:da:
                    10:e1:7d:e0:f1:d8:f7:9f:dd:cc:51:3e:d7:a1:d8:
                    ea:65:02:ec:2a:b4:2e:7e:cb:da:0d:30:b2:10:24:
                    a8:b4:ff:b3:06:65:79:c6:79:b4:a6:16:a9:60:de:
                    01:6b:68:18:e7:4c:85:7f:4d:43:45:44:d0:97:a3:
                    8f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:56:2C:28:6B:BD:BB:0B:CD:E0:3F:3E:11:19:40:AC:59:24:D1:A7
            X509v3 Authority Key Identifier:
                keyid:29:03:7B:BF:92:F2:B0:F4:C3:30:A1:CD:D4:A7:62:56:CD:7A:54:22

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         de:fe:7a:43:b7:a0:87:40:52:0c:bf:f4:db:ff:e3:6e:32:34:
         de:4f:00:b4:04:8d:6e:f9:96:95:98:06:18:36:6d:c7:be:e2:
         b8:dc:68:b4:b0:06:e3:fd:8b:c0:bc:87:77:06:30:b9:2a:bf:
         a7:03:31:85:b8:d4:50:9f:ca:e9:9a:d5:db:dc:b9:61:42:cb:
         94:f9:8b:92:74:67:53:b2:0d:a3:09:f9:1f:8f:74:c8:21:fc:
         9b:8c:bb:b6:e3:28:98:f2:4f:e3:c2:78:01:f8:19:ae:6f:1c:
         68:97:43:41:ec:34:f5:1a:94:f2:93:c9:53:82:7f:69:23:2a:
         ee:45:a0:f7:94:75:55:2c:bd:d1:80:12:2b:25:46:54:b2:dd:
         99:92:89:42:1f:4e:7d:e7:72:b8:76:d4:a7:9f:90:d5:52:50:
         b0:d1:61:b4:80:2e:61:6f:87:d9:6f:e8:4a:85:2d:89:be:e9:
         68:9f:84:6c:09:41:4c:eb:9d:33:d7:72:83:69:07:53:10:a4:
         16:2e:a5:75:b7:c9:e3:3a:3d:15:ba:15:f6:3a:64:59:ea:75:
         1c:8b:90:ce:bc:61:97:2d:0a:c8:17:3e:f3:bb:27:82:2c:e2:
         3c:a6:cc:d9:0d:41:aa:63:ed:a6:28:30:b7:26:90:d5:8d:13:
         d6:c8:0c:c6
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBTzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
OUI4OTExMC8GA1UEBRMoMjkwMzdCQkY5MkYyQjBGNEMzMzBBMUNERDRBNzYyNTZD
RDdBNTQyMjAeFw0yNTAxMzEwNjIxMjdaFw0yNTAyMDcwNjIxMjdaMBgxFjAUBgNV
BAMTDTY3OWM2YmU4LTI1OGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDOKf8ZmduGz7KpO5Bi3cENTSu8fL0+T2q14wBsjeMkr0KKVOuV4lzOT9ashyZC
caeTD/uWWAczz/xlUs/clOJ5NuSmKA4hr6h4lHtNaDs63zOKMjLLn/yEl1rkBl2C
194u596ecakXxzNfp22cNFerKamJ6VYxMYrWg4QezsMLXWMhIOfVQS/zpXVNW2xM
UrP7peJC7na9Z4ncN1oVIFaN4p5/TFtUZdr/zR2DYSMvMmyaaLwd+h20I9PvMraf
kkda2hDhfeDx2Pef3cxRPteh2OplAuwqtC5+y9oNMLIQJKi0/7MGZXnGebSmFqlg
3gFraBjnTIV/TUNFRNCXo499AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUN1YsKGu9
uwvN4D8+ERlArFkk0acwHwYDVR0jBBgwFoAUKQN7v5LysPTDMKHN1KdiVs16VCIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU5Qjg5LzQzNjdDMjBFNkMx
ODExRUZBQjZCNjkwQ0M0RjlBRTAyL0tRTjd2NUx5c1BURE1LSE4xS2RpVnMxNlZD
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvS1FON3Y1THlzUFRETUtITjFLZGlWczE2VkNJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU5
Qjg5LzQzNjdDMjBFNkMxODExRUZBQjZCNjkwQ0M0RjlBRTAyL0tRTjd2NUx5c1BU
RE1LSE4xS2RpVnMxNlZDSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAN7+ekO3oIdAUgy/9Nv/424yNN5PALQEjW75lpWYBhg2bce+4rjcaLSw
BuP9i8C8h3cGMLkqv6cDMYW41FCfyuma1dvcuWFCy5T5i5J0Z1OyDaMJ+R+PdMgh
/JuMu7bjKJjyT+PCeAH4Ga5vHGiXQ0HsNPUalPKTyVOCf2kjKu5FoPeUdVUsvdGA
EislRlSy3ZmSiUIfTn3ncrh21KefkNVSULDRYbSALmFvh9lv6EqFLYm+6WifhGwJ
QUzrnTPXcoNpB1MQpBYupXW3yeM6PRW6FfY6ZFnqdRyLkM68YZctCsgXPvO7J4Is
4jymzNkNQapj7aYoMLcmkNWNE9bIDMY=
-----END CERTIFICATE-----