Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.mft
File:                     QSPpAOai7I_ptdcDt5KA7yFAfIE.mft (raw, json)
Hash identifier:          tgY3PzCoiHTVKkEyWWTN/OFETjC5gZJe4VaJcV8HWsg=
Subject key identifier:   3E:A9:F1:D8:90:DD:7E:97:60:E9:5D:E4:66:EF:99:95:B2:89:D5:DC
Authority key identifier: 41:23:E9:00:E6:A2:EC:8F:E9:B5:D7:03:B7:92:80:EF:21:40:7C:81
Certificate issuer:       /CN=A91F3B2E/serialNumber=4123E900E6A2EC8FE9B5D703B79280EF21407C81
Certificate serial:       0179
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSPpAOai7I_ptdcDt5KA7yFAfIE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.mft
Manifest number:          0169
Signing time:             Fri 31 Jan 2025 03:22:41 +0000
Manifest this update:     Fri 31 Jan 2025 03:22:40 +0000
Manifest next update:     Fri 07 Feb 2025 03:22:40 +0000
Files and hashes:         1: QSPpAOai7I_ptdcDt5KA7yFAfIE.crl (hash: Wc/kwfMpEyaxl6PBQDKDz+LAv0hHm0OwiqmVZpDe684=)
                          2: A91AF6A8CE7811EF89FA3944C4F9AE02.roa (hash: xYipp+ZcmQFz/ogxlth1vHSd96eYxW/drt1nbOwk66E=)
                          3: C2B39ECCCF7B11EFB722F324C4F9AE02.roa (hash: UbZ1c+k75Ngr39MJpkXEoV25RrLWTS81728p9lnZuv8=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 377 (0x179)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F3B2E/serialNumber=4123E900E6A2EC8FE9B5D703B79280EF21407C81
        Validity
            Not Before: Jan 31 03:22:40 2025 GMT
            Not After : Feb  7 03:22:40 2025 GMT
        Subject: CN=679c4201-f6a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4f:e7:84:ec:0d:37:3c:e4:22:0e:fd:d2:b3:
                    f4:29:b1:e1:19:09:a2:ee:47:c7:fb:f6:f5:6a:ea:
                    22:ae:e7:85:0e:be:db:46:d1:21:90:7d:05:15:f8:
                    d8:5f:23:ea:02:60:65:4d:ba:e7:12:99:f5:e9:b5:
                    81:2e:b5:eb:57:87:1d:25:09:c8:e0:c9:73:6e:42:
                    5a:d7:0a:da:42:5e:85:9a:c0:1d:b0:fd:46:b1:65:
                    0c:f1:35:95:b4:14:94:d8:a5:91:41:0b:56:01:c4:
                    46:d8:48:1a:86:75:71:de:d6:78:7a:9f:83:94:76:
                    cb:f6:0d:f1:6d:6e:2f:aa:c5:3c:93:dd:c6:94:00:
                    64:43:c0:ca:e0:68:57:69:a6:93:ea:53:42:57:2f:
                    ca:ea:dd:30:af:b0:bc:1a:be:96:8a:41:9c:14:9f:
                    57:c8:e1:27:5d:69:6b:a2:46:4a:51:37:c7:bc:23:
                    88:6c:fc:9b:c7:de:60:e7:b3:2e:74:c0:b0:8e:4e:
                    21:df:9d:59:5d:3a:be:b6:f4:62:51:91:20:bc:8f:
                    d4:be:8c:9e:82:90:13:e3:87:30:6a:2b:90:40:37:
                    da:7c:17:1d:f6:bf:31:12:b1:83:1c:38:4e:f3:e9:
                    16:4d:bd:35:c8:3b:83:3d:22:23:5c:aa:19:f1:b5:
                    d4:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:A9:F1:D8:90:DD:7E:97:60:E9:5D:E4:66:EF:99:95:B2:89:D5:DC
            X509v3 Authority Key Identifier:
                keyid:41:23:E9:00:E6:A2:EC:8F:E9:B5:D7:03:B7:92:80:EF:21:40:7C:81

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSPpAOai7I_ptdcDt5KA7yFAfIE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:a9:d6:1c:c0:ab:fe:aa:86:ad:8e:21:6e:db:13:9b:6f:18:
         3f:06:50:61:fd:13:ac:be:e8:8d:03:1f:74:0d:72:54:45:66:
         e5:a2:7a:c6:7a:7b:c1:c9:9e:05:46:ab:a6:cc:60:7c:c9:c0:
         5b:97:1d:52:8e:a9:ae:95:63:d7:d5:1e:32:c9:cc:72:6f:28:
         86:de:ee:1d:f7:eb:ac:04:19:58:2c:62:1b:ac:72:ee:40:ef:
         80:d7:b0:b5:ae:17:f2:b8:b4:7d:71:5b:a2:7a:cd:45:b4:73:
         3f:87:6c:80:74:35:10:e1:81:7c:e0:b7:9e:88:d0:0d:7b:49:
         d7:e6:66:db:6d:3d:0f:53:28:7c:8c:51:3b:a2:e9:a4:88:10:
         98:4a:27:4d:0e:1e:40:f3:e5:ff:98:11:0a:10:e8:ca:8a:5a:
         16:3e:0c:fe:69:63:2d:35:36:d6:a9:6c:72:f8:4b:d5:c2:c6:
         69:b1:4d:97:2f:f4:38:6d:bc:b4:32:ff:75:4d:16:a3:f8:2f:
         ca:de:d1:7e:10:91:c1:8d:7b:1a:eb:2f:6c:e9:66:5e:7c:39:
         8f:cb:05:cf:b2:78:ea:36:81:6b:d9:f0:94:53:38:c2:30:85:
         c6:b4:11:b8:d5:de:72:da:f4:2d:83:72:ad:a2:f2:b0:f8:f8:
         dd:e8:34:55
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAXkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNCMkUxMTAvBgNVBAUTKDQxMjNFOTAwRTZBMkVDOEZFOUI1RDcwM0I3OTI4MEVG
MjE0MDdDODEwHhcNMjUwMTMxMDMyMjQwWhcNMjUwMjA3MDMyMjQwWjAYMRYwFAYD
VQQDEw02NzljNDIwMS1mNmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr0/nhOwNNzzkIg790rP0KbHhGQmi7kfH+/b1auoirueFDr7bRtEhkH0FFfjY
XyPqAmBlTbrnEpn16bWBLrXrV4cdJQnI4MlzbkJa1wraQl6FmsAdsP1GsWUM8TWV
tBSU2KWRQQtWAcRG2EgahnVx3tZ4ep+DlHbL9g3xbW4vqsU8k93GlABkQ8DK4GhX
aaaT6lNCVy/K6t0wr7C8Gr6WikGcFJ9XyOEnXWlrokZKUTfHvCOIbPybx95g57Mu
dMCwjk4h351ZXTq+tvRiUZEgvI/UvoyegpAT44cwaiuQQDfafBcd9r8xErGDHDhO
8+kWTb01yDuDPSIjXKoZ8bXUpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD6p8diQ
3X6XYOld5GbvmZWyidXcMB8GA1UdIwQYMBaAFEEj6QDmouyP6bXXA7eSgO8hQHyB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0IyRS8wRjU1QzY5NkQ2
N0QxMUVEODZEMzM3NTBDNEY5QUUwMi9RU1BwQU9haTdJX3B0ZGNEdDVLQTd5RkFm
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FTUHBBT2FpN0lfcHRkY0R0NUtBN3lGQWZJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
M0IyRS8wRjU1QzY5NkQ2N0QxMUVEODZEMzM3NTBDNEY5QUUwMi9RU1BwQU9haTdJ
X3B0ZGNEdDVLQTd5RkFmSUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAPqdYcwKv+qoatjiFu2xObbxg/BlBh/ROsvuiNAx90DXJURWblonrG
envByZ4FRqumzGB8ycBblx1SjqmulWPX1R4yycxybyiG3u4d9+usBBlYLGIbrHLu
QO+A17C1rhfyuLR9cVuies1FtHM/h2yAdDUQ4YF84LeeiNANe0nX5mbbbT0PUyh8
jFE7oumkiBCYSidNDh5A8+X/mBEKEOjKiloWPgz+aWMtNTbWqWxy+EvVwsZpsU2X
L/Q4bby0Mv91TRaj+C/K3tF+EJHBjXsa6y9s6WZefDmPywXPsnjqNoFr2fCUUzjC
MIXGtBG41d5y2vQtg3KtovKw+Pjd6DRV
-----END CERTIFICATE-----