Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAF20/65A9A242F5C411E68AAA0085C4F9AE02/D429p9DJoeyhlFxhtykg9aoOlGc.mft
File:                     D429p9DJoeyhlFxhtykg9aoOlGc.mft (raw, json)
Hash identifier:          L8p0agXysv39jfijHAhAw22LsWX5tEB1fOPBZ7Kii3k=
Subject key identifier:   DA:25:98:CD:1A:B1:66:CF:D8:0E:09:E6:D3:89:2B:CA:69:77:93:72
Authority key identifier: 0F:8D:BD:A7:D0:C9:A1:EC:A1:94:5C:61:B7:29:20:F5:AA:0E:94:67
Certificate issuer:       /CN=A91FAF20/serialNumber=0F8DBDA7D0C9A1ECA1945C61B72920F5AA0E9467
Certificate serial:       1BAC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D429p9DJoeyhlFxhtykg9aoOlGc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FAF20/65A9A242F5C411E68AAA0085C4F9AE02/D429p9DJoeyhlFxhtykg9aoOlGc.mft
Manifest number:          1B9D
Signing time:             Fri 31 Jan 2025 16:15:26 +0000
Manifest this update:     Fri 31 Jan 2025 16:15:25 +0000
Manifest next update:     Fri 07 Feb 2025 16:15:25 +0000
Files and hashes:         1: D429p9DJoeyhlFxhtykg9aoOlGc.crl (hash: fQQFr4LtjPkavxpMNXsV7jn/oByjlUyhpUVMx53rLTk=)
                          2: D59EA6F4F5C611E6A4FFEF0AC4F9AE02.roa (hash: hRTHvov5kcr4ci8mlf/+s2ablUrnizRu5Hp+fPVJPyU=)
                          3: C3ACDB568E9311E9AA8A2877C4F9AE02.roa (hash: e+nnHqsSXjcst0jgKsFSCtqmvZobXZzEGEA8nesrhMk=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7084 (0x1bac)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FAF20/serialNumber=0F8DBDA7D0C9A1ECA1945C61B72920F5AA0E9467
        Validity
            Not Before: Jan 31 16:15:25 2025 GMT
            Not After : Feb  7 16:15:25 2025 GMT
        Subject: CN=679cf71d-6bd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:a8:eb:1d:b7:bd:0f:69:f0:73:ae:dc:98:37:
                    3c:2f:27:f9:24:be:0f:33:b2:53:ed:97:a3:58:a3:
                    d6:e2:27:3e:7b:3c:83:74:bd:87:12:36:7a:5b:59:
                    40:08:04:ca:f0:61:d0:74:8a:ed:e9:71:cd:34:1b:
                    59:a7:11:ab:32:04:79:39:9d:01:ba:9a:ac:5d:f3:
                    09:71:6b:16:83:c9:39:c2:94:2b:e8:52:26:bb:ec:
                    44:35:ab:68:e7:d5:42:9e:7a:d7:3c:5f:25:47:e9:
                    dd:c2:89:d4:23:bf:0e:50:e0:0b:f9:e0:97:a8:a5:
                    17:f5:08:47:35:d7:48:5f:e0:97:e0:a4:27:d9:f2:
                    3b:d1:05:9b:19:53:f6:9b:28:f7:b3:5c:0f:7b:7e:
                    a9:fd:81:df:01:95:17:cd:ad:ed:df:4a:7a:68:fb:
                    67:1a:f7:a4:7a:58:89:f0:bf:91:58:5a:12:de:f3:
                    76:95:a2:8b:c5:91:91:a8:7e:88:08:f4:2c:a8:f1:
                    6b:87:5c:72:27:61:8c:37:3e:76:f3:13:8e:fe:f5:
                    9f:c0:04:61:7c:57:cd:39:53:e0:dd:b1:b8:95:c5:
                    0e:0e:df:e0:0a:d9:2b:89:3b:82:d4:70:98:c4:f2:
                    e9:f3:0a:5f:1d:dc:0f:c9:24:0e:5d:ae:71:73:60:
                    6e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:25:98:CD:1A:B1:66:CF:D8:0E:09:E6:D3:89:2B:CA:69:77:93:72
            X509v3 Authority Key Identifier:
                keyid:0F:8D:BD:A7:D0:C9:A1:EC:A1:94:5C:61:B7:29:20:F5:AA:0E:94:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FAF20/65A9A242F5C411E68AAA0085C4F9AE02/D429p9DJoeyhlFxhtykg9aoOlGc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D429p9DJoeyhlFxhtykg9aoOlGc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAF20/65A9A242F5C411E68AAA0085C4F9AE02/D429p9DJoeyhlFxhtykg9aoOlGc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:e0:72:fb:64:d2:82:ee:14:15:13:d0:f9:6e:10:41:dd:1d:
         9d:a4:6f:38:4b:fe:72:89:57:22:36:27:5e:86:32:b5:6d:53:
         9b:e6:6d:78:05:f4:da:ee:e0:fe:1f:a2:1b:30:41:87:d9:79:
         3b:0d:d2:0c:f0:cc:06:c5:4a:bc:85:c8:19:e4:76:bd:dd:ea:
         fd:42:81:74:30:f5:25:76:0a:8d:18:22:d7:bc:77:f6:53:0e:
         93:08:be:25:e5:0d:c6:8e:63:7e:35:34:48:08:bc:20:82:0e:
         ba:29:dd:d0:8e:79:95:f4:31:8b:a3:48:3b:dd:24:43:fd:3e:
         8d:0a:13:1b:de:0e:60:cf:f5:87:79:7f:9f:fd:83:fb:cd:a7:
         39:01:34:13:ba:a3:30:09:99:4b:09:9f:ef:36:70:7a:ee:48:
         f9:e3:61:76:40:e4:f7:77:6b:2d:43:5d:86:10:c6:83:d3:7b:
         87:c8:b7:98:72:fd:09:4c:a9:18:9f:de:45:dc:fe:b6:42:d5:
         0c:83:06:e7:55:30:d3:23:f9:61:71:38:ec:04:3f:72:6f:8d:
         cb:46:a6:74:7b:c3:d3:c1:b4:4a:32:55:bb:57:9f:ee:5e:1d:
         e6:28:19:42:01:d2:6d:49:68:49:62:52:d4:2a:44:28:04:a8:
         31:a3:27:1d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICG6wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkFGMjAxMTAvBgNVBAUTKDBGOERCREE3RDBDOUExRUNBMTk0NUM2MUI3MjkyMEY1
QUEwRTk0NjcwHhcNMjUwMTMxMTYxNTI1WhcNMjUwMjA3MTYxNTI1WjAYMRYwFAYD
VQQDEw02NzljZjcxZC02YmQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA46jrHbe9D2nwc67cmDc8Lyf5JL4PM7JT7ZejWKPW4ic+ezyDdL2HEjZ6W1lA
CATK8GHQdIrt6XHNNBtZpxGrMgR5OZ0BupqsXfMJcWsWg8k5wpQr6FImu+xENato
59VCnnrXPF8lR+ndwonUI78OUOAL+eCXqKUX9QhHNddIX+CX4KQn2fI70QWbGVP2
myj3s1wPe36p/YHfAZUXza3t30p6aPtnGvekeliJ8L+RWFoS3vN2laKLxZGRqH6I
CPQsqPFrh1xyJ2GMNz528xOO/vWfwARhfFfNOVPg3bG4lcUODt/gCtkriTuC1HCY
xPLp8wpfHdwPySQOXa5xc2BuNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNolmM0a
sWbP2A4J5tOJK8ppd5NyMB8GA1UdIwQYMBaAFA+NvafQyaHsoZRcYbcpIPWqDpRn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUYyMC82NUE5QTI0MkY1
QzQxMUU2OEFBQTAwODVDNEY5QUUwMi9ENDI5cDlESm9leWhsRnhodHlrZzlhb09s
R2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Q0MjlwOURKb2V5aGxGeGh0eWtnOWFvT2xHYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QUYyMC82NUE5QTI0MkY1QzQxMUU2OEFBQTAwODVDNEY5QUUwMi9ENDI5cDlESm9l
eWhsRnhodHlrZzlhb09sR2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAM4HL7ZNKC7hQVE9D5bhBB3R2dpG84S/5yiVciNidehjK1bVOb5m14
BfTa7uD+H6IbMEGH2Xk7DdIM8MwGxUq8hcgZ5Ha93er9QoF0MPUldgqNGCLXvHf2
Uw6TCL4l5Q3GjmN+NTRICLwggg66Kd3QjnmV9DGLo0g73SRD/T6NChMb3g5gz/WH
eX+f/YP7zac5ATQTuqMwCZlLCZ/vNnB67kj542F2QOT3d2stQ12GEMaD03uHyLeY
cv0JTKkYn95F3P62QtUMgwbnVTDTI/lhcTjsBD9yb43LRqZ0e8PTwbRKMlW7V5/u
Xh3mKBlCAdJtSWhJYlLUKkQoBKgxoycd
-----END CERTIFICATE-----