Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft
File:                     Xtho2ocq-NaWpcGp-ngp9lJzynk.mft (raw, json)
Hash identifier:          U8o0LAzs+DlWdohFUyzv4ecAqqNWFwPhwVwakRNATVM=
Subject key identifier:   46:BA:B1:ED:9F:E7:FA:7C:5D:F2:37:76:62:82:FE:6D:3E:A1:60:AD
Authority key identifier: 5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79
Certificate issuer:       /CN=A9119B43/serialNumber=5ED868DA872AF8D696A5C1A9FA7829F65273CA79
Certificate serial:       0455
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft
Manifest number:          044D
Signing time:             Sat 29 Mar 2025 00:28:59 +0000
Manifest this update:     Sat 29 Mar 2025 00:28:58 +0000
Manifest next update:     Sat 05 Apr 2025 00:28:58 +0000
Files and hashes:         1: Xtho2ocq-NaWpcGp-ngp9lJzynk.crl (hash: c4di8HXdjFNxJZAYPLu1g/W5qnuMX7xCKotQhQHMEgM=)
                          2: 6C27C19E4BFA11ECA6797F6DC4F9AE02.roa (hash: 9zlcNMp71CcrKhJ6RcgbQ3pW8nUmE/ShM6R3qPGEpIM=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1109 (0x455)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9119B43
        Validity
            Not Before: Mar 29 00:28:58 2025 GMT
            Not After : Apr  5 00:28:58 2025 GMT
        Subject: CN=67e73eca-ca4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ee:ad:ac:6d:a4:d2:43:46:a6:61:09:7f:82:
                    68:be:8c:73:9e:7b:13:05:4f:ef:27:92:b4:01:31:
                    bd:9d:00:e6:a1:14:8d:c9:4a:1e:b7:30:a5:c6:05:
                    7d:e3:62:71:39:7e:26:70:8a:f3:5c:91:d2:53:5d:
                    ec:65:14:f2:2e:69:a8:01:d2:a3:00:1e:77:cf:0b:
                    12:87:67:dd:a9:88:40:5f:9f:d2:75:75:2e:68:18:
                    00:e2:31:7a:37:5a:4b:0a:47:da:15:14:14:38:85:
                    b9:78:3d:b4:10:31:53:d3:26:1d:f7:2a:9b:53:ea:
                    82:a0:89:4d:a4:08:73:6e:7b:86:37:b0:16:b7:93:
                    a1:a3:c5:48:63:b6:96:58:68:32:a1:88:5f:8c:14:
                    f1:0f:48:46:c2:17:e5:b3:44:4c:36:91:9b:c7:2d:
                    4d:95:68:26:2c:15:62:c2:13:bf:ba:52:f5:92:ba:
                    ae:84:8c:54:38:42:e6:fc:e7:90:37:bf:41:12:a6:
                    af:b6:2f:2d:d9:c3:86:4a:a3:6c:b4:69:04:d9:17:
                    bf:d0:53:c5:4e:8a:c9:a9:f4:66:45:e8:9d:62:b3:
                    fd:7a:04:2e:a7:d8:d2:63:c6:36:2f:67:59:82:0f:
                    26:46:43:6c:7b:bf:69:09:5e:9e:09:68:aa:7c:d4:
                    e8:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:BA:B1:ED:9F:E7:FA:7C:5D:F2:37:76:62:82:FE:6D:3E:A1:60:AD
            X509v3 Authority Key Identifier:
                keyid:5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:2b:b1:34:9a:a5:1f:81:0e:ca:03:34:ad:ac:b8:83:a5:8c:
         a7:51:07:20:76:db:a7:d3:a1:c6:f0:20:b3:5e:a1:2f:12:26:
         68:e6:2a:87:ad:3f:05:91:5b:87:18:38:2c:e8:70:46:2d:18:
         d7:ea:b9:30:cb:59:e6:5f:36:ff:a2:8f:9c:07:6f:ea:a4:f6:
         46:c0:7a:b6:5b:0c:4b:77:19:93:87:61:87:25:f2:37:15:c8:
         59:3a:36:34:1c:7d:f1:7c:e1:98:3a:3c:ba:ca:e7:b4:b3:b9:
         41:3e:97:de:d9:38:65:cc:1f:13:d6:c0:a4:41:ed:2a:ee:60:
         61:9c:a9:78:3f:0d:08:b0:f0:99:32:e5:b6:b5:2d:29:d8:fc:
         7e:de:8b:53:f7:61:a4:61:da:0a:6e:8d:0c:9b:c7:eb:07:31:
         7c:27:16:22:59:dd:8d:76:33:d6:db:a6:10:6b:6d:b3:c6:1c:
         82:c3:c4:ac:51:30:bb:4e:9a:25:e4:51:e9:87:90:34:b7:d7:
         6b:70:48:4e:d3:9e:f2:9c:18:6e:d6:f7:36:17:d1:c6:c8:cf:
         8a:67:1d:aa:73:eb:f0:92:35:25:e9:cc:87:d7:08:ee:0d:b0:
         50:9f:58:0d:7f:56:cb:3f:a9:c7:b4:28:8a:15:fb:a9:36:32:
         e1:89:90:5a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTlCNDMxMTAvBgNVBAUTKDVFRDg2OERBODcyQUY4RDY5NkE1QzFBOUZBNzgyOUY2
NTI3M0NBNzkwHhcNMjUwMzI5MDAyODU4WhcNMjUwNDA1MDAyODU4WjAYMRYwFAYD
VQQDEw02N2U3M2VjYS1jYTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu+6trG2k0kNGpmEJf4JovoxznnsTBU/vJ5K0ATG9nQDmoRSNyUoetzClxgV9
42JxOX4mcIrzXJHSU13sZRTyLmmoAdKjAB53zwsSh2fdqYhAX5/SdXUuaBgA4jF6
N1pLCkfaFRQUOIW5eD20EDFT0yYd9yqbU+qCoIlNpAhzbnuGN7AWt5Oho8VIY7aW
WGgyoYhfjBTxD0hGwhfls0RMNpGbxy1NlWgmLBViwhO/ulL1krquhIxUOELm/OeQ
N79BEqavti8t2cOGSqNstGkE2Re/0FPFTorJqfRmReidYrP9egQup9jSY8Y2L2dZ
gg8mRkNse79pCV6eCWiqfNToEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEa6se2f
5/p8XfI3dmKC/m0+oWCtMB8GA1UdIwQYMBaAFF7YaNqHKvjWlqXBqfp4KfZSc8p5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOUI0My9FNUI4Mzk4MjRC
M0ExMUVDOTkyRTgxNTBDNEY5QUUwMi9YdGhvMm9jcS1OYVdwY0dwLW5ncDlsSnp5
bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1h0aG8yb2NxLU5hV3BjR3AtbmdwOWxKenluay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
OUI0My9FNUI4Mzk4MjRCM0ExMUVDOTkyRTgxNTBDNEY5QUUwMi9YdGhvMm9jcS1O
YVdwY0dwLW5ncDlsSnp5bmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCwK7E0mqUfgQ7KAzStrLiDpYynUQcgdtun06HG8CCzXqEvEiZo5iqH
rT8FkVuHGDgs6HBGLRjX6rkwy1nmXzb/oo+cB2/qpPZGwHq2WwxLdxmTh2GHJfI3
FchZOjY0HH3xfOGYOjy6yue0s7lBPpfe2ThlzB8T1sCkQe0q7mBhnKl4Pw0IsPCZ
MuW2tS0p2Px+3otT92GkYdoKbo0Mm8frBzF8JxYiWd2NdjPW26YQa22zxhyCw8Ss
UTC7Tpol5FHph5A0t9drcEhO057ynBhu1vc2F9HGyM+KZx2qc+vwkjUl6cyH1wju
DbBQn1gNf1bLP6nHtCiKFfupNjLhiZBa
-----END CERTIFICATE-----