Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft
File:                     QN1mK29ul7NNO3WoAH3lOI2SclM.mft (raw, json)
Hash identifier:          xDHIkV8OBZ63nwJ9llWIfPYAUnDq/L4/wn6Uc86UoKo=
Subject key identifier:   4C:E1:BF:61:24:9A:AC:5F:D7:D1:7D:9C:76:99:FB:24:71:6D:94:B7
Authority key identifier: 40:DD:66:2B:6F:6E:97:B3:4D:3B:75:A8:00:7D:E5:38:8D:92:72:53
Certificate issuer:       /CN=A911CF44/serialNumber=40DD662B6F6E97B34D3B75A8007DE5388D927253
Certificate serial:       062F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft
Manifest number:          0628
Signing time:             Fri 28 Mar 2025 22:56:57 +0000
Manifest this update:     Fri 28 Mar 2025 22:56:56 +0000
Manifest next update:     Fri 04 Apr 2025 22:56:56 +0000
Files and hashes:         1: QN1mK29ul7NNO3WoAH3lOI2SclM.crl (hash: Izc9WwMWDtv8iByswhfGo3FGa+D7zSrCpIcmfLdTaQ0=)
                          2: 85613B4E8C8411EBB68DD829C4F9AE02.roa (hash: 9fks3NvnHOVB0kb3Kc99MGLGUTLgUhxpBqtGNsXU3KQ=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1583 (0x62f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911CF44
        Validity
            Not Before: Mar 28 22:56:56 2025 GMT
            Not After : Apr  4 22:56:56 2025 GMT
        Subject: CN=67e72939-bf25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:46:f8:ec:0d:aa:b5:07:e4:d5:2f:61:5b:03:
                    98:bf:c6:e9:8f:56:f8:d5:80:81:8c:c8:1f:7d:a3:
                    37:3c:ba:66:98:25:6f:2e:49:8c:00:be:2a:24:e7:
                    8a:6d:f5:46:a9:42:b8:57:43:33:70:5f:45:d3:6d:
                    91:44:a3:59:80:d3:57:3c:c3:51:d4:22:2f:65:93:
                    7b:4f:f5:22:05:fc:3c:e1:8a:a6:0b:3b:bf:f6:ab:
                    31:b3:cf:7c:5e:d8:09:d4:a2:05:b6:1c:61:d5:78:
                    a2:50:d8:7a:3a:a5:71:62:e1:2c:0f:cc:2d:62:b6:
                    ef:03:9b:3e:a5:e7:50:ef:94:55:26:4f:ec:21:3b:
                    c0:f8:71:c8:a5:24:9b:a9:b0:94:16:a7:66:78:69:
                    3b:5b:a8:a9:bc:9a:de:76:78:d2:f9:5f:46:4b:b6:
                    84:9f:df:67:53:5f:c0:be:86:24:0c:08:41:b2:2c:
                    4a:e0:7b:fc:6d:06:b1:46:77:be:72:8c:69:11:cd:
                    e4:1c:ff:1c:f2:74:1d:7d:59:6f:03:da:a0:31:c2:
                    8b:1b:3e:79:26:fd:03:a1:c0:df:d9:54:8a:5d:6e:
                    21:da:dc:96:b4:8b:0e:a6:6c:08:52:66:ca:0c:42:
                    69:40:d9:9d:98:a9:3a:67:ce:70:5a:01:c1:4c:b9:
                    3f:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:E1:BF:61:24:9A:AC:5F:D7:D1:7D:9C:76:99:FB:24:71:6D:94:B7
            X509v3 Authority Key Identifier:
                keyid:40:DD:66:2B:6F:6E:97:B3:4D:3B:75:A8:00:7D:E5:38:8D:92:72:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QN1mK29ul7NNO3WoAH3lOI2SclM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CF44/6677BEB68C8311EB849E6129C4F9AE02/QN1mK29ul7NNO3WoAH3lOI2SclM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:99:88:b8:64:cc:ae:48:66:0a:c5:d9:a5:f8:1d:c6:78:ca:
         ba:01:97:1a:4a:3a:6d:2d:03:fa:d0:2f:a3:25:40:83:09:d8:
         58:9d:a1:f5:4a:48:4b:cf:a4:44:78:c6:61:0c:b4:ba:c2:ff:
         a6:e7:37:d6:d1:d9:5f:1c:d3:6e:af:75:ef:4d:a1:ec:1a:6f:
         d7:0a:07:b4:e2:d9:e6:2b:58:6d:3c:53:da:87:72:fb:00:de:
         ba:ac:6a:ff:fb:3a:41:d2:fe:cd:91:be:05:db:e5:da:38:35:
         4a:a4:2f:a2:a8:5e:52:61:34:20:36:79:d2:4c:4e:13:b9:3c:
         ac:9e:2a:ea:49:01:6d:af:00:92:9e:9e:f3:26:eb:cc:d2:b6:
         0c:88:ff:93:73:dc:db:f4:87:f0:e6:36:68:fd:ac:72:c9:92:
         c5:9d:3a:0b:88:31:62:41:a0:85:aa:b9:39:c7:07:cd:c4:f7:
         f1:c7:96:55:76:98:eb:05:98:b0:ca:14:88:29:e4:e8:dd:b6:
         85:ed:02:c3:91:85:ec:c1:1a:d2:c8:6c:d7:7d:7e:ba:21:bc:
         06:0f:1f:85:75:30:a6:22:36:c9:64:1a:0f:49:d9:d1:67:1c:
         1c:ee:89:73:a5:a8:e4:d8:9f:9e:03:40:92:d0:5a:0e:96:ba:
         4f:ea:4e:6a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBi8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNGNDQxMTAvBgNVBAUTKDQwREQ2NjJCNkY2RTk3QjM0RDNCNzVBODAwN0RFNTM4
OEQ5MjcyNTMwHhcNMjUwMzI4MjI1NjU2WhcNMjUwNDA0MjI1NjU2WjAYMRYwFAYD
VQQDEw02N2U3MjkzOS1iZjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApUb47A2qtQfk1S9hWwOYv8bpj1b41YCBjMgffaM3PLpmmCVvLkmMAL4qJOeK
bfVGqUK4V0MzcF9F022RRKNZgNNXPMNR1CIvZZN7T/UiBfw84YqmCzu/9qsxs898
XtgJ1KIFthxh1XiiUNh6OqVxYuEsD8wtYrbvA5s+pedQ75RVJk/sITvA+HHIpSSb
qbCUFqdmeGk7W6ipvJrednjS+V9GS7aEn99nU1/AvoYkDAhBsixK4Hv8bQaxRne+
coxpEc3kHP8c8nQdfVlvA9qgMcKLGz55Jv0DocDf2VSKXW4h2tyWtIsOpmwIUmbK
DEJpQNmdmKk6Z85wWgHBTLk/SQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEzhv2Ek
mqxf19F9nHaZ+yRxbZS3MB8GA1UdIwQYMBaAFEDdZitvbpezTTt1qAB95TiNknJT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0Y0NC82Njc3QkVCNjhD
ODMxMUVCODQ5RTYxMjlDNEY5QUUwMi9RTjFtSzI5dWw3Tk5PM1dvQUgzbE9JMlNj
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FOMW1LMjl1bDdOTk8zV29BSDNsT0kyU2NsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
Q0Y0NC82Njc3QkVCNjhDODMxMUVCODQ5RTYxMjlDNEY5QUUwMi9RTjFtSzI5dWw3
Tk5PM1dvQUgzbE9JMlNjbE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBcmYi4ZMyuSGYKxdml+B3GeMq6AZcaSjptLQP60C+jJUCDCdhYnaH1
SkhLz6REeMZhDLS6wv+m5zfW0dlfHNNur3XvTaHsGm/XCge04tnmK1htPFPah3L7
AN66rGr/+zpB0v7Nkb4F2+XaODVKpC+iqF5SYTQgNnnSTE4TuTysnirqSQFtrwCS
np7zJuvM0rYMiP+Tc9zb9Ifw5jZo/axyyZLFnToLiDFiQaCFqrk5xwfNxPfxx5ZV
dpjrBZiwyhSIKeTo3baF7QLDkYXswRrSyGzXfX66IbwGDx+FdTCmIjbJZBoPSdnR
Zxwc7olzpajk2J+eA0CS0FoOlrpP6k5q
-----END CERTIFICATE-----