Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9123D28/4BDAEEDC28CE11EDB683396EC4F9AE02/LgbzCRrVjtBjP_mJsf0yl3PsOqc.mft
File:                     LgbzCRrVjtBjP_mJsf0yl3PsOqc.mft (raw, json)
Hash identifier:          U+ZPgNy+gss/vle7G3igm5HVU/7GIujo4bKpeUadoZI=
Subject key identifier:   0A:23:03:AC:0E:D2:6F:AD:F1:3A:E7:63:56:34:FA:09:53:F4:53:FB
Authority key identifier: 2E:06:F3:09:1A:D5:8E:D0:63:3F:F9:89:B1:FD:32:97:73:EC:3A:A7
Certificate issuer:       /CN=A9123D28/serialNumber=2E06F3091AD58ED0633FF989B1FD329773EC3AA7
Certificate serial:       0215
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LgbzCRrVjtBjP_mJsf0yl3PsOqc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9123D28/4BDAEEDC28CE11EDB683396EC4F9AE02/LgbzCRrVjtBjP_mJsf0yl3PsOqc.mft
Manifest number:          0212
Signing time:             Sat 29 Mar 2025 02:15:27 +0000
Manifest this update:     Sat 29 Mar 2025 02:15:26 +0000
Manifest next update:     Sat 05 Apr 2025 02:15:26 +0000
Files and hashes:         1: LgbzCRrVjtBjP_mJsf0yl3PsOqc.crl (hash: jwRMP9l3uS2N8EtDbBc0rnrZWEBoN+2LJy5pQyL0ono=)
                          2: 49CEB44A28D111EDB364C870C4F9AE02.roa (hash: JGGOwQFcpR3ELTy5wFGQ2CrG/qRvA17VfD8zk3vhn0c=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 533 (0x215)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9123D28
        Validity
            Not Before: Mar 29 02:15:26 2025 GMT
            Not After : Apr  5 02:15:26 2025 GMT
        Subject: CN=67e757be-ad4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:fa:20:0d:ad:5b:c4:b9:4a:23:5d:68:85:a6:
                    0e:86:ba:0f:8b:59:c2:96:e2:40:c5:5b:0d:6b:6c:
                    f1:c3:4a:92:1b:91:f0:73:cb:3a:31:b7:bc:ac:6e:
                    00:40:58:23:98:cb:cb:d1:5c:cc:f0:e5:f1:ee:5c:
                    52:7f:6d:cd:90:1c:45:c8:40:77:c2:1b:41:8c:2c:
                    35:76:97:b5:08:0a:0b:31:56:86:6e:dd:ec:e4:f7:
                    61:4d:a9:92:06:53:5c:5b:9a:38:5e:ba:fe:dd:82:
                    32:25:ed:22:8d:f7:fa:c8:7d:25:d3:c6:5f:5b:cc:
                    33:a3:67:0a:19:76:44:b5:a2:13:6b:31:ca:7a:f8:
                    d0:ca:40:2d:45:d0:07:27:13:b9:08:29:b8:15:1b:
                    88:c6:b6:b1:57:c3:d2:ae:fb:f3:75:a7:4a:d2:e8:
                    26:5b:f6:f7:a7:56:01:a4:c0:64:0d:e9:ad:c2:be:
                    93:87:5a:52:64:5e:51:5a:d4:5e:5b:f1:a6:96:51:
                    bb:d2:66:59:2d:42:59:f6:8a:89:57:16:d7:62:20:
                    a3:54:31:2f:aa:09:87:58:5e:ca:78:e8:d1:6f:8e:
                    8d:bc:a4:78:e4:88:35:02:5e:6c:f3:0a:73:5a:04:
                    c6:c3:eb:8e:8e:ea:39:03:39:20:6e:39:51:79:c0:
                    0b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:23:03:AC:0E:D2:6F:AD:F1:3A:E7:63:56:34:FA:09:53:F4:53:FB
            X509v3 Authority Key Identifier:
                keyid:2E:06:F3:09:1A:D5:8E:D0:63:3F:F9:89:B1:FD:32:97:73:EC:3A:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9123D28/4BDAEEDC28CE11EDB683396EC4F9AE02/LgbzCRrVjtBjP_mJsf0yl3PsOqc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LgbzCRrVjtBjP_mJsf0yl3PsOqc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123D28/4BDAEEDC28CE11EDB683396EC4F9AE02/LgbzCRrVjtBjP_mJsf0yl3PsOqc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:dd:5d:c2:21:e6:a2:ec:be:d6:04:82:50:c7:81:2f:06:b0:
         9a:34:d9:a8:92:98:d4:4d:59:35:18:fd:bf:87:da:55:56:00:
         b6:28:b8:7d:43:a6:75:0f:e4:48:17:19:8f:9e:ac:ee:b7:1d:
         19:7d:95:00:d1:60:e3:89:1f:d2:9e:b3:2f:41:77:49:4b:ed:
         3d:ca:1e:59:ad:01:21:74:18:61:81:69:b1:13:dd:18:b4:cd:
         01:1f:ca:39:69:ed:76:3b:ad:5c:ca:b8:09:c1:c5:5c:80:92:
         31:07:81:28:60:55:8c:db:05:6a:b7:0b:a8:f5:0d:1f:55:3b:
         04:7e:de:5c:57:b7:5e:e9:e2:72:49:db:89:a3:43:60:d6:d1:
         6e:ca:3f:cb:14:9a:c0:6f:66:4b:97:9b:58:66:f2:b1:89:63:
         e8:7b:cb:ba:1e:be:ca:a3:e9:85:37:c1:7e:83:95:e7:0d:36:
         6c:4b:ef:5f:9c:92:40:59:1d:1f:8d:09:94:64:6d:ea:1b:41:
         87:e1:7f:a0:cc:31:93:a2:36:7b:61:2b:07:5c:2b:65:49:20:
         66:ad:50:a9:45:0e:b4:2c:73:27:89:59:0c:f1:a7:b8:9d:5e:
         8c:bc:77:d3:11:b3:55:ed:79:9c:31:35:57:c5:3f:e1:1c:a4:
         4a:81:72:c0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAhUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNEMjgxMTAvBgNVBAUTKDJFMDZGMzA5MUFENThFRDA2MzNGRjk4OUIxRkQzMjk3
NzNFQzNBQTcwHhcNMjUwMzI5MDIxNTI2WhcNMjUwNDA1MDIxNTI2WjAYMRYwFAYD
VQQDEw02N2U3NTdiZS1hZDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1/ogDa1bxLlKI11ohaYOhroPi1nCluJAxVsNa2zxw0qSG5Hwc8s6Mbe8rG4A
QFgjmMvL0VzM8OXx7lxSf23NkBxFyEB3whtBjCw1dpe1CAoLMVaGbt3s5PdhTamS
BlNcW5o4Xrr+3YIyJe0ijff6yH0l08ZfW8wzo2cKGXZEtaITazHKevjQykAtRdAH
JxO5CCm4FRuIxraxV8PSrvvzdadK0ugmW/b3p1YBpMBkDemtwr6Th1pSZF5RWtRe
W/GmllG70mZZLUJZ9oqJVxbXYiCjVDEvqgmHWF7KeOjRb46NvKR45Ig1Al5s8wpz
WgTGw+uOjuo5AzkgbjlRecALWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAojA6wO
0m+t8TrnY1Y0+glT9FP7MB8GA1UdIwQYMBaAFC4G8wka1Y7QYz/5ibH9Mpdz7Dqn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0QyOC80QkRBRUVEQzI4
Q0UxMUVEQjY4MzM5NkVDNEY5QUUwMi9MZ2J6Q1JyVmp0QmpQX21Kc2YweWwzUHNP
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xnYnpDUnJWanRCalBfbUpzZjB5bDNQc09xYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
M0QyOC80QkRBRUVEQzI4Q0UxMUVEQjY4MzM5NkVDNEY5QUUwMi9MZ2J6Q1JyVmp0
QmpQX21Kc2YweWwzUHNPcWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAF3V3CIeai7L7WBIJQx4EvBrCaNNmokpjUTVk1GP2/h9pVVgC2KLh9
Q6Z1D+RIFxmPnqzutx0ZfZUA0WDjiR/SnrMvQXdJS+09yh5ZrQEhdBhhgWmxE90Y
tM0BH8o5ae12O61cyrgJwcVcgJIxB4EoYFWM2wVqtwuo9Q0fVTsEft5cV7de6eJy
SduJo0Ng1tFuyj/LFJrAb2ZLl5tYZvKxiWPoe8u6Hr7Ko+mFN8F+g5XnDTZsS+9f
nJJAWR0fjQmUZG3qG0GH4X+gzDGTojZ7YSsHXCtlSSBmrVCpRQ60LHMniVkM8ae4
nV6MvHfTEbNV7XmcMTVXxT/hHKRKgXLA
-----END CERTIFICATE-----