Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft
File:                     bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft (raw, json)
Hash identifier:          1OARRR5jT1Ren/7m7fXqXfR9mXMGqbygf4VMKvJVBS4=
Subject key identifier:   AE:FB:BB:FA:58:17:E8:E2:5C:C8:80:B8:E9:BE:22:D9:BE:A0:D3:57
Authority key identifier: 6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65
Certificate issuer:       /CN=A91240E6/serialNumber=6DCE52F9A228CBF6F30CD55D43384D1268487B65
Certificate serial:       25FB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft
Manifest number:          25E2
Signing time:             Fri 28 Mar 2025 15:47:47 +0000
Manifest this update:     Fri 28 Mar 2025 15:47:46 +0000
Manifest next update:     Fri 04 Apr 2025 15:47:46 +0000
Files and hashes:         1: bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl (hash: 4I5yaM+R26U+76ET7k9oPKzQCfgHw5QpzXNUHqcYJAA=)
                          2: 8A721F4EB10C11E5BB6B2A16C4F9AE02.roa (hash: mvyjt+3dRIE1/Krz/XL4fNVu3c2fcm82NTuO/MfHBcQ=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9723 (0x25fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91240E6
        Validity
            Not Before: Mar 28 15:47:46 2025 GMT
            Not After : Apr  4 15:47:46 2025 GMT
        Subject: CN=67e6c4a3-8815
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:1a:3a:b3:46:b2:28:58:9c:ac:07:a6:a2:36:
                    fc:4a:8f:3e:bd:a8:d7:2c:61:63:5c:fa:6a:08:ab:
                    cb:35:ec:c5:44:ba:61:42:1a:c9:53:ff:dc:6c:25:
                    01:8b:d8:d2:45:a1:f1:19:b0:81:d2:4d:9c:1d:7f:
                    bd:99:f8:ca:ec:ab:41:26:2b:d9:b6:13:2f:6f:20:
                    34:b5:a7:cb:9b:54:c2:b2:12:7b:ea:0e:2e:96:f7:
                    d9:62:4b:bd:7e:94:44:ea:53:52:dd:a8:8a:12:0d:
                    6c:98:88:d2:cf:c4:37:1b:aa:6a:bd:c4:e0:e5:2b:
                    82:b8:25:27:3e:5f:1d:23:ab:df:6e:ca:9f:8a:97:
                    4a:5f:2d:6e:c4:0b:ca:5b:54:96:95:59:9e:b8:82:
                    70:de:a9:ed:37:db:db:0f:8d:09:16:cc:d2:06:5e:
                    42:44:1a:ac:01:94:fe:88:12:14:ce:15:af:d4:dd:
                    7f:24:3f:c9:24:7b:ae:fd:d5:b3:3f:70:8c:59:90:
                    74:1d:d8:bb:64:21:0e:cc:e3:c8:e1:9b:a0:96:41:
                    51:92:67:b2:e9:df:3c:96:e2:8e:d2:2a:d9:76:80:
                    fb:80:dc:54:a2:5f:f0:ab:8c:ce:dc:bc:a4:fa:91:
                    3b:f4:19:5c:7c:57:c6:cf:38:94:ac:9f:e8:fc:66:
                    a9:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:FB:BB:FA:58:17:E8:E2:5C:C8:80:B8:E9:BE:22:D9:BE:A0:D3:57
            X509v3 Authority Key Identifier:
                keyid:6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:63:49:51:a1:cb:5e:ff:42:cc:5c:4b:35:2c:86:b7:47:2b:
         fa:7a:8e:61:71:3f:37:c6:9a:91:ad:0e:58:79:46:04:ac:7e:
         13:25:e1:5d:67:56:d0:38:84:57:93:db:36:41:bf:9e:8f:39:
         fc:bd:d3:b7:22:2c:e3:e4:14:53:f3:87:e7:10:34:59:5f:63:
         4f:aa:95:26:8f:d1:62:48:5f:1f:8f:9c:5e:36:74:d4:3c:4b:
         96:ba:c4:67:74:d6:b7:93:a6:82:4e:f4:3b:c7:99:e4:79:94:
         cd:ac:85:25:0e:9c:58:1c:03:0b:18:06:22:a7:77:8e:c7:1a:
         5d:36:0d:e5:83:a9:c4:ee:1a:80:11:70:87:a2:ec:ad:9e:f5:
         35:bb:c4:c9:1a:5b:56:d2:61:f3:31:5c:ca:05:44:73:57:cb:
         d8:a3:46:1e:38:a8:8c:1f:b5:bb:7c:d3:5b:59:3b:d5:70:d9:
         8b:50:69:b6:65:24:9e:b3:72:d2:f8:ff:a8:77:a7:10:d9:c2:
         1c:7b:f3:f4:06:08:ce:34:53:91:f7:bf:00:d6:3b:6a:a4:99:
         4a:7b:fc:ed:4a:25:9d:15:90:89:34:a2:a6:76:4b:33:a9:c1:
         2c:a9:f0:40:e6:0f:4d:62:a3:90:83:21:87:ce:e4:62:af:94:
         fa:85:86:c4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICJfswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQwRTYxMTAvBgNVBAUTKDZEQ0U1MkY5QTIyOENCRjZGMzBDRDU1RDQzMzg0RDEy
Njg0ODdCNjUwHhcNMjUwMzI4MTU0NzQ2WhcNMjUwNDA0MTU0NzQ2WjAYMRYwFAYD
VQQDEw02N2U2YzRhMy04ODE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqxo6s0ayKFicrAemojb8So8+vajXLGFjXPpqCKvLNezFRLphQhrJU//cbCUB
i9jSRaHxGbCB0k2cHX+9mfjK7KtBJivZthMvbyA0tafLm1TCshJ76g4ulvfZYku9
fpRE6lNS3aiKEg1smIjSz8Q3G6pqvcTg5SuCuCUnPl8dI6vfbsqfipdKXy1uxAvK
W1SWlVmeuIJw3qntN9vbD40JFszSBl5CRBqsAZT+iBIUzhWv1N1/JD/JJHuu/dWz
P3CMWZB0Hdi7ZCEOzOPI4ZuglkFRkmey6d88luKO0irZdoD7gNxUol/wq4zO3Lyk
+pE79BlcfFfGzziUrJ/o/GapNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK77u/pY
F+jiXMiAuOm+Itm+oNNXMB8GA1UdIwQYMBaAFG3OUvmiKMv28wzVXUM4TRJoSHtl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDBFNi82NjA3NDJDOEZE
MjExMUU0ODhBQjBDMzRDNEY5QUUwMi9iYzVTLWFJb3lfYnpETlZkUXpoTkVtaEll
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JjNVMtYUlveV9iekROVmRRemhORW1oSWUyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
NDBFNi82NjA3NDJDOEZEMjExMUU0ODhBQjBDMzRDNEY5QUUwMi9iYzVTLWFJb3lf
YnpETlZkUXpoTkVtaEllMlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCWY0lRocte/0LMXEs1LIa3Ryv6eo5hcT83xpqRrQ5YeUYErH4TJeFd
Z1bQOIRXk9s2Qb+ejzn8vdO3Iizj5BRT84fnEDRZX2NPqpUmj9FiSF8fj5xeNnTU
PEuWusRndNa3k6aCTvQ7x5nkeZTNrIUlDpxYHAMLGAYip3eOxxpdNg3lg6nE7hqA
EXCHouytnvU1u8TJGltW0mHzMVzKBURzV8vYo0YeOKiMH7W7fNNbWTvVcNmLUGm2
ZSSes3LS+P+od6cQ2cIce/P0BgjONFOR978A1jtqpJlKe/ztSiWdFZCJNKKmdksz
qcEsqfBA5g9NYqOQgyGHzuRir5T6hYbE
-----END CERTIFICATE-----