Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.mft
File:                     lFmgev60b3mSRf7CNW08usm-2Ig.mft (raw, json)
Hash identifier:          UjfP+u7/yjzBpFKzg2Z20Q6ValT5t7GMVbVbQZB9WPY=
Subject key identifier:   9B:1E:F1:D9:B0:59:C5:81:20:D5:19:76:E4:D5:11:D0:6A:B9:73:34
Authority key identifier: 94:59:A0:7A:FE:B4:6F:79:92:45:FE:C2:35:6D:3C:BA:C9:BE:D8:88
Certificate issuer:       /CN=A912EE4D/serialNumber=9459A07AFEB46F799245FEC2356D3CBAC9BED888
Certificate serial:       0104
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFmgev60b3mSRf7CNW08usm-2Ig.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.mft
Manifest number:          0100
Signing time:             Sat 29 Mar 2025 04:32:39 +0000
Manifest this update:     Sat 29 Mar 2025 04:32:39 +0000
Manifest next update:     Sat 05 Apr 2025 04:32:39 +0000
Files and hashes:         1: lFmgev60b3mSRf7CNW08usm-2Ig.crl (hash: iKgICkN6ayId0rAYvTkKLvy0FCg66a3EYzdRTC1XZB4=)
                          2: 81A901FA8A0411EEA251F746C4F9AE02.roa (hash: JHvhSwDOyCbk05zvE3c35/2oeXE8ikJi+kxwUoPeaf4=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 260 (0x104)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912EE4D
        Validity
            Not Before: Mar 29 04:32:39 2025 GMT
            Not After : Apr  5 04:32:39 2025 GMT
        Subject: CN=67e777e7-bb87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:78:98:87:f3:0f:54:4a:0a:96:40:13:22:7f:
                    cc:26:04:c9:57:3b:42:39:6f:e0:26:76:4c:43:e2:
                    68:98:e7:7f:69:7c:64:c4:c7:43:2d:34:d2:8e:50:
                    8d:6e:04:71:fa:1e:62:0e:e1:3a:55:9e:3f:f5:f0:
                    47:45:bb:80:cc:ff:c0:34:47:6b:f4:25:93:e6:7e:
                    d2:94:81:f7:27:a5:c0:84:c4:31:a7:e8:77:5e:92:
                    ac:e8:d8:96:1f:7d:63:cc:c0:95:d0:3b:b5:2c:0e:
                    e1:81:a0:c3:13:8a:38:01:11:c8:37:66:aa:cd:a1:
                    4d:4c:f0:1b:15:41:72:5f:70:1c:be:a9:67:06:ad:
                    d4:25:cf:68:8c:97:dc:69:5c:d8:95:0a:3c:6c:9a:
                    c1:a3:f3:c0:cc:0a:5f:71:fe:b9:c0:4d:c4:41:f7:
                    2d:d0:91:38:6e:79:e5:d8:b2:c2:32:6f:45:fc:5f:
                    7b:d8:c4:2c:eb:1e:c8:50:af:cb:05:c7:b5:6f:0c:
                    7b:9a:76:31:5b:97:e6:5b:2b:0a:d2:2e:f8:45:4d:
                    41:4c:5c:39:b0:58:63:35:8d:87:27:81:45:b6:f1:
                    4f:69:e3:62:45:c0:9f:86:ef:85:38:c1:84:f1:52:
                    04:4c:69:62:bb:bf:a7:f0:b8:a4:73:66:49:63:6d:
                    72:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:1E:F1:D9:B0:59:C5:81:20:D5:19:76:E4:D5:11:D0:6A:B9:73:34
            X509v3 Authority Key Identifier:
                keyid:94:59:A0:7A:FE:B4:6F:79:92:45:FE:C2:35:6D:3C:BA:C9:BE:D8:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFmgev60b3mSRf7CNW08usm-2Ig.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912EE4D/523FDA808A0211EEB289032CC4F9AE02/lFmgev60b3mSRf7CNW08usm-2Ig.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:54:03:d4:3a:a4:bf:f2:fd:8c:77:0a:ab:4e:b7:4e:06:17:
         4c:04:8f:dd:9c:6b:f9:18:69:7e:01:5a:63:68:f0:a3:87:5b:
         4a:41:56:bb:87:69:d8:b7:17:cc:eb:ec:a1:54:58:7a:59:2c:
         4e:b3:d0:76:9b:10:23:20:93:22:2e:71:c5:0b:1f:8a:e0:12:
         c0:70:ee:d3:b5:8f:36:7b:c6:1e:9c:6d:42:28:6e:5b:f6:33:
         76:d2:51:5e:d6:27:6d:d6:34:e4:50:23:9e:1d:b7:0f:24:cc:
         25:5c:4a:61:bd:15:fb:df:1f:bf:27:ee:97:a9:99:cc:04:59:
         ff:3f:9f:07:d6:82:5d:75:6f:4b:cd:4c:ad:ef:23:c2:0c:4b:
         27:ee:5f:e5:ba:ae:3e:74:a3:8c:4f:9e:87:fc:fe:b9:43:1b:
         d8:73:c5:8b:3a:52:e1:7a:19:a7:de:6d:74:e9:e2:a2:28:ce:
         9e:58:7d:30:25:9f:63:db:9f:e7:bd:20:85:1b:fc:f4:5d:3c:
         81:29:e4:14:66:37:db:54:de:c3:40:6d:f9:8f:81:fa:ee:f0:
         d0:2c:9b:59:dc:4e:b3:c0:75:03:b6:08:87:be:dd:ff:e1:9b:
         51:cb:a6:9b:92:7d:5f:ec:d8:20:ba:58:4b:a7:81:ae:6e:a7:
         d0:d2:0b:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkVFNEQxMTAvBgNVBAUTKDk0NTlBMDdBRkVCNDZGNzk5MjQ1RkVDMjM1NkQzQ0JB
QzlCRUQ4ODgwHhcNMjUwMzI5MDQzMjM5WhcNMjUwNDA1MDQzMjM5WjAYMRYwFAYD
VQQDEw02N2U3NzdlNy1iYjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4niYh/MPVEoKlkATIn/MJgTJVztCOW/gJnZMQ+JomOd/aXxkxMdDLTTSjlCN
bgRx+h5iDuE6VZ4/9fBHRbuAzP/ANEdr9CWT5n7SlIH3J6XAhMQxp+h3XpKs6NiW
H31jzMCV0Du1LA7hgaDDE4o4ARHIN2aqzaFNTPAbFUFyX3AcvqlnBq3UJc9ojJfc
aVzYlQo8bJrBo/PAzApfcf65wE3EQfct0JE4bnnl2LLCMm9F/F972MQs6x7IUK/L
Bce1bwx7mnYxW5fmWysK0i74RU1BTFw5sFhjNY2HJ4FFtvFPaeNiRcCfhu+FOMGE
8VIETGliu7+n8Likc2ZJY21yowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJse8dmw
WcWBINUZduTVEdBquXM0MB8GA1UdIwQYMBaAFJRZoHr+tG95kkX+wjVtPLrJvtiI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRUU0RC81MjNGREE4MDhB
MDIxMUVFQjI4OTAzMkNDNEY5QUUwMi9sRm1nZXY2MGIzbVNSZjdDTlcwOHVzbS0y
SWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xGbWdldjYwYjNtU1JmN0NOVzA4dXNtLTJJZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RUU0RC81MjNGREE4MDhBMDIxMUVFQjI4OTAzMkNDNEY5QUUwMi9sRm1nZXY2MGIz
bVNSZjdDTlcwOHVzbS0ySWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQADVAPUOqS/8v2MdwqrTrdOBhdMBI/dnGv5GGl+AVpjaPCjh1tKQVa7
h2nYtxfM6+yhVFh6WSxOs9B2mxAjIJMiLnHFCx+K4BLAcO7TtY82e8YenG1CKG5b
9jN20lFe1idt1jTkUCOeHbcPJMwlXEphvRX73x+/J+6XqZnMBFn/P58H1oJddW9L
zUyt7yPCDEsn7l/luq4+dKOMT56H/P65QxvYc8WLOlLhehmn3m106eKiKM6eWH0w
JZ9j25/nvSCFG/z0XTyBKeQUZjfbVN7DQG35j4H67vDQLJtZ3E6zwHUDtgiHvt3/
4ZtRy6abkn1f7NggulhLp4GubqfQ0gvx
-----END CERTIFICATE-----