Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft
File:                     Q2XRedW3PoqX7eBQXynvAMLWPvk.mft (raw, json)
Hash identifier:          3G5cZQqujb/t50+41F/q36huUUt9znrnnz+la3WeEWg=
Subject key identifier:   F3:67:9C:30:C0:82:F0:BF:07:7A:CB:08:3F:B0:8B:B3:D1:43:79:87
Authority key identifier: 43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9
Certificate issuer:       /CN=A9139555/serialNumber=4365D179D5B73E8A97EDE0505F29EF00C2D63EF9
Certificate serial:       0281
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft
Manifest number:          027A
Signing time:             Sat 29 Mar 2025 01:54:32 +0000
Manifest this update:     Sat 29 Mar 2025 01:54:31 +0000
Manifest next update:     Sat 05 Apr 2025 01:54:31 +0000
Files and hashes:         1: Q2XRedW3PoqX7eBQXynvAMLWPvk.crl (hash: zZ4BuYiciRoKjEgAoaRgleAn/ptNmfZo36r1l/zORIs=)
                          2: 3522CF4E168811EF8040817EC4F9AE02.roa (hash: bEx+57BQwSmXNBcGQeSfgjX5vb+zZEaNP/mDVmKg8PE=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 641 (0x281)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9139555
        Validity
            Not Before: Mar 29 01:54:31 2025 GMT
            Not After : Apr  5 01:54:31 2025 GMT
        Subject: CN=67e752d8-3cfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:86:ab:a6:ba:35:bd:d3:c8:de:0d:11:da:40:
                    1d:11:72:d0:0f:2c:3d:9c:32:1b:44:9f:9d:2c:0a:
                    3d:ec:34:9b:7f:93:28:4c:e0:a7:f2:f5:be:ff:53:
                    ec:06:b5:45:c8:80:01:67:02:93:7c:59:0b:e9:0f:
                    96:7a:45:5c:79:ac:56:05:fa:e7:84:56:80:fc:c4:
                    4b:66:5c:f1:5c:22:e2:a2:76:4a:29:f6:a3:ff:b6:
                    ab:08:20:66:7a:b1:6f:67:5f:ee:3b:13:a6:fb:39:
                    1c:cf:f2:9d:d3:bb:c7:62:a5:a4:c1:c6:b0:41:d3:
                    3b:1b:eb:53:19:a4:76:35:fe:4e:f5:7c:63:aa:c8:
                    e8:4f:27:de:9a:60:34:3e:cb:38:72:64:63:23:f0:
                    d7:80:0e:f8:95:b6:1b:4d:26:a3:bb:e3:91:28:9c:
                    c3:89:54:b7:07:6f:a2:1c:bd:c6:65:c3:8a:70:68:
                    d5:e5:51:bf:0c:f8:42:51:fb:ea:fd:00:99:56:13:
                    74:33:2c:4c:8b:0c:d1:c7:b8:82:dc:e2:0d:00:56:
                    60:c1:bf:a7:ca:7a:d2:5f:26:e3:bf:5b:d1:4e:99:
                    91:00:5b:75:f9:21:3a:fd:ea:62:27:a8:8c:42:db:
                    fc:12:ea:fb:0e:56:e9:ec:9a:bf:0b:75:98:d6:a6:
                    65:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:67:9C:30:C0:82:F0:BF:07:7A:CB:08:3F:B0:8B:B3:D1:43:79:87
            X509v3 Authority Key Identifier:
                keyid:43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:1f:b6:d3:c3:19:de:f8:6a:3a:4b:20:0f:e8:51:7a:49:63:
         15:a8:4f:5a:90:28:cf:e6:f6:d0:e5:78:fa:eb:b3:17:0b:e6:
         dc:9e:97:08:1a:4e:16:02:e9:25:9c:5b:9d:71:3a:f6:a0:85:
         82:eb:41:de:ea:eb:c5:0d:b9:b0:c5:cd:5f:7f:14:cf:09:14:
         c7:a8:0f:24:e8:e4:de:8e:b1:cf:f9:7b:29:32:6b:f2:47:37:
         35:fc:0c:ef:69:b2:40:4c:42:de:63:a6:fa:d8:4e:3d:39:84:
         c4:c4:88:e9:6c:a2:c1:ea:72:18:f3:2d:dc:86:65:70:ea:35:
         a3:47:34:84:6f:2a:5c:d4:e5:23:a2:11:63:c9:cb:e2:0a:87:
         34:39:bc:e8:e3:5b:5a:24:a2:ae:81:80:a9:3b:b7:9c:d2:68:
         54:de:df:83:1f:e2:ca:39:70:25:cb:00:65:04:02:90:25:a4:
         69:a7:ce:74:ef:ed:0d:90:89:98:42:82:4c:c3:2e:e9:59:97:
         b4:b1:30:da:ec:b4:f9:90:12:8b:fb:e5:38:65:39:69:db:69:
         02:80:d3:0b:6f:69:34:46:1b:37:64:85:5b:98:e7:c2:be:ff:
         33:c1:4b:b9:10:7f:0e:3d:54:22:59:fd:36:a9:ff:78:b4:e2:
         11:c9:d3:8b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAoEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzk1NTUxMTAvBgNVBAUTKDQzNjVEMTc5RDVCNzNFOEE5N0VERTA1MDVGMjlFRjAw
QzJENjNFRjkwHhcNMjUwMzI5MDE1NDMxWhcNMjUwNDA1MDE1NDMxWjAYMRYwFAYD
VQQDEw02N2U3NTJkOC0zY2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4Iarpro1vdPI3g0R2kAdEXLQDyw9nDIbRJ+dLAo97DSbf5MoTOCn8vW+/1Ps
BrVFyIABZwKTfFkL6Q+WekVceaxWBfrnhFaA/MRLZlzxXCLionZKKfaj/7arCCBm
erFvZ1/uOxOm+zkcz/Kd07vHYqWkwcawQdM7G+tTGaR2Nf5O9XxjqsjoTyfemmA0
Pss4cmRjI/DXgA74lbYbTSaju+ORKJzDiVS3B2+iHL3GZcOKcGjV5VG/DPhCUfvq
/QCZVhN0MyxMiwzRx7iC3OINAFZgwb+nynrSXybjv1vRTpmRAFt1+SE6/epiJ6iM
Qtv8Eur7Dlbp7Jq/C3WY1qZlZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPNnnDDA
gvC/B3rLCD+wi7PRQ3mHMB8GA1UdIwQYMBaAFENl0XnVtz6Kl+3gUF8p7wDC1j75
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTU1NS9EQzdEMTQ1QTAy
MkQxMUVEOUQ2NDZCNTdDNEY5QUUwMi9RMlhSZWRXM1BvcVg3ZUJRWHludkFNTFdQ
dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1EyWFJlZFczUG9xWDdlQlFYeW52QU1MV1B2ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
OTU1NS9EQzdEMTQ1QTAyMkQxMUVEOUQ2NDZCNTdDNEY5QUUwMi9RMlhSZWRXM1Bv
cVg3ZUJRWHludkFNTFdQdmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBkH7bTwxne+Go6SyAP6FF6SWMVqE9akCjP5vbQ5Xj667MXC+bcnpcI
Gk4WAuklnFudcTr2oIWC60He6uvFDbmwxc1ffxTPCRTHqA8k6OTejrHP+XspMmvy
Rzc1/AzvabJATELeY6b62E49OYTExIjpbKLB6nIY8y3chmVw6jWjRzSEbypc1OUj
ohFjycviCoc0Obzo41taJKKugYCpO7ec0mhU3t+DH+LKOXAlywBlBAKQJaRpp850
7+0NkImYQoJMwy7pWZe0sTDa7LT5kBKL++U4ZTlp22kCgNMLb2k0Rhs3ZIVbmOfC
vv8zwUu5EH8OPVQiWf02qf94tOIRydOL
-----END CERTIFICATE-----