Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft
File:                     kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft (raw, json)
Hash identifier:          UVOgQdoGfAOjd8UR209/z9wzB95H2nfAWrLwLxgmnTE=
Subject key identifier:   EC:3C:0E:56:82:EF:C0:6B:F3:36:DB:4D:4D:7B:EB:56:33:A3:DD:AB
Authority key identifier: 91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14
Certificate issuer:       /CN=A91478C3/serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114
Certificate serial:       0E3A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft
Manifest number:          0E32
Signing time:             Fri 28 Mar 2025 17:52:17 +0000
Manifest this update:     Fri 28 Mar 2025 17:52:17 +0000
Manifest next update:     Fri 04 Apr 2025 17:52:17 +0000
Files and hashes:         1: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl (hash: lfyKaezCCDOE6BlNp72ByraIGO3en77Jgt9P99H7LzE=)
                          2: 36477FF69D2E11E99A95DC2AC4F9AE02.roa (hash: ZyYqi6bXWhaxHbfmn8t7NJwcl5ydCuydY4LMtE+EeW4=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3642 (0xe3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91478C3
        Validity
            Not Before: Mar 28 17:52:17 2025 GMT
            Not After : Apr  4 17:52:17 2025 GMT
        Subject: CN=67e6e1d1-5f60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:31:d9:dd:66:02:50:da:85:4b:e6:2f:b4:df:
                    8f:db:1f:34:40:93:34:00:47:fd:60:79:f4:f7:9a:
                    ce:6b:98:dd:cd:bd:10:f8:b8:6f:ee:23:28:f0:f0:
                    9c:5d:ab:91:4f:7d:7b:09:8f:37:a9:e5:13:89:09:
                    6a:3d:4c:45:1b:1a:02:fb:31:be:cf:80:96:d8:4c:
                    77:de:5b:45:2e:a5:07:3a:5d:14:41:d9:5e:03:8f:
                    14:6b:57:f0:b1:58:7c:08:cb:da:87:33:dc:68:5b:
                    07:5e:31:aa:c9:95:72:11:36:17:43:65:8d:16:1a:
                    55:d6:38:dd:34:7b:4c:9f:28:3a:aa:c7:95:b1:39:
                    58:fd:37:59:bc:61:55:72:d6:e3:b2:42:5f:5c:76:
                    bb:57:09:fc:dd:70:fc:0b:88:2e:4b:b0:97:39:11:
                    66:90:db:be:87:2f:a0:cc:d7:d0:48:f4:c4:aa:be:
                    83:80:86:a3:ce:37:52:e1:72:67:99:a5:52:d4:42:
                    01:54:1b:2b:c5:c9:45:b9:ba:14:fd:24:eb:98:72:
                    5a:9d:8c:00:4c:46:ff:8b:ca:28:69:83:5e:9c:db:
                    5b:ce:1f:72:50:6e:5f:d4:b3:34:e8:86:2b:62:36:
                    44:0c:eb:a7:c3:4d:33:35:fa:7c:89:19:f2:a7:b4:
                    55:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:3C:0E:56:82:EF:C0:6B:F3:36:DB:4D:4D:7B:EB:56:33:A3:DD:AB
            X509v3 Authority Key Identifier:
                keyid:91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:e5:b6:05:ea:91:08:58:1d:4f:0c:b2:95:14:ac:24:83:23:
         b4:9a:75:95:a4:d1:96:25:6c:c0:1b:70:1e:7d:f5:9c:42:a2:
         17:d4:61:35:f5:df:a9:0a:75:71:b1:c4:97:92:4a:cf:b0:c3:
         fb:41:b6:18:14:8b:e9:96:db:a3:aa:70:ec:1a:05:86:eb:7f:
         1c:b6:f1:75:34:30:a7:95:eb:7b:ff:ce:2d:4c:1f:71:96:46:
         15:cc:c7:fd:b7:4c:fb:9c:a6:8a:c1:59:02:83:b4:97:3e:2b:
         91:fe:f2:6e:ef:00:1a:02:55:5e:7e:c3:5a:cf:55:90:47:f3:
         bc:42:b7:cb:21:78:ca:cc:6a:df:81:bc:86:a0:2f:97:c4:d7:
         57:b2:6f:0e:c0:86:f2:9f:95:8c:a4:e7:2c:d7:22:65:96:f0:
         d3:4b:a7:32:e8:7d:42:9d:5c:5a:6b:02:88:82:ed:90:05:73:
         0c:8e:50:14:bf:ff:8b:fd:3e:d9:38:fc:69:0d:35:89:ad:13:
         e4:39:ef:c8:78:fc:f5:79:12:00:11:ec:db:d3:e1:c7:bc:ce:
         b0:36:2e:c4:d4:31:50:67:14:1e:bb:b3:8c:7b:54:18:c8:e1:
         78:11:09:69:06:4b:7d:ba:66:9d:9c:ff:e4:a1:8b:35:ff:48:
         65:61:0f:7a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDjowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc4QzMxMTAvBgNVBAUTKDkxMkFCMzlGQzdCQkNCRUYxQ0YyNjdFOUQzRjcxOUM5
QTRGMEExMTQwHhcNMjUwMzI4MTc1MjE3WhcNMjUwNDA0MTc1MjE3WjAYMRYwFAYD
VQQDEw02N2U2ZTFkMS01ZjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsjHZ3WYCUNqFS+YvtN+P2x80QJM0AEf9YHn095rOa5jdzb0Q+Lhv7iMo8PCc
XauRT317CY83qeUTiQlqPUxFGxoC+zG+z4CW2Ex33ltFLqUHOl0UQdleA48Ua1fw
sVh8CMvahzPcaFsHXjGqyZVyETYXQ2WNFhpV1jjdNHtMnyg6qseVsTlY/TdZvGFV
ctbjskJfXHa7Vwn83XD8C4guS7CXORFmkNu+hy+gzNfQSPTEqr6DgIajzjdS4XJn
maVS1EIBVBsrxclFuboU/STrmHJanYwATEb/i8ooaYNenNtbzh9yUG5f1LM06IYr
YjZEDOunw00zNfp8iRnyp7RVgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOw8DlaC
78Br8zbbTU1761Yzo92rMB8GA1UdIwQYMBaAFJEqs5/Hu8vvHPJn6dP3Gcmk8KEU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhDMy9FM0Q5MTk0QzlE
MkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3ktOGM4bWZwMF9jWnlhVHdv
UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tTcXpuOGU3eS04YzhtZnAwX2NaeWFUd29SUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NzhDMy9FM0Q5MTk0QzlEMkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3kt
OGM4bWZwMF9jWnlhVHdvUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC35bYF6pEIWB1PDLKVFKwkgyO0mnWVpNGWJWzAG3AeffWcQqIX1GE1
9d+pCnVxscSXkkrPsMP7QbYYFIvpltujqnDsGgWG638ctvF1NDCnlet7/84tTB9x
lkYVzMf9t0z7nKaKwVkCg7SXPiuR/vJu7wAaAlVefsNaz1WQR/O8QrfLIXjKzGrf
gbyGoC+XxNdXsm8OwIbyn5WMpOcs1yJllvDTS6cy6H1CnVxaawKIgu2QBXMMjlAU
v/+L/T7ZOPxpDTWJrRPkOe/IePz1eRIAEezb0+HHvM6wNi7E1DFQZxQeu7OMe1QY
yOF4EQlpBkt9umadnP/koYs1/0hlYQ96
-----END CERTIFICATE-----