Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.mft
File:                     tw3qbHe56OzOWDkTKBnvkTc_xSc.mft (raw, json)
Hash identifier:          dip+bnutxvgjcqz41Tv4IBjG0+k3WsGeQtnEduc0jkg=
Subject key identifier:   89:E9:A6:8B:39:47:8E:54:5B:48:D4:D4:F2:C7:4C:BA:F2:A3:6A:BF
Authority key identifier: B7:0D:EA:6C:77:B9:E8:EC:CE:58:39:13:28:19:EF:91:37:3F:C5:27
Certificate issuer:       /CN=A914E2B2/serialNumber=B70DEA6C77B9E8ECCE5839132819EF91373FC527
Certificate serial:       AA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tw3qbHe56OzOWDkTKBnvkTc_xSc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.mft
Manifest number:          A8
Signing time:             Sat 29 Mar 2025 05:30:14 +0000
Manifest this update:     Sat 29 Mar 2025 05:30:14 +0000
Manifest next update:     Sat 05 Apr 2025 05:30:14 +0000
Files and hashes:         1: tw3qbHe56OzOWDkTKBnvkTc_xSc.crl (hash: NMasJdR6hDXZ7+XhL+jrw1QnUE9jKey5VySBVRnHs58=)
                          2: D6AEA2D20DE311EFA1E24F25C4F9AE02.roa (hash: 60v1AWfkB6F13z3L2Xfn7BvrHJoskGA1iG8Ca5+EvSE=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 170 (0xaa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914E2B2
        Validity
            Not Before: Mar 29 05:30:14 2025 GMT
            Not After : Apr  5 05:30:14 2025 GMT
        Subject: CN=67e78566-dca0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c9:65:6c:6f:ba:8e:e6:66:2c:7d:55:bf:57:
                    a1:15:de:65:04:df:27:60:c8:15:97:06:dc:25:c5:
                    ae:92:80:23:05:0d:fc:f7:71:4d:bc:5e:16:94:21:
                    4b:d0:3b:57:85:0a:72:fc:55:6b:14:dc:a5:e9:8d:
                    d8:cf:e6:be:4f:2e:62:10:68:4e:4a:f3:c2:bb:3b:
                    09:73:44:3a:a2:c1:25:42:d0:10:c6:bf:c7:f6:9a:
                    54:e8:fd:db:96:5c:cc:ca:1e:75:2a:46:6f:2e:1c:
                    ee:26:fc:b2:d2:fd:b0:ba:f0:4a:50:0c:31:4d:a5:
                    eb:f5:54:a3:15:ca:6b:bf:ba:be:59:8e:34:8f:9f:
                    1d:37:63:ff:c6:d0:7c:9d:2e:bb:3e:7c:e0:86:76:
                    fa:7e:81:bd:6d:e9:5c:68:80:e2:4a:75:f5:57:35:
                    5c:70:64:cb:76:fd:dc:d9:23:10:03:72:db:cc:34:
                    8a:f5:bd:e9:74:ca:1f:23:81:a0:9a:2c:67:0a:16:
                    36:6c:38:12:55:c3:f9:56:19:a6:9f:c4:0b:a8:f2:
                    d5:a1:03:54:bf:c0:13:f1:36:4e:12:00:d8:95:55:
                    f9:76:90:6f:26:16:44:5b:1c:3c:3d:ad:c0:49:88:
                    ee:bc:e4:ed:11:34:3e:91:d7:e8:79:97:66:52:17:
                    d2:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:E9:A6:8B:39:47:8E:54:5B:48:D4:D4:F2:C7:4C:BA:F2:A3:6A:BF
            X509v3 Authority Key Identifier:
                keyid:B7:0D:EA:6C:77:B9:E8:EC:CE:58:39:13:28:19:EF:91:37:3F:C5:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tw3qbHe56OzOWDkTKBnvkTc_xSc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E2B2/2B46EA580DE311EF803F6F0EC4F9AE02/tw3qbHe56OzOWDkTKBnvkTc_xSc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:c7:c0:82:f7:90:c9:30:1b:b6:13:80:42:3a:c7:6f:21:9c:
         9d:7a:5a:96:9d:cb:92:6b:92:d5:e8:b7:ed:43:19:9e:4f:8c:
         6a:fc:7a:c8:d9:a2:bc:ce:09:a6:51:5b:85:85:77:5b:4b:2f:
         7f:c4:11:33:01:a1:88:7d:7f:31:f9:23:74:d4:71:91:de:88:
         84:2a:90:f5:46:91:0b:46:43:62:a3:9b:11:98:74:2d:a1:c4:
         ae:e7:34:f2:52:1b:82:c2:9c:43:68:c5:08:e7:3e:73:99:7c:
         50:dc:4f:ec:bf:46:95:b0:0a:79:e6:8d:8e:0f:7f:43:9e:65:
         57:18:2d:02:03:6c:eb:83:31:c2:27:87:43:03:79:7c:31:d9:
         1b:e3:1a:52:7a:07:cf:a6:f4:55:f6:ae:b6:ad:6a:94:c7:1c:
         e5:9f:7a:5e:f8:ba:26:38:67:84:72:b8:46:7b:54:17:65:c6:
         88:5c:83:7c:ce:56:86:3d:65:d8:f1:0e:e3:4c:8c:0e:7a:2f:
         2d:ac:fa:aa:b8:49:47:62:d8:d6:1d:ed:e5:55:6c:e5:c2:03:
         6e:40:aa:3c:c6:f2:f7:f2:b1:44:b1:a3:aa:2c:a6:e6:91:53:
         2f:d1:c7:9a:2f:8d:64:f2:f8:9a:b7:e4:23:c9:b2:2b:d4:03:
         fa:b4:58:33
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEUyQjIxMTAvBgNVBAUTKEI3MERFQTZDNzdCOUU4RUNDRTU4MzkxMzI4MTlFRjkx
MzczRkM1MjcwHhcNMjUwMzI5MDUzMDE0WhcNMjUwNDA1MDUzMDE0WjAYMRYwFAYD
VQQDEw02N2U3ODU2Ni1kY2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr8llbG+6juZmLH1Vv1ehFd5lBN8nYMgVlwbcJcWukoAjBQ3893FNvF4WlCFL
0DtXhQpy/FVrFNyl6Y3Yz+a+Ty5iEGhOSvPCuzsJc0Q6osElQtAQxr/H9ppU6P3b
llzMyh51KkZvLhzuJvyy0v2wuvBKUAwxTaXr9VSjFcprv7q+WY40j58dN2P/xtB8
nS67Pnzghnb6foG9belcaIDiSnX1VzVccGTLdv3c2SMQA3LbzDSK9b3pdMofI4Gg
mixnChY2bDgSVcP5Vhmmn8QLqPLVoQNUv8AT8TZOEgDYlVX5dpBvJhZEWxw8Pa3A
SYjuvOTtETQ+kdfoeZdmUhfSZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFInppos5
R45UW0jU1PLHTLryo2q/MB8GA1UdIwQYMBaAFLcN6mx3uejszlg5EygZ75E3P8Un
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTJCMi8yQjQ2RUE1ODBE
RTMxMUVGODAzRjZGMEVDNEY5QUUwMi90dzNxYkhlNTZPek9XRGtUS0JudmtUY194
U2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3R3M3FiSGU1Nk96T1dEa1RLQm52a1RjX3hTYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RTJCMi8yQjQ2RUE1ODBERTMxMUVGODAzRjZGMEVDNEY5QUUwMi90dzNxYkhlNTZP
ek9XRGtUS0JudmtUY194U2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAFx8CC95DJMBu2E4BCOsdvIZydelqWncuSa5LV6LftQxmeT4xq/HrI
2aK8zgmmUVuFhXdbSy9/xBEzAaGIfX8x+SN01HGR3oiEKpD1RpELRkNio5sRmHQt
ocSu5zTyUhuCwpxDaMUI5z5zmXxQ3E/sv0aVsAp55o2OD39DnmVXGC0CA2zrgzHC
J4dDA3l8Mdkb4xpSegfPpvRV9q62rWqUxxzln3pe+LomOGeEcrhGe1QXZcaIXIN8
zlaGPWXY8Q7jTIwOei8trPqquElHYtjWHe3lVWzlwgNuQKo8xvL38rFEsaOqLKbm
kVMv0ceaL41k8viat+QjybIr1AP6tFgz
-----END CERTIFICATE-----