Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft
File:                     iCJHhVdMHyPKnEOe2PVTiPamjOI.mft (raw, json)
Hash identifier:          wFem7XeFg9tdskagmGfBZoBydEwrOOJXnPvuNcvZQDY=
Subject key identifier:   3D:85:C8:16:F9:DD:61:1D:8F:C7:FA:FE:7B:B4:67:F9:71:06:50:E3
Authority key identifier: 88:22:47:85:57:4C:1F:23:CA:9C:43:9E:D8:F5:53:88:F6:A6:8C:E2
Certificate issuer:       /CN=A91689B7/serialNumber=88224785574C1F23CA9C439ED8F55388F6A68CE2
Certificate serial:       01D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iCJHhVdMHyPKnEOe2PVTiPamjOI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft
Manifest number:          01CA
Signing time:             Sat 29 Mar 2025 02:31:02 +0000
Manifest this update:     Sat 29 Mar 2025 02:31:01 +0000
Manifest next update:     Sat 05 Apr 2025 02:31:01 +0000
Files and hashes:         1: iCJHhVdMHyPKnEOe2PVTiPamjOI.crl (hash: csLDCAYmqeIX0jNZGcNfMMuqhrG21SZDp+GDeCcbPTI=)
                          2: 2455276E39B311EEA6DFE66BC4F9AE02.roa (hash: i/snzsv5ugVK5M4wkOzh02txTFh9Vl9HyndyddhSqd8=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 464 (0x1d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91689B7
        Validity
            Not Before: Mar 29 02:31:01 2025 GMT
            Not After : Apr  5 02:31:01 2025 GMT
        Subject: CN=67e75b66-99d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:71:ce:78:9f:ad:dc:7b:c4:86:f4:80:7e:ff:
                    de:ff:9d:96:e1:e3:06:eb:07:fb:b9:2b:5a:ec:95:
                    ac:0f:a5:e6:12:35:6a:cc:fa:86:2f:f3:9a:3c:01:
                    10:f3:68:eb:2d:d5:13:13:5d:42:4b:1c:16:f0:6d:
                    30:90:31:12:94:e0:79:ae:ef:6a:17:4a:64:70:72:
                    b9:47:65:83:dd:5a:66:bb:7c:b5:d3:2c:f1:20:ed:
                    a6:da:60:c4:63:e6:eb:f6:a4:53:2a:56:6e:15:1c:
                    fe:e5:33:4f:0c:fc:d7:1e:82:5c:20:c9:82:fd:95:
                    c1:b8:26:fe:aa:80:4b:9b:c4:d5:29:63:73:d6:f1:
                    98:50:3c:0b:a5:95:77:a5:1c:45:4a:a3:c0:2e:db:
                    ff:d7:52:10:5a:42:e7:a2:2e:f4:5d:a9:c1:f9:0b:
                    c8:bb:6b:c7:9e:47:37:9c:97:e9:1d:c5:43:46:43:
                    99:f0:b4:05:c7:b6:1e:94:69:f5:b1:fb:ca:ef:df:
                    39:42:d7:fb:8d:b7:36:38:8a:cb:df:74:68:a9:06:
                    11:8c:d8:1c:ed:5e:1b:04:f2:10:57:bb:e8:61:9e:
                    24:8a:00:97:82:93:85:0d:a4:b7:e9:3c:cc:b4:40:
                    e5:d8:28:bb:d0:b4:07:49:16:53:f9:07:e3:c4:0d:
                    68:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:85:C8:16:F9:DD:61:1D:8F:C7:FA:FE:7B:B4:67:F9:71:06:50:E3
            X509v3 Authority Key Identifier:
                keyid:88:22:47:85:57:4C:1F:23:CA:9C:43:9E:D8:F5:53:88:F6:A6:8C:E2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iCJHhVdMHyPKnEOe2PVTiPamjOI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:2a:4e:6a:34:11:cf:d2:c9:ed:ac:f9:8f:af:b3:1c:8c:00:
         d4:ae:4f:72:c1:c6:5b:a7:fd:72:e1:77:50:00:07:58:04:97:
         32:e4:6f:32:9e:0a:7d:86:1d:59:54:b8:2a:9a:5f:03:cd:7a:
         4d:ad:66:62:6a:95:27:b4:b1:79:54:98:b3:51:a1:d6:d1:b8:
         de:f5:7d:28:db:77:6e:25:64:c2:e4:4e:5d:04:4a:c9:fc:b5:
         da:57:4e:d4:dc:f1:34:b0:56:76:cf:15:2a:89:07:91:e0:47:
         51:20:f5:10:36:22:b8:f1:8c:68:dd:ae:82:c7:2a:4c:97:91:
         f9:06:19:26:96:6b:b1:73:f2:be:fb:0d:a4:38:50:ec:ad:7e:
         54:e5:8e:10:9b:8e:8a:12:57:71:de:fa:93:3b:49:d2:7a:19:
         d2:6c:7f:ee:76:79:23:49:62:31:c1:f7:5a:83:ba:27:5b:31:
         b2:b5:d6:5e:ae:1f:4e:9c:61:ec:2d:2b:6f:bf:8e:78:ee:4d:
         aa:6f:70:9e:1b:99:d8:19:48:ae:1e:44:5a:fb:b5:a7:de:04:
         1b:25:1a:50:15:c7:20:e2:dd:2c:1b:f8:d7:d0:2f:21:72:d1:
         19:9f:35:34:17:0f:d6:c2:2e:ef:eb:04:74:d9:4c:90:89:85:
         2d:8e:4f:09
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njg5QjcxMTAvBgNVBAUTKDg4MjI0Nzg1NTc0QzFGMjNDQTlDNDM5RUQ4RjU1Mzg4
RjZBNjhDRTIwHhcNMjUwMzI5MDIzMTAxWhcNMjUwNDA1MDIzMTAxWjAYMRYwFAYD
VQQDEw02N2U3NWI2Ni05OWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvHHOeJ+t3HvEhvSAfv/e/52W4eMG6wf7uSta7JWsD6XmEjVqzPqGL/OaPAEQ
82jrLdUTE11CSxwW8G0wkDESlOB5ru9qF0pkcHK5R2WD3Vpmu3y10yzxIO2m2mDE
Y+br9qRTKlZuFRz+5TNPDPzXHoJcIMmC/ZXBuCb+qoBLm8TVKWNz1vGYUDwLpZV3
pRxFSqPALtv/11IQWkLnoi70XanB+QvIu2vHnkc3nJfpHcVDRkOZ8LQFx7YelGn1
sfvK7985Qtf7jbc2OIrL33RoqQYRjNgc7V4bBPIQV7voYZ4kigCXgpOFDaS36TzM
tEDl2Ci70LQHSRZT+QfjxA1oOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD2FyBb5
3WEdj8f6/nu0Z/lxBlDjMB8GA1UdIwQYMBaAFIgiR4VXTB8jypxDntj1U4j2pozi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODlCNy9CMUU1NEFCODU2
QTIxMUVEQjRBMUIyMjVDNEY5QUUwMi9pQ0pIaFZkTUh5UEtuRU9lMlBWVGlQYW1q
T0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lDSkhoVmRNSHlQS25FT2UyUFZUaVBhbWpPSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
ODlCNy9CMUU1NEFCODU2QTIxMUVEQjRBMUIyMjVDNEY5QUUwMi9pQ0pIaFZkTUh5
UEtuRU9lMlBWVGlQYW1qT0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAVKk5qNBHP0sntrPmPr7McjADUrk9ywcZbp/1y4XdQAAdYBJcy5G8y
ngp9hh1ZVLgqml8DzXpNrWZiapUntLF5VJizUaHW0bje9X0o23duJWTC5E5dBErJ
/LXaV07U3PE0sFZ2zxUqiQeR4EdRIPUQNiK48Yxo3a6CxypMl5H5Bhkmlmuxc/K+
+w2kOFDsrX5U5Y4Qm46KEldx3vqTO0nSehnSbH/udnkjSWIxwfdag7onWzGytdZe
rh9OnGHsLStvv4547k2qb3CeG5nYGUiuHkRa+7Wn3gQbJRpQFccg4t0sG/jX0C8h
ctEZnzU0Fw/Wwi7v6wR02UyQiYUtjk8J
-----END CERTIFICATE-----