Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft
File:                     3Bh_yEFs5bNHuvIho2E6O0eCjog.mft (raw, json)
Hash identifier:          VI/xdWyo9TifoqQ6s48EJkUocN9Hc3WRIfBRg+4BfkU=
Subject key identifier:   00:93:DC:74:51:11:C9:45:7B:F6:0D:16:F7:0A:B4:D7:A8:55:9B:7A
Authority key identifier: DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88
Certificate issuer:       /CN=A91717D1/serialNumber=DC187FC8416CE5B347BAF221A3613A3B47828E88
Certificate serial:       0EC5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft
Manifest number:          0EB9
Signing time:             Fri 28 Mar 2025 17:47:47 +0000
Manifest this update:     Fri 28 Mar 2025 17:47:46 +0000
Manifest next update:     Fri 04 Apr 2025 17:47:46 +0000
Files and hashes:         1: 3Bh_yEFs5bNHuvIho2E6O0eCjog.crl (hash: KbuZyihQQ222UZeHS4V00+VvKJx2HVwSZWvGmfom+ZM=)
                          2: 085B4576C35711EC9F5ADC3DC4F9AE02.roa (hash: 8mq0TUcgdgyOArIdFl1Mn7GOTMSpOYLbH39QuqlMzQM=)
                          3: 0963FDF0C35711EC9F5ADC3DC4F9AE02.roa (hash: ZC6B1slbJ+NBUR+XleTIQLrCjIWpOaVIltQbveTaTb8=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3781 (0xec5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91717D1
        Validity
            Not Before: Mar 28 17:47:46 2025 GMT
            Not After : Apr  4 17:47:46 2025 GMT
        Subject: CN=67e6e0c3-05c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d3:e7:dc:58:cc:3e:6c:92:3e:f2:f0:dd:19:
                    48:11:94:69:76:70:4f:e8:a5:71:48:b0:5d:a9:d0:
                    fb:68:d7:a2:1c:ce:ce:2b:38:be:e8:10:28:cc:64:
                    7e:2b:0a:16:bc:ab:1c:21:57:d5:c2:66:dc:52:b2:
                    74:5b:4f:45:bb:04:fa:df:10:5f:74:0c:f1:cd:a7:
                    2e:ad:c9:9e:cd:bf:e7:c2:b7:16:8c:da:0e:8c:4b:
                    ba:49:bc:0b:7c:ea:5e:6e:1c:9d:05:ba:3e:cd:32:
                    17:fd:d7:80:b8:5a:14:da:a9:09:52:c0:4a:0a:76:
                    8a:4e:23:21:3d:7c:fd:78:5b:ca:98:b0:52:4e:34:
                    5f:b3:2f:c7:ef:f5:f8:35:9b:97:e4:0c:fd:5d:21:
                    bb:cd:83:a7:86:07:26:45:8a:0b:29:ce:51:c5:85:
                    ee:21:29:be:dc:b7:e2:d7:8b:cd:08:a2:6a:39:f3:
                    c5:84:8e:41:5c:02:fa:56:b1:eb:7f:7c:cc:46:72:
                    92:6d:65:a4:60:9c:7c:ff:a3:41:91:30:9a:32:66:
                    e8:71:74:c2:17:92:2e:8d:1f:41:f0:7e:5f:79:34:
                    5e:db:ac:5e:8a:13:b5:06:46:eb:5f:49:ec:4b:0f:
                    47:3e:0e:4c:77:bc:fb:27:89:cb:c4:e4:a7:94:60:
                    32:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:93:DC:74:51:11:C9:45:7B:F6:0D:16:F7:0A:B4:D7:A8:55:9B:7A
            X509v3 Authority Key Identifier:
                keyid:DC:18:7F:C8:41:6C:E5:B3:47:BA:F2:21:A3:61:3A:3B:47:82:8E:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bh_yEFs5bNHuvIho2E6O0eCjog.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91717D1/9A9B48A282A311E99E582384C4F9AE02/3Bh_yEFs5bNHuvIho2E6O0eCjog.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:41:a9:84:bb:63:22:69:48:c3:4a:41:a3:30:cf:c4:b4:36:
         f0:e8:62:60:2d:93:1b:0e:9f:e1:41:e8:5b:68:c6:54:6c:83:
         93:3a:a8:17:e5:aa:95:e1:8f:bd:4e:ca:67:cf:f4:ec:51:50:
         3a:f1:65:40:ac:63:ab:6c:01:b0:1d:d6:20:c4:03:78:2d:9d:
         a2:91:07:8a:a1:0b:f3:a7:d4:04:1b:bc:96:ee:dd:c0:77:e8:
         b3:b2:b1:a8:5c:8d:d0:f8:05:4f:be:dd:6c:df:7c:b9:08:a5:
         8d:08:d7:63:f7:32:eb:67:d5:e8:9f:d5:3d:b9:db:db:0c:a7:
         a7:99:92:6a:b2:80:59:80:cc:70:b2:81:a4:bb:79:3d:a8:01:
         3e:0a:eb:b7:26:af:d8:ea:9c:dc:2b:12:43:bd:a5:29:2d:4f:
         7c:8d:32:4d:d9:97:43:db:37:69:9f:22:d4:1e:e5:69:a0:77:
         d6:75:4b:fb:56:7b:ad:97:37:db:95:09:74:bf:21:87:78:99:
         b7:95:a1:e9:68:ea:f0:fa:db:76:f6:45:2b:8d:62:37:1f:24:
         b1:59:81:f3:56:2f:e9:29:c1:17:67:eb:68:31:bd:a7:7e:33:
         d2:5b:46:17:d5:b7:3e:90:2c:46:b7:32:cb:6f:6b:0e:77:18:
         74:2f:af:cd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDsUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzE3RDExMTAvBgNVBAUTKERDMTg3RkM4NDE2Q0U1QjM0N0JBRjIyMUEzNjEzQTNC
NDc4MjhFODgwHhcNMjUwMzI4MTc0NzQ2WhcNMjUwNDA0MTc0NzQ2WjAYMRYwFAYD
VQQDEw02N2U2ZTBjMy0wNWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwNPn3FjMPmySPvLw3RlIEZRpdnBP6KVxSLBdqdD7aNeiHM7OKzi+6BAozGR+
KwoWvKscIVfVwmbcUrJ0W09FuwT63xBfdAzxzacurcmezb/nwrcWjNoOjEu6SbwL
fOpebhydBbo+zTIX/deAuFoU2qkJUsBKCnaKTiMhPXz9eFvKmLBSTjRfsy/H7/X4
NZuX5Az9XSG7zYOnhgcmRYoLKc5RxYXuISm+3Lfi14vNCKJqOfPFhI5BXAL6VrHr
f3zMRnKSbWWkYJx8/6NBkTCaMmbocXTCF5IujR9B8H5feTRe26xeihO1BkbrX0ns
Sw9HPg5Md7z7J4nLxOSnlGAyowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFACT3HRR
EclFe/YNFvcKtNeoVZt6MB8GA1UdIwQYMBaAFNwYf8hBbOWzR7ryIaNhOjtHgo6I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTdEMS85QTlCNDhBMjgy
QTMxMUU5OUU1ODIzODRDNEY5QUUwMi8zQmhfeUVGczViTkh1dklobzJFNk8wZUNq
b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNCaF95RUZzNWJOSHV2SWhvMkU2TzBlQ2pvZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MTdEMS85QTlCNDhBMjgyQTMxMUU5OUU1ODIzODRDNEY5QUUwMi8zQmhfeUVGczVi
Tkh1dklobzJFNk8wZUNqb2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCSQamEu2MiaUjDSkGjMM/EtDbw6GJgLZMbDp/hQehbaMZUbIOTOqgX
5aqV4Y+9Tspnz/TsUVA68WVArGOrbAGwHdYgxAN4LZ2ikQeKoQvzp9QEG7yW7t3A
d+izsrGoXI3Q+AVPvt1s33y5CKWNCNdj9zLrZ9Xon9U9udvbDKenmZJqsoBZgMxw
soGku3k9qAE+Cuu3Jq/Y6pzcKxJDvaUpLU98jTJN2ZdD2zdpnyLUHuVpoHfWdUv7
VnutlzfblQl0vyGHeJm3laHpaOrw+tt29kUrjWI3HySxWYHzVi/pKcEXZ+toMb2n
fjPSW0YX1bc+kCxGtzLLb2sOdxh0L6/N
-----END CERTIFICATE-----