Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/cIW1tFSazbW2wnBMhbp4h2D4iic.mft
File:                     cIW1tFSazbW2wnBMhbp4h2D4iic.mft (raw, json)
Hash identifier:          iCL1OGrK6bN0nbRux8PljEGM7PkvPLCDZEARcL2xcM8=
Subject key identifier:   78:A6:26:B1:56:5B:06:7F:21:EB:B9:95:43:9E:F4:C5:C0:79:3C:35
Authority key identifier: 70:85:B5:B4:54:9A:CD:B5:B6:C2:70:4C:85:BA:78:87:60:F8:8A:27
Certificate issuer:       /CN=A91722A3/serialNumber=7085B5B4549ACDB5B6C2704C85BA788760F88A27
Certificate serial:       0B64
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cIW1tFSazbW2wnBMhbp4h2D4iic.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/cIW1tFSazbW2wnBMhbp4h2D4iic.mft
Manifest number:          0B5D
Signing time:             Fri 28 Mar 2025 19:16:23 +0000
Manifest this update:     Fri 28 Mar 2025 19:16:23 +0000
Manifest next update:     Fri 04 Apr 2025 19:16:23 +0000
Files and hashes:         1: cIW1tFSazbW2wnBMhbp4h2D4iic.crl (hash: k8EumGiZiN5tJA2ZGLKF/qJHJEzJ3g8HRK48+9z/Dk4=)
                          2: 002DDDC22B9D11EA92F3094CC4F9AE02.roa (hash: RIHPif0x1JlxdJG6P0E7caIIVbjXsOlXYot9xZqPb2s=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2916 (0xb64)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91722A3
        Validity
            Not Before: Mar 28 19:16:23 2025 GMT
            Not After : Apr  4 19:16:23 2025 GMT
        Subject: CN=67e6f587-1a74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:17:03:2c:1c:37:e2:36:f1:97:a1:33:1c:20:
                    18:52:c6:00:5c:3a:cf:b9:b4:c2:63:75:de:43:8a:
                    44:d1:a7:6d:ad:71:eb:87:54:3b:03:e5:fc:a3:02:
                    b9:ed:83:15:53:cb:ea:fb:e8:c1:fa:2d:92:91:69:
                    53:60:41:85:cb:b4:72:2c:8b:8d:fe:56:f0:99:5d:
                    be:d3:7a:ca:cc:40:bb:4f:df:c2:07:66:44:ce:e2:
                    43:fc:45:3d:b2:c6:34:5b:75:37:9c:7a:03:f1:10:
                    8d:ab:82:b1:08:f6:78:57:49:e2:68:46:1a:c4:d2:
                    46:ec:3b:f0:3c:6b:03:87:7b:4c:9c:f9:15:bc:47:
                    a7:50:c3:f1:8e:8f:54:f6:12:0f:d1:4f:26:ab:49:
                    62:67:d4:81:1f:21:97:54:c7:ce:18:f1:cf:e4:70:
                    6a:05:2d:cd:43:0f:4d:ee:2f:45:58:34:09:02:e3:
                    ad:c0:dc:e8:89:11:6f:ea:c1:b3:f2:20:93:9b:3e:
                    ad:ba:c1:c3:e9:96:e2:ea:71:b4:ec:e1:cd:e6:c2:
                    08:55:e9:69:9f:80:38:4f:88:88:48:0e:7c:01:92:
                    d2:d6:38:be:0e:90:cc:66:d4:5b:ae:29:0d:f7:15:
                    bb:a0:d3:38:83:ce:0a:b7:5c:05:1f:ad:b7:cd:d3:
                    04:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:A6:26:B1:56:5B:06:7F:21:EB:B9:95:43:9E:F4:C5:C0:79:3C:35
            X509v3 Authority Key Identifier:
                keyid:70:85:B5:B4:54:9A:CD:B5:B6:C2:70:4C:85:BA:78:87:60:F8:8A:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/cIW1tFSazbW2wnBMhbp4h2D4iic.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cIW1tFSazbW2wnBMhbp4h2D4iic.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/cIW1tFSazbW2wnBMhbp4h2D4iic.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:39:83:99:5c:bb:57:71:3e:25:49:d1:6e:b9:8d:ce:c3:0f:
         74:a9:cf:26:33:08:af:42:fe:d7:1d:a8:2e:14:5c:48:ea:ba:
         59:ae:f1:63:bd:4c:fe:7a:4f:2f:dc:6f:c1:1c:e4:41:17:14:
         b1:cf:61:4f:4e:01:13:8e:71:3c:cd:4f:5f:57:6c:23:89:a8:
         7c:c9:2a:fb:71:70:6e:aa:18:40:b6:41:51:69:e1:98:49:a9:
         d9:d7:48:68:f9:02:0b:ce:e0:b0:d4:d1:2d:0b:fa:f4:1b:f7:
         23:99:c6:08:39:33:6d:26:8f:4a:d5:f8:7e:f4:56:10:b7:ac:
         30:6e:c2:9e:02:ba:37:11:2c:c2:69:91:e6:eb:07:a5:b6:25:
         bd:4f:b7:29:c4:e3:e8:ce:92:d1:f7:18:12:9f:36:21:d3:75:
         59:d0:27:12:66:a9:9a:aa:19:3e:65:03:5c:37:aa:72:8c:f0:
         18:5b:8e:99:2a:1c:e8:c1:98:8a:27:a0:2e:32:62:f8:0d:fc:
         2c:37:57:3e:5b:40:91:72:81:32:93:36:5c:ed:0d:0f:81:39:
         82:89:c2:37:f2:c3:9a:2a:64:e6:78:4a:7f:1a:bd:2b:37:99:
         e0:46:1d:b2:b0:cc:b8:75:b6:99:98:6c:ea:b4:0e:5e:ba:6b:
         5e:d7:d7:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICC2QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzIyQTMxMTAvBgNVBAUTKDcwODVCNUI0NTQ5QUNEQjVCNkMyNzA0Qzg1QkE3ODg3
NjBGODhBMjcwHhcNMjUwMzI4MTkxNjIzWhcNMjUwNDA0MTkxNjIzWjAYMRYwFAYD
VQQDEw02N2U2ZjU4Ny0xYTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3xcDLBw34jbxl6EzHCAYUsYAXDrPubTCY3XeQ4pE0adtrXHrh1Q7A+X8owK5
7YMVU8vq++jB+i2SkWlTYEGFy7RyLIuN/lbwmV2+03rKzEC7T9/CB2ZEzuJD/EU9
ssY0W3U3nHoD8RCNq4KxCPZ4V0niaEYaxNJG7DvwPGsDh3tMnPkVvEenUMPxjo9U
9hIP0U8mq0liZ9SBHyGXVMfOGPHP5HBqBS3NQw9N7i9FWDQJAuOtwNzoiRFv6sGz
8iCTmz6tusHD6Zbi6nG07OHN5sIIVelpn4A4T4iISA58AZLS1ji+DpDMZtRbrikN
9xW7oNM4g84Kt1wFH623zdMETwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHimJrFW
WwZ/Ieu5lUOe9MXAeTw1MB8GA1UdIwQYMBaAFHCFtbRUms21tsJwTIW6eIdg+Ion
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjJBMy9DMDJEODVERTJC
OUIxMUVBOTcyQ0RGNDZDNEY5QUUwMi9jSVcxdEZTYXpiVzJ3bkJNaGJwNGgyRDRp
aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NJVzF0RlNhemJXMnduQk1oYnA0aDJENGlpYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MjJBMy9DMDJEODVERTJCOUIxMUVBOTcyQ0RGNDZDNEY5QUUwMi9jSVcxdEZTYXpi
VzJ3bkJNaGJwNGgyRDRpaWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAEOYOZXLtXcT4lSdFuuY3Oww90qc8mMwivQv7XHaguFFxI6rpZrvFj
vUz+ek8v3G/BHORBFxSxz2FPTgETjnE8zU9fV2wjiah8ySr7cXBuqhhAtkFRaeGY
SanZ10ho+QILzuCw1NEtC/r0G/cjmcYIOTNtJo9K1fh+9FYQt6wwbsKeAro3ESzC
aZHm6weltiW9T7cpxOPozpLR9xgSnzYh03VZ0CcSZqmaqhk+ZQNcN6pyjPAYW46Z
KhzowZiKJ6AuMmL4DfwsN1c+W0CRcoEykzZc7Q0PgTmCicI38sOaKmTmeEp/Gr0r
N5ngRh2ysMy4dbaZmGzqtA5eumte19dw
-----END CERTIFICATE-----