Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9191E19/10C7F0AA140F11EF8A4A7016C4F9AE02/NyCB99vi7xGkQRvU5q-G8yaYyvo.mft
File:                     NyCB99vi7xGkQRvU5q-G8yaYyvo.mft (raw, json)
Hash identifier:          kvdPGGeCp8Aa/u8aTJfEUB5DdjBjewCq4udz8xRuQoc=
Subject key identifier:   EB:03:75:B1:B2:B0:9C:BF:D0:EC:A6:09:ED:13:47:16:98:B4:9D:C0
Authority key identifier: 37:20:81:F7:DB:E2:EF:11:A4:41:1B:D4:E6:AF:86:F3:26:98:CA:FA
Certificate issuer:       /CN=A9191E19/serialNumber=372081F7DBE2EF11A4411BD4E6AF86F32698CAFA
Certificate serial:       A5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NyCB99vi7xGkQRvU5q-G8yaYyvo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9191E19/10C7F0AA140F11EF8A4A7016C4F9AE02/NyCB99vi7xGkQRvU5q-G8yaYyvo.mft
Manifest number:          A4
Signing time:             Sat 29 Mar 2025 05:32:50 +0000
Manifest this update:     Sat 29 Mar 2025 05:32:50 +0000
Manifest next update:     Sat 05 Apr 2025 05:32:49 +0000
Files and hashes:         1: NyCB99vi7xGkQRvU5q-G8yaYyvo.crl (hash: w8G4cwrPdcBPV5RDDj1OvPPlxfuJpsZdPdetHRcxgDg=)
                          2: 680CA022140F11EF99D47F17C4F9AE02.roa (hash: 04UnpmnSMr4KxT7I14Z6Z4RlxSd1PflOoSJyZd1LDaY=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 165 (0xa5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9191E19
        Validity
            Not Before: Mar 29 05:32:50 2025 GMT
            Not After : Apr  5 05:32:49 2025 GMT
        Subject: CN=67e78602-278a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:91:74:c0:55:98:24:03:cf:26:d2:3f:f4:24:
                    7e:65:2d:05:dc:60:d4:e6:93:63:97:5e:f8:f7:54:
                    ce:9d:70:f1:53:97:58:7b:d3:19:59:e4:60:48:e9:
                    32:a3:f2:30:dc:2b:89:27:08:62:26:83:14:93:8d:
                    f8:c3:be:ce:01:d6:37:3b:22:1d:a9:7f:49:fd:7b:
                    ea:f5:96:e1:4a:19:cc:98:3c:68:36:b7:49:12:ab:
                    73:16:7d:bb:19:7b:50:d9:60:f6:33:fa:e8:db:aa:
                    e5:10:17:0a:94:ad:0b:31:71:8e:1a:f9:1d:67:01:
                    6e:3f:72:f4:8d:21:3d:6a:e9:b2:ef:0d:07:7a:36:
                    ca:31:85:d0:5e:71:a4:65:41:a7:52:8d:32:6b:ac:
                    89:a5:db:b9:c8:83:59:df:91:a1:59:22:c6:aa:1c:
                    df:45:7c:d8:f7:06:3b:78:3b:32:18:64:ed:ee:a4:
                    92:9f:bf:4c:4e:f9:e8:26:53:ad:d0:5b:91:fd:7b:
                    55:8f:12:3b:99:00:d2:75:c3:f3:e9:3d:db:e6:67:
                    2b:e2:bd:44:71:90:46:b4:b8:57:e7:21:89:df:fd:
                    c6:c5:9e:ad:ba:3d:ed:87:06:86:f9:48:d9:2d:44:
                    7a:32:7a:e2:8b:01:8e:f3:6d:2c:7a:81:ae:91:e4:
                    ed:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:03:75:B1:B2:B0:9C:BF:D0:EC:A6:09:ED:13:47:16:98:B4:9D:C0
            X509v3 Authority Key Identifier:
                keyid:37:20:81:F7:DB:E2:EF:11:A4:41:1B:D4:E6:AF:86:F3:26:98:CA:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9191E19/10C7F0AA140F11EF8A4A7016C4F9AE02/NyCB99vi7xGkQRvU5q-G8yaYyvo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NyCB99vi7xGkQRvU5q-G8yaYyvo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191E19/10C7F0AA140F11EF8A4A7016C4F9AE02/NyCB99vi7xGkQRvU5q-G8yaYyvo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:5c:3b:cd:bd:06:7b:38:ea:7a:63:d7:30:8b:e1:f4:5a:db:
         47:bb:57:43:79:f2:d7:ee:1e:e7:70:23:7c:81:23:0e:08:72:
         fb:aa:9e:23:e2:dd:b6:6a:5d:1c:7e:7d:0b:dd:15:dc:eb:6d:
         91:34:d0:79:7e:4a:b7:b1:f5:6b:c2:20:e0:8f:df:92:1f:94:
         3b:f1:5e:18:f7:e4:d8:73:05:44:9f:16:b7:a1:08:16:93:1d:
         a0:8c:0a:61:08:db:e3:21:5f:49:19:2e:7a:5f:4e:7b:a5:2f:
         81:10:80:2a:4f:d9:c9:11:d4:3b:54:a1:a3:f4:91:48:bd:10:
         1d:62:78:c2:85:ab:f6:f2:6b:92:4d:5e:4a:d3:17:83:5d:a4:
         ac:4e:db:24:70:34:63:bc:51:30:16:d9:02:09:20:80:5e:07:
         3a:09:f2:1c:ad:7d:17:02:e4:71:2a:4a:99:95:b2:6c:48:5d:
         4e:c7:e3:0a:62:29:fe:c7:d6:40:f9:75:6d:29:df:0d:80:c5:
         31:ff:d0:5b:3a:bc:f6:51:08:7f:9b:73:b7:76:49:a7:bb:04:
         7a:13:46:f8:07:fe:73:b7:7d:66:70:0a:4d:8b:0f:72:ad:9a:
         f9:c9:ec:38:ad:8e:db:b0:35:91:a6:5d:9b:ef:70:c7:c4:66:
         44:2e:5a:f8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTFFMTkxMTAvBgNVBAUTKDM3MjA4MUY3REJFMkVGMTFBNDQxMUJENEU2QUY4NkYz
MjY5OENBRkEwHhcNMjUwMzI5MDUzMjUwWhcNMjUwNDA1MDUzMjQ5WjAYMRYwFAYD
VQQDEw02N2U3ODYwMi0yNzhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1JF0wFWYJAPPJtI/9CR+ZS0F3GDU5pNjl17491TOnXDxU5dYe9MZWeRgSOky
o/Iw3CuJJwhiJoMUk434w77OAdY3OyIdqX9J/Xvq9ZbhShnMmDxoNrdJEqtzFn27
GXtQ2WD2M/ro26rlEBcKlK0LMXGOGvkdZwFuP3L0jSE9aumy7w0HejbKMYXQXnGk
ZUGnUo0ya6yJpdu5yINZ35GhWSLGqhzfRXzY9wY7eDsyGGTt7qSSn79MTvnoJlOt
0FuR/XtVjxI7mQDSdcPz6T3b5mcr4r1EcZBGtLhX5yGJ3/3GxZ6tuj3thwaG+UjZ
LUR6MnriiwGO820seoGukeTtKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOsDdbGy
sJy/0OymCe0TRxaYtJ3AMB8GA1UdIwQYMBaAFDcggffb4u8RpEEb1OavhvMmmMr6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MUUxOS8xMEM3RjBBQTE0
MEYxMUVGOEE0QTcwMTZDNEY5QUUwMi9OeUNCOTl2aTd4R2tRUnZVNXEtRzh5YVl5
dm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL055Q0I5OXZpN3hHa1FSdlU1cS1HOHlhWXl2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MUUxOS8xMEM3RjBBQTE0MEYxMUVGOEE0QTcwMTZDNEY5QUUwMi9OeUNCOTl2aTd4
R2tRUnZVNXEtRzh5YVl5dm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA/XDvNvQZ7OOp6Y9cwi+H0WttHu1dDefLX7h7ncCN8gSMOCHL7qp4j
4t22al0cfn0L3RXc622RNNB5fkq3sfVrwiDgj9+SH5Q78V4Y9+TYcwVEnxa3oQgW
kx2gjAphCNvjIV9JGS56X057pS+BEIAqT9nJEdQ7VKGj9JFIvRAdYnjChav28muS
TV5K0xeDXaSsTtskcDRjvFEwFtkCCSCAXgc6CfIcrX0XAuRxKkqZlbJsSF1Ox+MK
Yin+x9ZA+XVtKd8NgMUx/9BbOrz2UQh/m3O3dkmnuwR6E0b4B/5zt31mcApNiw9y
rZr5yew4rY7bsDWRpl2b73DHxGZELlr4
-----END CERTIFICATE-----