Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft
File:                     0NDWzWh3DDh4O764QbES0FYBdKI.mft (raw, json)
Hash identifier:          hEZ3bmNho8mYYecJ0aIJsLkx3lcguhYMxBBSy8j22s0=
Subject key identifier:   D2:83:53:B9:89:50:77:F3:27:27:6B:8F:B9:5B:B2:9B:7E:F5:38:EB
Authority key identifier: D0:D0:D6:CD:68:77:0C:38:78:3B:BE:B8:41:B1:12:D0:56:01:74:A2
Certificate issuer:       /CN=A91998BE/serialNumber=D0D0D6CD68770C38783BBEB841B112D0560174A2
Certificate serial:       086A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft
Manifest number:          0838
Signing time:             Fri 28 Mar 2025 21:06:23 +0000
Manifest this update:     Fri 28 Mar 2025 21:06:22 +0000
Manifest next update:     Fri 04 Apr 2025 21:06:22 +0000
Files and hashes:         1: 0NDWzWh3DDh4O764QbES0FYBdKI.crl (hash: Ii9CJTUBjWAgKL6KdkQfJIrXz8Fdn8vr+QQk1quj0Jk=)
                          2: 577FD5BE067C11ED882FC127C4F9AE02.roa (hash: FZgwTWzQksQtmk/Nfe/JqxwRHSDF1+BlazvC8MqkPtA=)
                          3: 4EF79184489411ED86987260C4F9AE02.roa (hash: a8Efs0GAW5Tg39h9an5o87GfSDA70jqZExOy2QFYQOc=)
                          4: 12FD08CAC88411ECAAB5BD09C4F9AE02.roa (hash: Rk9fezvR7MLf0U22xpSZ4jUyV+Jwv2bIeNDcvnRfGXA=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2154 (0x86a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91998BE
        Validity
            Not Before: Mar 28 21:06:22 2025 GMT
            Not After : Apr  4 21:06:22 2025 GMT
        Subject: CN=67e70f4f-2b04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:a9:93:cd:17:04:76:f9:f7:47:9d:63:3a:f2:
                    c8:3d:e3:e4:08:51:64:2b:cd:89:12:d1:f1:fa:fd:
                    87:bf:4e:d6:63:95:d8:11:35:a4:e7:88:2e:e5:e1:
                    03:e8:cf:56:d9:82:94:ca:1c:97:53:41:db:1c:f2:
                    9f:94:10:e7:b4:5e:39:7b:85:37:ba:3c:68:ec:41:
                    37:a7:e7:49:b1:9d:f6:76:d2:c4:dd:c4:00:92:e5:
                    b3:32:8b:17:e0:dc:02:99:6f:9c:97:62:e9:14:9d:
                    05:61:6a:97:53:65:86:42:01:6c:4b:d0:55:5d:06:
                    5d:f4:d2:2f:32:04:6a:62:93:bb:03:99:ce:04:06:
                    15:b7:37:f0:6a:62:04:25:ff:2c:a6:8a:5b:0b:5a:
                    89:aa:72:30:f9:ae:55:e7:ec:44:25:21:3a:9f:0e:
                    97:39:77:75:40:26:9a:08:5c:94:95:50:ba:b8:5e:
                    80:24:a3:69:e4:61:63:e5:5b:27:a9:a8:3d:d4:e9:
                    2b:10:10:99:76:cd:f4:24:2d:47:07:6c:a7:d9:f1:
                    d9:5f:41:28:67:c5:24:aa:ca:1b:a4:6b:c2:c2:41:
                    87:0b:0e:d3:b6:e7:24:6f:bb:7e:38:65:3b:5f:43:
                    e0:b9:e9:b4:df:3a:e5:61:e0:3a:d0:62:7d:d8:d2:
                    b6:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:83:53:B9:89:50:77:F3:27:27:6B:8F:B9:5B:B2:9B:7E:F5:38:EB
            X509v3 Authority Key Identifier:
                keyid:D0:D0:D6:CD:68:77:0C:38:78:3B:BE:B8:41:B1:12:D0:56:01:74:A2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NDWzWh3DDh4O764QbES0FYBdKI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91998BE/150E57C6CF4911EA9CC9353EC4F9AE02/0NDWzWh3DDh4O764QbES0FYBdKI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:35:75:61:63:82:51:6d:5a:e4:aa:62:84:7b:56:b4:28:0c:
         93:f7:f2:1e:f8:d2:31:7a:f5:df:86:c1:ea:d5:7c:bc:52:73:
         49:5b:d4:31:bc:1c:9e:60:8d:de:9b:1a:36:20:a9:c3:2f:ca:
         24:35:f8:cf:cd:ee:8b:4b:5a:97:31:e6:d6:fc:f4:ec:25:d8:
         25:04:a0:09:d0:83:0e:d1:d6:d1:fd:87:cf:79:aa:ad:6a:87:
         df:cf:81:97:09:92:47:02:8d:f4:1c:1b:2a:38:c7:6f:8e:ee:
         aa:79:91:27:db:f8:e4:d5:66:49:f4:da:31:07:c1:6d:f6:d6:
         f1:f0:34:1a:47:56:a9:39:71:0b:d4:63:c7:9c:bc:a2:b8:18:
         63:41:a5:b1:c9:e7:f6:6e:ba:e0:4c:f0:e8:c9:52:71:ee:c4:
         19:4e:f6:d3:14:d2:1a:21:e4:e6:57:90:03:c0:49:41:8f:42:
         1d:64:4a:c5:9d:78:a3:de:85:2f:7a:2a:8b:dd:85:5a:3a:77:
         c9:70:56:78:4f:67:b3:1d:e2:94:3d:69:05:fd:41:d8:e0:91:
         17:23:1b:31:7c:21:f2:b9:4a:fe:b1:cb:54:92:98:e5:85:db:
         24:37:7e:b1:bf:cf:78:05:b1:fd:18:c3:7e:12:de:f1:1a:71:
         11:f6:6f:e4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCGowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTk4QkUxMTAvBgNVBAUTKEQwRDBENkNENjg3NzBDMzg3ODNCQkVCODQxQjExMkQw
NTYwMTc0QTIwHhcNMjUwMzI4MjEwNjIyWhcNMjUwNDA0MjEwNjIyWjAYMRYwFAYD
VQQDEw02N2U3MGY0Zi0yYjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8amTzRcEdvn3R51jOvLIPePkCFFkK82JEtHx+v2Hv07WY5XYETWk54gu5eED
6M9W2YKUyhyXU0HbHPKflBDntF45e4U3ujxo7EE3p+dJsZ32dtLE3cQAkuWzMosX
4NwCmW+cl2LpFJ0FYWqXU2WGQgFsS9BVXQZd9NIvMgRqYpO7A5nOBAYVtzfwamIE
Jf8spopbC1qJqnIw+a5V5+xEJSE6nw6XOXd1QCaaCFyUlVC6uF6AJKNp5GFj5Vsn
qag91OkrEBCZds30JC1HB2yn2fHZX0EoZ8UkqsobpGvCwkGHCw7Ttuckb7t+OGU7
X0Pguem03zrlYeA60GJ92NK2wwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNKDU7mJ
UHfzJydrj7lbspt+9TjrMB8GA1UdIwQYMBaAFNDQ1s1odww4eDu+uEGxEtBWAXSi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OThCRS8xNTBFNTdDNkNG
NDkxMUVBOUNDOTM1M0VDNEY5QUUwMi8wTkRXeldoM0REaDRPNzY0UWJFUzBGWUJk
S0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBORFd6V2gzRERoNE83NjRRYkVTMEZZQmRLSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
OThCRS8xNTBFNTdDNkNGNDkxMUVBOUNDOTM1M0VDNEY5QUUwMi8wTkRXeldoM0RE
aDRPNzY0UWJFUzBGWUJkS0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCaNXVhY4JRbVrkqmKEe1a0KAyT9/Ie+NIxevXfhsHq1Xy8UnNJW9Qx
vByeYI3emxo2IKnDL8okNfjPze6LS1qXMebW/PTsJdglBKAJ0IMO0dbR/YfPeaqt
aoffz4GXCZJHAo30HBsqOMdvju6qeZEn2/jk1WZJ9NoxB8Ft9tbx8DQaR1apOXEL
1GPHnLyiuBhjQaWxyef2brrgTPDoyVJx7sQZTvbTFNIaIeTmV5ADwElBj0IdZErF
nXij3oUveiqL3YVaOnfJcFZ4T2ezHeKUPWkF/UHY4JEXIxsxfCHyuUr+sctUkpjl
hdskN36xv894BbH9GMN+Et7xGnER9m/k
-----END CERTIFICATE-----