Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7CDD/8A23A6F8DD0D11EE9D292D6AC4F9AE02/g4qU7SUkCVmqbxVJEAOsbm0DlX4.mft
File:                     g4qU7SUkCVmqbxVJEAOsbm0DlX4.mft (raw, json)
Hash identifier:          d8y5xZ1km5usf6HkpzrAvsYanikGxWc/kOYaY6IO/jE=
Subject key identifier:   0E:37:01:69:56:95:04:EE:38:B5:1F:83:68:4D:50:E2:37:CB:B2:32
Authority key identifier: 83:8A:94:ED:25:24:09:59:AA:6F:15:49:10:03:AC:6E:6D:03:95:7E
Certificate issuer:       /CN=A91A7CDD/serialNumber=838A94ED25240959AA6F15491003AC6E6D03957E
Certificate serial:       CB
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4qU7SUkCVmqbxVJEAOsbm0DlX4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A7CDD/8A23A6F8DD0D11EE9D292D6AC4F9AE02/g4qU7SUkCVmqbxVJEAOsbm0DlX4.mft
Manifest number:          C8
Signing time:             Sat 29 Mar 2025 05:08:40 +0000
Manifest this update:     Sat 29 Mar 2025 05:08:39 +0000
Manifest next update:     Sat 05 Apr 2025 05:08:39 +0000
Files and hashes:         1: g4qU7SUkCVmqbxVJEAOsbm0DlX4.crl (hash: jyq+IQel9bD46WxPj8K6kWplwvdRWXpmdssSrZ/wtd8=)
                          2: 1E595AE8DD0E11EE9833196BC4F9AE02.roa (hash: kcBBvIPO2Q30vTutynVp6ce7Y05AQ3m9EdubLnBzT4w=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 203 (0xcb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A7CDD
        Validity
            Not Before: Mar 29 05:08:39 2025 GMT
            Not After : Apr  5 05:08:39 2025 GMT
        Subject: CN=67e78058-0da3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:da:ae:b8:dd:2a:ec:1f:ac:c8:08:ca:eb:ad:
                    06:60:6c:22:4e:14:bb:b1:11:8c:94:53:24:fa:43:
                    90:76:22:9f:c6:f3:b2:29:85:38:e5:fe:c9:c9:b8:
                    d2:10:1e:91:4d:f3:53:5b:97:d2:da:43:15:23:95:
                    44:ec:d8:0d:70:01:1c:6e:8c:0a:29:bb:20:43:1f:
                    60:e0:df:40:30:71:49:76:ab:0f:70:a2:b4:e0:6b:
                    bf:50:3b:83:27:fb:2a:23:75:16:77:87:df:96:6c:
                    9e:9d:24:40:14:6d:96:64:82:b9:da:e7:46:fb:f7:
                    7d:05:59:40:72:8b:d1:93:bf:8f:3b:d7:32:95:e7:
                    35:7f:14:11:8d:29:17:1d:32:b7:fa:b4:06:7d:4f:
                    4d:45:af:f2:fb:75:40:14:d7:9a:93:7c:09:f1:24:
                    f4:35:ec:74:69:a8:2d:0a:cc:63:b1:52:6f:6f:1f:
                    9e:da:ef:1a:57:0d:9d:ea:85:12:d6:06:0c:99:6c:
                    e1:63:e4:60:cb:96:d2:b6:89:7c:00:89:a4:58:dc:
                    68:22:a5:7c:72:b5:17:69:22:1a:8a:fd:d8:c9:dc:
                    22:59:46:43:49:b3:b2:7f:8c:35:4a:94:73:8b:14:
                    fd:0c:b9:47:3d:20:37:12:12:62:40:82:b5:88:53:
                    80:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:37:01:69:56:95:04:EE:38:B5:1F:83:68:4D:50:E2:37:CB:B2:32
            X509v3 Authority Key Identifier:
                keyid:83:8A:94:ED:25:24:09:59:AA:6F:15:49:10:03:AC:6E:6D:03:95:7E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A7CDD/8A23A6F8DD0D11EE9D292D6AC4F9AE02/g4qU7SUkCVmqbxVJEAOsbm0DlX4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/g4qU7SUkCVmqbxVJEAOsbm0DlX4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7CDD/8A23A6F8DD0D11EE9D292D6AC4F9AE02/g4qU7SUkCVmqbxVJEAOsbm0DlX4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:49:f2:a0:63:0a:12:44:bd:4c:97:c2:a0:80:62:36:0c:77:
         17:1d:15:54:ce:4c:95:7c:bd:eb:60:b6:03:99:a8:2c:8c:89:
         22:2e:0b:e8:33:20:20:b7:86:c1:39:9e:aa:4b:a6:fd:8b:90:
         dd:60:85:02:45:e3:cd:c3:22:f7:4e:c1:ee:fb:3a:70:a2:d0:
         76:06:29:58:b0:8f:7a:ae:f5:7f:62:48:d5:7a:fe:46:b7:5e:
         9b:d8:33:88:4c:fd:4c:9a:a8:5d:e4:fd:3c:7f:db:17:6a:f4:
         89:de:bd:52:b4:0d:8f:3e:94:b1:8a:8b:5e:94:38:e1:f4:e2:
         1d:b5:cf:22:06:57:d0:5e:bb:74:0f:ab:5d:74:d8:c1:ba:e7:
         cd:d5:1a:4c:15:5d:10:55:bc:00:43:82:b7:b5:8c:a8:21:e4:
         84:16:fe:c2:40:f8:5b:da:d6:1d:77:33:e4:64:d8:f2:4b:1d:
         87:cd:d7:1c:91:d9:cd:ec:6f:19:e8:53:01:70:44:76:c4:cf:
         5c:f4:e0:11:87:05:be:bd:c6:41:b8:d3:e8:b9:fe:d7:47:7b:
         45:d3:01:ab:1a:f4:62:45:6e:0d:87:1c:8f:e0:ec:de:f3:8b:
         07:d8:4e:6c:2a:cd:8a:8c:1d:f5:a6:96:a5:c3:e8:d0:86:40:
         a6:7d:84:87
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTdDREQxMTAvBgNVBAUTKDgzOEE5NEVEMjUyNDA5NTlBQTZGMTU0OTEwMDNBQzZF
NkQwMzk1N0UwHhcNMjUwMzI5MDUwODM5WhcNMjUwNDA1MDUwODM5WjAYMRYwFAYD
VQQDEw02N2U3ODA1OC0wZGEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt9quuN0q7B+syAjK660GYGwiThS7sRGMlFMk+kOQdiKfxvOyKYU45f7JybjS
EB6RTfNTW5fS2kMVI5VE7NgNcAEcbowKKbsgQx9g4N9AMHFJdqsPcKK04Gu/UDuD
J/sqI3UWd4fflmyenSRAFG2WZIK52udG+/d9BVlAcovRk7+PO9cylec1fxQRjSkX
HTK3+rQGfU9NRa/y+3VAFNeak3wJ8ST0Nex0aagtCsxjsVJvbx+e2u8aVw2d6oUS
1gYMmWzhY+Rgy5bStol8AImkWNxoIqV8crUXaSIaiv3YydwiWUZDSbOyf4w1SpRz
ixT9DLlHPSA3EhJiQIK1iFOA4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA43AWlW
lQTuOLUfg2hNUOI3y7IyMB8GA1UdIwQYMBaAFIOKlO0lJAlZqm8VSRADrG5tA5V+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0NERC84QTIzQTZGOERE
MEQxMUVFOUQyOTJENkFDNEY5QUUwMi9nNHFVN1NVa0NWbXFieFZKRUFPc2JtMERs
WDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2c0cVU3U1VrQ1ZtcWJ4VkpFQU9zYm0wRGxYNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
N0NERC84QTIzQTZGOEREMEQxMUVFOUQyOTJENkFDNEY5QUUwMi9nNHFVN1NVa0NW
bXFieFZKRUFPc2JtMERsWDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCnSfKgYwoSRL1Ml8KggGI2DHcXHRVUzkyVfL3rYLYDmagsjIkiLgvo
MyAgt4bBOZ6qS6b9i5DdYIUCRePNwyL3TsHu+zpwotB2BilYsI96rvV/YkjVev5G
t16b2DOITP1Mmqhd5P08f9sXavSJ3r1StA2PPpSxiotelDjh9OIdtc8iBlfQXrt0
D6tddNjBuufN1RpMFV0QVbwAQ4K3tYyoIeSEFv7CQPhb2tYddzPkZNjySx2Hzdcc
kdnN7G8Z6FMBcER2xM9c9OARhwW+vcZBuNPouf7XR3tF0wGrGvRiRW4NhxyP4Oze
84sH2E5sKs2KjB31ppalw+jQhkCmfYSH
-----END CERTIFICATE-----