Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B253D/86B0D73EF71F11EAAE96B225C4F9AE02/AMEx5mi1_pTstDkxhHpyiqzoLUs.mft
File:                     AMEx5mi1_pTstDkxhHpyiqzoLUs.mft (raw, json)
Hash identifier:          3gCLps1+4szsuhGl7Q9/7if67A1nr6sMt/ZCgA8klb4=
Subject key identifier:   2F:A7:26:CD:5D:40:8C:39:73:F8:A4:01:DE:3D:DA:B0:28:ED:7F:37
Authority key identifier: 00:C1:31:E6:68:B5:FE:94:EC:B4:39:31:84:7A:72:8A:AC:E8:2D:4B
Certificate issuer:       /CN=A91B253D/serialNumber=00C131E668B5FE94ECB43931847A728AACE82D4B
Certificate serial:       07A8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AMEx5mi1_pTstDkxhHpyiqzoLUs.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B253D/86B0D73EF71F11EAAE96B225C4F9AE02/AMEx5mi1_pTstDkxhHpyiqzoLUs.mft
Manifest number:          07A3
Signing time:             Fri 28 Mar 2025 21:28:31 +0000
Manifest this update:     Fri 28 Mar 2025 21:28:30 +0000
Manifest next update:     Fri 04 Apr 2025 21:28:30 +0000
Files and hashes:         1: AMEx5mi1_pTstDkxhHpyiqzoLUs.crl (hash: fBj3oqKUcV1Dg2LqpP0f4QI9M3xowPQDOLVSPZlgS4U=)
                          2: 76EBD456F72011EA8776EC28C4F9AE02.roa (hash: OSuo22pCpFQlpJJN8xkAzm6P90bv2Mjg2FXUApiRfIg=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1960 (0x7a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B253D
        Validity
            Not Before: Mar 28 21:28:30 2025 GMT
            Not After : Apr  4 21:28:30 2025 GMT
        Subject: CN=67e7147e-a8d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:1a:f7:f3:5e:99:ca:13:e5:a9:3e:5c:1c:b0:
                    0f:6c:cb:cb:ab:45:31:91:b4:91:44:99:e9:1b:1d:
                    12:b7:5e:25:1f:90:6c:93:20:12:df:ce:3f:69:ee:
                    9e:85:3a:a2:d6:91:29:ff:84:5d:41:ed:b5:0f:04:
                    1b:fe:74:58:37:b3:c2:61:f5:ae:b4:09:c9:31:0c:
                    29:af:f6:68:f1:a1:b8:d0:87:19:b5:a6:cc:90:8b:
                    1d:6b:54:3f:fa:f8:72:19:e7:bb:3a:9d:e4:65:e7:
                    43:14:ea:95:f7:e1:4f:98:20:ef:ac:7e:44:86:cf:
                    4c:25:11:53:2e:46:f0:97:a8:d6:5e:6d:04:ae:8e:
                    85:a8:f3:6b:0b:c6:2e:38:ae:8b:7e:31:4e:fc:50:
                    9d:92:7b:2b:67:1c:d7:c4:f8:7d:4d:84:73:3d:b4:
                    d9:d3:f6:b4:67:bd:06:7f:fc:65:6c:f9:c1:bd:cb:
                    0e:bc:ae:18:67:34:da:29:b5:8a:3d:0e:2c:d3:66:
                    53:98:81:b6:3e:40:3d:cb:b7:bb:de:4e:65:c5:c6:
                    9d:4c:0a:20:9d:4e:9a:33:ec:a3:de:72:f5:ef:41:
                    56:b1:80:72:fa:50:b4:85:a9:0f:97:91:ea:86:af:
                    62:1e:a5:e8:3e:0b:3a:f7:9b:2d:80:ba:50:53:3e:
                    3c:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:A7:26:CD:5D:40:8C:39:73:F8:A4:01:DE:3D:DA:B0:28:ED:7F:37
            X509v3 Authority Key Identifier:
                keyid:00:C1:31:E6:68:B5:FE:94:EC:B4:39:31:84:7A:72:8A:AC:E8:2D:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B253D/86B0D73EF71F11EAAE96B225C4F9AE02/AMEx5mi1_pTstDkxhHpyiqzoLUs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AMEx5mi1_pTstDkxhHpyiqzoLUs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B253D/86B0D73EF71F11EAAE96B225C4F9AE02/AMEx5mi1_pTstDkxhHpyiqzoLUs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:5d:53:70:5a:28:bf:58:bc:1e:fb:f5:eb:5e:9c:a4:58:24:
         2e:e1:7c:d7:54:7c:37:8d:6a:d3:a3:36:aa:13:aa:b5:4d:30:
         bf:56:79:b7:27:50:3a:18:57:a7:83:ae:0a:cb:fa:9d:4b:0e:
         b0:f0:36:be:05:d0:20:2b:d0:5f:ad:ae:21:be:17:68:75:fc:
         aa:cf:68:0b:01:00:20:6d:21:68:a4:35:16:bd:bd:6e:50:a5:
         b3:b0:0a:80:04:57:e7:d1:34:03:82:62:77:46:73:ae:3b:b8:
         24:d1:79:ae:63:79:f8:02:3c:60:c6:14:7d:b9:4e:3c:a6:f0:
         4e:dc:c5:d1:59:6c:4f:87:14:6a:8e:15:58:37:11:7f:0d:ad:
         4c:46:04:25:b1:13:e0:8c:52:5d:33:92:56:42:ed:3d:a7:c5:
         74:e8:1e:86:dc:c1:54:1e:86:50:b2:0b:cc:4b:a7:66:7b:65:
         44:16:7f:c2:5e:7a:04:30:c4:61:5a:fd:20:aa:a7:8a:ce:d5:
         78:8f:67:de:8f:fd:d9:14:79:6e:19:f5:a3:9d:e9:48:6f:04:
         1f:98:45:ab:dd:6a:7e:02:8b:8a:2a:16:28:d1:43:f8:d2:67:
         2a:d8:0e:5b:d4:cd:ba:e9:74:13:df:e9:3c:ab:c6:70:f0:6e:
         72:b6:68:0d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB6gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI1M0QxMTAvBgNVBAUTKDAwQzEzMUU2NjhCNUZFOTRFQ0I0MzkzMTg0N0E3MjhB
QUNFODJENEIwHhcNMjUwMzI4MjEyODMwWhcNMjUwNDA0MjEyODMwWjAYMRYwFAYD
VQQDEw02N2U3MTQ3ZS1hOGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Rr3816ZyhPlqT5cHLAPbMvLq0UxkbSRRJnpGx0St14lH5BskyAS384/ae6e
hTqi1pEp/4RdQe21DwQb/nRYN7PCYfWutAnJMQwpr/Zo8aG40IcZtabMkIsda1Q/
+vhyGee7Op3kZedDFOqV9+FPmCDvrH5Ehs9MJRFTLkbwl6jWXm0Ero6FqPNrC8Yu
OK6LfjFO/FCdknsrZxzXxPh9TYRzPbTZ0/a0Z70Gf/xlbPnBvcsOvK4YZzTaKbWK
PQ4s02ZTmIG2PkA9y7e73k5lxcadTAognU6aM+yj3nL170FWsYBy+lC0hakPl5Hq
hq9iHqXoPgs695stgLpQUz48twIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC+nJs1d
QIw5c/ikAd492rAo7X83MB8GA1UdIwQYMBaAFADBMeZotf6U7LQ5MYR6coqs6C1L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjUzRC84NkIwRDczRUY3
MUYxMUVBQUU5NkIyMjVDNEY5QUUwMi9BTUV4NW1pMV9wVHN0RGt4aEhweWlxem9M
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FNRXg1bWkxX3BUc3REa3hoSHB5aXF6b0xVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MjUzRC84NkIwRDczRUY3MUYxMUVBQUU5NkIyMjVDNEY5QUUwMi9BTUV4NW1pMV9w
VHN0RGt4aEhweWlxem9MVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB5XVNwWii/WLwe+/XrXpykWCQu4XzXVHw3jWrTozaqE6q1TTC/Vnm3
J1A6GFeng64Ky/qdSw6w8Da+BdAgK9Bfra4hvhdodfyqz2gLAQAgbSFopDUWvb1u
UKWzsAqABFfn0TQDgmJ3RnOuO7gk0XmuY3n4AjxgxhR9uU48pvBO3MXRWWxPhxRq
jhVYNxF/Da1MRgQlsRPgjFJdM5JWQu09p8V06B6G3MFUHoZQsgvMS6dme2VEFn/C
XnoEMMRhWv0gqqeKztV4j2fej/3ZFHluGfWjnelIbwQfmEWr3Wp+AouKKhYo0UP4
0mcq2A5b1M266XQT3+k8q8Zw8G5ytmgN
-----END CERTIFICATE-----