Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/tLEObLONU2XQVOjb6Q808sOIsQw.mft
File:                     tLEObLONU2XQVOjb6Q808sOIsQw.mft (raw, json)
Hash identifier:          GjBlE9ynJoPK3KOnNQr2azl39pbXESo+Db1OMzA7bD8=
Subject key identifier:   0A:49:89:3D:E1:0E:8B:A2:7C:A2:62:AF:7B:2A:C3:03:ED:C0:4B:23
Authority key identifier: B4:B1:0E:6C:B3:8D:53:65:D0:54:E8:DB:E9:0F:34:F2:C3:88:B1:0C
Certificate issuer:       /CN=A91CE3A3/serialNumber=B4B10E6CB38D5365D054E8DBE90F34F2C388B10C
Certificate serial:       0C5E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLEObLONU2XQVOjb6Q808sOIsQw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/tLEObLONU2XQVOjb6Q808sOIsQw.mft
Manifest number:          0C42
Signing time:             Fri 28 Mar 2025 18:39:27 +0000
Manifest this update:     Fri 28 Mar 2025 18:39:26 +0000
Manifest next update:     Fri 04 Apr 2025 18:39:26 +0000
Files and hashes:         1: tLEObLONU2XQVOjb6Q808sOIsQw.crl (hash: v+vVGuFe3G/09osUHmNdi3eMpsf1IknwuXcQhDBk584=)
                          2: 30256B5CF7B911EEAB0C6C36C4F9AE02.roa (hash: YgmB/miyciCfel1NRXhzBbmgg6ljB6KT231oPhcSu5M=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3166 (0xc5e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CE3A3
        Validity
            Not Before: Mar 28 18:39:26 2025 GMT
            Not After : Apr  4 18:39:26 2025 GMT
        Subject: CN=67e6ecde-2b00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b5:34:b8:99:07:4b:d8:88:ef:39:4f:cc:ea:
                    05:4b:78:28:ef:9a:c8:84:3c:08:d0:9e:0d:40:50:
                    e8:43:6e:8b:fd:62:15:3c:79:69:a2:bc:0a:32:25:
                    75:7f:7b:14:04:a1:4a:43:2f:59:f2:50:40:22:1a:
                    fb:94:56:5e:3d:99:cc:71:9f:d1:4d:06:95:df:7a:
                    a0:ff:2c:3c:51:b3:6e:83:ac:41:70:77:77:3e:c1:
                    ca:f9:11:41:e9:5c:61:b4:f8:68:71:d4:7e:b2:80:
                    97:69:06:08:e6:5b:3b:07:fa:43:97:f4:e7:e4:e8:
                    c7:c8:f3:43:3a:a3:1e:52:8d:97:ff:cf:4f:09:d7:
                    3c:ae:a4:a6:b3:67:8e:63:b5:15:fd:60:8b:8a:24:
                    b1:29:76:79:e9:db:94:91:85:13:0d:de:42:b5:0c:
                    cb:0b:db:7e:b0:49:49:bd:04:ca:bb:da:f9:95:b6:
                    fb:b3:fa:ac:62:44:4a:36:87:06:69:5d:65:b4:69:
                    d5:e9:cf:86:94:2d:95:6b:d7:ff:63:9f:d5:df:9b:
                    1d:58:ce:f6:9c:1c:50:bd:b9:c5:b8:ff:34:66:05:
                    e1:f3:0c:9f:67:d1:b1:8c:18:57:56:f0:3a:de:46:
                    e8:8e:65:04:f0:5f:a6:44:47:a0:e1:0e:98:b4:ab:
                    fd:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:49:89:3D:E1:0E:8B:A2:7C:A2:62:AF:7B:2A:C3:03:ED:C0:4B:23
            X509v3 Authority Key Identifier:
                keyid:B4:B1:0E:6C:B3:8D:53:65:D0:54:E8:DB:E9:0F:34:F2:C3:88:B1:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/tLEObLONU2XQVOjb6Q808sOIsQw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tLEObLONU2XQVOjb6Q808sOIsQw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE3A3/2091DC8E050111EABD9B202CC4F9AE02/tLEObLONU2XQVOjb6Q808sOIsQw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:b9:3d:48:ff:d5:79:90:06:ce:ac:e2:ac:88:ea:73:6e:9f:
         6a:16:8e:2a:ed:de:26:62:41:88:a0:c2:2b:14:9c:34:3d:a3:
         39:7f:d8:30:03:7e:16:2f:ad:db:ab:d8:1b:6f:fd:50:81:ab:
         7a:33:13:fb:50:5b:59:f1:8d:22:df:16:35:20:f2:68:cf:7f:
         87:96:c9:b1:cb:88:31:4c:ab:ed:8a:75:23:6f:c0:e8:58:d1:
         63:d0:88:06:f6:76:6e:3b:42:18:fd:0e:f0:bd:89:af:73:40:
         3e:d1:04:27:f2:b2:db:99:ef:a4:5d:49:35:70:0e:2e:39:c9:
         fa:4d:6e:0c:d0:1e:f6:21:41:cd:b3:41:ea:a8:1b:3b:73:68:
         21:50:e8:a3:0f:0a:77:bc:7f:da:6b:c8:b4:ce:63:c9:ff:ed:
         6f:d3:e9:1f:f6:41:c1:7f:b4:bb:55:ad:42:56:b5:ed:81:0b:
         81:4d:eb:a6:c9:e8:ea:e0:fe:37:a8:5e:e0:b6:20:fc:ba:9b:
         7a:07:72:54:d4:4f:27:e7:85:3a:90:97:57:16:db:0a:29:90:
         be:c4:0b:42:b9:7d:7e:19:82:bf:4e:0c:f9:11:1d:d8:1c:50:
         41:1c:35:10:80:b7:c9:d8:29:5c:a3:c6:d8:fa:9c:f1:73:c4:
         0c:67:57:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDF4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0UzQTMxMTAvBgNVBAUTKEI0QjEwRTZDQjM4RDUzNjVEMDU0RThEQkU5MEYzNEYy
QzM4OEIxMEMwHhcNMjUwMzI4MTgzOTI2WhcNMjUwNDA0MTgzOTI2WjAYMRYwFAYD
VQQDEw02N2U2ZWNkZS0yYjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0rU0uJkHS9iI7zlPzOoFS3go75rIhDwI0J4NQFDoQ26L/WIVPHlporwKMiV1
f3sUBKFKQy9Z8lBAIhr7lFZePZnMcZ/RTQaV33qg/yw8UbNug6xBcHd3PsHK+RFB
6VxhtPhocdR+soCXaQYI5ls7B/pDl/Tn5OjHyPNDOqMeUo2X/89PCdc8rqSms2eO
Y7UV/WCLiiSxKXZ56duUkYUTDd5CtQzLC9t+sElJvQTKu9r5lbb7s/qsYkRKNocG
aV1ltGnV6c+GlC2Va9f/Y5/V35sdWM72nBxQvbnFuP80ZgXh8wyfZ9GxjBhXVvA6
3kbojmUE8F+mREeg4Q6YtKv9DQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFApJiT3h
DouifKJir3sqwwPtwEsjMB8GA1UdIwQYMBaAFLSxDmyzjVNl0FTo2+kPNPLDiLEM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTNBMy8yMDkxREM4RTA1
MDExMUVBQkQ5QjIwMkNDNEY5QUUwMi90TEVPYkxPTlUyWFFWT2piNlE4MDhzT0lz
UXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RMRU9iTE9OVTJYUVZPamI2UTgwOHNPSXNRdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RTNBMy8yMDkxREM4RTA1MDExMUVBQkQ5QjIwMkNDNEY5QUUwMi90TEVPYkxPTlUy
WFFWT2piNlE4MDhzT0lzUXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAzuT1I/9V5kAbOrOKsiOpzbp9qFo4q7d4mYkGIoMIrFJw0PaM5f9gw
A34WL63bq9gbb/1Qgat6MxP7UFtZ8Y0i3xY1IPJoz3+Hlsmxy4gxTKvtinUjb8Do
WNFj0IgG9nZuO0IY/Q7wvYmvc0A+0QQn8rLbme+kXUk1cA4uOcn6TW4M0B72IUHN
s0HqqBs7c2ghUOijDwp3vH/aa8i0zmPJ/+1v0+kf9kHBf7S7Va1CVrXtgQuBTeum
yejq4P43qF7gtiD8upt6B3JU1E8n54U6kJdXFtsKKZC+xAtCuX1+GYK/Tgz5ER3Y
HFBBHDUQgLfJ2Clco8bY+pzxc8QMZ1eg
-----END CERTIFICATE-----