Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft
File:                     raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json)
Hash identifier:          iyF5y4f8gtqhTz8vjpM4r0hcu1H+VxN1gUC5IlV1o3E=
Subject key identifier:   28:30:8F:14:3C:93:46:12:D8:67:F8:4D:17:10:2B:7F:DF:B1:2C:45
Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46
Certificate issuer:       /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646
Certificate serial:       3554
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft
Manifest number:          34D0
Signing time:             Fri 28 Mar 2025 14:16:26 +0000
Manifest this update:     Fri 28 Mar 2025 14:16:26 +0000
Manifest next update:     Fri 04 Apr 2025 14:16:26 +0000
Files and hashes:         1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: AdiaPKIB42gIffs6UNuOD8zIcFQJG6ot+6MX4Ap8N2M=)
                          2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=)
                          3: AF560BA2B1CC11EF80C4BE44C4F9AE02.roa (hash: JKOX2Bnk1obdJWD/11GK8Zj49w+PdYErgulVkpa2rdU=)
                          4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=)
                          5: 539CC922366C11EEBEBBBE1DC4F9AE02.roa (hash: TrayTHMiKb+Dm5posHRv3ZfOvi01WiwhoUD8use0rkY=)
                          6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=)
                          7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=)
                          8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13652 (0x3554)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DC5BE
        Validity
            Not Before: Mar 28 14:16:26 2025 GMT
            Not After : Apr  4 14:16:26 2025 GMT
        Subject: CN=67e6af3a-2a10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:74:b8:5b:67:e9:1f:22:49:09:e3:5e:b1:ca:
                    ec:7f:8d:0d:17:a2:df:a6:62:e0:88:b4:73:86:34:
                    70:df:6a:28:43:2e:dd:09:7a:85:50:03:e7:e7:b6:
                    04:f1:e5:ac:f0:6f:79:71:45:5e:a0:04:69:1d:ba:
                    60:d9:76:d9:45:42:79:70:ed:fa:ed:c7:16:2d:01:
                    a0:24:d9:aa:8a:87:ba:0a:4a:09:b3:69:17:6f:42:
                    20:fa:44:40:9d:19:a8:e6:e4:23:0b:a2:6a:7b:3d:
                    be:e4:8b:a5:bb:36:0b:ee:d7:55:3f:96:98:4e:2c:
                    f2:c5:5e:b0:1d:db:4c:dc:ea:3b:ef:27:94:fb:8e:
                    6d:fd:74:5d:41:6f:2e:d4:a5:ce:72:23:aa:68:bf:
                    1a:66:d5:df:eb:1e:3b:9d:97:43:82:ad:c5:9c:9d:
                    a9:55:1a:74:c7:85:cc:0f:6e:8e:c7:55:6f:98:51:
                    91:cd:f9:19:94:4c:14:f6:36:e1:e4:f4:6c:d0:48:
                    98:ac:64:86:77:5d:3a:40:41:77:9f:1e:ea:0a:b7:
                    d0:c9:d2:7c:ad:ea:73:57:6c:8e:36:e1:75:77:42:
                    a5:76:8c:08:d8:52:73:4f:a7:db:0c:bb:e3:a8:a6:
                    46:24:49:d2:ab:fa:3f:1f:b9:e1:18:ad:97:de:12:
                    b8:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:30:8F:14:3C:93:46:12:D8:67:F8:4D:17:10:2B:7F:DF:B1:2C:45
            X509v3 Authority Key Identifier:
                keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:2e:55:33:46:9e:e8:3b:98:ed:31:7e:59:d4:c1:cd:4e:82:
         e0:0a:9f:7f:4b:f7:3b:bc:9d:eb:54:b7:5c:4b:81:d7:24:75:
         31:63:41:84:68:cb:09:12:53:10:83:13:4b:b4:ca:85:1d:e9:
         09:c4:a8:69:aa:7a:bd:56:86:a3:82:f5:32:8d:97:ff:61:c7:
         65:b2:52:15:c4:31:a4:4c:23:4d:e8:03:03:10:5c:0f:30:e8:
         95:c3:bf:aa:79:ee:d1:1e:d2:81:b0:65:61:3c:de:cb:83:41:
         c3:59:69:7f:e4:19:51:5d:39:6e:00:15:63:ec:8a:5b:c4:b0:
         6b:e7:1c:d3:af:9c:3c:51:93:95:5a:30:91:23:ed:d9:42:75:
         30:bf:65:b8:b0:74:00:be:f3:2e:de:24:31:8d:07:ab:26:ee:
         8c:c4:70:6e:39:ab:d8:1c:22:44:65:6f:f3:b0:b5:6d:9e:d6:
         65:36:91:af:7b:ed:19:80:82:dd:f1:a1:cb:9f:8b:f5:4a:4f:
         4f:c3:13:ed:e0:b7:17:a7:3b:cf:44:35:09:7d:d2:fb:18:e3:
         e8:31:17:d9:45:89:ce:46:8a:d6:2e:e7:92:9b:8b:46:48:76:
         05:9c:e6:b3:20:12:e2:82:29:f2:58:28:7c:3a:2a:d3:38:1b:
         8d:95:67:94
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC
REU1ODE2NDYwHhcNMjUwMzI4MTQxNjI2WhcNMjUwNDA0MTQxNjI2WjAYMRYwFAYD
VQQDEw02N2U2YWYzYS0yYTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuXS4W2fpHyJJCeNescrsf40NF6LfpmLgiLRzhjRw32ooQy7dCXqFUAPn57YE
8eWs8G95cUVeoARpHbpg2XbZRUJ5cO367ccWLQGgJNmqioe6CkoJs2kXb0Ig+kRA
nRmo5uQjC6Jqez2+5IuluzYL7tdVP5aYTizyxV6wHdtM3Oo77yeU+45t/XRdQW8u
1KXOciOqaL8aZtXf6x47nZdDgq3FnJ2pVRp0x4XMD26Ox1VvmFGRzfkZlEwU9jbh
5PRs0EiYrGSGd106QEF3nx7qCrfQydJ8repzV2yONuF1d0KldowI2FJzT6fbDLvj
qKZGJEnSq/o/H7nhGK2X3hK4pwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCgwjxQ8
k0YS2Gf4TRcQK3/fsSxFMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE
NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG
a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI
NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC7LlUzRp7oO5jtMX5Z1MHNToLgCp9/S/c7vJ3rVLdcS4HXJHUxY0GE
aMsJElMQgxNLtMqFHekJxKhpqnq9VoajgvUyjZf/YcdlslIVxDGkTCNN6AMDEFwP
MOiVw7+qee7RHtKBsGVhPN7Lg0HDWWl/5BlRXTluABVj7IpbxLBr5xzTr5w8UZOV
WjCRI+3ZQnUwv2W4sHQAvvMu3iQxjQerJu6MxHBuOavYHCJEZW/zsLVtntZlNpGv
e+0ZgILd8aHLn4v1Sk9PwxPt4LcXpzvPRDUJfdL7GOPoMRfZRYnORorWLueSm4tG
SHYFnOazIBLiginyWCh8OirTOBuNlWeU
-----END CERTIFICATE-----