Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft
File:                     He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json)
Hash identifier:          7lhFSIpt5eySbfGh03LhiiMW9CtRC5ClvAzAFZGcTyU=
Subject key identifier:   40:93:2F:19:2D:B5:33:53:F1:54:61:88:97:81:20:8A:8A:BA:43:50
Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48
Certificate issuer:       /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248
Certificate serial:       0160
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft
Manifest number:          015B
Signing time:             Sat 29 Mar 2025 03:33:13 +0000
Manifest this update:     Sat 29 Mar 2025 03:33:12 +0000
Manifest next update:     Sat 05 Apr 2025 03:33:12 +0000
Files and hashes:         1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: iJS3w/pQF7ttqGzFZ7ZoaaAv53Aq3u1Y4ZJSyDj5Jy0=)
                          2: 8405155C69EB11EF933A993CC4F9AE02.roa (hash: Nc218pLJmDdsf2Z9Kv612BkBE9ixmiOBUD2+vg6KRQA=)
                          3: 805A2E74660311EF90397033C4F9AE02.roa (hash: kr3XK/LA3ME6CWbcxw7hFQfhU6QavtLWXc2+mP6aHgc=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 352 (0x160)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E8D22
        Validity
            Not Before: Mar 29 03:33:12 2025 GMT
            Not After : Apr  5 03:33:12 2025 GMT
        Subject: CN=67e769f8-69bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d8:af:d4:f7:9b:db:1b:16:b9:26:46:00:40:
                    5e:56:62:62:25:1b:84:c9:b3:f1:05:a3:d4:8e:13:
                    7b:6f:1a:d6:52:49:94:de:64:c3:11:2b:e9:e6:eb:
                    5e:d2:15:7f:91:ea:e6:0d:4f:67:af:c6:a9:7c:48:
                    48:97:8a:8e:29:52:16:2a:7a:7f:e5:1f:93:d3:63:
                    05:d8:c4:f4:9b:76:f8:0e:3f:b4:ef:8b:2b:d7:a7:
                    d2:ac:a4:a2:f5:1b:d0:de:63:5e:d9:55:56:d8:ec:
                    ee:fe:c1:0a:73:6f:7a:ff:c8:94:28:c1:e2:d1:5c:
                    fb:98:56:f6:c7:d8:9b:2a:01:71:72:b8:00:d1:fb:
                    20:35:d0:98:a6:38:cf:8f:67:6d:e7:54:65:07:af:
                    70:40:97:41:67:73:cc:f4:e7:03:f3:80:47:24:32:
                    46:61:86:bf:8b:eb:2b:bc:29:1e:a6:42:6b:bf:34:
                    59:4c:52:63:95:57:2f:dc:1c:31:cc:62:44:81:9f:
                    d0:19:a8:2d:87:2d:67:68:d2:c7:7c:74:95:ab:14:
                    58:ca:3e:3f:6f:92:10:67:3b:53:c3:2a:3a:45:63:
                    8c:3c:24:e1:26:ec:ff:60:96:5b:e4:fa:aa:32:5f:
                    0a:37:40:bc:2c:b5:df:1a:73:f3:ab:a1:26:50:ca:
                    90:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:93:2F:19:2D:B5:33:53:F1:54:61:88:97:81:20:8A:8A:BA:43:50
            X509v3 Authority Key Identifier:
                keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:77:41:08:a9:14:d5:7f:86:49:82:9f:fe:dd:aa:cb:3c:d8:
         c0:f4:1c:df:7f:70:fe:ea:7e:41:6f:b2:55:ef:ad:48:a1:a5:
         c8:3e:35:1a:87:56:f9:97:b9:79:f8:2d:c5:26:6e:3e:3b:7b:
         5c:41:22:38:ab:39:47:52:0e:61:6b:9c:1c:09:91:00:f9:69:
         39:97:65:be:3f:a5:96:06:7a:5a:22:c8:04:48:54:d0:c2:36:
         34:94:27:b5:bf:70:5f:0e:80:b7:04:67:87:62:d6:a5:c2:05:
         04:6b:37:24:55:b0:f8:05:03:6a:32:e5:9a:be:9b:35:da:4c:
         93:70:41:02:f9:71:7e:3b:0b:08:15:b7:40:f4:2a:b3:7e:a3:
         0f:1f:77:7c:57:f9:bf:6b:fc:62:87:1f:b4:8c:f7:e8:f7:c8:
         0e:0b:44:d6:b7:fe:3a:84:fa:1e:e9:31:33:8d:e5:5f:73:92:
         b2:fa:b5:21:15:06:3c:34:1b:e4:03:3c:d0:82:86:6a:f7:00:
         92:d9:3d:cd:77:3f:72:d6:84:85:4d:03:8f:6f:c8:78:81:d8:
         f2:e4:6f:da:5b:46:fc:00:23:d9:07:8b:2f:b5:ee:29:b3:12:
         73:8e:24:e1:a9:4b:36:8d:f7:6f:f5:c3:d2:5e:fc:b4:d4:c1:
         f6:94:c1:a7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4
RTY0MDcyNDgwHhcNMjUwMzI5MDMzMzEyWhcNMjUwNDA1MDMzMzEyWjAYMRYwFAYD
VQQDEw02N2U3NjlmOC02OWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy9iv1Peb2xsWuSZGAEBeVmJiJRuEybPxBaPUjhN7bxrWUkmU3mTDESvp5ute
0hV/kermDU9nr8apfEhIl4qOKVIWKnp/5R+T02MF2MT0m3b4Dj+074sr16fSrKSi
9RvQ3mNe2VVW2Ozu/sEKc296/8iUKMHi0Vz7mFb2x9ibKgFxcrgA0fsgNdCYpjjP
j2dt51RlB69wQJdBZ3PM9OcD84BHJDJGYYa/i+srvCkepkJrvzRZTFJjlVcv3Bwx
zGJEgZ/QGagthy1naNLHfHSVqxRYyj4/b5IQZztTwyo6RWOMPCThJuz/YJZb5Pqq
Ml8KN0C8LLXfGnPzq6EmUMqQZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFECTLxkt
tTNT8VRhiJeBIIqKukNQMB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE
RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj
a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1
U0k3enR1SVNXNGVPWkFja2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBPd0EIqRTVf4ZJgp/+3arLPNjA9Bzff3D+6n5Bb7JV761IoaXIPjUa
h1b5l7l5+C3FJm4+O3tcQSI4qzlHUg5ha5wcCZEA+Wk5l2W+P6WWBnpaIsgESFTQ
wjY0lCe1v3BfDoC3BGeHYtalwgUEazckVbD4BQNqMuWavps12kyTcEEC+XF+OwsI
FbdA9CqzfqMPH3d8V/m/a/xihx+0jPfo98gOC0TWt/46hPoe6TEzjeVfc5Ky+rUh
FQY8NBvkAzzQgoZq9wCS2T3Ndz9y1oSFTQOPb8h4gdjy5G/aW0b8ACPZB4svte4p
sxJzjiThqUs2jfdv9cPSXvy01MH2lMGn
-----END CERTIFICATE-----