Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft
File:                     4hHNheByVQ4z5MyGpj-8360dNTI.mft (raw, json)
Hash identifier:          cDUSsja+gZLVYveMr5uHWb5QtN7wPMz1GDI5L4b6jak=
Subject key identifier:   E4:97:65:D7:0D:8C:32:6D:33:16:CF:F1:32:17:E4:4E:57:8C:B1:0B
Authority key identifier: E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32
Certificate issuer:       /CN=A91F85CD/serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532
Certificate serial:       07EF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft
Manifest number:          07E7
Signing time:             Fri 28 Mar 2025 21:13:00 +0000
Manifest this update:     Fri 28 Mar 2025 21:12:59 +0000
Manifest next update:     Fri 04 Apr 2025 21:12:59 +0000
Files and hashes:         1: 4hHNheByVQ4z5MyGpj-8360dNTI.crl (hash: RvLWFG9i1mPAGhT8HDDM+mWtDF+B2B0zSWcUmCbKzUI=)
                          2: 624086E2E99611EA930A5B74C4F9AE02.roa (hash: ZdmpHgIkxt7GWbnQ6LOR1kcULfHlPHaLzEsc6YKJVc0=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2031 (0x7ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F85CD
        Validity
            Not Before: Mar 28 21:12:59 2025 GMT
            Not After : Apr  4 21:12:59 2025 GMT
        Subject: CN=67e710db-21a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:3e:33:88:96:18:27:f9:e0:07:57:9e:8c:d9:
                    aa:10:34:c3:81:65:36:3f:e5:a8:4d:9b:cf:76:50:
                    f0:9e:fe:81:32:90:11:38:ec:08:5c:47:b2:3c:28:
                    5d:a2:27:62:0d:58:4b:d2:cc:f1:5c:82:a0:7e:3f:
                    84:49:d7:e3:4e:e6:7d:33:12:9b:b5:de:db:9d:d8:
                    d2:e2:4c:a1:80:3a:9f:9f:83:a2:38:9c:27:c9:b1:
                    89:10:28:9a:2e:d2:ae:0a:5e:9b:31:f0:ce:26:da:
                    3a:66:fd:3d:43:d1:ab:2a:b0:3c:b2:3b:67:f4:5c:
                    aa:36:1a:65:25:c7:dc:51:2a:ed:51:46:ae:9a:11:
                    52:4f:08:62:01:30:b5:98:80:fb:97:8f:ea:5b:23:
                    df:7d:8b:93:ba:9b:85:4c:4f:05:5d:78:9a:b4:9e:
                    49:03:70:ff:ef:04:2c:af:4f:72:db:25:e7:39:63:
                    87:33:aa:02:d9:d5:eb:a7:4d:25:3d:f0:86:b2:37:
                    7c:7c:e0:eb:2b:51:76:ae:98:3f:8e:06:d0:eb:8f:
                    df:5c:c2:0c:4e:f9:54:81:21:48:b0:47:56:7e:28:
                    8c:61:7b:39:f4:4b:ba:bb:55:db:4e:05:06:5f:43:
                    5d:7d:41:21:1d:ea:da:86:34:98:5d:06:20:d7:7e:
                    59:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:97:65:D7:0D:8C:32:6D:33:16:CF:F1:32:17:E4:4E:57:8C:B1:0B
            X509v3 Authority Key Identifier:
                keyid:E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:53:32:78:cf:ae:00:14:62:2e:40:4c:d1:92:50:69:ef:5d:
         89:e8:f8:73:f2:4a:a5:7e:4e:da:24:bf:da:98:12:c1:ea:bd:
         f4:07:b1:73:7d:15:a4:6a:21:8e:f1:61:57:e9:b1:ab:a1:52:
         c5:40:44:fc:fa:5b:ce:47:bc:cb:1c:3a:60:12:7a:b5:5d:b6:
         8b:b2:a6:87:c1:8e:a9:97:5f:6d:5a:be:cc:8c:c5:93:61:19:
         68:70:9b:8a:46:7a:51:9f:70:d4:48:6b:6e:37:e0:03:c2:10:
         e3:97:5c:49:19:ab:47:de:1b:74:2d:8f:30:6a:ca:92:11:01:
         cc:70:76:0e:51:3d:5e:a9:9c:8e:12:97:36:b6:a9:14:79:82:
         00:80:e3:e3:8e:7c:32:aa:55:25:e9:7f:af:54:74:72:51:32:
         6c:5a:c6:7c:f5:59:0c:e2:05:38:0e:fb:2d:9c:43:fa:67:0a:
         cc:23:d9:15:58:30:15:76:c8:37:d8:12:8f:4b:21:ea:a9:fe:
         d1:20:19:14:06:1e:9f:7b:d9:b3:99:32:65:92:bb:92:26:4b:
         82:5d:48:6d:f7:40:a9:39:65:94:7d:c3:03:bb:31:21:19:ef:
         33:6d:02:3c:8e:b6:40:51:cd:51:46:c9:c5:16:ec:61:41:72:
         d0:69:c3:c9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB+8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg1Q0QxMTAvBgNVBAUTKEUyMTFDRDg1RTA3MjU1MEUzM0U0Q0M4NkE2M0ZCQ0RG
QUQxRDM1MzIwHhcNMjUwMzI4MjExMjU5WhcNMjUwNDA0MjExMjU5WjAYMRYwFAYD
VQQDEw02N2U3MTBkYi0yMWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2j4ziJYYJ/ngB1eejNmqEDTDgWU2P+WoTZvPdlDwnv6BMpAROOwIXEeyPChd
oidiDVhL0szxXIKgfj+ESdfjTuZ9MxKbtd7bndjS4kyhgDqfn4OiOJwnybGJECia
LtKuCl6bMfDOJto6Zv09Q9GrKrA8sjtn9FyqNhplJcfcUSrtUUaumhFSTwhiATC1
mID7l4/qWyPffYuTupuFTE8FXXiatJ5JA3D/7wQsr09y2yXnOWOHM6oC2dXrp00l
PfCGsjd8fODrK1F2rpg/jgbQ64/fXMIMTvlUgSFIsEdWfiiMYXs59Eu6u1XbTgUG
X0NdfUEhHerahjSYXQYg135ZtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOSXZdcN
jDJtMxbP8TIX5E5XjLELMB8GA1UdIwQYMBaAFOIRzYXgclUOM+TMhqY/vN+tHTUy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODVDRC84QTUwNTU4OERE
MTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZRNHo1TXlHcGotODM2MGRO
VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRoSE5oZUJ5VlE0ejVNeUdwai04MzYwZE5USS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
ODVDRC84QTUwNTU4OEREMTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZR
NHo1TXlHcGotODM2MGROVEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBkUzJ4z64AFGIuQEzRklBp712J6Phz8kqlfk7aJL/amBLB6r30B7Fz
fRWkaiGO8WFX6bGroVLFQET8+lvOR7zLHDpgEnq1XbaLsqaHwY6pl19tWr7MjMWT
YRlocJuKRnpRn3DUSGtuN+ADwhDjl1xJGatH3ht0LY8wasqSEQHMcHYOUT1eqZyO
Epc2tqkUeYIAgOPjjnwyqlUl6X+vVHRyUTJsWsZ89VkM4gU4DvstnEP6ZwrMI9kV
WDAVdsg32BKPSyHqqf7RIBkUBh6fe9mzmTJlkruSJkuCXUht90CpOWWUfcMDuzEh
Ge8zbQI8jrZAUc1RRsnFFuxhQXLQacPJ
-----END CERTIFICATE-----