Manifest

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft
File:                     02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft (raw, json)
Hash identifier:          aRqX6eP/1lgzDLgg6Q7/eZi6g9bPaCsC/qoH+BU6I5o=
Subject key identifier:   E7:38:A0:CA:C3:88:71:5B:86:69:1C:E0:E1:0A:C1:B9:10:FC:73:AA
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       363D214CAEE83B886B042CDCEF2F1FA6BC5C4268
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft
Manifest number:          02C1
Signing time:             Thu 03 Oct 2024 05:57:37 +0000
Manifest this update:     Thu 03 Oct 2024 05:52:37 +0000
Manifest next update:     Fri 04 Oct 2024 07:21:37 +0000
Files and hashes:         1: 326131323a646434373a383630643a3a2f34382d3438203d3e203530353535.roa (hash: pSS9lyg/r63hrLK6N28zfZCmJTpAFyPUHcuhnyC7Nds=)
                          2: 326131323a646434373a383630333a3a2f34382d3438203d3e203530353535.roa (hash: TVIb8+DyhB/YMbNeWImxDAGqBc36mjWnaSKjIIF5q1w=)
                          3: 326131323a646434373a383630363a3a2f34382d3438203d3e203530353535.roa (hash: WhLiHVWIRrDdTM2/q/GOyUAgwW6kR1FOY914Re+OVhA=)
                          4: 326131323a646434373a383630383a3a2f34382d3438203d3e203530353535.roa (hash: yvJARCYuZKCcQdrZehBg3pmqGSxsDFgahe/Ya4VuMCA=)
                          5: 326131323a646434373a383630303a3a2f34342d3434203d3e203530353535.roa (hash: Y30p0MzCB2JiuAvDBKLSZwu+ZD8hbij5EEaa/uw9slo=)
                          6: 326131323a646434373a383630303a3a2f34382d3438203d3e203530353535.roa (hash: bCptdjmvnQpm+VU0b5omGZ2gseXuWLCMxMKaXw2vivs=)
                          7: 326131323a646434373a383630633a3a2f34382d3438203d3e203530353535.roa (hash: 5jqra/OjEkdlCmNdY3X6oPmDKMUiE1/Q7yXAt6z6K6A=)
                          8: 326131323a646434373a383630353a3a2f34382d3438203d3e203530353535.roa (hash: 8eFv2RBBtby1mcmk3KpRwsZCQZSgRLjiy2M/X1iLuSk=)
                          9: 02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl (hash: rwePhmsZya/DSuLRNd65ZKsIhft6oPcdKIb+52HbTCA=)
                          10: 326131323a646434373a383630313a3a2f34382d3438203d3e203530353535.roa (hash: xB9YMf9WLWlWJJykuB4jTj50Tz2/aBV24p0/bWTRB1I=)
                          11: 326131323a646434373a383630663a3a2f34382d3438203d3e203530353535.roa (hash: KdHvWmuZQHcbpceQ+U8MEcEFLjMenHgqGnoMsp2lirk=)
                          12: 326131323a646434373a383630323a3a2f34382d3438203d3e203530353535.roa (hash: HoZAYr0ETH2ygTyVLT/TWLTc95YKlgYR4RlonB/RlJc=)
                          13: 326131323a646434373a383630343a3a2f34382d3438203d3e203530353535.roa (hash: q33k4Pm8Tc9+J+nVAuAOoyc9sZ/RYxCpNBmpPMyinh4=)
                          14: 326131323a646434373a383630303a3a2f34302d3430203d3e2030.roa (hash: bVgB6CY0EAnJitkx1Xv6J5wT2KqsqRck5c0cRpR6E6U=)
                          15: 326131323a646434373a383630373a3a2f34382d3438203d3e203530353535.roa (hash: Rd+dhCr5rYQwNoo+Nfmrr7x2WYwry9aUIha3WakJOtM=)
                          16: 326131323a646434373a383630623a3a2f34382d3438203d3e203530353535.roa (hash: P8JskXQq8rhMqJmwd4lSnoyKOklqs5FaDVyanSYeqcg=)
                          17: 326131323a646434373a383630653a3a2f34382d3438203d3e203530353535.roa (hash: g1At5H1WGB9pJd143T4S3ULq7iOWiXWKs6MoqCgmWaY=)
                          18: 326131323a646434373a383630613a3a2f34382d3438203d3e203530353535.roa (hash: UUvAqv9dTkpD3vnCpeK0nyckqw5fsjh4xIE1BuffKT4=)
                          19: 326131323a646434373a383630393a3a2f34382d3438203d3e203530353535.roa (hash: 1rnTFeDfRItQJKSerIoroO/PmIgosaC04bWnM0thBoA=)

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:3d:21:4c:ae:e8:3b:88:6b:04:2c:dc:ef:2f:1f:a6:bc:5c:42:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Oct  3 05:52:37 2024 GMT
            Not After : Oct  4 07:21:37 2024 GMT
        Subject: CN=E738A0CAC388715B86691CE0E10AC1B910FC73AA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:f9:9b:25:b2:ac:7f:28:17:77:bf:ec:93:1f:
                    8c:a0:22:24:94:a0:09:98:66:f6:5b:89:a6:54:29:
                    dd:68:59:5e:1e:34:fd:ea:ec:98:6a:14:85:7e:45:
                    d0:1c:70:2c:57:72:e2:ad:97:6d:aa:e7:35:d6:ba:
                    df:d4:5a:98:c8:85:9f:24:cc:2a:13:65:bd:45:30:
                    3a:f8:fa:7c:67:07:0c:66:08:ee:94:81:5d:5c:32:
                    d4:d7:f1:14:51:f1:46:3c:57:8d:36:0d:9a:6d:d9:
                    2b:9c:0e:7d:0c:21:46:66:88:8c:e2:73:00:b8:69:
                    be:f6:88:41:d5:41:d8:b4:b9:59:0f:6d:17:f3:27:
                    31:fe:f0:e3:85:13:57:fb:94:5e:e5:51:e8:9b:2d:
                    a7:e6:f1:79:c9:b3:f5:45:ad:3e:cd:a3:9c:ec:32:
                    ea:86:f5:06:64:9a:cb:73:21:2a:73:2a:97:31:5b:
                    ab:72:d3:b6:36:4b:26:11:a0:7f:0a:ca:d3:47:3d:
                    b4:85:4b:ff:a1:6e:bb:64:46:5d:11:e6:b3:86:3c:
                    79:61:fc:7e:8d:84:16:1e:77:ca:c6:96:84:5d:7f:
                    08:00:b7:cf:a4:d4:66:6f:50:0f:9d:fd:ab:ef:b9:
                    5e:81:22:88:63:38:7a:a6:dd:48:b8:5c:53:a8:59:
                    d0:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:38:A0:CA:C3:88:71:5B:86:69:1C:E0:E1:0A:C1:B9:10:FC:73:AA
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf8fdeec0c019033dbdecc4fa4/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:80:cf:ce:e7:3e:15:78:b7:1d:6c:2b:61:dd:55:3b:69:d7:
         d6:79:b3:fd:ad:93:25:45:ca:07:01:bf:5a:bd:a7:26:a9:b4:
         ec:ce:56:95:81:ef:2c:1b:44:6d:f8:b5:33:d1:f0:31:4b:b8:
         20:a2:b8:87:04:1b:5f:4f:b5:0f:f5:56:cf:f3:a5:65:ee:6d:
         9a:7b:18:a4:72:eb:82:9f:a1:9a:bf:49:05:8f:c7:92:f3:e7:
         8e:7d:51:7b:3a:2b:19:06:32:df:22:66:6d:70:14:71:32:0c:
         99:dd:ec:bb:fb:ac:43:c1:86:59:e4:cf:39:ec:66:06:39:6a:
         49:9e:87:b2:83:4a:58:bb:3d:ed:53:c8:53:ce:2f:ea:81:05:
         12:3c:c5:3e:15:f8:cc:e2:7b:12:1f:b3:fd:78:21:3e:b0:29:
         29:ce:c2:92:73:fc:9e:42:e8:5a:7f:b5:94:17:e2:65:d0:1e:
         c2:39:21:1c:70:7c:d1:fb:55:a8:3c:92:09:23:8f:2c:da:38:
         17:cc:02:71:08:ee:db:ca:f2:bc:c3:90:d4:9b:17:af:04:88:
         be:20:b6:17:83:fc:4a:52:fc:d5:92:1c:a6:f1:07:43:a1:6d:
         8d:9a:1c:e6:24:d4:db:90:56:a6:70:4a:87:26:fa:dc:34:43:
         6e:03:77:9a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIUNj0hTK7oO4hrBCzc7y8fprxcQmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDEwMDMwNTUyMzdaFw0yNDEwMDQwNzIxMzdaMDMxMTAvBgNV
BAMTKEU3MzhBMENBQzM4ODcxNUI4NjY5MUNFMEUxMEFDMUI5MTBGQzczQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT+Zslsqx/KBd3v+yTH4ygIiSU
oAmYZvZbiaZUKd1oWV4eNP3q7JhqFIV+RdAccCxXcuKtl22q5zXWut/UWpjIhZ8k
zCoTZb1FMDr4+nxnBwxmCO6UgV1cMtTX8RRR8UY8V402DZpt2SucDn0MIUZmiIzi
cwC4ab72iEHVQdi0uVkPbRfzJzH+8OOFE1f7lF7lUeibLafm8XnJs/VFrT7No5zs
MuqG9QZkmstzISpzKpcxW6ty07Y2SyYRoH8KytNHPbSFS/+hbrtkRl0R5rOGPHlh
/H6NhBYed8rGloRdfwgAt8+k1GZvUA+d/avvuV6BIohjOHqm3Ui4XFOoWdDnAgMB
AAGjggIjMIICHzAdBgNVHQ4EFgQU5zigysOIcVuGaRzg4QrBuRD8c6owHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDCBkwYIKwYBBQUHAQEEgYYwgYMwgYAGCCsGAQUFBzAChnRyc3luYzov
L3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGY4ZmRlZWMwYzAx
OTAzM2RiZGVjYzRmYTQvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNG
QUNEQ0M1OEEzLmNlcjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJzeW5j
Oi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8wMjg3NkMx
MTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1OEEzLm1mdDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKoDP
zuc+FXi3HWwrYd1VO2nX1nmz/a2TJUXKBwG/Wr2nJqm07M5WlYHvLBtEbfi1M9Hw
MUu4IKK4hwQbX0+1D/VWz/OlZe5tmnsYpHLrgp+hmr9JBY/HkvPnjn1RezorGQYy
3yJmbXAUcTIMmd3su/usQ8GGWeTPOexmBjlqSZ6HsoNKWLs97VPIU84v6oEFEjzF
PhX4zOJ7Eh+z/XghPrApKc7CknP8nkLoWn+1lBfiZdAewjkhHHB80ftVqDySCSOP
LNo4F8wCcQju28ryvMOQ1JsXrwSIviC2F4P8SlL81ZIcpvEHQ6FtjZoc5iTU25BW
pnBKhyb63DRDbgN3mg==
-----END CERTIFICATE-----