Manifest

$ rpki-client -vvf rpki.roa.net/rrdp/xTom/49/9582C3C68DAD52961367C795EB1BCFD2213D57DB.mft
File:                     9582C3C68DAD52961367C795EB1BCFD2213D57DB.mft (raw, json)
Hash identifier:          X+bogdhiXPTWcdhMtvQDZ06xLyZjboHz+462aGq/YTU=
Subject key identifier:   C2:4F:DF:15:9B:E3:9F:F4:AD:DC:17:8A:9A:5A:25:76:57:0A:A5:7C
Authority key identifier: 95:82:C3:C6:8D:AD:52:96:13:67:C7:95:EB:1B:CF:D2:21:3D:57:DB
Certificate issuer:       /CN=9582c3c68dad52961367c795eb1bcfd2213d57db
Certificate serial:       604966E1AADEDC72813FB26F3E4F4084FD0B7977
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lYLDxo2tUpYTZ8eV6xvP0iE9V9s.cer
Subject info access:      rsync://rpki.roa.net/rrdp/xTom/49/9582C3C68DAD52961367C795EB1BCFD2213D57DB.mft
Manifest number:          04F1
Signing time:             Thu 14 Dec 2023 09:39:01 +0000
Manifest this update:     Thu 14 Dec 2023 09:34:01 +0000
Manifest next update:     Fri 15 Dec 2023 11:34:01 +0000
Files and hashes:         1: 3138352e3139382e37312e302f32342d3234203d3e2033323134.roa (hash: oIv58mohV9H7gDTNcgYewuYYZLOuPkmvnCC+eBM3Xss=)
                          2: 3138352e3139382e37312e302f32342d3234203d3e2038383838.roa (hash: zYKU3EMHYakoc6akgzkiMGkdvg8qwty5NtTuq6lcDrM=)
                          3: 9582C3C68DAD52961367C795EB1BCFD2213D57DB.crl (hash: rHoyWd3vm5vyHTHM07fpnZy4qUbs1hhT8QnUYI8w0fU=)
                          4: 3138352e3139382e37312e302f32342d3234203d3e2036323333.roa (hash: fb8XJyoO5+KnhNXDBQf6nzMzMNVN3sOoHtQM8Kxo7p0=)
                          5: 3138352e3139382e37312e302f32342d3234203d3e20393439.roa (hash: Tdb+t0xjQGdtSQdB/UUdZq/Ut6DKmrKYvpAaLgW/mic=)
                          6: 3138352e3139382e37312e302f32342d3234203d3e203431373137.roa (hash: 1AcZDcskw7LIyO0BaB/7jdLzxBgQGtaN4y4RYWimmSA=)

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:49:66:e1:aa:de:dc:72:81:3f:b2:6f:3e:4f:40:84:fd:0b:79:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9582c3c68dad52961367c795eb1bcfd2213d57db
        Validity
            Not Before: Dec 14 09:34:01 2023 GMT
            Not After : Dec 15 11:34:01 2023 GMT
        Subject: CN=C24FDF159BE39FF4ADDC178A9A5A2576570AA57C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:85:9c:95:df:bf:d5:25:42:f3:ab:da:e2:77:
                    ff:f7:b3:85:71:6d:10:40:26:d6:3c:a2:be:1d:75:
                    21:6c:46:5a:81:ba:7a:ba:6b:c0:26:4e:3a:6b:3e:
                    3a:28:d2:6f:9f:21:a6:37:7c:73:f0:1b:7c:73:0c:
                    42:e5:54:8e:d3:c6:88:19:39:18:47:f4:fe:f8:53:
                    f8:8d:8d:31:ba:43:67:a7:b8:55:65:91:0b:41:43:
                    63:d5:e8:27:62:a5:a6:49:dd:d4:81:0e:03:e6:21:
                    ea:8d:9f:6b:8e:c6:2a:1d:0f:13:07:24:bc:eb:71:
                    ed:45:65:25:4f:56:76:e9:0a:35:1e:ff:87:e3:17:
                    fb:bc:08:e8:8d:82:fe:f3:27:4b:13:d6:25:ed:16:
                    1b:fe:70:2c:d1:64:60:8d:ed:7f:e9:66:e5:6b:5b:
                    c2:ed:b5:e2:03:bb:f9:57:79:6e:05:65:fb:e0:ae:
                    51:5e:15:07:6a:a5:30:a7:f5:30:03:f9:5b:2c:20:
                    24:15:5b:75:53:d9:c2:6b:98:5a:7b:36:97:7d:e7:
                    fb:46:6b:2e:c1:6a:3b:e6:d4:7f:6f:cf:ae:9a:88:
                    4c:90:35:aa:65:db:2e:85:ee:0f:a5:f3:cc:73:a4:
                    21:ca:6f:15:b4:00:49:ac:bd:9e:10:54:7c:04:04:
                    fb:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:4F:DF:15:9B:E3:9F:F4:AD:DC:17:8A:9A:5A:25:76:57:0A:A5:7C
            X509v3 Authority Key Identifier:
                keyid:95:82:C3:C6:8D:AD:52:96:13:67:C7:95:EB:1B:CF:D2:21:3D:57:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.roa.net/rrdp/xTom/49/9582C3C68DAD52961367C795EB1BCFD2213D57DB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lYLDxo2tUpYTZ8eV6xvP0iE9V9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.roa.net/rrdp/xTom/49/9582C3C68DAD52961367C795EB1BCFD2213D57DB.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:f5:35:2f:6b:fd:c3:b5:cc:10:10:7a:d2:54:a8:cd:cb:3d:
         13:14:de:cb:b2:4e:30:bf:16:bd:78:e9:d4:3a:07:d4:79:1a:
         75:74:73:83:90:30:fb:b3:c0:23:17:b2:9e:f8:e0:95:e9:72:
         c7:52:f4:82:ed:1c:57:31:5c:d8:f1:13:16:ea:4a:22:ec:26:
         b5:6b:04:1a:43:94:b9:5d:7e:c1:03:04:c2:88:46:6b:34:ef:
         be:d6:06:0f:74:d1:50:4e:49:2e:10:69:35:5a:3c:30:e1:d3:
         3e:2a:83:72:d7:0a:a8:d4:fc:fb:25:17:a7:77:04:96:ad:31:
         b8:fc:3e:ba:23:43:9e:8a:ff:ae:87:3c:9e:34:60:ce:9a:dd:
         0e:56:68:17:30:3e:8f:58:ad:b0:95:6d:b0:28:51:30:5e:e6:
         23:cc:16:de:61:b2:d5:02:75:63:ed:65:4b:4c:d2:89:88:d6:
         e9:e8:c0:84:8a:6b:12:d0:93:27:1a:09:78:b1:b6:73:a8:d2:
         80:79:e3:39:3b:b1:1c:cd:76:88:59:44:f8:4b:32:96:da:b0:
         80:64:5c:af:e0:ea:ff:63:42:dc:7d:0b:82:0d:91:96:d4:71:
         eb:e1:50:5c:81:3d:5f:5d:50:2f:36:dd:10:be:7d:65:12:ba:
         4d:17:46:95
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIUYElm4are3HKBP7JvPk9AhP0LeXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTU4MmMzYzY4ZGFkNTI5NjEzNjdjNzk1ZWIxYmNmZDIy
MTNkNTdkYjAeFw0yMzEyMTQwOTM0MDFaFw0yMzEyMTUxMTM0MDFaMDMxMTAvBgNV
BAMTKEMyNEZERjE1OUJFMzlGRjRBRERDMTc4QTlBNUEyNTc2NTcwQUE1N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAhZyV37/VJULzq9rid//3s4Vx
bRBAJtY8or4ddSFsRlqBunq6a8AmTjprPjoo0m+fIaY3fHPwG3xzDELlVI7TxogZ
ORhH9P74U/iNjTG6Q2enuFVlkQtBQ2PV6CdipaZJ3dSBDgPmIeqNn2uOxiodDxMH
JLzrce1FZSVPVnbpCjUe/4fjF/u8COiNgv7zJ0sT1iXtFhv+cCzRZGCN7X/pZuVr
W8LtteIDu/lXeW4FZfvgrlFeFQdqpTCn9TAD+VssICQVW3VT2cJrmFp7Npd95/tG
ay7Bajvm1H9vz66aiEyQNapl2y6F7g+l88xzpCHKbxW0AEmsvZ4QVHwEBPtpAgMB
AAGjggHbMIIB1zAdBgNVHQ4EFgQUwk/fFZvjn/St3BeKmloldlcKpXwwHwYDVR0j
BBgwFoAUlYLDxo2tUpYTZ8eV6xvP0iE9V9swDgYDVR0PAQH/BAQDAgeAMF8GA1Ud
HwRYMFYwVKBSoFCGTnJzeW5jOi8vcnBraS5yb2EubmV0L3JyZHAveFRvbS80OS85
NTgyQzNDNjhEQUQ1Mjk2MTM2N0M3OTVFQjFCQ0ZEMjIxM0Q1N0RCLmNybDBkBggr
BgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9y
ZXBvc2l0b3J5L0RFRkFVTFQvbFlMRHhvMnRVcFlUWjhlVjZ4dlAwaUU5VjlzLmNl
cjBqBggrBgEFBQcBCwReMFwwWgYIKwYBBQUHMAuGTnJzeW5jOi8vcnBraS5yb2Eu
bmV0L3JyZHAveFRvbS80OS85NTgyQzNDNjhEQUQ1Mjk2MTM2N0M3OTVFQjFCQ0ZE
MjIxM0Q1N0RCLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADANBgkqhkiG9w0BAQsFAAOCAQEAg/U1L2v9w7XMEBB60lSozcs9ExTey7JOML8W
vXjp1DoH1HkadXRzg5Aw+7PAIxeynvjglelyx1L0gu0cVzFc2PETFupKIuwmtWsE
GkOUuV1+wQMEwohGazTvvtYGD3TRUE5JLhBpNVo8MOHTPiqDctcKqNT8+yUXp3cE
lq0xuPw+uiNDnor/roc8njRgzprdDlZoFzA+j1itsJVtsChRMF7mI8wW3mGy1QJ1
Y+1lS0zSiYjW6ejAhIprEtCTJxoJeLG2c6jSgHnjOTuxHM12iFlE+EsyltqwgGRc
r+Dq/2NC3H0Lgg2RltRx6+FQXIE9X11QLzbdEL59ZRK6TRdGlQ==
-----END CERTIFICATE-----