Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.mft
File:                     tnwkXksr7q0jwfBd0w_5B32HuOY.mft (raw, json)
Hash identifier:          wrJO0ZSuBELodkZqTsIASnfTLKouCI5acQ08GRpOZ2g=
Subject key identifier:   E8:68:75:6A:87:D1:64:7F:0D:20:C7:26:BC:71:EF:0B:CC:49:70:52
Authority key identifier: B6:7C:24:5E:4B:2B:EE:AD:23:C1:F0:5D:D3:0F:F9:07:7D:87:B8:E6
Certificate issuer:       /CN=A91116C7/serialNumber=B67C245E4B2BEEAD23C1F05DD30FF9077D87B8E6
Certificate serial:       127A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tnwkXksr7q0jwfBd0w_5B32HuOY.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.mft
Manifest number:          1273
Signing time:             Fri 28 Mar 2025 17:13:08 +0000
Manifest this update:     Fri 28 Mar 2025 17:13:08 +0000
Manifest next update:     Fri 04 Apr 2025 17:13:08 +0000
Files and hashes:         1: tnwkXksr7q0jwfBd0w_5B32HuOY.crl (hash: h5fchfncV5cMTPSfv/jybzYjPTt/AUDNQApk7+5Lhtw=)
                          2: 0CAF01A6C6C811E8AECD6165C4F9AE02.roa (hash: n2FBgQHuh988fwkOcnAooQ/jXQmiLgbdWeucP9Cz7sg=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4730 (0x127a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91116C7
        Validity
            Not Before: Mar 28 17:13:08 2025 GMT
            Not After : Apr  4 17:13:08 2025 GMT
        Subject: CN=67e6d8a4-a056
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:4f:4d:9e:ed:8e:d6:ad:ce:6c:26:89:32:f4:
                    a8:7c:aa:82:e6:7d:ce:17:77:2d:79:99:01:ff:e8:
                    67:4b:77:16:68:04:a3:9f:33:f4:53:4b:48:63:a7:
                    cb:a6:f1:e6:02:02:28:80:bc:12:d8:2a:25:50:a2:
                    9b:aa:ca:b2:97:dd:00:cd:e0:55:5f:68:b1:87:83:
                    71:45:25:15:6e:5e:82:ad:a3:a6:30:de:77:48:c7:
                    79:4a:51:9f:dd:09:ac:1a:a5:b1:c8:31:2f:3a:71:
                    2b:cd:b9:70:d7:61:5f:1d:f4:95:a5:41:bc:b8:30:
                    d0:02:51:ee:cf:0c:4e:bc:42:d5:9d:ce:fa:6d:59:
                    01:ee:3a:4e:d7:19:dd:47:fa:3d:c4:86:1a:44:29:
                    78:da:d4:06:28:34:18:33:ce:57:5e:a0:85:89:fa:
                    8a:df:ff:dc:9a:4f:51:84:e2:d7:2b:9d:c9:25:65:
                    4a:5e:dc:5a:36:4d:09:b7:7a:2c:95:9b:bd:4a:05:
                    e9:92:aa:f7:69:f8:9f:c8:f1:07:03:b1:2b:e5:46:
                    5f:fb:17:09:65:82:90:4a:3a:aa:9b:05:f8:3c:bd:
                    7c:3a:9b:63:31:e1:83:22:66:36:c6:0f:31:df:81:
                    1d:4f:bc:23:35:ad:b4:20:9b:e6:00:fd:58:f4:1a:
                    b2:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:68:75:6A:87:D1:64:7F:0D:20:C7:26:BC:71:EF:0B:CC:49:70:52
            X509v3 Authority Key Identifier:
                keyid:B6:7C:24:5E:4B:2B:EE:AD:23:C1:F0:5D:D3:0F:F9:07:7D:87:B8:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tnwkXksr7q0jwfBd0w_5B32HuOY.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91116C7/C856D6C4C6C611E882A41260C4F9AE02/tnwkXksr7q0jwfBd0w_5B32HuOY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:70:1f:af:18:5f:d0:41:7d:0d:79:8a:1a:3c:63:2e:1e:b5:
         45:32:01:ff:f3:c6:aa:0e:38:7b:77:40:86:06:ba:3b:70:f3:
         12:c5:17:36:23:fa:b5:62:4d:47:3e:d9:81:da:6b:eb:ce:9c:
         49:32:9f:3e:17:e3:ca:0f:03:34:35:e5:8d:4f:04:db:31:ff:
         a2:f7:2f:9d:12:31:02:1e:fb:7e:ae:28:a1:27:e8:32:56:cb:
         73:7f:4a:ba:70:bc:c2:72:0e:ce:dd:f5:21:74:ac:4a:fd:f0:
         0f:d6:ff:f5:53:40:db:6c:27:ca:82:88:cc:a0:92:0c:4f:09:
         07:9b:af:29:5b:1e:2f:01:d9:a9:64:41:21:db:24:13:db:93:
         7e:98:33:0c:3e:20:ce:2e:56:36:d8:7a:a7:83:e8:53:07:13:
         f6:c4:98:02:b1:ef:08:21:f5:f3:11:e6:f6:39:b6:e0:47:7c:
         f5:75:61:f0:4b:aa:f9:23:59:c0:9f:19:da:fd:27:ff:bc:e6:
         50:b7:30:0d:23:ea:d6:fe:2e:78:3f:25:47:2e:64:ac:49:53:
         35:d1:98:f2:67:f8:f9:8c:e4:83:12:6b:bd:a5:dc:00:85:d3:
         60:36:ea:80:8d:85:fa:44:0c:bf:68:cd:6a:17:7f:88:46:22:
         2d:ed:1b:03
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEnowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTE2QzcxMTAvBgNVBAUTKEI2N0MyNDVFNEIyQkVFQUQyM0MxRjA1REQzMEZGOTA3
N0Q4N0I4RTYwHhcNMjUwMzI4MTcxMzA4WhcNMjUwNDA0MTcxMzA4WjAYMRYwFAYD
VQQDEw02N2U2ZDhhNC1hMDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvU9Nnu2O1q3ObCaJMvSofKqC5n3OF3cteZkB/+hnS3cWaASjnzP0U0tIY6fL
pvHmAgIogLwS2ColUKKbqsqyl90AzeBVX2ixh4NxRSUVbl6CraOmMN53SMd5SlGf
3QmsGqWxyDEvOnErzblw12FfHfSVpUG8uDDQAlHuzwxOvELVnc76bVkB7jpO1xnd
R/o9xIYaRCl42tQGKDQYM85XXqCFifqK3//cmk9RhOLXK53JJWVKXtxaNk0Jt3os
lZu9SgXpkqr3afifyPEHA7Er5UZf+xcJZYKQSjqqmwX4PL18OptjMeGDImY2xg8x
34EdT7wjNa20IJvmAP1Y9BqyqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOhodWqH
0WR/DSDHJrxx7wvMSXBSMB8GA1UdIwQYMBaAFLZ8JF5LK+6tI8HwXdMP+Qd9h7jm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTZDNy9DODU2RDZDNEM2
QzYxMUU4ODJBNDEyNjBDNEY5QUUwMi90bndrWGtzcjdxMGp3ZkJkMHdfNUIzMkh1
T1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Rud2tYa3NyN3EwandmQmQwd181QjMySHVPWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MTZDNy9DODU2RDZDNEM2QzYxMUU4ODJBNDEyNjBDNEY5QUUwMi90bndrWGtzcjdx
MGp3ZkJkMHdfNUIzMkh1T1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAIcB+vGF/QQX0NeYoaPGMuHrVFMgH/88aqDjh7d0CGBro7cPMSxRc2
I/q1Yk1HPtmB2mvrzpxJMp8+F+PKDwM0NeWNTwTbMf+i9y+dEjECHvt+riihJ+gy
Vstzf0q6cLzCcg7O3fUhdKxK/fAP1v/1U0DbbCfKgojMoJIMTwkHm68pWx4vAdmp
ZEEh2yQT25N+mDMMPiDOLlY22Hqng+hTBxP2xJgCse8IIfXzEeb2ObbgR3z1dWHw
S6r5I1nAnxna/Sf/vOZQtzANI+rW/i54PyVHLmSsSVM10ZjyZ/j5jOSDEmu9pdwA
hdNgNuqAjYX6RAy/aM1qF3+IRiIt7RsD
-----END CERTIFICATE-----