Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911849D/441A7264B66E11EA9B087247C4F9AE02/EclyfKUpLOXaXXC6iCvC1kP0EIU.mft
File:                     EclyfKUpLOXaXXC6iCvC1kP0EIU.mft (raw, json)
Hash identifier:          lxsh5/lSL1vs0JpHmP69hcbzXQwaGg/lrwNby2gMi4c=
Subject key identifier:   DD:27:0A:87:B4:80:13:89:B9:09:76:13:78:18:D3:DD:C4:48:97:1D
Authority key identifier: 11:C9:72:7C:A5:29:2C:E5:DA:5D:70:BA:88:2B:C2:D6:43:F4:10:85
Certificate issuer:       /CN=A911849D/serialNumber=11C9727CA5292CE5DA5D70BA882BC2D643F41085
Certificate serial:       08A8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EclyfKUpLOXaXXC6iCvC1kP0EIU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911849D/441A7264B66E11EA9B087247C4F9AE02/EclyfKUpLOXaXXC6iCvC1kP0EIU.mft
Manifest number:          0899
Signing time:             Fri 28 Mar 2025 20:50:23 +0000
Manifest this update:     Fri 28 Mar 2025 20:50:22 +0000
Manifest next update:     Fri 04 Apr 2025 20:50:22 +0000
Files and hashes:         1: EclyfKUpLOXaXXC6iCvC1kP0EIU.crl (hash: ea/1xVvu5DkFb5krFxWzrRlNbFrBZjXAxZEHOU94anI=)
                          2: C2D236E6B70E11EAAE6CE049C4F9AE02.roa (hash: /Mx3d0Z7c2OKLIky6yATaeUHAoc7j+jEdKfqglnvKk8=)
                          3: 3AD34AA4B66F11EAAA29FB47C4F9AE02.roa (hash: WjzW89/4SljG9UbpjM3OAjMCVBiPQFjT99+O9KpZA9g=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2216 (0x8a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911849D
        Validity
            Not Before: Mar 28 20:50:22 2025 GMT
            Not After : Apr  4 20:50:22 2025 GMT
        Subject: CN=67e70b8e-0651
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:e6:ad:d5:da:b6:8b:9d:76:49:6a:7b:92:4a:
                    b5:4e:b5:bc:1b:28:17:b0:74:0f:5f:09:42:01:da:
                    72:45:12:3a:07:a1:17:9e:bb:8c:ae:b4:3a:13:85:
                    c1:8a:e5:b1:ef:79:cc:3c:dd:c4:0e:c1:d4:51:ef:
                    9e:b2:0b:ac:dd:b0:dc:4f:ba:5d:01:36:f1:fa:70:
                    69:2d:d1:9e:3a:38:48:97:ab:03:5f:b7:e0:f7:ca:
                    b8:bd:a8:e2:08:31:76:b0:8a:69:39:c0:ee:45:eb:
                    fa:eb:89:f9:cd:a5:e1:f2:ac:27:ed:d5:d0:93:39:
                    06:78:cf:ef:a3:ea:16:85:4d:86:0e:35:fc:90:bd:
                    54:93:70:b0:1f:c1:e9:a3:1d:e2:0a:5f:b6:6c:0e:
                    46:e8:5a:d7:f4:ca:af:93:b4:94:5e:0f:72:f2:35:
                    ff:10:1d:15:6b:ad:22:bf:92:a9:5b:58:c5:20:0f:
                    68:91:7a:4d:c3:dd:63:6f:b1:b1:8c:12:20:37:08:
                    a3:4e:58:df:54:9d:89:59:27:4f:53:29:2a:ec:01:
                    09:7d:57:c4:35:fa:fa:91:71:a8:3b:dd:ff:50:2d:
                    6d:85:0c:4d:d8:7c:e4:2f:b2:ef:06:8f:cc:63:cd:
                    76:21:17:fc:dc:19:f7:3c:b3:89:64:4c:c9:98:51:
                    0d:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:27:0A:87:B4:80:13:89:B9:09:76:13:78:18:D3:DD:C4:48:97:1D
            X509v3 Authority Key Identifier:
                keyid:11:C9:72:7C:A5:29:2C:E5:DA:5D:70:BA:88:2B:C2:D6:43:F4:10:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911849D/441A7264B66E11EA9B087247C4F9AE02/EclyfKUpLOXaXXC6iCvC1kP0EIU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EclyfKUpLOXaXXC6iCvC1kP0EIU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911849D/441A7264B66E11EA9B087247C4F9AE02/EclyfKUpLOXaXXC6iCvC1kP0EIU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:87:c6:14:3e:9c:20:99:44:25:de:fa:8e:1c:b1:9c:14:e0:
         f5:fd:1e:63:d2:5f:8a:7d:4b:26:e9:f1:b0:bd:08:31:86:70:
         29:73:9a:ac:4c:08:0a:31:49:2b:33:8f:1e:41:ca:5c:f8:ce:
         67:3b:27:1d:7a:46:e8:83:38:3e:a5:24:60:1f:fa:c5:05:d9:
         c5:be:8c:c5:1a:39:8b:3b:80:06:70:71:56:f6:a3:07:09:a4:
         e7:b1:da:83:01:f3:80:4c:02:50:aa:40:ee:42:9b:14:83:76:
         67:ee:a8:7b:c6:8c:0c:51:27:e9:e6:1f:8e:24:02:e8:29:a2:
         60:eb:ff:1e:41:5c:22:57:42:ea:ba:fe:9f:21:f1:f4:7e:d7:
         4a:7c:e0:a2:75:10:f7:77:50:d8:5b:52:bc:93:fc:07:86:a6:
         96:58:2f:bf:9a:0a:5b:dc:23:c3:e5:91:a5:84:2b:05:d8:18:
         54:70:f5:b0:52:d1:27:4d:b3:7f:ed:30:c8:85:54:f8:d8:aa:
         60:08:c0:9d:b4:2f:4c:9e:d2:a1:3c:34:18:66:b7:04:f2:6f:
         ba:d8:2a:fe:c8:8c:06:c4:12:d3:44:60:a3:20:56:e7:b1:74:
         46:5c:bc:29:20:bc:b0:ad:21:17:ad:47:74:e4:14:99:22:7c:
         68:47:88:80
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTg0OUQxMTAvBgNVBAUTKDExQzk3MjdDQTUyOTJDRTVEQTVENzBCQTg4MkJDMkQ2
NDNGNDEwODUwHhcNMjUwMzI4MjA1MDIyWhcNMjUwNDA0MjA1MDIyWjAYMRYwFAYD
VQQDEw02N2U3MGI4ZS0wNjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0+at1dq2i512SWp7kkq1TrW8GygXsHQPXwlCAdpyRRI6B6EXnruMrrQ6E4XB
iuWx73nMPN3EDsHUUe+esgus3bDcT7pdATbx+nBpLdGeOjhIl6sDX7fg98q4vaji
CDF2sIppOcDuRev664n5zaXh8qwn7dXQkzkGeM/vo+oWhU2GDjX8kL1Uk3CwH8Hp
ox3iCl+2bA5G6FrX9Mqvk7SUXg9y8jX/EB0Va60iv5KpW1jFIA9okXpNw91jb7Gx
jBIgNwijTljfVJ2JWSdPUykq7AEJfVfENfr6kXGoO93/UC1thQxN2HzkL7LvBo/M
Y812IRf83Bn3PLOJZEzJmFENLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN0nCoe0
gBOJuQl2E3gY093ESJcdMB8GA1UdIwQYMBaAFBHJcnylKSzl2l1wuogrwtZD9BCF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODQ5RC80NDFBNzI2NEI2
NkUxMUVBOUIwODcyNDdDNEY5QUUwMi9FY2x5ZktVcExPWGFYWEM2aUN2QzFrUDBF
SVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VjbHlmS1VwTE9YYVhYQzZpQ3ZDMWtQMEVJVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
ODQ5RC80NDFBNzI2NEI2NkUxMUVBOUIwODcyNDdDNEY5QUUwMi9FY2x5ZktVcExP
WGFYWEM2aUN2QzFrUDBFSVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAph8YUPpwgmUQl3vqOHLGcFOD1/R5j0l+KfUsm6fGwvQgxhnApc5qs
TAgKMUkrM48eQcpc+M5nOycdekbogzg+pSRgH/rFBdnFvozFGjmLO4AGcHFW9qMH
CaTnsdqDAfOATAJQqkDuQpsUg3Zn7qh7xowMUSfp5h+OJALoKaJg6/8eQVwiV0Lq
uv6fIfH0ftdKfOCidRD3d1DYW1K8k/wHhqaWWC+/mgpb3CPD5ZGlhCsF2BhUcPWw
UtEnTbN/7TDIhVT42KpgCMCdtC9MntKhPDQYZrcE8m+62Cr+yIwGxBLTRGCjIFbn
sXRGXLwpILywrSEXrUd05BSZInxoR4iA
-----END CERTIFICATE-----