Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.mft
File:                     aZ5nQlZ75zKcw6eG3reFfiwkIPk.mft (raw, json)
Hash identifier:          jbsvX/oLTtIqEQqFZv89rzSkVrxUR800lb3ah1QuRd4=
Subject key identifier:   5D:F3:32:07:F0:57:0B:8D:05:E6:B9:8F:2F:1C:F2:72:87:46:27:BF
Authority key identifier: 69:9E:67:42:56:7B:E7:32:9C:C3:A7:86:DE:B7:85:7E:2C:24:20:F9
Certificate issuer:       /CN=A9119333/serialNumber=699E6742567BE7329CC3A786DEB7857E2C2420F9
Certificate serial:       2296
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ5nQlZ75zKcw6eG3reFfiwkIPk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.mft
Manifest number:          2256
Signing time:             Fri 28 Mar 2025 15:57:32 +0000
Manifest this update:     Fri 28 Mar 2025 15:57:31 +0000
Manifest next update:     Fri 04 Apr 2025 15:57:31 +0000
Files and hashes:         1: aZ5nQlZ75zKcw6eG3reFfiwkIPk.crl (hash: LHYheJk9e1zLLxX2yDXyCCxd5CvIsqxwJ5pwa9dyDiI=)
                          2: 443C3AF2D3F611EFB03C5C14C4F9AE02.roa (hash: wXATKovo7SMCs4Sjl6WSvsrS7s1LwuBJsCqyfazF85I=)
                          3: DD73806ED3C811EF9D76942FC4F9AE02.roa (hash: K8lxpuSGa3hE5HZ2FtNWD3paYpQtfp/AoALIaMdmBnY=)
                          4: 1AC9199AD3CB11EF84052053C4F9AE02.roa (hash: vFaGBlF9+Zjf3Awaf+ms/PRalIKraIH0omeBdNCwy5s=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8854 (0x2296)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9119333
        Validity
            Not Before: Mar 28 15:57:31 2025 GMT
            Not After : Apr  4 15:57:31 2025 GMT
        Subject: CN=67e6c6eb-b56c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e5:9a:f2:a4:20:2c:52:11:ca:11:72:a3:ea:
                    be:9c:af:ad:42:9e:fe:b2:97:65:1f:d4:2c:6d:9e:
                    60:2c:b6:a4:d3:4e:30:44:ef:3b:9b:b9:e9:13:cc:
                    0a:ca:e6:a9:95:73:82:92:59:6e:7a:5e:e3:98:ad:
                    a6:a5:ce:29:8d:cb:8a:79:40:1b:a2:00:5c:9b:2e:
                    3d:97:80:6b:36:7a:05:89:b1:86:7e:1e:53:0d:46:
                    b0:1f:69:1c:5c:41:4d:a0:32:c4:82:2b:24:fa:9f:
                    ae:99:ca:ef:57:de:9f:d3:7e:fc:28:ee:93:c4:52:
                    e5:8a:eb:e5:cf:18:e9:31:03:18:fc:01:26:0d:93:
                    b8:da:c4:cb:4b:39:3f:8b:19:ba:57:e7:e1:20:44:
                    b7:cf:18:a6:52:bb:3b:84:3b:fd:69:b0:a2:ff:0e:
                    27:45:00:00:c9:ad:05:8e:c0:6d:a8:30:a4:93:be:
                    9a:e6:1c:37:61:24:35:a3:1a:f3:78:68:42:41:db:
                    6a:df:09:aa:a8:aa:bd:b4:3b:23:c9:a2:f7:ca:38:
                    61:43:5c:c8:e0:40:75:75:cb:ca:e6:37:09:e7:a1:
                    d7:8d:c5:13:39:78:03:80:f6:87:63:7a:81:4f:00:
                    22:c1:02:eb:fa:3c:d4:fc:62:e8:07:83:57:92:d1:
                    ba:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:F3:32:07:F0:57:0B:8D:05:E6:B9:8F:2F:1C:F2:72:87:46:27:BF
            X509v3 Authority Key Identifier:
                keyid:69:9E:67:42:56:7B:E7:32:9C:C3:A7:86:DE:B7:85:7E:2C:24:20:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ5nQlZ75zKcw6eG3reFfiwkIPk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119333/065DA3BAB84411E5B5357B2FC4F9AE02/aZ5nQlZ75zKcw6eG3reFfiwkIPk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:63:6f:62:37:98:9f:4b:1c:f6:5d:4d:ff:d5:55:87:6b:d7:
         05:07:c5:94:b5:0a:e2:2a:29:5b:40:9d:ec:46:56:9a:63:03:
         24:47:48:6b:84:e8:0d:8a:aa:80:ab:e9:a0:d8:de:f0:a3:b7:
         a4:39:c1:82:16:f7:af:1a:2d:87:7b:82:72:af:7a:ff:be:a8:
         d1:74:b5:91:5d:d0:17:3f:b0:8b:4c:18:c3:50:37:14:0f:72:
         00:28:43:10:51:3c:59:07:9e:36:79:63:c2:4e:9c:50:33:10:
         da:5d:4c:7f:16:18:60:ca:cc:37:f6:cd:5a:6e:d8:d8:36:09:
         cf:88:25:ad:4a:66:a6:07:6f:e0:0a:07:39:c6:cc:98:50:ac:
         b8:5e:32:6f:36:8c:00:94:63:1c:fa:8a:53:76:25:a2:48:e6:
         2d:5d:1b:79:26:2b:20:0a:69:0d:7e:5f:1e:89:42:0d:6d:b8:
         ec:1d:66:3f:46:61:7b:eb:6c:dd:c9:d0:d8:d5:28:f2:f0:c8:
         fd:f7:5a:3a:32:0e:3d:69:ec:a8:60:17:3c:14:82:e8:b3:9f:
         12:1c:d8:a1:92:bf:dd:d4:d6:f8:24:b1:59:3e:98:86:81:86:
         ff:ef:a9:06:68:8e:b6:a4:0f:20:b8:68:a3:1e:c2:0c:94:42:
         ed:9e:e1:45
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICIpYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTkzMzMxMTAvBgNVBAUTKDY5OUU2NzQyNTY3QkU3MzI5Q0MzQTc4NkRFQjc4NTdF
MkMyNDIwRjkwHhcNMjUwMzI4MTU1NzMxWhcNMjUwNDA0MTU1NzMxWjAYMRYwFAYD
VQQDEw02N2U2YzZlYi1iNTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1eWa8qQgLFIRyhFyo+q+nK+tQp7+spdlH9QsbZ5gLLak004wRO87m7npE8wK
yuaplXOCklluel7jmK2mpc4pjcuKeUAbogBcmy49l4BrNnoFibGGfh5TDUawH2kc
XEFNoDLEgisk+p+umcrvV96f0378KO6TxFLliuvlzxjpMQMY/AEmDZO42sTLSzk/
ixm6V+fhIES3zximUrs7hDv9abCi/w4nRQAAya0FjsBtqDCkk76a5hw3YSQ1oxrz
eGhCQdtq3wmqqKq9tDsjyaL3yjhhQ1zI4EB1dcvK5jcJ56HXjcUTOXgDgPaHY3qB
TwAiwQLr+jzU/GLoB4NXktG6tQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF3zMgfw
VwuNBea5jy8c8nKHRie/MB8GA1UdIwQYMBaAFGmeZ0JWe+cynMOnht63hX4sJCD5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTMzMy8wNjVEQTNCQUI4
NDQxMUU1QjUzNTdCMkZDNEY5QUUwMi9hWjVuUWxaNzV6S2N3NmVHM3JlRmZpd2tJ
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FaNW5RbFo3NXpLY3c2ZUczcmVGZml3a0lQay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
OTMzMy8wNjVEQTNCQUI4NDQxMUU1QjUzNTdCMkZDNEY5QUUwMi9hWjVuUWxaNzV6
S2N3NmVHM3JlRmZpd2tJUGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBqY29iN5ifSxz2XU3/1VWHa9cFB8WUtQriKilbQJ3sRlaaYwMkR0hr
hOgNiqqAq+mg2N7wo7ekOcGCFvevGi2He4Jyr3r/vqjRdLWRXdAXP7CLTBjDUDcU
D3IAKEMQUTxZB542eWPCTpxQMxDaXUx/Fhhgysw39s1abtjYNgnPiCWtSmamB2/g
Cgc5xsyYUKy4XjJvNowAlGMc+opTdiWiSOYtXRt5JisgCmkNfl8eiUINbbjsHWY/
RmF762zdydDY1Sjy8Mj991o6Mg49aeyoYBc8FILos58SHNihkr/d1Nb4JLFZPpiG
gYb/76kGaI62pA8guGijHsIMlELtnuFF
-----END CERTIFICATE-----