Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
File:                     GhpArZOkpDB-1yZNR9JSyvYt7_0.mft (raw, json)
Hash identifier:          zr6JLWfxxj1h46dVeirgZPktDU2B6MX/Ocy3AX1wgMg=
Subject key identifier:   B3:73:21:EB:DF:4C:E5:0F:84:78:D5:5C:F8:20:A1:3E:08:46:A3:C2
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Certificate issuer:       /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial:       0C3B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
Manifest number:          0C2B
Signing time:             Fri 28 Mar 2025 18:42:59 +0000
Manifest this update:     Fri 28 Mar 2025 18:42:59 +0000
Manifest next update:     Fri 04 Apr 2025 18:42:59 +0000
Files and hashes:         1: GhpArZOkpDB-1yZNR9JSyvYt7_0.crl (hash: T/OCU4aH4N7E6lbyTkBllmyZyX23YRCKwgNArK9lOMw=)
                          2: 3D19A90810AD11ED9FFCFC56C4F9AE02.roa (hash: hqZNi8jb9PfIBZ40ivFfM9w6K9/28vEma8/dZXwTKh4=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3131 (0xc3b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911D75C
        Validity
            Not Before: Mar 28 18:42:59 2025 GMT
            Not After : Apr  4 18:42:59 2025 GMT
        Subject: CN=67e6edb3-d606
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:8c:bc:92:bc:78:88:d8:9e:9a:8d:95:dd:e1:
                    a7:77:e5:69:a4:e5:8a:ab:5a:43:20:07:93:24:8c:
                    cc:e0:b8:7a:4d:51:ab:a9:b8:eb:b4:c7:45:4c:aa:
                    3c:e2:5a:20:e9:68:e9:a6:64:39:83:1f:d5:68:61:
                    cb:dc:60:0b:17:ff:22:13:2d:27:d7:82:c8:9b:1f:
                    fd:9f:a9:6d:dd:a8:08:ec:ac:6b:26:d3:e0:32:fd:
                    6a:cd:88:72:e6:47:2e:dc:56:a4:df:6d:70:8f:74:
                    68:ba:62:7b:8c:1a:c9:90:c8:c8:c5:e9:53:0c:86:
                    07:bd:ba:68:88:b7:36:b4:4b:58:2c:2a:3f:c5:47:
                    4a:cd:51:ed:d6:6d:cb:ca:a9:b7:7a:88:c5:4e:d4:
                    f3:07:9c:f4:33:25:b1:55:79:43:ea:e6:d3:86:8f:
                    f8:f2:ef:d9:5b:5b:fa:4f:2b:2e:c0:ef:93:ee:36:
                    1d:ee:fb:7a:5e:f0:7c:c4:92:cb:b6:4c:48:eb:45:
                    6e:66:5b:de:da:bf:56:27:5e:3f:b9:ab:8b:d0:f6:
                    2a:61:8b:d1:51:e9:35:ce:42:10:52:f2:7f:e3:f5:
                    48:8f:99:b5:9b:c7:cc:a9:9d:ea:0e:2f:c7:26:9c:
                    e8:b5:94:5e:81:b6:2e:f8:e8:61:09:d6:2d:1e:45:
                    49:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:73:21:EB:DF:4C:E5:0F:84:78:D5:5C:F8:20:A1:3E:08:46:A3:C2
            X509v3 Authority Key Identifier:
                keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:98:22:5f:72:56:9d:0c:4f:52:70:10:e2:29:d5:72:0e:a6:
         ad:68:e8:9e:cb:bb:b3:a4:d0:6e:b3:b4:bc:51:13:29:8b:1f:
         97:35:65:5c:23:c3:f5:98:57:06:12:70:c5:cf:08:a9:a4:f9:
         04:b5:d7:22:24:ce:ef:ec:23:eb:af:91:b2:98:20:5e:3c:f5:
         f1:7a:bf:34:ec:57:88:af:13:42:bd:54:2f:bc:c4:2d:e2:ac:
         ba:6d:3e:5b:23:61:22:50:f4:08:85:dc:07:2c:83:bd:8d:7f:
         20:da:65:69:cd:da:43:78:f8:78:44:dd:31:53:80:de:59:82:
         a3:54:94:d7:67:7b:c0:4a:85:f8:03:66:ca:4a:a9:25:43:7f:
         b6:7d:31:9c:c6:ab:89:f6:56:b0:4d:a0:ae:78:8e:fa:12:7f:
         d2:46:8a:be:d3:fc:b1:e2:9f:42:28:f3:93:26:8a:93:16:46:
         7c:6d:f1:ee:c5:88:39:85:dc:be:6e:9f:f8:16:8e:30:f5:ea:
         7f:c4:cb:70:ac:57:d0:b0:9c:cc:51:0f:88:bf:fa:24:b0:2a:
         b1:06:0f:cc:d7:f8:14:67:d9:4d:98:6d:3c:9a:c0:9c:ca:85:
         6d:f2:af:7c:78:79:ae:5d:86:d7:7e:2d:a1:59:65:ab:0b:9a:
         43:b5:ee:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDDswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjUwMzI4MTg0MjU5WhcNMjUwNDA0MTg0MjU5WjAYMRYwFAYD
VQQDEw02N2U2ZWRiMy1kNjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA64y8krx4iNiemo2V3eGnd+VppOWKq1pDIAeTJIzM4Lh6TVGrqbjrtMdFTKo8
4log6WjppmQ5gx/VaGHL3GALF/8iEy0n14LImx/9n6lt3agI7KxrJtPgMv1qzYhy
5kcu3Fak321wj3RoumJ7jBrJkMjIxelTDIYHvbpoiLc2tEtYLCo/xUdKzVHt1m3L
yqm3eojFTtTzB5z0MyWxVXlD6ubTho/48u/ZW1v6TysuwO+T7jYd7vt6XvB8xJLL
tkxI60VuZlve2r9WJ14/uauL0PYqYYvRUek1zkIQUvJ/4/VIj5m1m8fMqZ3qDi/H
JpzotZRegbYu+OhhCdYtHkVJ1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLNzIevf
TOUPhHjVXPggoT4IRqPCMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RDc1Qy8yQkM1RkQ0MDA2QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BE
Qi0xeVpOUjlKU3l2WXQ3XzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBumCJfcladDE9ScBDiKdVyDqataOiey7uzpNBus7S8URMpix+XNWVc
I8P1mFcGEnDFzwippPkEtdciJM7v7CPrr5GymCBePPXxer807FeIrxNCvVQvvMQt
4qy6bT5bI2EiUPQIhdwHLIO9jX8g2mVpzdpDePh4RN0xU4DeWYKjVJTXZ3vASoX4
A2bKSqklQ3+2fTGcxquJ9lawTaCueI76En/SRoq+0/yx4p9CKPOTJoqTFkZ8bfHu
xYg5hdy+bp/4Fo4w9ep/xMtwrFfQsJzMUQ+Iv/oksCqxBg/M1/gUZ9lNmG08msCc
yoVt8q98eHmuXYbXfi2hWWWrC5pDte5C
-----END CERTIFICATE-----