Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9122D89/C6A4A5E2084411EB9C736514C4F9AE02/PP5vPrHYknFeQTbpuoVrmPZxR7A.mft
File:                     PP5vPrHYknFeQTbpuoVrmPZxR7A.mft (raw, json)
Hash identifier:          uG5W0PSwTovd6fitTE61cqG4IMEKB1DgPQD/GUHvyJ0=
Subject key identifier:   C1:E0:D8:95:3C:11:9B:A8:37:3B:31:B4:1E:22:CB:9D:40:B9:5D:32
Authority key identifier: 3C:FE:6F:3E:B1:D8:92:71:5E:41:36:E9:BA:85:6B:98:F6:71:47:B0
Certificate issuer:       /CN=A9122D89/serialNumber=3CFE6F3EB1D892715E4136E9BA856B98F67147B0
Certificate serial:       077F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PP5vPrHYknFeQTbpuoVrmPZxR7A.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9122D89/C6A4A5E2084411EB9C736514C4F9AE02/PP5vPrHYknFeQTbpuoVrmPZxR7A.mft
Manifest number:          0779
Signing time:             Fri 28 Mar 2025 21:40:33 +0000
Manifest this update:     Fri 28 Mar 2025 21:40:33 +0000
Manifest next update:     Fri 04 Apr 2025 21:40:33 +0000
Files and hashes:         1: PP5vPrHYknFeQTbpuoVrmPZxR7A.crl (hash: wae3MRj6B+awQZ1yYzETauvbzHzg3RUSxKUAD104lHw=)
                          2: 7E8114F414E611EB82C98471C4F9AE02.roa (hash: J9GQPP4a7clIhGgoBAM9KLX43lz+eBaMPakWPFWVHmk=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1919 (0x77f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9122D89
        Validity
            Not Before: Mar 28 21:40:33 2025 GMT
            Not After : Apr  4 21:40:33 2025 GMT
        Subject: CN=67e71751-7a11
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:aa:d3:52:41:1d:3b:1f:59:68:a5:5e:80:df:
                    f0:1d:26:66:7d:ab:a6:a9:ed:72:fe:15:e9:56:12:
                    84:a0:e0:55:23:e7:8f:77:04:56:35:59:ff:44:8f:
                    c9:5d:e9:f6:32:5d:e5:b6:b4:fe:59:e6:5e:59:ed:
                    50:6e:e6:71:e2:aa:e4:e9:c8:84:0f:34:31:af:ce:
                    79:41:86:8a:e4:b6:3c:3d:b7:a1:df:0d:0b:1c:73:
                    57:0c:2d:27:69:ca:e2:a5:02:97:01:5a:92:ee:1a:
                    60:9b:ca:2e:34:cb:8b:a6:da:e9:08:2a:fe:00:24:
                    9f:72:94:db:e7:24:fa:1e:ea:e5:a4:de:3e:af:9b:
                    17:de:33:bb:46:89:bd:80:e2:45:4e:21:f0:66:a1:
                    a8:75:05:ee:60:a6:c1:a5:85:b2:56:41:b2:ed:3a:
                    3f:32:7e:c9:47:1e:c9:37:c2:2f:2a:2d:bb:c7:72:
                    13:a8:6a:0c:40:3d:71:19:d5:3e:25:fd:8e:2e:e1:
                    8e:da:c7:12:87:c0:d3:13:e8:95:dc:9b:58:55:c6:
                    0b:55:fd:37:ce:99:12:cf:07:6b:1a:75:e4:07:a8:
                    14:38:73:45:41:63:e0:01:5a:8c:09:e6:09:de:18:
                    6f:bd:15:0f:28:1e:38:93:1b:da:6c:32:8e:ab:c5:
                    4a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:E0:D8:95:3C:11:9B:A8:37:3B:31:B4:1E:22:CB:9D:40:B9:5D:32
            X509v3 Authority Key Identifier:
                keyid:3C:FE:6F:3E:B1:D8:92:71:5E:41:36:E9:BA:85:6B:98:F6:71:47:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9122D89/C6A4A5E2084411EB9C736514C4F9AE02/PP5vPrHYknFeQTbpuoVrmPZxR7A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PP5vPrHYknFeQTbpuoVrmPZxR7A.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122D89/C6A4A5E2084411EB9C736514C4F9AE02/PP5vPrHYknFeQTbpuoVrmPZxR7A.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:13:9a:cc:bd:57:19:24:41:35:ab:65:15:b8:9c:24:ea:3a:
         c2:4e:86:71:b3:3c:88:9f:8f:a1:12:d3:79:e0:3d:25:eb:e6:
         d7:c1:84:5d:b6:af:70:9b:29:30:ca:87:c3:67:bb:65:aa:a4:
         03:38:bd:d8:31:c7:f8:12:9f:55:7a:2f:ed:48:1b:ef:dc:b8:
         42:48:69:d0:53:a6:c1:72:40:7c:31:9b:c1:5e:00:36:ae:49:
         39:0c:cd:d4:a4:02:27:3d:b6:73:27:61:56:2f:9c:d4:f6:96:
         3f:15:32:f5:d1:2d:22:4b:d0:f9:03:c1:c2:75:3b:67:fc:80:
         10:c9:33:a9:13:08:1e:e9:a8:ed:ee:58:c6:25:09:03:57:bd:
         87:e3:d1:f2:1c:23:61:69:07:bd:d1:73:55:97:f8:61:3d:00:
         50:0d:d9:a9:e1:c1:73:37:25:78:08:5c:4b:7b:ab:c8:82:d0:
         2d:fd:25:fc:cf:9f:3b:df:08:09:c5:89:53:a9:59:1d:14:3e:
         dc:81:cf:95:db:57:41:57:9a:f5:b0:de:04:60:cf:df:fd:10:
         a9:4b:5a:61:82:ff:4a:d8:35:25:1b:2c:c7:08:f0:de:20:00:
         e2:40:4a:40:52:82:14:79:3f:43:7e:6e:f0:11:b0:1a:86:e8:
         05:27:bf:08
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICB38wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjJEODkxMTAvBgNVBAUTKDNDRkU2RjNFQjFEODkyNzE1RTQxMzZFOUJBODU2Qjk4
RjY3MTQ3QjAwHhcNMjUwMzI4MjE0MDMzWhcNMjUwNDA0MjE0MDMzWjAYMRYwFAYD
VQQDEw02N2U3MTc1MS03YTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwqrTUkEdOx9ZaKVegN/wHSZmfaumqe1y/hXpVhKEoOBVI+ePdwRWNVn/RI/J
Xen2Ml3ltrT+WeZeWe1QbuZx4qrk6ciEDzQxr855QYaK5LY8Pbeh3w0LHHNXDC0n
acripQKXAVqS7hpgm8ouNMuLptrpCCr+ACSfcpTb5yT6HurlpN4+r5sX3jO7Rom9
gOJFTiHwZqGodQXuYKbBpYWyVkGy7To/Mn7JRx7JN8IvKi27x3ITqGoMQD1xGdU+
Jf2OLuGO2scSh8DTE+iV3JtYVcYLVf03zpkSzwdrGnXkB6gUOHNFQWPgAVqMCeYJ
3hhvvRUPKB44kxvabDKOq8VKJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMHg2JU8
EZuoNzsxtB4iy51AuV0yMB8GA1UdIwQYMBaAFDz+bz6x2JJxXkE26bqFa5j2cUew
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkQ4OS9DNkE0QTVFMjA4
NDQxMUVCOUM3MzY1MTRDNEY5QUUwMi9QUDV2UHJIWWtuRmVRVGJwdW9Wcm1QWnhS
N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BQNXZQckhZa25GZVFUYnB1b1ZybVBaeFI3QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MkQ4OS9DNkE0QTVFMjA4NDQxMUVCOUM3MzY1MTRDNEY5QUUwMi9QUDV2UHJIWWtu
RmVRVGJwdW9Wcm1QWnhSN0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBiE5rMvVcZJEE1q2UVuJwk6jrCToZxszyIn4+hEtN54D0l6+bXwYRd
tq9wmykwyofDZ7tlqqQDOL3YMcf4Ep9Vei/tSBvv3LhCSGnQU6bBckB8MZvBXgA2
rkk5DM3UpAInPbZzJ2FWL5zU9pY/FTL10S0iS9D5A8HCdTtn/IAQyTOpEwge6ajt
7ljGJQkDV72H49HyHCNhaQe90XNVl/hhPQBQDdmp4cFzNyV4CFxLe6vIgtAt/SX8
z5873wgJxYlTqVkdFD7cgc+V21dBV5r1sN4EYM/f/RCpS1phgv9K2DUlGyzHCPDe
IADiQEpAUoIUeT9Dfm7wEbAahugFJ78I
-----END CERTIFICATE-----