Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft
File:                     ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft (raw, json)
Hash identifier:          nr9MI+xfH5+Ds/PHvGJhCscL/UEMb3DI32vhXFJAPiw=
Subject key identifier:   4C:DA:0A:17:70:85:2C:A4:6B:DA:DD:DC:BD:49:8F:1D:2B:BB:C6:3B
Authority key identifier: 21:34:36:BA:23:A9:AF:25:0B:F2:5D:DE:A5:0C:76:22:19:F9:06:BC
Certificate issuer:       /CN=A912382E/serialNumber=213436BA23A9AF250BF25DDEA50C762219F906BC
Certificate serial:       1882
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft
Manifest number:          187A
Signing time:             Fri 28 Mar 2025 16:36:38 +0000
Manifest this update:     Fri 28 Mar 2025 16:36:38 +0000
Manifest next update:     Fri 04 Apr 2025 16:36:38 +0000
Files and hashes:         1: ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl (hash: yrAseRJ1I6dXAaufJ+Ups26SxUWkN/WmT3JopS+cz8s=)
                          2: BD843CCE984011E79A256C82C4F9AE02.roa (hash: 7d3vUmf2cWau9IPd6HfmaD3peDm+FJkYl4xBhieCAd0=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6274 (0x1882)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912382E
        Validity
            Not Before: Mar 28 16:36:38 2025 GMT
            Not After : Apr  4 16:36:38 2025 GMT
        Subject: CN=67e6d016-9033
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:f9:3b:d0:f1:3d:55:ea:e9:3a:36:26:6e:7d:
                    96:fb:20:72:22:cc:80:f6:3c:7e:c9:56:96:88:91:
                    a5:f3:53:d1:8b:a2:2f:57:cb:e2:81:e3:01:b6:28:
                    59:b8:fc:7e:ee:20:94:6b:c6:15:79:ec:da:76:28:
                    0b:bd:f4:22:83:8d:1b:ce:55:d9:de:dc:49:40:8a:
                    6f:bc:d5:fa:43:69:bf:40:ce:5a:01:95:8e:ae:bc:
                    b1:0d:39:f8:00:0b:74:c9:57:28:28:1b:14:4f:64:
                    31:33:71:36:cc:67:55:55:22:49:bd:db:19:ac:f2:
                    75:38:52:11:98:42:5e:bb:d5:26:50:f1:44:35:17:
                    1d:2d:ae:ef:b7:c4:c6:cb:5b:ee:2b:48:d1:47:ef:
                    19:cc:6c:80:ad:35:df:c5:59:55:2c:2c:1a:62:0b:
                    0f:f2:5f:6e:27:68:08:7a:3d:53:19:43:94:11:7b:
                    3a:38:b7:7d:53:de:b2:7e:61:0a:9d:2c:b1:0b:65:
                    e8:48:84:e0:02:3b:47:bf:c8:5b:07:b8:db:05:e0:
                    90:64:54:97:08:eb:00:44:8c:78:d7:00:a4:08:4c:
                    54:c3:30:9d:27:6f:15:30:6c:d0:2e:56:ce:90:61:
                    d0:ee:65:74:c9:4f:11:4a:24:14:62:d3:6f:5a:3b:
                    bd:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:DA:0A:17:70:85:2C:A4:6B:DA:DD:DC:BD:49:8F:1D:2B:BB:C6:3B
            X509v3 Authority Key Identifier:
                keyid:21:34:36:BA:23:A9:AF:25:0B:F2:5D:DE:A5:0C:76:22:19:F9:06:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:88:dc:01:c0:99:26:8d:b2:2c:7e:c3:77:0a:e6:86:c3:69:
         f2:17:b0:95:07:d3:4c:0b:a0:e0:41:45:2b:ee:fe:45:0a:ad:
         07:cc:7b:2a:8b:3d:dd:f2:06:26:41:b2:8c:71:ea:6d:47:38:
         1a:4a:db:93:9c:8e:b1:8d:05:04:cb:9f:a3:09:2a:95:5c:5a:
         ca:1f:f2:0f:10:2e:2e:ab:09:ad:07:b8:d9:3f:a6:8b:fc:f7:
         7a:c8:65:92:b2:67:0a:e2:c3:df:5b:7c:44:69:a5:df:c9:d3:
         ce:a3:86:b5:94:af:06:4d:c7:07:a7:24:0f:aa:3f:52:da:bb:
         b6:65:65:f4:24:7a:3f:69:28:b3:87:f6:ca:28:bb:0c:11:dc:
         93:6d:1b:b8:7b:bc:5a:b5:5f:60:6b:77:64:23:b7:0a:52:72:
         8d:4a:bc:d7:99:3f:15:97:7c:d2:21:1f:6d:41:44:7f:de:d8:
         48:06:f4:eb:ce:66:0b:94:87:05:1f:19:56:11:3c:8d:d4:07:
         30:6d:85:05:00:c1:67:31:a5:de:bb:f9:8c:15:a3:52:4c:e2:
         94:be:c7:17:e5:be:d2:a2:7b:9b:36:15:78:ae:98:3a:fb:2d:
         d1:44:f6:fa:aa:81:c8:95:0d:c9:60:cc:46:f4:89:de:2c:50:
         76:34:a6:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICGIIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjM4MkUxMTAvBgNVBAUTKDIxMzQzNkJBMjNBOUFGMjUwQkYyNURERUE1MEM3NjIy
MTlGOTA2QkMwHhcNMjUwMzI4MTYzNjM4WhcNMjUwNDA0MTYzNjM4WjAYMRYwFAYD
VQQDEw02N2U2ZDAxNi05MDMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1/k70PE9VerpOjYmbn2W+yByIsyA9jx+yVaWiJGl81PRi6IvV8vigeMBtihZ
uPx+7iCUa8YVeezadigLvfQig40bzlXZ3txJQIpvvNX6Q2m/QM5aAZWOrryxDTn4
AAt0yVcoKBsUT2QxM3E2zGdVVSJJvdsZrPJ1OFIRmEJeu9UmUPFENRcdLa7vt8TG
y1vuK0jRR+8ZzGyArTXfxVlVLCwaYgsP8l9uJ2gIej1TGUOUEXs6OLd9U96yfmEK
nSyxC2XoSITgAjtHv8hbB7jbBeCQZFSXCOsARIx41wCkCExUwzCdJ28VMGzQLlbO
kGHQ7mV0yU8RSiQUYtNvWju9PwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEzaChdw
hSyka9rd3L1Jjx0ru8Y7MB8GA1UdIwQYMBaAFCE0Nrojqa8lC/Jd3qUMdiIZ+Qa8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgyRS8zMTFFQUM1Njk4
NDAxMUU3Qjc2OEVCODFDNEY5QUUwMi9JVFEydWlPcHJ5VUw4bDNlcFF4MklobjVC
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lUUTJ1aU9wcnlVTDhsM2VwUXgySWhuNUJydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
MzgyRS8zMTFFQUM1Njk4NDAxMUU3Qjc2OEVCODFDNEY5QUUwMi9JVFEydWlPcHJ5
VUw4bDNlcFF4MklobjVCcncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBuiNwBwJkmjbIsfsN3CuaGw2nyF7CVB9NMC6DgQUUr7v5FCq0HzHsq
iz3d8gYmQbKMceptRzgaStuTnI6xjQUEy5+jCSqVXFrKH/IPEC4uqwmtB7jZP6aL
/Pd6yGWSsmcK4sPfW3xEaaXfydPOo4a1lK8GTccHpyQPqj9S2ru2ZWX0JHo/aSiz
h/bKKLsMEdyTbRu4e7xatV9ga3dkI7cKUnKNSrzXmT8Vl3zSIR9tQUR/3thIBvTr
zmYLlIcFHxlWETyN1AcwbYUFAMFnMaXeu/mMFaNSTOKUvscX5b7SonubNhV4rpg6
+y3RRPb6qoHIlQ3JYMxG9IneLFB2NKao
-----END CERTIFICATE-----