Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft
File:                     ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft (raw, json)
Hash identifier:          azT+I2QwcU7E7IXTb3KkmtuXdWg84e8AVOQdonHkly0=
Subject key identifier:   36:23:89:E3:54:96:0D:17:CF:E0:06:B0:89:BF:F2:11:91:CD:BF:A4
Authority key identifier: 72:D6:5B:B3:CA:D4:A0:98:F3:6F:41:37:59:4C:C7:FE:C2:FA:28:A3
Certificate issuer:       /CN=A913C91D/serialNumber=72D65BB3CAD4A098F36F4137594CC7FEC2FA28A3
Certificate serial:       1051
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ctZbs8rUoJjzb0E3WUzH_sL6KKM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft
Manifest number:          1048
Signing time:             Fri 28 Mar 2025 17:30:24 +0000
Manifest this update:     Fri 28 Mar 2025 17:30:24 +0000
Manifest next update:     Fri 04 Apr 2025 17:30:24 +0000
Files and hashes:         1: ctZbs8rUoJjzb0E3WUzH_sL6KKM.crl (hash: 1cYbqskqlYgqOM5vn77xo4qbwNufSZuoz441uELaUB0=)
                          2: 39C6EF3688BF11EABC04973FC4F9AE02.roa (hash: E3ZTe2bEAycjBIVFstyPiPS8lw3hN6h/g285ab56Ew4=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4177 (0x1051)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913C91D
        Validity
            Not Before: Mar 28 17:30:24 2025 GMT
            Not After : Apr  4 17:30:24 2025 GMT
        Subject: CN=67e6dcb0-6b22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:c3:f6:ae:ab:4b:76:b2:57:73:f4:6c:a6:36:
                    28:c0:93:e2:23:ec:79:d1:d4:ed:34:ef:b3:94:70:
                    70:27:04:5c:cb:a0:b1:13:d4:d5:f5:02:a9:3c:0d:
                    02:e5:98:fb:b4:14:45:70:5a:ee:d7:34:f1:46:cf:
                    a2:30:76:83:22:cd:61:5c:86:51:d8:3b:a9:98:b1:
                    73:46:7b:5c:3c:d2:a3:5e:c9:a6:76:fe:fc:89:f8:
                    ca:23:57:d0:93:41:23:9d:89:b4:e3:75:e4:17:2c:
                    f3:02:32:bc:6b:fd:35:73:f3:61:23:f9:a6:88:c8:
                    cd:c8:2e:59:c0:db:55:15:1a:16:21:e8:e7:c2:65:
                    f5:c6:0f:23:b0:35:fd:d0:ad:72:3e:8e:b9:44:ca:
                    1c:0f:35:de:32:28:8d:01:68:00:a9:36:c0:dd:ff:
                    65:27:18:50:fe:b7:05:56:de:3e:91:b7:da:9c:19:
                    0d:bc:c4:58:a2:4c:97:f4:6d:d2:b7:f0:65:3e:3a:
                    15:df:11:a4:9f:3a:44:39:25:62:d4:31:15:b9:bc:
                    b2:87:7b:a4:75:af:a3:cd:b5:e7:10:74:da:4b:65:
                    54:6e:03:5a:76:0e:00:a7:db:ed:00:37:5d:95:3e:
                    c9:7a:94:18:8d:e9:cf:25:0a:54:7f:05:a1:73:0f:
                    ed:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:23:89:E3:54:96:0D:17:CF:E0:06:B0:89:BF:F2:11:91:CD:BF:A4
            X509v3 Authority Key Identifier:
                keyid:72:D6:5B:B3:CA:D4:A0:98:F3:6F:41:37:59:4C:C7:FE:C2:FA:28:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ctZbs8rUoJjzb0E3WUzH_sL6KKM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:40:e8:85:f7:f1:56:62:c5:df:f8:d1:fe:08:3b:96:3d:6b:
         9f:57:68:1d:11:51:e3:c9:21:69:cb:cb:2c:1a:5a:10:7e:21:
         0c:20:89:b2:a2:fc:87:c2:f9:62:87:b5:03:25:06:78:0a:71:
         e9:c2:25:69:98:3c:8f:46:34:3c:58:47:59:cb:c7:ac:6d:94:
         b4:45:6a:9c:3e:a8:1d:94:65:09:2e:d9:db:e8:bb:3d:87:62:
         3c:0b:ed:1e:a7:8e:9f:94:43:29:9b:6a:f9:ba:4b:97:a2:2b:
         38:c2:f4:c5:e4:6c:43:41:b8:ba:d9:aa:8a:68:4a:f1:9f:3f:
         76:93:af:bb:01:b9:f9:12:11:6d:d7:a8:ab:14:4f:5e:63:7b:
         3b:02:8c:d9:4c:bf:4f:a5:74:e4:06:3b:34:09:37:7e:0b:3d:
         70:6b:78:90:51:ef:46:60:a7:3b:c2:ad:2f:03:a6:f2:5c:06:
         19:d5:15:1c:3d:94:88:b4:c3:81:85:2b:03:95:70:0e:19:07:
         55:66:72:3a:a6:80:fe:69:cd:9c:aa:0a:e0:1b:00:af:61:98:
         96:76:4e:37:22:b2:81:d8:20:6f:df:58:ec:fe:78:cb:08:e3:
         98:42:07:5f:0c:b3:a5:a2:2f:98:78:89:18:f2:90:cc:2a:a8:
         3e:2a:2f:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M5MUQxMTAvBgNVBAUTKDcyRDY1QkIzQ0FENEEwOThGMzZGNDEzNzU5NENDN0ZF
QzJGQTI4QTMwHhcNMjUwMzI4MTczMDI0WhcNMjUwNDA0MTczMDI0WjAYMRYwFAYD
VQQDEw02N2U2ZGNiMC02YjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4MP2rqtLdrJXc/RspjYowJPiI+x50dTtNO+zlHBwJwRcy6CxE9TV9QKpPA0C
5Zj7tBRFcFru1zTxRs+iMHaDIs1hXIZR2DupmLFzRntcPNKjXsmmdv78ifjKI1fQ
k0EjnYm043XkFyzzAjK8a/01c/NhI/mmiMjNyC5ZwNtVFRoWIejnwmX1xg8jsDX9
0K1yPo65RMocDzXeMiiNAWgAqTbA3f9lJxhQ/rcFVt4+kbfanBkNvMRYokyX9G3S
t/BlPjoV3xGknzpEOSVi1DEVubyyh3ukda+jzbXnEHTaS2VUbgNadg4Ap9vtADdd
lT7JepQYjenPJQpUfwWhcw/tSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDYjieNU
lg0Xz+AGsIm/8hGRzb+kMB8GA1UdIwQYMBaAFHLWW7PK1KCY829BN1lMx/7C+iij
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzkxRC9EOTBDRDg3NDM1
ODQxMUU5OUE5OTAyMjhDNEY5QUUwMi9jdFpiczhyVW9KanpiMEUzV1V6SF9zTDZL
S00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2N0WmJzOHJVb0pqemIwRTNXVXpIX3NMNktLTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
QzkxRC9EOTBDRDg3NDM1ODQxMUU5OUE5OTAyMjhDNEY5QUUwMi9jdFpiczhyVW9K
anpiMEUzV1V6SF9zTDZLS00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCoQOiF9/FWYsXf+NH+CDuWPWufV2gdEVHjySFpy8ssGloQfiEMIImy
ovyHwvlih7UDJQZ4CnHpwiVpmDyPRjQ8WEdZy8esbZS0RWqcPqgdlGUJLtnb6Ls9
h2I8C+0ep46flEMpm2r5ukuXois4wvTF5GxDQbi62aqKaErxnz92k6+7Abn5EhFt
16irFE9eY3s7AozZTL9PpXTkBjs0CTd+Cz1wa3iQUe9GYKc7wq0vA6byXAYZ1RUc
PZSItMOBhSsDlXAOGQdVZnI6poD+ac2cqgrgGwCvYZiWdk43IrKB2CBv31js/njL
COOYQgdfDLOloi+YeIkY8pDMKqg+Ki+7
-----END CERTIFICATE-----