Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A913D46F/7DA24C7A006911EA8FDB285DC4F9AE02/OXH34h0IySQ6u0A_gDBkv3iy2IA.mft
File:                     OXH34h0IySQ6u0A_gDBkv3iy2IA.mft (raw, json)
Hash identifier:          SB+xm+RIGwZfSTMQr5JYmj3g7yAbrxWDSKDTDii25Zw=
Subject key identifier:   3E:59:56:A2:2E:68:C9:44:8C:3A:6B:A1:7C:7C:3A:B2:CE:67:DD:8C
Authority key identifier: 39:71:F7:E2:1D:08:C9:24:3A:BB:40:3F:80:30:64:BF:78:B2:D8:80
Certificate issuer:       /CN=A913D46F/serialNumber=3971F7E21D08C9243ABB403F803064BF78B2D880
Certificate serial:       0C90
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OXH34h0IySQ6u0A_gDBkv3iy2IA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913D46F/7DA24C7A006911EA8FDB285DC4F9AE02/OXH34h0IySQ6u0A_gDBkv3iy2IA.mft
Manifest number:          0C63
Signing time:             Fri 28 Mar 2025 18:33:36 +0000
Manifest this update:     Fri 28 Mar 2025 18:33:35 +0000
Manifest next update:     Fri 04 Apr 2025 18:33:35 +0000
Files and hashes:         1: OXH34h0IySQ6u0A_gDBkv3iy2IA.crl (hash: DktvdhjXRlVtl2nwJfWEwYfDATfCHwDXZO6cBGBg9mI=)
                          2: 92F8F6D042DA11ED93029A6AC4F9AE02.roa (hash: TeIPGyGqDRDL84HA9NnAzVJOOMFf2EjmrKH/elumev8=)
                          3: B0B722BEFA4A11EDA47C091DC4F9AE02.roa (hash: lRMtWT21HxefR8cIAkbesXguaIjwdfIuBa6XccIOgBM=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3216 (0xc90)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913D46F
        Validity
            Not Before: Mar 28 18:33:35 2025 GMT
            Not After : Apr  4 18:33:35 2025 GMT
        Subject: CN=67e6eb7f-1dc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:91:b5:df:bd:7e:c9:d5:6b:89:27:88:2a:cd:
                    f0:55:8f:d4:b7:36:77:42:4d:7c:4b:a2:07:a2:36:
                    95:45:2d:4c:bd:9b:bb:25:6a:09:b7:c9:c6:87:68:
                    23:20:4f:0b:9f:6d:78:2c:f0:31:b1:a1:ea:ca:48:
                    da:09:13:c2:97:8d:33:ba:c7:0b:7f:5d:ee:3a:fd:
                    b4:65:5d:e9:9b:da:dc:4a:3f:ee:9a:c2:9d:97:22:
                    93:3f:03:9b:ba:ec:1c:e7:cd:c9:4a:7a:92:db:dc:
                    1e:fc:26:50:8d:c9:58:f6:ba:5b:56:45:16:49:42:
                    9d:2c:7a:a6:e0:d1:9b:89:56:22:0b:c5:be:71:d1:
                    9b:a9:21:78:f5:46:4a:e8:67:9a:a7:e4:3d:d1:0c:
                    e0:35:9e:14:c5:55:1f:08:a9:46:2a:e2:b5:6a:65:
                    c0:e1:88:e1:0b:f7:01:dc:4e:4e:71:b9:2d:ec:6f:
                    7e:4a:f1:b3:b8:4d:f6:76:5e:a0:a3:a9:13:7c:a2:
                    5f:d0:c2:6b:7d:b8:6c:43:a0:5f:50:34:b3:c2:26:
                    ed:33:88:24:27:12:7f:46:ea:3f:ec:5e:8e:df:b3:
                    aa:a0:66:51:d4:cd:c1:03:87:67:91:a8:84:53:ef:
                    5d:40:98:d8:d5:ae:9f:dc:ed:73:9e:24:3d:9f:65:
                    37:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:59:56:A2:2E:68:C9:44:8C:3A:6B:A1:7C:7C:3A:B2:CE:67:DD:8C
            X509v3 Authority Key Identifier:
                keyid:39:71:F7:E2:1D:08:C9:24:3A:BB:40:3F:80:30:64:BF:78:B2:D8:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913D46F/7DA24C7A006911EA8FDB285DC4F9AE02/OXH34h0IySQ6u0A_gDBkv3iy2IA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OXH34h0IySQ6u0A_gDBkv3iy2IA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913D46F/7DA24C7A006911EA8FDB285DC4F9AE02/OXH34h0IySQ6u0A_gDBkv3iy2IA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:45:40:a4:26:f5:43:ef:e7:ed:fb:73:34:2a:f9:8a:48:f3:
         a4:2d:bc:81:8c:2e:6b:09:df:cb:32:44:d5:43:03:90:49:09:
         03:1c:23:4f:91:b0:2b:c4:08:57:3b:90:e5:55:59:f5:df:76:
         db:89:f1:30:a3:2e:76:64:0b:00:9a:57:54:1f:df:3c:68:4c:
         a4:84:c7:18:c6:87:e9:3a:c8:28:db:55:78:8c:f7:a5:79:79:
         0c:6a:d8:d5:1c:fe:0b:d3:e6:c4:8f:f6:52:3d:9f:6d:db:be:
         6b:94:14:15:9f:ca:12:1a:19:b7:ed:b8:9b:ee:d4:bc:74:3f:
         fc:6e:34:1e:94:0c:77:94:bd:58:8a:01:85:2d:6b:3f:e9:0c:
         60:ef:fc:3d:c2:03:b8:f0:76:94:81:ac:85:53:91:a6:88:a8:
         6f:35:48:2a:d0:34:46:9d:f7:5e:c0:1e:f1:8b:a2:6c:c7:d7:
         04:fd:26:2b:58:94:96:c6:9b:96:25:e5:55:9c:48:82:fa:84:
         b1:16:f5:0e:cf:2a:3a:1f:b2:8a:b8:41:da:81:cd:ce:a3:b8:
         4e:b0:43:02:73:a5:fe:ce:79:eb:fd:07:7c:93:de:c4:cd:c2:
         9b:33:fc:89:db:e2:bc:db:cb:25:3a:4b:3b:af:36:44:b5:b2:
         db:80:0e:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDJAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0Q0NkYxMTAvBgNVBAUTKDM5NzFGN0UyMUQwOEM5MjQzQUJCNDAzRjgwMzA2NEJG
NzhCMkQ4ODAwHhcNMjUwMzI4MTgzMzM1WhcNMjUwNDA0MTgzMzM1WjAYMRYwFAYD
VQQDEw02N2U2ZWI3Zi0xZGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoJG1371+ydVriSeIKs3wVY/UtzZ3Qk18S6IHojaVRS1MvZu7JWoJt8nGh2gj
IE8Ln214LPAxsaHqykjaCRPCl40zuscLf13uOv20ZV3pm9rcSj/umsKdlyKTPwOb
uuwc583JSnqS29we/CZQjclY9rpbVkUWSUKdLHqm4NGbiVYiC8W+cdGbqSF49UZK
6Geap+Q90QzgNZ4UxVUfCKlGKuK1amXA4YjhC/cB3E5Ocbkt7G9+SvGzuE32dl6g
o6kTfKJf0MJrfbhsQ6BfUDSzwibtM4gkJxJ/Ruo/7F6O37OqoGZR1M3BA4dnkaiE
U+9dQJjY1a6f3O1zniQ9n2U3wQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD5ZVqIu
aMlEjDproXx8OrLOZ92MMB8GA1UdIwQYMBaAFDlx9+IdCMkkOrtAP4AwZL94stiA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRDQ2Ri83REEyNEM3QTAw
NjkxMUVBOEZEQjI4NURDNEY5QUUwMi9PWEgzNGgwSXlTUTZ1MEFfZ0RCa3YzaXky
SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09YSDM0aDBJeVNRNnUwQV9nREJrdjNpeTJJQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
RDQ2Ri83REEyNEM3QTAwNjkxMUVBOEZEQjI4NURDNEY5QUUwMi9PWEgzNGgwSXlT
UTZ1MEFfZ0RCa3YzaXkySUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBERUCkJvVD7+ft+3M0KvmKSPOkLbyBjC5rCd/LMkTVQwOQSQkDHCNP
kbArxAhXO5DlVVn133bbifEwoy52ZAsAmldUH988aEykhMcYxofpOsgo21V4jPel
eXkMatjVHP4L0+bEj/ZSPZ9t275rlBQVn8oSGhm37bib7tS8dD/8bjQelAx3lL1Y
igGFLWs/6Qxg7/w9wgO48HaUgayFU5GmiKhvNUgq0DRGnfdewB7xi6Jsx9cE/SYr
WJSWxpuWJeVVnEiC+oSxFvUOzyo6H7KKuEHagc3Oo7hOsEMCc6X+znnr/Qd8k97E
zcKbM/yJ2+K828slOks7rzZEtbLbgA4j
-----END CERTIFICATE-----