Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A913FC26/FEA57E60B67711E8A0A0D332C4F9AE02/bKnl9NY_H1jrllKlKzuc-7vnQbw.mft
File:                     bKnl9NY_H1jrllKlKzuc-7vnQbw.mft (raw, json)
Hash identifier:          MSzO06C60BoSwr+hATOhDL+hE0oZkAcYsAHtFsTEi9Y=
Subject key identifier:   75:C5:72:04:1F:74:FF:59:96:BB:43:3C:23:90:89:52:CF:76:50:96
Authority key identifier: 6C:A9:E5:F4:D6:3F:1F:58:EB:96:52:A5:2B:3B:9C:FB:BB:E7:41:BC
Certificate issuer:       /CN=A913FC26/serialNumber=6CA9E5F4D63F1F58EB9652A52B3B9CFBBBE741BC
Certificate serial:       12CD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKnl9NY_H1jrllKlKzuc-7vnQbw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913FC26/FEA57E60B67711E8A0A0D332C4F9AE02/bKnl9NY_H1jrllKlKzuc-7vnQbw.mft
Manifest number:          12C6
Signing time:             Fri 28 Mar 2025 17:11:22 +0000
Manifest this update:     Fri 28 Mar 2025 17:11:21 +0000
Manifest next update:     Fri 04 Apr 2025 17:11:21 +0000
Files and hashes:         1: bKnl9NY_H1jrllKlKzuc-7vnQbw.crl (hash: saFD9A+aPQTXxicxYaTP0OBfefIlDe0ioELCHxP31U4=)
                          2: 706382C2B67811E8A2696333C4F9AE02.roa (hash: rzftRMPtJ5B6XfKei48LV2pqboch+DlK8AP2NtHbsfk=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4813 (0x12cd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913FC26
        Validity
            Not Before: Mar 28 17:11:21 2025 GMT
            Not After : Apr  4 17:11:21 2025 GMT
        Subject: CN=67e6d83a-99e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:09:51:07:fb:6a:92:36:e4:fa:8f:50:d9:49:
                    6e:5e:5f:d9:86:bf:0d:ac:7c:e1:b3:35:09:07:a5:
                    90:a3:a0:b8:7e:71:b4:76:42:8b:cf:f8:37:b3:bb:
                    a4:26:9d:15:5b:ec:60:80:9d:a9:56:08:fa:b1:82:
                    ee:7f:3f:3b:4f:00:80:dc:3d:5c:85:07:1f:b4:64:
                    76:3a:17:c0:26:2f:74:91:ed:b8:07:48:0c:1f:bb:
                    fc:f4:3a:36:93:26:d0:21:5f:e6:18:14:4c:3f:05:
                    03:2e:35:86:13:3c:39:7e:fa:0c:38:b2:a5:85:bc:
                    c3:1a:a9:31:d0:3a:35:79:26:bc:a8:bf:39:a0:11:
                    d9:38:3c:fa:3f:9a:5c:34:6a:ca:91:da:73:d3:de:
                    b1:6c:20:8f:32:45:0e:97:e6:69:c3:65:e0:3e:55:
                    56:b8:9e:df:7a:09:1c:17:b3:0c:d7:fe:15:28:15:
                    6e:93:11:e2:75:dd:7f:ba:d3:a5:f1:7f:8a:94:3d:
                    56:9a:a0:05:2f:22:f3:9e:82:80:cf:44:29:c1:2b:
                    ea:05:f3:61:50:05:2f:ef:e5:22:19:8d:bb:63:e8:
                    76:9d:30:0c:39:aa:56:2c:23:7c:d4:50:58:9b:e7:
                    0f:83:20:ac:b6:92:c4:f6:69:b5:33:85:79:1d:34:
                    df:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:C5:72:04:1F:74:FF:59:96:BB:43:3C:23:90:89:52:CF:76:50:96
            X509v3 Authority Key Identifier:
                keyid:6C:A9:E5:F4:D6:3F:1F:58:EB:96:52:A5:2B:3B:9C:FB:BB:E7:41:BC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913FC26/FEA57E60B67711E8A0A0D332C4F9AE02/bKnl9NY_H1jrllKlKzuc-7vnQbw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKnl9NY_H1jrllKlKzuc-7vnQbw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913FC26/FEA57E60B67711E8A0A0D332C4F9AE02/bKnl9NY_H1jrllKlKzuc-7vnQbw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:92:4f:98:95:fc:2f:19:c7:1d:d6:e2:0d:f2:38:34:0d:4b:
         8e:46:66:7f:8f:ad:48:84:fa:d7:2d:a2:91:f8:e3:70:9d:1d:
         66:11:75:78:b5:f1:f2:86:65:87:ae:88:9f:76:39:95:58:2f:
         48:07:9c:a3:6d:31:63:ea:f3:7e:b1:2c:6c:c0:ac:2c:f4:e5:
         66:90:fe:f9:8a:69:d5:d8:b0:c2:8f:bf:c9:81:3d:c0:f7:55:
         fb:a4:cb:79:5a:1c:08:13:b4:23:ee:17:19:ba:0f:62:89:84:
         cf:87:0d:d9:54:a7:62:8c:05:a5:eb:49:c0:0a:e9:ac:fd:55:
         12:3c:9e:43:d7:61:f9:1e:9f:b9:41:81:f3:2d:07:04:3d:86:
         42:2f:14:0b:0a:bc:87:51:8b:63:5d:eb:50:9f:2b:99:9c:d8:
         51:bc:23:71:51:8e:16:24:3b:a3:d4:74:3c:62:3e:b2:de:04:
         16:1b:b9:65:40:95:f3:19:ff:62:ce:ac:e6:0d:a3:f4:bc:f0:
         d3:ad:e6:ca:5b:7a:27:25:02:1b:62:52:cc:30:47:db:17:54:
         3d:b9:31:2d:c3:8f:dc:a6:7a:87:1c:0f:2e:39:06:3f:ca:c3:
         cb:c9:71:a0:95:ce:41:1c:72:ae:74:81:48:a0:33:dd:75:a1:
         11:bf:d4:b2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEs0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0ZDMjYxMTAvBgNVBAUTKDZDQTlFNUY0RDYzRjFGNThFQjk2NTJBNTJCM0I5Q0ZC
QkJFNzQxQkMwHhcNMjUwMzI4MTcxMTIxWhcNMjUwNDA0MTcxMTIxWjAYMRYwFAYD
VQQDEw02N2U2ZDgzYS05OWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzQlRB/tqkjbk+o9Q2UluXl/Zhr8NrHzhszUJB6WQo6C4fnG0dkKLz/g3s7uk
Jp0VW+xggJ2pVgj6sYLufz87TwCA3D1chQcftGR2OhfAJi90ke24B0gMH7v89Do2
kybQIV/mGBRMPwUDLjWGEzw5fvoMOLKlhbzDGqkx0Do1eSa8qL85oBHZODz6P5pc
NGrKkdpz096xbCCPMkUOl+Zpw2XgPlVWuJ7fegkcF7MM1/4VKBVukxHidd1/utOl
8X+KlD1WmqAFLyLznoKAz0QpwSvqBfNhUAUv7+UiGY27Y+h2nTAMOapWLCN81FBY
m+cPgyCstpLE9mm1M4V5HTTfBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHXFcgQf
dP9ZlrtDPCOQiVLPdlCWMB8GA1UdIwQYMBaAFGyp5fTWPx9Y65ZSpSs7nPu750G8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRkMyNi9GRUE1N0U2MEI2
NzcxMUU4QTBBMEQzMzJDNEY5QUUwMi9iS25sOU5ZX0gxanJsbEtsS3p1Yy03dm5R
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JLbmw5TllfSDFqcmxsS2xLenVjLTd2blFidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
RkMyNi9GRUE1N0U2MEI2NzcxMUU4QTBBMEQzMzJDNEY5QUUwMi9iS25sOU5ZX0gx
anJsbEtsS3p1Yy03dm5RYncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQARkk+YlfwvGccd1uIN8jg0DUuORmZ/j61IhPrXLaKR+ONwnR1mEXV4
tfHyhmWHroifdjmVWC9IB5yjbTFj6vN+sSxswKws9OVmkP75imnV2LDCj7/JgT3A
91X7pMt5WhwIE7Qj7hcZug9iiYTPhw3ZVKdijAWl60nACums/VUSPJ5D12H5Hp+5
QYHzLQcEPYZCLxQLCryHUYtjXetQnyuZnNhRvCNxUY4WJDuj1HQ8Yj6y3gQWG7ll
QJXzGf9izqzmDaP0vPDTrebKW3onJQIbYlLMMEfbF1Q9uTEtw4/cpnqHHA8uOQY/
ysPLyXGglc5BHHKudIFIoDPddaERv9Sy
-----END CERTIFICATE-----