Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A914FED3/F8584F7CB38A11E987288166C4F9AE02/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.mft
File:                     aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.mft (raw, json)
Hash identifier:          dy+GiVwts+CjLFCgab8UzSpPQikIaC0DOXVM6N/WKjo=
Subject key identifier:   7E:F1:1C:D5:15:E9:32:60:9F:A3:F3:5D:34:E2:43:22:72:26:BB:0D
Authority key identifier: 69:9F:51:A9:D9:E1:45:6D:16:01:BE:83:D8:B9:4A:D5:9A:43:82:33
Certificate issuer:       /CN=A914FED3/serialNumber=699F51A9D9E1456D1601BE83D8B94AD59A438233
Certificate serial:       0DDC
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A914FED3/F8584F7CB38A11E987288166C4F9AE02/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.mft
Manifest number:          0DC7
Signing time:             Fri 28 Mar 2025 18:02:18 +0000
Manifest this update:     Fri 28 Mar 2025 18:02:17 +0000
Manifest next update:     Fri 04 Apr 2025 18:02:17 +0000
Files and hashes:         1: aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.crl (hash: xVErxMrmXGA/k/OYoeH19mg6gibKB++5kWImZuxogt0=)
                          2: 2077E380EBDF11EBB7533A15C4F9AE02.roa (hash: jmduHrEVx2jA5+v8I02I29sAUSxm3Fng3EnV4y1cIS0=)
                          3: F9BDC484F7B011EB84345029C4F9AE02.roa (hash: QoxSmZFkmxLXEXsdlg7AEo5bS3bmundbYECPlf6m84c=)
                          4: EA0E36083C3311EE8B808E55C4F9AE02.roa (hash: LZDAiQsOKeiD+R2CnsfcyiBMBIzfOs3eZv46xJYDJ3M=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3548 (0xddc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A914FED3
        Validity
            Not Before: Mar 28 18:02:17 2025 GMT
            Not After : Apr  4 18:02:17 2025 GMT
        Subject: CN=67e6e429-56d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:ce:bd:05:34:3e:22:78:a6:99:e2:51:56:d5:
                    8b:9d:5e:1a:9c:8a:e0:a4:f4:4c:c5:42:67:02:5e:
                    d0:78:ce:9f:c4:e5:c4:61:b6:d5:95:67:7f:de:c8:
                    32:5d:c0:24:55:5c:d2:3b:18:e8:10:50:20:85:16:
                    44:19:1c:f2:f0:b4:30:5b:08:ae:0a:25:03:8b:09:
                    cc:3d:09:70:c5:fe:cc:10:57:c7:79:22:3a:29:e7:
                    7a:7f:0f:e8:4b:31:61:15:55:c1:1d:21:d0:ac:04:
                    4b:63:5d:6d:0b:c5:42:9b:12:d2:48:35:29:9f:28:
                    5a:b6:40:fe:3e:ab:53:f0:3b:0e:f8:90:39:3c:2b:
                    55:61:1d:66:7e:9a:51:c9:1a:bf:26:34:4f:71:28:
                    40:9f:ca:59:3d:4e:07:72:e9:f9:63:5c:88:c7:1a:
                    3a:fe:fb:02:6e:60:1d:4b:4b:9b:05:01:2c:9c:b6:
                    8c:27:28:f7:24:24:64:2b:de:66:46:99:ba:ea:35:
                    4c:5e:8e:33:45:82:aa:20:08:cb:0d:6f:bc:57:b1:
                    16:a8:5c:84:7d:26:48:fa:95:ed:a8:fa:d8:64:a7:
                    ac:5d:45:5f:3a:0e:03:96:45:e5:d9:8c:c4:92:4d:
                    a9:9d:d2:b9:a9:15:b8:d0:37:e6:43:45:0d:b7:d6:
                    9f:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:F1:1C:D5:15:E9:32:60:9F:A3:F3:5D:34:E2:43:22:72:26:BB:0D
            X509v3 Authority Key Identifier:
                keyid:69:9F:51:A9:D9:E1:45:6D:16:01:BE:83:D8:B9:4A:D5:9A:43:82:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A914FED3/F8584F7CB38A11E987288166C4F9AE02/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914FED3/F8584F7CB38A11E987288166C4F9AE02/aZ9RqdnhRW0WAb6D2LlK1ZpDgjM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         e8:45:fe:3c:1d:d7:38:3a:fc:79:fd:1a:8d:52:53:5a:98:9f:
         fd:c5:8c:49:dc:4b:e3:15:07:61:16:7a:b6:f4:21:0a:39:60:
         75:7a:22:1c:24:05:b0:44:26:1a:03:fa:d6:57:96:9e:92:48:
         78:16:32:0e:0a:25:fb:28:06:df:53:c7:c5:dd:4d:69:38:73:
         76:a2:d4:7f:88:7f:74:cb:42:75:63:7d:6d:78:d0:98:dc:1f:
         d0:f0:5f:bb:41:a2:03:40:2e:70:3a:80:34:dd:05:bf:9a:1f:
         63:4c:4e:6c:7b:a2:65:44:39:0c:30:a4:ba:bd:d7:60:d1:82:
         a3:59:32:d4:8e:cf:86:aa:c3:db:df:f1:4f:3d:7c:e0:87:c8:
         fd:66:40:57:a2:a2:25:ca:b8:68:ee:2b:ec:3b:d6:2a:4e:59:
         ef:d1:89:05:f9:a7:20:75:c0:a2:99:6e:63:54:d4:f5:a8:73:
         54:a6:f1:cd:ef:15:2e:c8:ad:eb:81:7d:45:b1:78:bb:53:8a:
         48:b7:b5:26:fa:71:90:3d:50:76:0d:da:2a:fa:55:4f:7b:2c:
         d5:3b:22:cb:9f:90:b7:0a:b1:e8:bb:ff:45:45:17:db:f4:c2:
         f0:17:bd:28:0c:af:d5:ba:3f:4f:95:42:55:1e:61:fe:e4:5b:
         56:26:59:36
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDdwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEZFRDMxMTAvBgNVBAUTKDY5OUY1MUE5RDlFMTQ1NkQxNjAxQkU4M0Q4Qjk0QUQ1
OUE0MzgyMzMwHhcNMjUwMzI4MTgwMjE3WhcNMjUwNDA0MTgwMjE3WjAYMRYwFAYD
VQQDEw02N2U2ZTQyOS01NmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5M69BTQ+InimmeJRVtWLnV4anIrgpPRMxUJnAl7QeM6fxOXEYbbVlWd/3sgy
XcAkVVzSOxjoEFAghRZEGRzy8LQwWwiuCiUDiwnMPQlwxf7MEFfHeSI6Ked6fw/o
SzFhFVXBHSHQrARLY11tC8VCmxLSSDUpnyhatkD+PqtT8DsO+JA5PCtVYR1mfppR
yRq/JjRPcShAn8pZPU4Hcun5Y1yIxxo6/vsCbmAdS0ubBQEsnLaMJyj3JCRkK95m
Rpm66jVMXo4zRYKqIAjLDW+8V7EWqFyEfSZI+pXtqPrYZKesXUVfOg4DlkXl2YzE
kk2pndK5qRW40DfmQ0UNt9afJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH7xHNUV
6TJgn6PzXTTiQyJyJrsNMB8GA1UdIwQYMBaAFGmfUanZ4UVtFgG+g9i5StWaQ4Iz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RkVEMy9GODU4NEY3Q0Iz
OEExMUU5ODcyODgxNjZDNEY5QUUwMi9hWjlScWRuaFJXMFdBYjZEMkxsSzFacERn
ak0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FaOVJxZG5oUlcwV0FiNkQyTGxLMVpwRGdqTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RkVEMy9GODU4NEY3Q0IzOEExMUU5ODcyODgxNjZDNEY5QUUwMi9hWjlScWRuaFJX
MFdBYjZEMkxsSzFacERnak0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDoRf48Hdc4Ovx5/RqNUlNamJ/9xYxJ3EvjFQdhFnq29CEKOWB1eiIc
JAWwRCYaA/rWV5aekkh4FjIOCiX7KAbfU8fF3U1pOHN2otR/iH90y0J1Y31teNCY
3B/Q8F+7QaIDQC5wOoA03QW/mh9jTE5se6JlRDkMMKS6vddg0YKjWTLUjs+GqsPb
3/FPPXzgh8j9ZkBXoqIlyrho7ivsO9YqTlnv0YkF+acgdcCimW5jVNT1qHNUpvHN
7xUuyK3rgX1FsXi7U4pIt7Um+nGQPVB2Ddoq+lVPeyzVOyLLn5C3CrHou/9FRRfb
9MLwF70oDK/Vuj9PlUJVHmH+5FtWJlk2
-----END CERTIFICATE-----