Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A915577F/1A4FFB88422011EAA1C07714C4F9AE02/tVn8RKv8ItFGH3jqhnLyNzhXMVU.mft
File:                     tVn8RKv8ItFGH3jqhnLyNzhXMVU.mft (raw, json)
Hash identifier:          bK+GojIQqR3dbs37NWjUGnl7FLw7tULfuQ4K67b0yh4=
Subject key identifier:   99:7A:9C:3C:35:8E:5F:59:96:3B:62:1F:B0:9E:3F:F8:FA:05:77:6B
Authority key identifier: B5:59:FC:44:AB:FC:22:D1:46:1F:78:EA:86:72:F2:37:38:57:31:55
Certificate issuer:       /CN=A915577F/serialNumber=B559FC44ABFC22D1461F78EA8672F23738573155
Certificate serial:       0AED
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tVn8RKv8ItFGH3jqhnLyNzhXMVU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915577F/1A4FFB88422011EAA1C07714C4F9AE02/tVn8RKv8ItFGH3jqhnLyNzhXMVU.mft
Manifest number:          0AE7
Signing time:             Fri 28 Mar 2025 19:32:52 +0000
Manifest this update:     Fri 28 Mar 2025 19:32:52 +0000
Manifest next update:     Fri 04 Apr 2025 19:32:52 +0000
Files and hashes:         1: tVn8RKv8ItFGH3jqhnLyNzhXMVU.crl (hash: WNC3b0I5bU0IHHLG2GeS3gAvPfzJ9A+QAh3ThZ5bTZI=)
                          2: 741645EE422211EA937BB919C4F9AE02.roa (hash: 8YuWdPTvmVpFT/yetaaM7w5QRsz3AizZsFr+KRCuk8s=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2797 (0xaed)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915577F
        Validity
            Not Before: Mar 28 19:32:52 2025 GMT
            Not After : Apr  4 19:32:52 2025 GMT
        Subject: CN=67e6f964-7a57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b8:e0:87:4d:75:cc:48:3b:fe:23:40:b8:d4:
                    49:72:a0:82:ba:b8:02:1e:4a:eb:10:3a:79:4b:d8:
                    52:11:9a:cc:96:1f:b1:c2:ca:c3:f1:8f:0c:2e:c2:
                    04:db:27:c1:9b:e0:41:ee:b7:28:e5:b8:27:83:92:
                    0c:b7:d9:26:e5:8c:9e:1f:65:d2:b5:71:63:47:c7:
                    7c:52:e0:46:d1:42:7b:a0:8f:c7:a7:5f:dd:59:cb:
                    d2:51:19:78:00:bf:4c:21:29:ee:93:50:4a:b5:fd:
                    1b:92:f6:a1:0a:8d:a6:e6:09:93:ac:fb:bc:b2:0d:
                    cb:6f:c6:47:a8:77:7a:e8:58:26:48:58:d9:cf:02:
                    98:05:a2:a1:c9:8f:1f:1b:ed:0f:a0:d8:25:32:eb:
                    1b:b6:bd:60:a9:44:9a:9b:62:8f:cf:72:25:c2:9a:
                    36:85:dc:80:ad:2a:96:8c:e1:b4:d7:c8:ee:0b:a1:
                    6b:36:47:74:08:10:47:0d:bf:93:cc:d3:9a:3c:42:
                    41:74:bb:b6:8e:22:69:54:ea:66:43:2a:69:cf:a6:
                    e2:e5:72:a1:fe:82:7c:85:d7:dc:3f:54:08:0d:cf:
                    17:06:30:3d:07:7c:62:8e:6a:a6:e0:77:1a:23:7b:
                    d3:1d:70:a4:e9:50:2f:4c:9c:9b:1e:ae:b9:db:fc:
                    64:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:7A:9C:3C:35:8E:5F:59:96:3B:62:1F:B0:9E:3F:F8:FA:05:77:6B
            X509v3 Authority Key Identifier:
                keyid:B5:59:FC:44:AB:FC:22:D1:46:1F:78:EA:86:72:F2:37:38:57:31:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915577F/1A4FFB88422011EAA1C07714C4F9AE02/tVn8RKv8ItFGH3jqhnLyNzhXMVU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tVn8RKv8ItFGH3jqhnLyNzhXMVU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915577F/1A4FFB88422011EAA1C07714C4F9AE02/tVn8RKv8ItFGH3jqhnLyNzhXMVU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:fc:33:3a:f4:bd:18:d1:c1:74:e6:82:f9:00:2e:35:77:d3:
         b3:b4:04:0a:8f:6a:ce:f8:8f:b7:09:01:09:b5:ca:96:fc:31:
         79:fc:55:ca:17:12:c2:e1:b4:e7:a0:65:fe:ed:1d:59:b1:d3:
         a7:d6:10:79:8c:26:fa:19:89:18:7e:b0:fd:25:49:bb:ec:3f:
         03:60:14:d4:ae:4d:b8:1e:b7:93:03:ec:c7:51:ca:28:b8:ab:
         e3:83:19:0a:bb:05:a8:86:8a:c3:5c:71:81:0b:d6:35:b3:f4:
         1c:b7:ee:fd:11:b0:2d:3c:b4:69:d1:bc:41:b5:f0:c8:c9:3a:
         96:f1:9a:72:92:db:96:d9:51:cb:81:65:87:09:04:be:e8:48:
         d6:86:5f:ba:a9:12:1b:24:d5:5c:9e:a2:97:1a:fc:d2:ad:45:
         0d:25:d8:f6:27:9b:4c:be:47:6b:57:fc:69:0c:2f:e4:b7:53:
         84:bb:ab:cd:bd:c3:07:94:04:50:73:99:f6:18:82:1d:7b:5a:
         31:4a:9c:15:ec:74:9a:9a:e4:1d:bc:04:5b:0e:5d:ef:ca:79:
         27:dc:62:30:0d:66:f3:62:9a:0c:ee:1f:fb:dc:0d:df:f0:8a:
         ab:93:e6:fd:71:31:58:00:e0:65:a7:60:65:83:16:64:3c:85:
         7a:9e:d5:69
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCu0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTU3N0YxMTAvBgNVBAUTKEI1NTlGQzQ0QUJGQzIyRDE0NjFGNzhFQTg2NzJGMjM3
Mzg1NzMxNTUwHhcNMjUwMzI4MTkzMjUyWhcNMjUwNDA0MTkzMjUyWjAYMRYwFAYD
VQQDEw02N2U2Zjk2NC03YTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Ljgh011zEg7/iNAuNRJcqCCurgCHkrrEDp5S9hSEZrMlh+xwsrD8Y8MLsIE
2yfBm+BB7rco5bgng5IMt9km5YyeH2XStXFjR8d8UuBG0UJ7oI/Hp1/dWcvSURl4
AL9MISnuk1BKtf0bkvahCo2m5gmTrPu8sg3Lb8ZHqHd66FgmSFjZzwKYBaKhyY8f
G+0PoNglMusbtr1gqUSam2KPz3Ilwpo2hdyArSqWjOG018juC6FrNkd0CBBHDb+T
zNOaPEJBdLu2jiJpVOpmQyppz6bi5XKh/oJ8hdfcP1QIDc8XBjA9B3xijmqm4Hca
I3vTHXCk6VAvTJybHq652/xkWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJl6nDw1
jl9ZljtiH7CeP/j6BXdrMB8GA1UdIwQYMBaAFLVZ/ESr/CLRRh946oZy8jc4VzFV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTc3Ri8xQTRGRkI4ODQy
MjAxMUVBQTFDMDc3MTRDNEY5QUUwMi90Vm44Ukt2OEl0RkdIM2pxaG5MeU56aFhN
VlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RWbjhSS3Y4SXRGR0gzanFobkx5TnpoWE1WVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTc3Ri8xQTRGRkI4ODQyMjAxMUVBQTFDMDc3MTRDNEY5QUUwMi90Vm44Ukt2OEl0
RkdIM2pxaG5MeU56aFhNVlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCK/DM69L0Y0cF05oL5AC41d9OztAQKj2rO+I+3CQEJtcqW/DF5/FXK
FxLC4bTnoGX+7R1ZsdOn1hB5jCb6GYkYfrD9JUm77D8DYBTUrk24HreTA+zHUcoo
uKvjgxkKuwWohorDXHGBC9Y1s/Qct+79EbAtPLRp0bxBtfDIyTqW8ZpyktuW2VHL
gWWHCQS+6EjWhl+6qRIbJNVcnqKXGvzSrUUNJdj2J5tMvkdrV/xpDC/kt1OEu6vN
vcMHlARQc5n2GIIde1oxSpwV7HSamuQdvARbDl3vynkn3GIwDWbzYpoM7h/73A3f
8Iqrk+b9cTFYAOBlp2BlgxZkPIV6ntVp
-----END CERTIFICATE-----