Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.mft
File:                     UzDu7rDQqVNfrIUF5zWEOvbOYK8.mft (raw, json)
Hash identifier:          vUD1uZh5unkg6Gk+99UHIw2HoZ9i7yln6AUlIjrU5H0=
Subject key identifier:   C8:86:74:14:CE:4D:08:4E:7D:82:B6:2B:63:5A:E8:13:B8:A6:74:50
Authority key identifier: 53:30:EE:EE:B0:D0:A9:53:5F:AC:85:05:E7:35:84:3A:F6:CE:60:AF
Certificate issuer:       /CN=A9159967/serialNumber=5330EEEEB0D0A9535FAC8505E735843AF6CE60AF
Certificate serial:       2055
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UzDu7rDQqVNfrIUF5zWEOvbOYK8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.mft
Manifest number:          2042
Signing time:             Fri 28 Mar 2025 16:05:09 +0000
Manifest this update:     Fri 28 Mar 2025 16:05:08 +0000
Manifest next update:     Fri 04 Apr 2025 16:05:08 +0000
Files and hashes:         1: UzDu7rDQqVNfrIUF5zWEOvbOYK8.crl (hash: JdZiifesZrfT7gIQhB0QPbEMIzmX+9thc/zJOPRnOGk=)
                          2: F79267D61E4011E6945BEB0DC4F9AE02.roa (hash: XR4NggtP2aJ+gorFn/k8FfyvP2VT6ewFIceWNa+UHwg=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8277 (0x2055)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9159967
        Validity
            Not Before: Mar 28 16:05:08 2025 GMT
            Not After : Apr  4 16:05:08 2025 GMT
        Subject: CN=67e6c8b5-be77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:0c:e9:cf:3d:5d:93:ac:cd:e6:80:70:4f:03:
                    e8:de:b7:78:ef:05:1c:9a:df:0c:62:35:ca:a4:54:
                    3a:ae:b7:65:69:a7:3a:83:62:92:50:7f:1d:a2:43:
                    f5:74:06:22:66:d4:5d:39:7f:f7:a9:3a:ee:0b:bb:
                    9d:af:f1:0d:fe:8b:e1:64:35:7b:86:8d:7c:05:2f:
                    ad:c6:dc:19:de:08:1f:d9:f7:b0:3b:04:df:4f:82:
                    24:04:58:14:fe:66:bb:6c:57:be:e0:4b:2b:2d:a4:
                    df:1b:03:fe:58:84:87:5e:7e:25:d7:08:c5:19:8f:
                    57:ed:5e:b4:7a:35:ee:4c:5d:9b:cd:38:82:b7:07:
                    90:c6:18:43:d4:d5:70:80:29:0e:3c:f2:8b:80:33:
                    13:70:79:a8:64:4a:73:07:f3:59:cc:48:cd:36:ab:
                    35:13:42:75:ad:e4:6e:17:f3:13:4a:58:e4:ab:53:
                    d9:a0:7b:af:1a:d8:41:ae:0b:2c:40:c2:2d:5e:9b:
                    5c:34:e0:48:32:d0:12:e3:49:00:c9:5e:f4:3f:fe:
                    34:86:ba:1e:d4:f9:23:ec:a9:66:03:84:03:56:be:
                    a6:6c:ce:90:cd:c0:21:0c:99:2f:08:7b:e6:6a:ee:
                    a2:de:11:af:5c:8a:cb:b7:b5:84:57:94:ef:e5:e8:
                    4f:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:86:74:14:CE:4D:08:4E:7D:82:B6:2B:63:5A:E8:13:B8:A6:74:50
            X509v3 Authority Key Identifier:
                keyid:53:30:EE:EE:B0:D0:A9:53:5F:AC:85:05:E7:35:84:3A:F6:CE:60:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UzDu7rDQqVNfrIUF5zWEOvbOYK8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:02:d3:0c:f0:87:31:6c:5b:f5:22:e1:46:af:47:13:f8:bb:
         1c:ac:e9:fa:23:b6:87:8b:79:73:30:4b:fa:ec:50:fa:c0:7a:
         b7:e8:a2:e3:d3:3e:71:5a:52:4c:1d:65:7d:b3:e4:3a:1a:91:
         ca:fd:65:2f:9c:80:ff:ff:f1:50:58:e8:d5:10:9e:e3:86:77:
         34:16:39:a2:49:96:75:36:27:12:f5:12:a0:55:7b:d8:07:f2:
         14:b7:3f:50:dc:a2:3e:b7:2b:21:a6:d5:3c:f4:57:ee:69:15:
         1a:e5:e3:22:dd:be:61:ba:76:71:c1:0b:bc:20:53:c5:7b:b3:
         96:62:4d:50:02:6f:db:3d:d7:c4:95:a2:85:67:6f:84:70:59:
         3b:91:2e:65:e8:50:ff:2a:f5:af:82:c7:01:cf:aa:b1:06:19:
         23:6b:b5:da:ad:fa:6d:38:b6:62:b1:e3:67:8a:6c:be:74:b8:
         7e:4d:d9:15:99:0c:88:22:26:f4:36:17:92:bd:ef:1b:30:dc:
         0c:6c:63:90:bf:83:d6:30:6c:d1:1f:02:7d:6a:44:17:b9:68:
         b2:8f:62:37:76:d3:e2:8f:1c:ab:26:d3:02:21:d7:c0:82:35:
         cd:e6:80:39:a1:f3:a9:8e:46:3b:88:de:5e:a0:8a:f2:d2:e2:
         37:d1:4e:4a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICIFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTk5NjcxMTAvBgNVBAUTKDUzMzBFRUVFQjBEMEE5NTM1RkFDODUwNUU3MzU4NDNB
RjZDRTYwQUYwHhcNMjUwMzI4MTYwNTA4WhcNMjUwNDA0MTYwNTA4WjAYMRYwFAYD
VQQDEw02N2U2YzhiNS1iZTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvQzpzz1dk6zN5oBwTwPo3rd47wUcmt8MYjXKpFQ6rrdlaac6g2KSUH8dokP1
dAYiZtRdOX/3qTruC7udr/EN/ovhZDV7ho18BS+txtwZ3ggf2fewOwTfT4IkBFgU
/ma7bFe+4EsrLaTfGwP+WISHXn4l1wjFGY9X7V60ejXuTF2bzTiCtweQxhhD1NVw
gCkOPPKLgDMTcHmoZEpzB/NZzEjNNqs1E0J1reRuF/MTSljkq1PZoHuvGthBrgss
QMItXptcNOBIMtAS40kAyV70P/40hroe1Pkj7KlmA4QDVr6mbM6QzcAhDJkvCHvm
au6i3hGvXIrLt7WEV5Tv5ehPsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMiGdBTO
TQhOfYK2K2Na6BO4pnRQMB8GA1UdIwQYMBaAFFMw7u6w0KlTX6yFBec1hDr2zmCv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTk2Ny8wQkJGMjU3ODE1
QTkxMUU2OTEyRDQyM0JDNEY5QUUwMi9VekR1N3JEUXFWTmZySVVGNXpXRU92Yk9Z
SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V6RHU3ckRRcVZOZnJJVUY1eldFT3ZiT1lLOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
OTk2Ny8wQkJGMjU3ODE1QTkxMUU2OTEyRDQyM0JDNEY5QUUwMi9VekR1N3JEUXFW
TmZySVVGNXpXRU92Yk9ZSzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA8AtMM8IcxbFv1IuFGr0cT+LscrOn6I7aHi3lzMEv67FD6wHq36KLj
0z5xWlJMHWV9s+Q6GpHK/WUvnID///FQWOjVEJ7jhnc0FjmiSZZ1NicS9RKgVXvY
B/IUtz9Q3KI+tyshptU89FfuaRUa5eMi3b5hunZxwQu8IFPFe7OWYk1QAm/bPdfE
laKFZ2+EcFk7kS5l6FD/KvWvgscBz6qxBhkja7XarfptOLZiseNnimy+dLh+TdkV
mQyIIib0NheSve8bMNwMbGOQv4PWMGzRHwJ9akQXuWiyj2I3dtPijxyrJtMCIdfA
gjXN5oA5ofOpjkY7iN5eoIry0uI30U5K
-----END CERTIFICATE-----