Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9168B03/D118E678F99D11E6B8727013C4F9AE02/ulHQnhOT5woFhzID_3zE4f1-pw8.mft
File:                     ulHQnhOT5woFhzID_3zE4f1-pw8.mft (raw, json)
Hash identifier:          TdBPoSTHRzFjjyZqWx/sWVjFvG2BO3qndi3Mz+ZRziY=
Subject key identifier:   06:79:4F:BB:4E:6A:2B:D0:30:B2:12:80:16:3C:CC:BA:30:E0:5F:48
Authority key identifier: BA:51:D0:9E:13:93:E7:0A:05:87:32:03:FF:7C:C4:E1:FD:7E:A7:0F
Certificate issuer:       /CN=A9168B03/serialNumber=BA51D09E1393E70A05873203FF7CC4E1FD7EA70F
Certificate serial:       1BBB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ulHQnhOT5woFhzID_3zE4f1-pw8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9168B03/D118E678F99D11E6B8727013C4F9AE02/ulHQnhOT5woFhzID_3zE4f1-pw8.mft
Manifest number:          1BAE
Signing time:             Fri 28 Mar 2025 16:21:27 +0000
Manifest this update:     Fri 28 Mar 2025 16:21:26 +0000
Manifest next update:     Fri 04 Apr 2025 16:21:26 +0000
Files and hashes:         1: ulHQnhOT5woFhzID_3zE4f1-pw8.crl (hash: 2vnupiSP+WjlVcF9cHWZCClhrRrbcg4AL0wH1Muj/D4=)
                          2: D3EAE1500B5911EA8CC1114BC4F9AE02.roa (hash: 6kshU0HtAchRgiTjP8s8Hd2WuIT7tJbRCmHqG1erYdU=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7099 (0x1bbb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9168B03
        Validity
            Not Before: Mar 28 16:21:26 2025 GMT
            Not After : Apr  4 16:21:26 2025 GMT
        Subject: CN=67e6cc87-adc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:b5:d1:0b:ca:c8:00:e5:dd:6f:52:64:e0:20:
                    ad:1e:e1:4c:18:7b:77:a2:72:c9:49:89:5d:35:a3:
                    b8:4a:d0:d8:1a:be:05:74:c1:cb:4e:db:ff:cb:39:
                    8d:68:16:eb:d5:56:4f:08:c2:c4:e3:72:54:08:45:
                    c7:df:9b:ca:66:d7:3d:d7:d1:c9:e2:e6:73:c1:1c:
                    19:ce:f9:f4:37:e9:de:25:56:49:80:df:63:c1:f1:
                    dc:ef:82:b9:6d:48:48:69:d8:85:ff:0b:29:f0:50:
                    d3:84:7e:ef:3b:af:61:44:e6:68:cc:86:44:ff:d1:
                    56:71:c1:02:71:c1:c3:0e:aa:9c:c9:b1:0d:b3:fb:
                    dd:a8:b0:67:c9:ca:e5:4e:5c:ce:1a:39:20:87:07:
                    e8:f9:73:6c:56:b6:fe:55:d2:f0:f8:d5:f0:0a:82:
                    4f:53:3d:a4:83:a7:31:38:d7:f6:55:9a:57:ec:fd:
                    b3:20:6d:c5:5a:8d:e4:33:5a:d4:dc:cc:85:d6:35:
                    24:60:ac:38:9b:fa:ee:09:bb:5f:b9:90:32:07:86:
                    57:0f:f4:46:ac:0b:9f:a3:7c:84:65:48:06:d7:88:
                    ce:d1:f3:2c:05:9b:87:b7:62:71:4d:cd:b0:01:ad:
                    6f:60:5f:14:16:ce:9e:f1:22:76:6c:4a:c1:1e:02:
                    01:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:79:4F:BB:4E:6A:2B:D0:30:B2:12:80:16:3C:CC:BA:30:E0:5F:48
            X509v3 Authority Key Identifier:
                keyid:BA:51:D0:9E:13:93:E7:0A:05:87:32:03:FF:7C:C4:E1:FD:7E:A7:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9168B03/D118E678F99D11E6B8727013C4F9AE02/ulHQnhOT5woFhzID_3zE4f1-pw8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ulHQnhOT5woFhzID_3zE4f1-pw8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168B03/D118E678F99D11E6B8727013C4F9AE02/ulHQnhOT5woFhzID_3zE4f1-pw8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:27:25:1f:77:72:b0:ea:df:f5:d0:63:84:a6:26:dd:df:5b:
         03:4b:60:37:fa:d8:46:fd:a6:74:58:0c:f5:ce:4d:99:bc:d6:
         91:0c:be:bc:46:0c:a2:60:1a:ba:ac:21:5d:fc:39:12:41:15:
         a0:e9:08:5d:85:15:4f:83:aa:d9:5b:7c:b1:37:13:3f:b1:25:
         d8:3e:4e:d6:1b:dd:01:fa:62:c0:96:dc:a1:2a:37:ce:ff:49:
         2c:16:24:13:5b:50:c2:73:ac:a9:f1:4f:67:5b:c7:78:b9:a6:
         e1:f7:c9:ae:9d:33:21:0e:20:98:3c:12:25:47:dc:86:24:d8:
         13:df:ab:61:b1:c2:69:0b:3b:a9:fa:4e:e6:7d:53:14:4f:78:
         8c:91:3c:8a:c1:e3:35:15:02:32:b4:7a:11:1c:34:04:35:ca:
         a6:92:50:79:fa:9e:1f:ac:2b:cb:94:63:86:65:e9:f6:4b:af:
         a9:c7:f1:1e:c1:e9:56:21:d4:c1:c7:58:35:86:a1:c9:51:bf:
         a2:72:71:a8:bb:e7:a3:21:36:50:d9:ff:9a:8a:f4:d2:36:88:
         fc:4c:00:77:80:98:53:10:da:5a:52:3e:d7:66:a3:f8:b9:b0:
         aa:7e:63:0c:ef:5a:b9:72:58:ad:30:18:06:c9:59:46:13:b1:
         17:e4:fd:ac
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICG7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjhCMDMxMTAvBgNVBAUTKEJBNTFEMDlFMTM5M0U3MEEwNTg3MzIwM0ZGN0NDNEUx
RkQ3RUE3MEYwHhcNMjUwMzI4MTYyMTI2WhcNMjUwNDA0MTYyMTI2WjAYMRYwFAYD
VQQDEw02N2U2Y2M4Ny1hZGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxLXRC8rIAOXdb1Jk4CCtHuFMGHt3onLJSYldNaO4StDYGr4FdMHLTtv/yzmN
aBbr1VZPCMLE43JUCEXH35vKZtc919HJ4uZzwRwZzvn0N+neJVZJgN9jwfHc74K5
bUhIadiF/wsp8FDThH7vO69hROZozIZE/9FWccECccHDDqqcybENs/vdqLBnycrl
TlzOGjkghwfo+XNsVrb+VdLw+NXwCoJPUz2kg6cxONf2VZpX7P2zIG3FWo3kM1rU
3MyF1jUkYKw4m/ruCbtfuZAyB4ZXD/RGrAufo3yEZUgG14jO0fMsBZuHt2JxTc2w
Aa1vYF8UFs6e8SJ2bErBHgIBNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAZ5T7tO
aivQMLISgBY8zLow4F9IMB8GA1UdIwQYMBaAFLpR0J4Tk+cKBYcyA/98xOH9fqcP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OEIwMy9EMTE4RTY3OEY5
OUQxMUU2Qjg3MjcwMTNDNEY5QUUwMi91bEhRbmhPVDV3b0ZoeklEXzN6RTRmMS1w
dzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VsSFFuaE9UNXdvRmh6SURfM3pFNGYxLXB3OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
OEIwMy9EMTE4RTY3OEY5OUQxMUU2Qjg3MjcwMTNDNEY5QUUwMi91bEhRbmhPVDV3
b0ZoeklEXzN6RTRmMS1wdzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAJJyUfd3Kw6t/10GOEpibd31sDS2A3+thG/aZ0WAz1zk2ZvNaRDL68
RgyiYBq6rCFd/DkSQRWg6QhdhRVPg6rZW3yxNxM/sSXYPk7WG90B+mLAltyhKjfO
/0ksFiQTW1DCc6yp8U9nW8d4uabh98munTMhDiCYPBIlR9yGJNgT36thscJpCzup
+k7mfVMUT3iMkTyKweM1FQIytHoRHDQENcqmklB5+p4frCvLlGOGZen2S6+px/Ee
welWIdTBx1g1hqHJUb+icnGou+ejITZQ2f+aivTSNoj8TAB3gJhTENpaUj7XZqP4
ubCqfmMM71q5clitMBgGyVlGE7EX5P2s
-----END CERTIFICATE-----