Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.mft
File:                     cVZfLXuSTNcrRVtotmcZQBC7Gp8.mft (raw, json)
Hash identifier:          pJBUfbghdckeP1wsn21+jWWfIOoWMiXEYgSYkrhPD74=
Subject key identifier:   A9:B5:70:B9:64:8D:61:BC:3B:D5:7B:7D:AD:0D:C3:88:5C:04:C1:A0
Authority key identifier: 71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
Certificate issuer:       /CN=A916A983/serialNumber=71565F2D7B924CD72B455B68B667194010BB1A9F
Certificate serial:       12FB
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.mft
Manifest number:          12A8
Signing time:             Fri 28 Mar 2025 17:14:18 +0000
Manifest this update:     Fri 28 Mar 2025 17:14:18 +0000
Manifest next update:     Fri 04 Apr 2025 17:14:18 +0000
Files and hashes:         1: cVZfLXuSTNcrRVtotmcZQBC7Gp8.crl (hash: ASDBqSge61hLMJrfb2pHTTgAYRN9DgwmgxT+0m33C+M=)
                          2: 3B38CB22BA7011EA80520A63C4F9AE02.roa (hash: RkoS7hrQ2QANNm5sx/5d46X4OvIfq/xZ9DC2wpSUEMo=)
                          3: 2227B66CF97B11EFA2B83631C4F9AE02.roa (hash: Qmv4NznXsRfVMeI2JKAwy+QoVAJUJQXFMJng7cjxgg4=)
                          4: 75522B0A002B11EA855CA925C4F9AE02.roa (hash: dlzvcYSMpJJECDfUD2ttn05KUyNlgHjyRd5FKOecZPA=)
                          5: 6E0B5938066711EFA1505F46C4F9AE02.roa (hash: o9qMusGN5GDjUkb5guKhyMehJeu6p5DVF2ITp61z0FM=)
                          6: 8C163A62FD4611EE8FAE061EC4F9AE02.roa (hash: SPUciNl7sWVHesGHpuLeYdUCLi+DEMRmn3hpjUZkkzo=)
                          7: EB429364CA3811EE99BEB838C4F9AE02.roa (hash: CxE2LzQTUSnICEBxSLSJi2DaFZfd5DCFRNbdjbleYco=)
                          8: DEF977A6E53611EB81682769C4F9AE02.roa (hash: hs6gBEHf+NcXloE+gZDvY1hGrieoi7+2YWZ5lbTwNRY=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4859 (0x12fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916A983
        Validity
            Not Before: Mar 28 17:14:18 2025 GMT
            Not After : Apr  4 17:14:18 2025 GMT
        Subject: CN=67e6d8ea-33f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c4:49:3b:72:1e:79:f9:47:97:cc:62:17:6f:
                    dc:0e:a2:71:14:63:07:d8:44:47:2a:18:9d:f8:c7:
                    68:e8:29:d8:5f:65:a9:cb:14:84:c3:16:74:ec:85:
                    07:69:77:03:1b:95:a4:e2:b3:fa:10:51:61:69:44:
                    30:7d:6f:6c:35:6e:32:ad:d9:e8:36:a7:ec:a6:0d:
                    24:e6:9e:6c:70:0d:9f:c8:6e:47:1e:2b:0f:df:3e:
                    61:d9:61:13:9a:32:e3:d1:b4:51:88:9b:db:d1:2e:
                    62:f9:96:8b:ab:15:d9:4b:fc:f0:33:d9:63:b3:67:
                    1e:68:cd:0b:ac:0e:db:32:aa:22:4c:af:5f:b3:8d:
                    35:dd:b9:8e:77:49:f1:f8:b4:14:db:b7:f5:38:fa:
                    3d:ad:36:5b:a0:0e:29:6e:04:3d:a2:a3:c9:ae:ba:
                    e6:59:04:21:a8:4e:c6:d9:1f:15:fc:fb:a6:e5:66:
                    a2:4e:4e:f5:6b:0a:ea:62:34:a3:bd:47:a1:70:e8:
                    3f:9a:36:02:a6:30:6c:6f:4f:ad:25:8e:a7:14:ee:
                    62:e5:c4:59:4b:e3:99:06:9d:3c:d7:b9:4f:b4:43:
                    05:c7:81:d0:eb:74:10:c3:22:8e:8d:25:4f:5b:fd:
                    b8:f9:4d:dd:61:4d:14:61:f9:d7:df:75:ca:95:07:
                    e2:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:B5:70:B9:64:8D:61:BC:3B:D5:7B:7D:AD:0D:C3:88:5C:04:C1:A0
            X509v3 Authority Key Identifier:
                keyid:71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:33:c9:4c:ca:6b:d3:76:64:65:d7:d0:6c:a9:6a:3d:82:64:
         e5:61:58:e8:47:0a:bd:f0:97:5f:6e:68:e3:9c:1d:f7:04:ce:
         d3:09:52:12:04:7b:c4:64:49:d8:7d:c2:5f:9f:1e:c4:5a:94:
         56:c3:93:69:f3:73:56:26:ff:b6:7c:4a:69:cb:42:b7:63:3e:
         30:0a:10:8e:65:53:1c:57:42:c0:5f:08:77:14:ab:fe:0d:2b:
         91:09:17:d2:c4:6b:2e:96:c8:0f:70:20:2a:19:ba:ce:f5:a6:
         b1:0d:a8:61:a2:c6:4b:92:49:7e:20:02:45:71:d8:20:cf:39:
         4e:13:27:46:e8:59:c3:56:b0:00:12:2c:86:fb:75:50:18:e6:
         78:98:8a:6a:3c:09:3a:bd:a8:74:e9:e5:fc:82:3d:80:7f:90:
         0a:0c:68:77:9f:8e:93:64:a8:ca:9d:30:26:3b:cc:d2:3f:8d:
         4c:aa:16:ed:b2:43:cc:32:8b:25:c2:11:55:7f:0f:30:03:f5:
         bb:53:7f:5d:a7:be:1a:86:cd:a0:d9:d6:85:4b:cd:35:aa:f9:
         93:41:96:a3:dc:25:42:69:01:0b:d6:11:41:4d:f6:21:3f:a7:
         45:82:6a:9a:fc:c8:41:d7:98:13:e3:c3:e1:f7:0d:ee:c6:fa:
         27:a3:c0:52
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE5ODMxMTAvBgNVBAUTKDcxNTY1RjJEN0I5MjRDRDcyQjQ1NUI2OEI2NjcxOTQw
MTBCQjFBOUYwHhcNMjUwMzI4MTcxNDE4WhcNMjUwNDA0MTcxNDE4WjAYMRYwFAYD
VQQDEw02N2U2ZDhlYS0zM2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzMRJO3IeeflHl8xiF2/cDqJxFGMH2ERHKhid+Mdo6CnYX2WpyxSEwxZ07IUH
aXcDG5Wk4rP6EFFhaUQwfW9sNW4yrdnoNqfspg0k5p5scA2fyG5HHisP3z5h2WET
mjLj0bRRiJvb0S5i+ZaLqxXZS/zwM9ljs2ceaM0LrA7bMqoiTK9fs4013bmOd0nx
+LQU27f1OPo9rTZboA4pbgQ9oqPJrrrmWQQhqE7G2R8V/Pum5WaiTk71awrqYjSj
vUehcOg/mjYCpjBsb0+tJY6nFO5i5cRZS+OZBp0817lPtEMFx4HQ63QQwyKOjSVP
W/24+U3dYU0UYfnX33XKlQfiXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKm1cLlk
jWG8O9V7fa0Nw4hcBMGgMB8GA1UdIwQYMBaAFHFWXy17kkzXK0VbaLZnGUAQuxqf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTk4My8xNjczMEQyMENE
MEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9jVlpmTFh1U1ROY3JSVnRvdG1jWlFCQzdH
cDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NWWmZMWHVTVE5jclJWdG90bWNaUUJDN0dwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
QTk4My8xNjczMEQyMENEMEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9jVlpmTFh1U1RO
Y3JSVnRvdG1jWlFCQzdHcDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAzM8lMymvTdmRl19BsqWo9gmTlYVjoRwq98JdfbmjjnB33BM7TCVIS
BHvEZEnYfcJfnx7EWpRWw5Np83NWJv+2fEppy0K3Yz4wChCOZVMcV0LAXwh3FKv+
DSuRCRfSxGsulsgPcCAqGbrO9aaxDahhosZLkkl+IAJFcdggzzlOEydG6FnDVrAA
EiyG+3VQGOZ4mIpqPAk6vah06eX8gj2Af5AKDGh3n46TZKjKnTAmO8zSP41Mqhbt
skPMMoslwhFVfw8wA/W7U39dp74ahs2g2daFS801qvmTQZaj3CVCaQEL1hFBTfYh
P6dFgmqa/MhB15gT48Ph9w3uxvono8BS
-----END CERTIFICATE-----