Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917618F/D28D75C0C2DF11E8A64EFD2CC4F9AE02/QJOHCXJ0OMjB3r_9BBWQWEggxug.mft
File:                     QJOHCXJ0OMjB3r_9BBWQWEggxug.mft (raw, json)
Hash identifier:          0YC3zyNhmVsWOOKU7job59gyJJQ1D02O67HBTOmFQfQ=
Subject key identifier:   D4:3B:27:43:50:E8:18:BF:A5:09:1A:D2:8F:BD:1C:89:79:94:EB:DD
Authority key identifier: 40:93:87:09:72:74:38:C8:C1:DE:BF:FD:04:15:90:58:48:20:C6:E8
Certificate issuer:       /CN=A917618F/serialNumber=40938709727438C8C1DEBFFD041590584820C6E8
Certificate serial:       1294
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QJOHCXJ0OMjB3r_9BBWQWEggxug.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917618F/D28D75C0C2DF11E8A64EFD2CC4F9AE02/QJOHCXJ0OMjB3r_9BBWQWEggxug.mft
Manifest number:          128B
Signing time:             Fri 28 Mar 2025 17:12:37 +0000
Manifest this update:     Fri 28 Mar 2025 17:12:36 +0000
Manifest next update:     Fri 04 Apr 2025 17:12:36 +0000
Files and hashes:         1: QJOHCXJ0OMjB3r_9BBWQWEggxug.crl (hash: HlN9MJ5fjf1mVy3B3xJu906guBVf0hR7OTJTir5EgHM=)
                          2: 2FE4DA1EC2E111E8A19CB72FC4F9AE02.roa (hash: HkQW1ELmD+iLXWXgNsuJGsFujvrmVSrBFXmyCQkIzxA=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4756 (0x1294)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917618F
        Validity
            Not Before: Mar 28 17:12:36 2025 GMT
            Not After : Apr  4 17:12:36 2025 GMT
        Subject: CN=67e6d884-de8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ce:03:f1:3d:48:d7:a2:91:6e:55:e3:5a:be:
                    31:da:e8:73:a1:18:f3:cf:ce:d6:67:24:cb:ae:fb:
                    79:d3:d5:a8:2a:d7:2a:03:d2:d6:ea:15:66:f2:11:
                    13:58:90:be:7b:4b:49:ab:cc:2c:20:bd:03:0c:64:
                    cb:86:41:09:ee:5a:cb:bd:23:ec:1f:38:5e:4d:89:
                    e0:3c:94:87:86:99:1e:84:f0:59:11:df:7a:c3:c4:
                    f8:3c:67:3d:aa:13:35:a3:cd:d8:5e:b4:48:c3:b7:
                    d6:f3:01:4a:be:ce:14:84:70:e0:0c:cf:8c:1f:ba:
                    2d:75:79:80:f8:00:c7:ad:94:05:62:08:cf:d7:c5:
                    0c:04:22:f8:ca:cb:51:0a:8f:32:9e:b0:2d:76:65:
                    d4:b1:da:07:19:19:24:54:29:5c:c6:f5:bc:1b:5b:
                    95:e7:50:21:d9:17:d5:67:c2:5b:a8:96:85:18:ed:
                    86:b1:25:7e:2b:c2:65:37:be:72:3c:2b:42:5d:eb:
                    86:8b:9a:9e:85:ef:51:1d:86:16:4e:d8:3c:b9:e7:
                    36:69:62:7a:7f:84:fb:d4:20:8f:d4:7b:05:37:98:
                    ad:7a:08:03:37:94:f2:a8:18:96:40:29:3e:0d:7e:
                    47:23:4c:5f:6a:89:42:55:74:08:d5:f3:f7:96:45:
                    d7:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:3B:27:43:50:E8:18:BF:A5:09:1A:D2:8F:BD:1C:89:79:94:EB:DD
            X509v3 Authority Key Identifier:
                keyid:40:93:87:09:72:74:38:C8:C1:DE:BF:FD:04:15:90:58:48:20:C6:E8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917618F/D28D75C0C2DF11E8A64EFD2CC4F9AE02/QJOHCXJ0OMjB3r_9BBWQWEggxug.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QJOHCXJ0OMjB3r_9BBWQWEggxug.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917618F/D28D75C0C2DF11E8A64EFD2CC4F9AE02/QJOHCXJ0OMjB3r_9BBWQWEggxug.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:e0:9b:33:07:d3:73:b8:d2:19:6d:80:ba:8b:fc:96:81:46:
         25:54:b5:10:37:52:fe:ee:a1:7c:03:fc:d6:ce:bb:8d:93:16:
         a6:54:53:2f:62:52:95:c6:c9:ba:67:04:29:28:3f:af:ed:79:
         ae:b8:e7:3a:8b:bc:72:39:b1:aa:a4:b7:e2:d7:eb:e9:0c:92:
         90:ff:91:ba:ce:0f:32:fd:8b:2b:34:79:a0:d5:09:f0:05:0a:
         60:93:3c:81:f1:39:5e:8d:02:49:b6:78:d8:c8:b1:66:99:da:
         34:03:1d:8d:1f:ee:22:f7:31:38:6d:a3:9a:26:cf:e4:d1:70:
         de:5b:65:77:7b:09:50:e3:94:01:83:9f:c4:75:72:d2:8b:a3:
         10:36:91:e9:2b:74:a7:5f:b6:8b:f9:55:86:32:85:31:f5:86:
         93:f3:b5:ff:0e:c8:c1:62:ac:d1:6c:90:2f:9c:ff:91:ee:07:
         d9:a5:b5:93:a7:14:60:7f:71:f3:ec:29:61:e8:20:a9:29:51:
         d8:23:e0:85:0d:ec:c2:37:e2:99:33:5f:5e:b4:86:c2:44:95:
         73:0b:bb:37:14:36:7a:5d:53:f0:bd:37:ba:90:6d:2b:74:32:
         d9:25:6b:7e:5a:b0:9a:3f:da:51:87:24:3f:43:26:3d:a5:0b:
         25:c0:30:81
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEpQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzYxOEYxMTAvBgNVBAUTKDQwOTM4NzA5NzI3NDM4QzhDMURFQkZGRDA0MTU5MDU4
NDgyMEM2RTgwHhcNMjUwMzI4MTcxMjM2WhcNMjUwNDA0MTcxMjM2WjAYMRYwFAYD
VQQDEw02N2U2ZDg4NC1kZThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu84D8T1I16KRblXjWr4x2uhzoRjzz87WZyTLrvt509WoKtcqA9LW6hVm8hET
WJC+e0tJq8wsIL0DDGTLhkEJ7lrLvSPsHzheTYngPJSHhpkehPBZEd96w8T4PGc9
qhM1o83YXrRIw7fW8wFKvs4UhHDgDM+MH7otdXmA+ADHrZQFYgjP18UMBCL4ystR
Co8ynrAtdmXUsdoHGRkkVClcxvW8G1uV51Ah2RfVZ8JbqJaFGO2GsSV+K8JlN75y
PCtCXeuGi5qehe9RHYYWTtg8uec2aWJ6f4T71CCP1HsFN5iteggDN5TyqBiWQCk+
DX5HI0xfaolCVXQI1fP3lkXX+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNQ7J0NQ
6Bi/pQka0o+9HIl5lOvdMB8GA1UdIwQYMBaAFECThwlydDjIwd6//QQVkFhIIMbo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NjE4Ri9EMjhENzVDMEMy
REYxMUU4QTY0RUZEMkNDNEY5QUUwMi9RSk9IQ1hKME9NakIzcl85QkJXUVdFZ2d4
dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FKT0hDWEowT01qQjNyXzlCQldRV0VnZ3h1Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NjE4Ri9EMjhENzVDMEMyREYxMUU4QTY0RUZEMkNDNEY5QUUwMi9RSk9IQ1hKME9N
akIzcl85QkJXUVdFZ2d4dWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCi4JszB9NzuNIZbYC6i/yWgUYlVLUQN1L+7qF8A/zWzruNkxamVFMv
YlKVxsm6ZwQpKD+v7XmuuOc6i7xyObGqpLfi1+vpDJKQ/5G6zg8y/YsrNHmg1Qnw
BQpgkzyB8TlejQJJtnjYyLFmmdo0Ax2NH+4i9zE4baOaJs/k0XDeW2V3ewlQ45QB
g5/EdXLSi6MQNpHpK3SnX7aL+VWGMoUx9YaT87X/DsjBYqzRbJAvnP+R7gfZpbWT
pxRgf3Hz7Clh6CCpKVHYI+CFDezCN+KZM19etIbCRJVzC7s3FDZ6XVPwvTe6kG0r
dDLZJWt+WrCaP9pRhyQ/QyY9pQslwDCB
-----END CERTIFICATE-----