Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft
File:                     g3GOntShsiknnjylVdRNbh_KjMU.mft (raw, json)
Hash identifier:          1b2Cp26A+leMwKSb4JwjeF5m35KdyoT6mlZoQG8XZjQ=
Subject key identifier:   3A:7C:49:E4:40:2B:B0:81:2C:36:A3:E1:84:3B:2F:47:6C:F6:9F:BB
Authority key identifier: 83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5
Certificate issuer:       /CN=A917A17B/serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5
Certificate serial:       0C2C
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft
Manifest number:          0C22
Signing time:             Fri 28 Mar 2025 18:44:10 +0000
Manifest this update:     Fri 28 Mar 2025 18:44:09 +0000
Manifest next update:     Fri 04 Apr 2025 18:44:09 +0000
Files and hashes:         1: g3GOntShsiknnjylVdRNbh_KjMU.crl (hash: 5y6o6Aos3NEo+sGtAuNBngjsoTLC5xZk/7jlct2x994=)
                          2: A473C9A008F311EE98719810C4F9AE02.roa (hash: XJVLx8NnT51CedP11E2S/7EWqPqU5YY70j5sKBFjL+M=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3116 (0xc2c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A917A17B
        Validity
            Not Before: Mar 28 18:44:09 2025 GMT
            Not After : Apr  4 18:44:09 2025 GMT
        Subject: CN=67e6edf9-acd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:35:a2:55:b4:e7:98:12:b5:6c:78:81:aa:7f:
                    87:cd:a5:5c:5f:3d:5b:e1:4b:94:54:41:a1:27:35:
                    11:6a:f6:dd:ee:b6:6a:c3:25:b7:a0:83:4b:34:70:
                    7f:25:4d:ad:6e:cc:d8:7b:da:9b:3b:36:65:b6:64:
                    29:94:91:b8:c1:40:6b:65:7c:bd:25:14:66:97:ec:
                    c9:39:77:5b:21:5a:cf:ad:db:aa:66:25:62:28:6d:
                    ea:4a:ec:41:7a:5b:a9:59:41:11:d8:36:b5:d4:f5:
                    39:90:82:44:56:c8:34:93:05:94:5b:d7:58:46:fc:
                    82:c0:96:d0:aa:ba:be:cc:e8:a0:3d:73:f9:21:1d:
                    60:f3:51:f1:bc:1a:09:78:c4:ab:d0:bd:dd:b8:d6:
                    74:ec:0b:e1:41:54:58:87:1e:18:0f:de:c8:35:97:
                    e7:d2:38:c6:7c:08:e5:31:f8:3e:41:ac:17:37:c4:
                    e3:72:6b:30:b3:20:25:11:28:0f:a2:25:2f:6b:48:
                    44:8f:79:f1:b0:03:c8:10:25:2d:ea:98:a2:ec:15:
                    c8:9f:af:fe:9e:ab:29:00:8e:d4:bc:70:ed:ec:78:
                    32:33:47:e3:22:4c:95:a0:f5:4d:ae:e2:a6:01:e0:
                    d9:70:4a:98:50:37:2e:97:a8:e6:18:da:71:12:c2:
                    07:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:7C:49:E4:40:2B:B0:81:2C:36:A3:E1:84:3B:2F:47:6C:F6:9F:BB
            X509v3 Authority Key Identifier:
                keyid:83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:38:68:22:21:64:18:99:bd:18:da:d1:cc:77:3e:78:60:f3:
         db:c4:f3:74:ba:64:36:29:65:58:e1:66:e8:5f:0c:d3:13:ad:
         aa:e1:9d:af:3c:e0:f6:3e:5c:cb:79:bb:7c:93:bb:58:61:43:
         96:ef:39:df:e2:c1:01:d8:6e:72:d1:25:b4:b7:e1:e6:10:95:
         6d:8a:14:5b:2d:7f:c2:25:e0:e3:1a:ef:0f:46:04:19:2c:66:
         85:64:75:33:51:65:67:27:58:27:29:be:85:87:59:e3:9e:3a:
         0c:16:ee:f9:e5:c7:34:c6:76:06:bf:ca:86:de:e0:01:69:c6:
         fb:37:df:ed:fb:a7:c7:e1:6b:a2:de:44:1a:ee:06:ed:84:a3:
         cb:65:e0:6f:6a:bf:e3:7f:50:c1:9c:38:d0:29:83:24:ef:83:
         1a:8b:d9:11:d1:50:8f:59:d4:e3:04:5d:da:3a:a0:5f:ae:45:
         5f:ed:fd:6a:cf:cc:40:c8:48:a9:fb:07:95:a4:8b:b7:16:bb:
         28:2f:cc:ed:54:0d:d2:fa:a3:a1:c2:b7:a2:1c:65:d0:cc:d0:
         e9:4d:d8:91:44:4f:89:50:e3:ec:55:83:31:92:fb:48:75:d3:
         7c:03:8d:5b:07:b5:7f:10:3d:1c:d3:8a:f3:19:37:53:66:20:
         91:2e:f2:ec
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDCwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0ExN0IxMTAvBgNVBAUTKDgzNzE4RTlFRDRBMUIyMjkyNzlFM0NBNTU1RDQ0RDZF
MUZDQThDQzUwHhcNMjUwMzI4MTg0NDA5WhcNMjUwNDA0MTg0NDA5WjAYMRYwFAYD
VQQDEw02N2U2ZWRmOS1hY2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvzWiVbTnmBK1bHiBqn+HzaVcXz1b4UuUVEGhJzURavbd7rZqwyW3oINLNHB/
JU2tbszYe9qbOzZltmQplJG4wUBrZXy9JRRml+zJOXdbIVrPrduqZiViKG3qSuxB
elupWUER2Da11PU5kIJEVsg0kwWUW9dYRvyCwJbQqrq+zOigPXP5IR1g81HxvBoJ
eMSr0L3duNZ07AvhQVRYhx4YD97INZfn0jjGfAjlMfg+QawXN8TjcmswsyAlESgP
oiUva0hEj3nxsAPIECUt6pii7BXIn6/+nqspAI7UvHDt7HgyM0fjIkyVoPVNruKm
AeDZcEqYUDcul6jmGNpxEsIH6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDp8SeRA
K7CBLDaj4YQ7L0ds9p+7MB8GA1UdIwQYMBaAFINxjp7UobIpJ548pVXUTW4fyozF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTE3Qi84NTM5NUQ2RTA2
RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNpa25uanlsVmRSTmJoX0tq
TVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2czR09udFNoc2lrbm5qeWxWZFJOYmhfS2pNVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QTE3Qi84NTM5NUQ2RTA2RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNp
a25uanlsVmRSTmJoX0tqTVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCKOGgiIWQYmb0Y2tHMdz54YPPbxPN0umQ2KWVY4WboXwzTE62q4Z2v
POD2PlzLebt8k7tYYUOW7znf4sEB2G5y0SW0t+HmEJVtihRbLX/CJeDjGu8PRgQZ
LGaFZHUzUWVnJ1gnKb6Fh1njnjoMFu755cc0xnYGv8qG3uABacb7N9/t+6fH4Wui
3kQa7gbthKPLZeBvar/jf1DBnDjQKYMk74Mai9kR0VCPWdTjBF3aOqBfrkVf7f1q
z8xAyEip+weVpIu3FrsoL8ztVA3S+qOhwreiHGXQzNDpTdiRRE+JUOPsVYMxkvtI
ddN8A41bB7V/ED0c04rzGTdTZiCRLvLs
-----END CERTIFICATE-----