Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/1NF3merJyZYrMl_th_kwwurILK8.mft
File:                     1NF3merJyZYrMl_th_kwwurILK8.mft (raw, json)
Hash identifier:          tQ4fdG+9l16xHM9ks1280bEBOPP6+rFILYiNQREE6dw=
Subject key identifier:   70:75:BA:A7:7C:DD:DD:BB:58:D1:C7:AF:7F:8E:07:DA:17:60:CA:D1
Authority key identifier: D4:D1:77:99:EA:C9:C9:96:2B:32:5F:ED:87:F9:30:C2:EA:C8:2C:AF
Certificate issuer:       /CN=A91970E2/serialNumber=D4D17799EAC9C9962B325FED87F930C2EAC82CAF
Certificate serial:       1BD0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1NF3merJyZYrMl_th_kwwurILK8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/1NF3merJyZYrMl_th_kwwurILK8.mft
Manifest number:          1BB1
Signing time:             Fri 28 Mar 2025 16:21:34 +0000
Manifest this update:     Fri 28 Mar 2025 16:21:34 +0000
Manifest next update:     Fri 04 Apr 2025 16:21:34 +0000
Files and hashes:         1: 1NF3merJyZYrMl_th_kwwurILK8.crl (hash: O+/0Ap1nt25wS7ywc5hP+Do83IJRHOAGIv4wsuyMXLE=)
                          2: ADB6934A9A4911E7857CA62FC4F9AE02.roa (hash: 7vSMEGE2WKILnDsupDw245nI6InVKo+5RlyNwkMHa0A=)
                          3: AC8124909A4911E7857CA62FC4F9AE02.roa (hash: gkf5l1306jNCZlXkzkzc37H/VOhptBWvvDD29cbTyo0=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7120 (0x1bd0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91970E2
        Validity
            Not Before: Mar 28 16:21:34 2025 GMT
            Not After : Apr  4 16:21:34 2025 GMT
        Subject: CN=67e6cc8e-4bd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:71:4e:56:30:16:5b:77:ab:6e:f6:63:13:6a:
                    08:9b:e8:ff:fc:b2:0b:df:18:dd:8a:b3:b0:7e:73:
                    74:0c:0c:eb:73:24:8c:ae:18:1d:4c:13:9b:6e:22:
                    6c:a9:aa:ac:9c:47:1e:17:1b:51:c4:26:4b:41:9b:
                    dc:64:23:a6:25:c8:c1:10:a0:f7:c7:ec:0a:30:35:
                    6c:64:82:23:31:93:07:c6:5f:36:d7:6c:2c:b0:37:
                    00:05:b7:2e:e6:a1:5e:87:14:4f:cb:54:bb:d8:55:
                    ce:22:c3:ce:34:79:b7:72:e9:a6:27:05:65:94:97:
                    73:e8:8b:c1:44:6f:9a:67:40:19:dc:68:65:96:2f:
                    c3:80:21:45:c7:25:bd:15:a0:f0:5f:42:b7:e0:25:
                    69:11:bb:f7:11:a7:b5:08:94:19:9b:b3:c5:14:77:
                    07:d4:02:a7:de:38:21:68:2c:9e:24:f4:8e:2c:78:
                    24:82:ce:fb:a3:23:a7:53:ae:eb:55:05:92:e1:fe:
                    3e:25:1a:5f:6f:9e:98:5a:b4:0f:0e:1f:d5:3d:21:
                    19:dd:7f:79:aa:54:29:f6:4b:c7:6a:e9:20:4d:0c:
                    62:ce:d6:07:7e:61:53:71:50:73:78:51:55:1d:24:
                    5d:4b:b3:3d:6a:50:a5:bd:59:5f:e2:fb:16:79:72:
                    58:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:75:BA:A7:7C:DD:DD:BB:58:D1:C7:AF:7F:8E:07:DA:17:60:CA:D1
            X509v3 Authority Key Identifier:
                keyid:D4:D1:77:99:EA:C9:C9:96:2B:32:5F:ED:87:F9:30:C2:EA:C8:2C:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/1NF3merJyZYrMl_th_kwwurILK8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1NF3merJyZYrMl_th_kwwurILK8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91970E2/8101258CF9A811E6A4EFE02EC4F9AE02/1NF3merJyZYrMl_th_kwwurILK8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:0c:0d:af:ae:e7:2c:e7:ea:c0:c4:51:c3:50:28:77:d0:41:
         eb:7c:3d:13:36:07:68:7f:c7:22:69:47:1d:30:e6:dc:a7:73:
         e2:15:8b:d4:f3:8a:ca:9e:e3:c3:ff:b0:0b:91:c6:b4:59:b1:
         7e:ab:f7:ff:8b:18:cf:45:7b:63:e1:f3:0d:dc:a8:9e:21:7b:
         22:d9:3c:bf:ef:a1:49:b9:c8:3c:48:d6:9f:ed:e6:d0:7d:67:
         ec:10:d7:43:b0:0a:35:9e:52:66:fe:9c:79:44:8f:71:43:e6:
         6d:c7:e4:6f:bc:60:cb:46:1c:9d:83:93:da:54:37:b4:3a:7b:
         da:fe:90:9c:dd:fd:b5:a4:29:78:6b:24:23:08:64:54:fc:16:
         41:98:a7:a7:d6:46:f9:d7:be:02:96:68:ad:0d:29:47:c7:a6:
         7c:86:60:70:c1:76:60:56:d2:e8:35:ea:99:ac:e4:a0:35:98:
         72:76:c1:98:4c:12:65:e9:7b:a3:6d:b9:97:54:16:39:bf:16:
         37:2d:36:2a:df:f5:24:47:c3:f3:18:0c:5d:98:77:b0:0a:15:
         76:cf:b0:96:0c:81:91:66:e6:29:db:30:16:7f:e4:cc:38:7e:
         bf:f9:38:fe:93:31:bf:89:f4:da:ac:29:b3:35:27:2b:c7:3a:
         c6:9b:4e:16
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICG9AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTcwRTIxMTAvBgNVBAUTKEQ0RDE3Nzk5RUFDOUM5OTYyQjMyNUZFRDg3RjkzMEMy
RUFDODJDQUYwHhcNMjUwMzI4MTYyMTM0WhcNMjUwNDA0MTYyMTM0WjAYMRYwFAYD
VQQDEw02N2U2Y2M4ZS00YmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtnFOVjAWW3erbvZjE2oIm+j//LIL3xjdirOwfnN0DAzrcySMrhgdTBObbiJs
qaqsnEceFxtRxCZLQZvcZCOmJcjBEKD3x+wKMDVsZIIjMZMHxl8212wssDcABbcu
5qFehxRPy1S72FXOIsPONHm3cummJwVllJdz6IvBRG+aZ0AZ3Ghlli/DgCFFxyW9
FaDwX0K34CVpEbv3Eae1CJQZm7PFFHcH1AKn3jghaCyeJPSOLHgkgs77oyOnU67r
VQWS4f4+JRpfb56YWrQPDh/VPSEZ3X95qlQp9kvHaukgTQxiztYHfmFTcVBzeFFV
HSRdS7M9alClvVlf4vsWeXJYRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHB1uqd8
3d27WNHHr3+OB9oXYMrRMB8GA1UdIwQYMBaAFNTRd5nqycmWKzJf7Yf5MMLqyCyv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzBFMi84MTAxMjU4Q0Y5
QTgxMUU2QTRFRkUwMkVDNEY5QUUwMi8xTkYzbWVySnlaWXJNbF90aF9rd3d1cklM
SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFORjNtZXJKeVpZck1sX3RoX2t3d3VySUxLOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzBFMi84MTAxMjU4Q0Y5QTgxMUU2QTRFRkUwMkVDNEY5QUUwMi8xTkYzbWVySnla
WXJNbF90aF9rd3d1cklMSzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQClDA2vrucs5+rAxFHDUCh30EHrfD0TNgdof8ciaUcdMObcp3PiFYvU
84rKnuPD/7ALkca0WbF+q/f/ixjPRXtj4fMN3KieIXsi2Ty/76FJucg8SNaf7ebQ
fWfsENdDsAo1nlJm/px5RI9xQ+Ztx+RvvGDLRhydg5PaVDe0Onva/pCc3f21pCl4
ayQjCGRU/BZBmKen1kb5174ClmitDSlHx6Z8hmBwwXZgVtLoNeqZrOSgNZhydsGY
TBJl6XujbbmXVBY5vxY3LTYq3/UkR8PzGAxdmHewChV2z7CWDIGRZuYp2zAWf+TM
OH6/+Tj+kzG/ifTarCmzNScrxzrGm04W
-----END CERTIFICATE-----