Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A210A/A538ADB83A8211E9A4C2812CC4F9AE02/xGIlbhG2PuqR1z02Q867tRojUK8.mft
File:                     xGIlbhG2PuqR1z02Q867tRojUK8.mft (raw, json)
Hash identifier:          DwUv3BBOJ3x9Cpx5RzLDgKDjZE1b1Wpy7I9ZnYR6HdQ=
Subject key identifier:   49:C0:21:F3:F9:49:14:17:BF:3F:9C:2E:61:20:26:BC:2B:B2:B2:8B
Authority key identifier: C4:62:25:6E:11:B6:3E:EA:91:D7:3D:36:43:CE:BB:B5:1A:23:50:AF
Certificate issuer:       /CN=A91A210A/serialNumber=C462256E11B63EEA91D73D3643CEBBB51A2350AF
Certificate serial:       1036
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xGIlbhG2PuqR1z02Q867tRojUK8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A210A/A538ADB83A8211E9A4C2812CC4F9AE02/xGIlbhG2PuqR1z02Q867tRojUK8.mft
Manifest number:          102C
Signing time:             Fri 28 Mar 2025 17:32:03 +0000
Manifest this update:     Fri 28 Mar 2025 17:32:03 +0000
Manifest next update:     Fri 04 Apr 2025 17:32:03 +0000
Files and hashes:         1: xGIlbhG2PuqR1z02Q867tRojUK8.crl (hash: f9tXxcxa8tyjCuykKuFR646hqPzWNyemB9gAhabQiN0=)
                          2: 797BF786FB2C11EFA405F334C4F9AE02.roa (hash: nzoqMxBn2KbqZXDLTX5x25dIfUmYP+HQor6MyKclQ64=)
                          3: 691023063A8311E99AF5572DC4F9AE02.roa (hash: l1yNy5wosDr6TY3WBCB5bde6OHwXT+S3VSRcd8EQWZk=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4150 (0x1036)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A210A
        Validity
            Not Before: Mar 28 17:32:03 2025 GMT
            Not After : Apr  4 17:32:03 2025 GMT
        Subject: CN=67e6dd13-d28c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:08:86:9b:00:cc:95:15:95:49:2c:bb:cd:23:
                    fe:a6:26:d8:c0:cb:9a:f4:1e:cd:b9:bd:72:e1:d0:
                    e7:e7:c8:f2:d1:30:03:a3:00:5d:73:64:84:06:65:
                    e6:21:b0:63:1a:7d:81:b8:75:b5:d1:54:43:bb:f2:
                    b4:28:1c:b8:c3:ca:4f:5b:0b:51:5f:fd:e9:ce:44:
                    cc:75:33:f7:22:17:0a:4b:80:93:b1:27:38:fc:e1:
                    41:b5:c8:78:95:20:a8:88:48:ac:9d:ee:39:86:c1:
                    65:68:7c:f4:7c:6b:4b:50:aa:f8:bc:8d:69:1e:8a:
                    ce:24:4e:09:d6:de:5a:24:ff:ec:7e:50:ff:b9:ab:
                    65:a6:9a:72:17:97:02:20:9e:f9:d0:e1:b0:66:16:
                    89:73:81:6a:d9:c9:2b:89:72:99:0b:2b:4b:78:63:
                    38:8a:b2:08:fb:c7:cc:25:24:35:ea:5f:23:86:2a:
                    38:ca:81:88:5f:54:6c:f5:1d:a8:09:50:da:34:e0:
                    db:86:30:14:f9:ef:ef:c8:f1:77:63:a1:b0:08:2f:
                    c1:af:cd:7b:32:74:51:8b:04:2c:43:6a:f9:28:91:
                    70:b1:1e:02:77:f0:32:dc:99:7e:85:db:57:c4:d7:
                    67:bb:51:ae:82:62:a5:af:c4:22:fe:d9:b8:6a:62:
                    a8:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:C0:21:F3:F9:49:14:17:BF:3F:9C:2E:61:20:26:BC:2B:B2:B2:8B
            X509v3 Authority Key Identifier:
                keyid:C4:62:25:6E:11:B6:3E:EA:91:D7:3D:36:43:CE:BB:B5:1A:23:50:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A210A/A538ADB83A8211E9A4C2812CC4F9AE02/xGIlbhG2PuqR1z02Q867tRojUK8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xGIlbhG2PuqR1z02Q867tRojUK8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A210A/A538ADB83A8211E9A4C2812CC4F9AE02/xGIlbhG2PuqR1z02Q867tRojUK8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:56:8a:51:40:a9:fa:0a:61:a2:e1:e8:0e:14:46:39:01:f3:
         77:43:26:74:ff:6c:be:08:c1:ef:85:5d:60:7e:0b:11:74:79:
         14:c0:d1:e7:6d:aa:a9:42:13:5c:a8:7a:0b:ee:92:d6:45:9b:
         40:04:a2:68:2c:54:62:7f:03:49:d6:29:cf:7d:db:6f:25:8f:
         d3:4d:76:bf:0b:83:cb:3a:d2:a5:f0:a4:16:55:75:c4:73:34:
         8e:1b:ec:36:cc:5b:36:fa:ef:78:e9:54:13:b8:69:58:42:7d:
         94:67:71:45:7b:3f:46:2a:ec:af:09:c1:bd:d4:5b:9f:e8:da:
         c9:d5:2c:df:82:50:e4:3c:90:f9:15:5b:d4:54:0e:c5:50:54:
         95:2e:d4:8b:22:6c:c7:42:bf:55:e3:98:5a:6d:f7:96:ad:9b:
         5c:61:16:b0:f1:43:26:b7:3d:c7:c8:79:f7:52:39:0a:24:54:
         24:70:11:f1:cd:b7:c2:c3:d3:8c:98:3d:c6:6e:72:2c:7a:e1:
         f5:41:a5:40:83:1a:5e:04:80:d6:b4:e0:40:4d:b2:60:cd:bb:
         05:35:59:44:57:43:b3:64:a7:55:db:39:92:e7:0f:b6:42:35:
         73:5e:9b:93:7e:59:da:3d:d1:53:e5:8c:bb:53:c3:94:0f:82:
         6f:b7:85:31
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTIxMEExMTAvBgNVBAUTKEM0NjIyNTZFMTFCNjNFRUE5MUQ3M0QzNjQzQ0VCQkI1
MUEyMzUwQUYwHhcNMjUwMzI4MTczMjAzWhcNMjUwNDA0MTczMjAzWjAYMRYwFAYD
VQQDEw02N2U2ZGQxMy1kMjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0wiGmwDMlRWVSSy7zSP+pibYwMua9B7Nub1y4dDn58jy0TADowBdc2SEBmXm
IbBjGn2BuHW10VRDu/K0KBy4w8pPWwtRX/3pzkTMdTP3IhcKS4CTsSc4/OFBtch4
lSCoiEisne45hsFlaHz0fGtLUKr4vI1pHorOJE4J1t5aJP/sflD/uatlpppyF5cC
IJ750OGwZhaJc4Fq2ckriXKZCytLeGM4irII+8fMJSQ16l8jhio4yoGIX1Rs9R2o
CVDaNODbhjAU+e/vyPF3Y6GwCC/Br817MnRRiwQsQ2r5KJFwsR4Cd/Ay3Jl+hdtX
xNdnu1GugmKlr8Qi/tm4amKoIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEnAIfP5
SRQXvz+cLmEgJrwrsrKLMB8GA1UdIwQYMBaAFMRiJW4Rtj7qkdc9NkPOu7UaI1Cv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMjEwQS9BNTM4QURCODNB
ODIxMUU5QTRDMjgxMkNDNEY5QUUwMi94R0lsYmhHMlB1cVIxejAyUTg2N3RSb2pV
SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hHSWxiaEcyUHVxUjF6MDJRODY3dFJvalVLOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MjEwQS9BNTM4QURCODNBODIxMUU5QTRDMjgxMkNDNEY5QUUwMi94R0lsYmhHMlB1
cVIxejAyUTg2N3RSb2pVSzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDEVopRQKn6CmGi4egOFEY5AfN3QyZ0/2y+CMHvhV1gfgsRdHkUwNHn
baqpQhNcqHoL7pLWRZtABKJoLFRifwNJ1inPfdtvJY/TTXa/C4PLOtKl8KQWVXXE
czSOG+w2zFs2+u946VQTuGlYQn2UZ3FFez9GKuyvCcG91Fuf6NrJ1SzfglDkPJD5
FVvUVA7FUFSVLtSLImzHQr9V45habfeWrZtcYRaw8UMmtz3HyHn3UjkKJFQkcBHx
zbfCw9OMmD3GbnIseuH1QaVAgxpeBIDWtOBATbJgzbsFNVlEV0OzZKdV2zmS5w+2
QjVzXpuTflnaPdFT5Yy7U8OUD4Jvt4Ux
-----END CERTIFICATE-----