Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft
File:                     hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft (raw, json)
Hash identifier:          wqNXsRxtrCBBRB2+vL709dbOGQ7f8msY/wpOstL+GNc=
Subject key identifier:   21:54:5E:B3:6F:02:77:B8:D3:14:EB:3C:88:01:31:A4:C1:D5:AD:70
Authority key identifier: 85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1
Certificate issuer:       /CN=A91A5BCD/serialNumber=859D184F41C34898B7298C991075CCCF51679AF1
Certificate serial:       09D5
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft
Manifest number:          09CA
Signing time:             Fri 28 Mar 2025 20:11:56 +0000
Manifest this update:     Fri 28 Mar 2025 20:11:56 +0000
Manifest next update:     Fri 04 Apr 2025 20:11:56 +0000
Files and hashes:         1: hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl (hash: YxJ9R4yJCuf3VhGBghVrZ5NT/U39Uk67BSaX+HSy7YY=)
                          2: 5B5A8050DDBC11EC8378E737C4F9AE02.roa (hash: kuaeWW5XDtEss8OMi7KAX48faILNgvVIFP8CkKJ2iU4=)
                          3: 5A3B7CECDDBC11EC8378E737C4F9AE02.roa (hash: +hSvjMhozV6jQZDqNkt9a1+7X0UawZcr6mRFLa7AaGc=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2517 (0x9d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91A5BCD
        Validity
            Not Before: Mar 28 20:11:56 2025 GMT
            Not After : Apr  4 20:11:56 2025 GMT
        Subject: CN=67e7028c-d669
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:61:82:af:21:19:21:8f:ca:b7:c1:eb:58:ba:
                    9b:86:c0:b5:18:0e:c9:3e:26:b2:b4:42:14:20:95:
                    8f:2c:f6:e9:81:fc:ad:6a:c8:6a:b9:d9:9d:ea:a0:
                    54:cf:20:80:84:bc:46:61:bd:71:5f:84:7c:d1:fb:
                    b2:02:20:9e:b7:52:e3:1e:6e:00:69:ed:23:24:2d:
                    dd:f4:ee:78:7d:fe:df:a3:63:d7:b8:c4:d5:22:88:
                    0e:cd:c7:82:34:74:b5:f5:50:8b:7e:83:3f:d4:fb:
                    ae:f7:60:af:1c:18:bb:5c:1d:51:8f:d8:f9:2b:b5:
                    e3:cc:a5:2e:ef:74:d7:2b:65:7d:85:5d:c4:61:9b:
                    16:a0:7e:f0:c2:06:ba:ca:14:5a:f9:31:00:af:b8:
                    0a:d8:19:72:93:e4:a9:ce:70:c7:ca:38:a5:6a:0c:
                    13:f6:be:6f:0f:7a:37:3d:9d:2b:ff:fb:40:95:4b:
                    c3:d3:78:77:2a:aa:1f:b7:8c:a6:e9:ea:7b:c6:0e:
                    75:d8:76:cb:7a:2d:06:fb:e7:3f:6b:8a:3b:88:6b:
                    45:39:5e:13:a2:6e:79:71:05:d8:8a:28:3b:fd:3a:
                    c3:8f:31:a1:8b:c9:ad:e3:f5:26:f9:5f:ee:49:6a:
                    c9:a2:0b:e9:ec:db:1e:24:02:01:cd:51:8b:11:3d:
                    30:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:54:5E:B3:6F:02:77:B8:D3:14:EB:3C:88:01:31:A4:C1:D5:AD:70
            X509v3 Authority Key Identifier:
                keyid:85:9D:18:4F:41:C3:48:98:B7:29:8C:99:10:75:CC:CF:51:67:9A:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5BCD/61D0C4867A3A11EABF8B5826C4F9AE02/hZ0YT0HDSJi3KYyZEHXMz1FnmvE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:99:5d:fe:92:d2:a5:b0:c4:af:c0:e0:cf:aa:58:4e:cf:72:
         0f:a9:3b:8b:ca:59:75:b3:40:9d:8a:5c:0f:48:7c:1d:bd:7d:
         e4:46:68:72:03:b7:63:11:5f:9f:ba:65:d7:b5:78:bc:51:c4:
         30:80:45:04:ed:90:0b:f3:d9:02:5e:98:31:d9:bc:65:2f:47:
         19:06:cb:ea:a5:d0:9b:79:be:05:42:0d:00:ef:24:1c:04:7a:
         1c:24:16:aa:7a:f3:95:47:46:6a:3f:d9:b0:55:55:25:cb:a3:
         05:e8:fe:55:01:85:c4:3c:31:b2:52:a8:6c:70:86:08:a0:41:
         57:a5:5f:39:cf:ec:37:35:98:aa:58:e9:a7:90:8f:52:b8:a0:
         bd:44:26:87:3b:e4:08:9e:44:a3:5d:f6:3e:8a:75:9b:df:f1:
         27:2c:fd:83:3c:c1:9e:16:47:2c:cb:3e:8d:bf:67:6d:fd:16:
         84:71:d6:fe:b9:bb:86:0a:1c:87:a2:7a:6a:75:19:05:45:be:
         19:4b:0d:20:09:a2:4d:9d:0f:1e:87:05:05:b4:08:3a:e3:f5:
         db:24:48:49:3f:d7:d8:0a:d9:d7:1a:04:c9:b2:77:81:84:00:
         7c:9a:f3:3e:db:b7:78:e9:ec:08:2c:4c:a1:f1:98:69:40:e9:
         05:0c:0c:91
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTVCQ0QxMTAvBgNVBAUTKDg1OUQxODRGNDFDMzQ4OThCNzI5OEM5OTEwNzVDQ0NG
NTE2NzlBRjEwHhcNMjUwMzI4MjAxMTU2WhcNMjUwNDA0MjAxMTU2WjAYMRYwFAYD
VQQDEw02N2U3MDI4Yy1kNjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwGGCryEZIY/Kt8HrWLqbhsC1GA7JPiaytEIUIJWPLPbpgfytashqudmd6qBU
zyCAhLxGYb1xX4R80fuyAiCet1LjHm4Aae0jJC3d9O54ff7fo2PXuMTVIogOzceC
NHS19VCLfoM/1Puu92CvHBi7XB1Rj9j5K7XjzKUu73TXK2V9hV3EYZsWoH7wwga6
yhRa+TEAr7gK2Blyk+SpznDHyjilagwT9r5vD3o3PZ0r//tAlUvD03h3Kqoft4ym
6ep7xg512HbLei0G++c/a4o7iGtFOV4Tom55cQXYiig7/TrDjzGhi8mt4/Um+V/u
SWrJogvp7NseJAIBzVGLET0wHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCFUXrNv
Ane40xTrPIgBMaTB1a1wMB8GA1UdIwQYMBaAFIWdGE9Bw0iYtymMmRB1zM9RZ5rx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNUJDRC82MUQwQzQ4NjdB
M0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNKaTNLWXlaRUhYTXoxRm5t
dkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2haMFlUMEhEU0ppM0tZeVpFSFhNejFGbm12RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NUJDRC82MUQwQzQ4NjdBM0ExMUVBQkY4QjU4MjZDNEY5QUUwMi9oWjBZVDBIRFNK
aTNLWXlaRUhYTXoxRm5tdkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCYmV3+ktKlsMSvwODPqlhOz3IPqTuLyll1s0CdilwPSHwdvX3kRmhy
A7djEV+fumXXtXi8UcQwgEUE7ZAL89kCXpgx2bxlL0cZBsvqpdCbeb4FQg0A7yQc
BHocJBaqevOVR0ZqP9mwVVUly6MF6P5VAYXEPDGyUqhscIYIoEFXpV85z+w3NZiq
WOmnkI9SuKC9RCaHO+QInkSjXfY+inWb3/EnLP2DPMGeFkcsyz6Nv2dt/RaEcdb+
ubuGChyHonpqdRkFRb4ZSw0gCaJNnQ8ehwUFtAg64/XbJEhJP9fYCtnXGgTJsneB
hAB8mvM+27d46ewILEyh8ZhpQOkFDAyR
-----END CERTIFICATE-----