Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft
File:                     Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft (raw, json)
Hash identifier:          KNp3mCJuF0fKiHYxxTjLNIBlULlmDHwT9C3j/3HIzrM=
Subject key identifier:   FB:CF:7C:69:50:7B:D2:39:DE:3D:E6:E1:EE:BF:C5:4B:EA:F1:77:6A
Authority key identifier: 3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C
Certificate issuer:       /CN=A91ACD4D/serialNumber=3A46FB0F40F69D5E1DB75D2851F040C19F66F22C
Certificate serial:       1612
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft
Manifest number:          1602
Signing time:             Fri 28 Mar 2025 16:50:50 +0000
Manifest this update:     Fri 28 Mar 2025 16:50:49 +0000
Manifest next update:     Fri 04 Apr 2025 16:50:49 +0000
Files and hashes:         1: Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl (hash: c0KAuVPsOJmj094j1GKuStnCEMV2w7u4rqgXx0o7DZU=)
                          2: 268ECB3ED5BD11E894FFC250C4F9AE02.roa (hash: w3oachy62b9vS7wqwD6D3HohJubENRLKhLvYOw/CqsQ=)
                          3: 3DE1DBC4D81011EC892E8A79C4F9AE02.roa (hash: P/jVLVKJm35tcLY3WNaJuQCIeip3WppGMETv/Tz90FE=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5650 (0x1612)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91ACD4D
        Validity
            Not Before: Mar 28 16:50:49 2025 GMT
            Not After : Apr  4 16:50:49 2025 GMT
        Subject: CN=67e6d36a-3abf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:ad:72:35:b5:ee:4b:2c:c6:a6:e6:67:a1:09:
                    1b:29:48:b0:56:92:45:5c:5d:f9:da:6c:e9:6c:08:
                    51:36:92:06:21:c3:dd:04:7e:ac:7d:a2:c4:ed:74:
                    2a:fe:4a:72:91:9f:a7:86:ed:c6:dc:76:ff:4a:66:
                    46:c8:51:22:8f:ba:ed:98:23:e1:75:51:30:1d:ad:
                    47:01:e0:17:59:70:4a:90:23:ea:99:0b:c6:fd:6d:
                    24:41:e8:0c:27:2a:df:9c:8b:18:5e:b2:c0:ea:c3:
                    f5:35:c1:0c:f2:8d:e2:1f:b0:ca:3f:c5:bf:23:d8:
                    eb:1a:31:75:00:59:25:f2:cf:e0:5b:8e:68:46:54:
                    35:83:35:7e:8c:2b:bb:4e:b8:00:9f:b9:ae:b6:5a:
                    65:36:d0:44:3d:f4:16:9a:91:3c:37:6c:30:89:c8:
                    ae:f3:d7:31:f5:79:4f:16:0d:26:97:20:ae:25:bc:
                    75:0f:d3:c7:83:dd:4c:75:0f:0d:50:68:75:c5:2e:
                    d4:64:02:96:db:2a:7b:3f:89:6f:23:30:6b:ba:34:
                    17:d1:1f:b7:fb:28:5e:5e:c9:3a:31:9d:43:8f:bc:
                    e9:92:02:13:21:69:c0:93:38:3b:6b:76:28:03:c0:
                    0d:fe:76:d7:5b:ad:db:fd:e5:5f:ec:8e:51:0a:89:
                    f7:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:CF:7C:69:50:7B:D2:39:DE:3D:E6:E1:EE:BF:C5:4B:EA:F1:77:6A
            X509v3 Authority Key Identifier:
                keyid:3A:46:FB:0F:40:F6:9D:5E:1D:B7:5D:28:51:F0:40:C1:9F:66:F2:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Okb7D0D2nV4dt10oUfBAwZ9m8iw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACD4D/137D00D4160E11E8852C437EC4F9AE02/Okb7D0D2nV4dt10oUfBAwZ9m8iw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:62:bf:8c:36:47:58:69:e6:bb:f5:c6:25:5b:59:a3:44:ff:
         8d:34:d2:6a:a0:95:ef:78:90:36:50:7c:18:07:e3:85:9b:82:
         bf:19:7f:35:8e:01:63:7b:23:85:51:24:21:ac:fd:38:16:93:
         16:75:2a:f0:49:ea:df:a1:3f:cc:6b:bb:9d:84:2e:eb:86:8e:
         ca:5c:d4:20:a1:a6:b9:8d:37:9e:7d:e1:6b:46:29:88:15:f3:
         68:82:c0:8e:0d:6c:15:d1:b5:61:6a:3c:17:43:2c:ce:be:ec:
         a1:61:51:21:50:e8:4b:70:0f:78:52:4b:56:55:bb:f2:13:f4:
         cb:89:b7:33:5f:58:23:6c:65:41:dd:8a:80:e0:b8:bb:d4:26:
         de:f0:37:3b:7e:ee:d3:15:16:8d:83:a4:b2:a8:68:05:c7:b0:
         f4:02:6f:a3:7c:fc:0f:62:ee:71:2d:a7:dd:fc:c7:f5:f5:1c:
         be:1a:da:bd:a3:69:da:25:23:c3:4e:7c:96:98:64:43:20:c2:
         5d:d7:15:34:bc:c7:92:13:a5:05:af:f8:5c:cd:69:be:3d:16:
         9f:30:0f:b0:86:d9:6a:77:5f:50:79:09:ab:3c:60:0e:2c:12:
         9b:16:32:b2:00:e1:5e:5b:c3:0d:d7:ce:a5:75:4a:c6:c3:4d:
         78:c7:4d:56
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICFhIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUNENEQxMTAvBgNVBAUTKDNBNDZGQjBGNDBGNjlENUUxREI3NUQyODUxRjA0MEMx
OUY2NkYyMkMwHhcNMjUwMzI4MTY1MDQ5WhcNMjUwNDA0MTY1MDQ5WjAYMRYwFAYD
VQQDEw02N2U2ZDM2YS0zYWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1q1yNbXuSyzGpuZnoQkbKUiwVpJFXF352mzpbAhRNpIGIcPdBH6sfaLE7XQq
/kpykZ+nhu3G3Hb/SmZGyFEij7rtmCPhdVEwHa1HAeAXWXBKkCPqmQvG/W0kQegM
JyrfnIsYXrLA6sP1NcEM8o3iH7DKP8W/I9jrGjF1AFkl8s/gW45oRlQ1gzV+jCu7
TrgAn7mutlplNtBEPfQWmpE8N2wwiciu89cx9XlPFg0mlyCuJbx1D9PHg91MdQ8N
UGh1xS7UZAKW2yp7P4lvIzBrujQX0R+3+yheXsk6MZ1Dj7zpkgITIWnAkzg7a3Yo
A8AN/nbXW63b/eVf7I5RCon3nQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPvPfGlQ
e9I53j3m4e6/xUvq8XdqMB8GA1UdIwQYMBaAFDpG+w9A9p1eHbddKFHwQMGfZvIs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0Q0RC8xMzdEMDBENDE2
MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5WNGR0MTBvVWZCQXdaOW04
aXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09rYjdEMEQyblY0ZHQxMG9VZkJBd1o5bThpdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
Q0Q0RC8xMzdEMDBENDE2MEUxMUU4ODUyQzQzN0VDNEY5QUUwMi9Pa2I3RDBEMm5W
NGR0MTBvVWZCQXdaOW04aXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA5Yr+MNkdYaea79cYlW1mjRP+NNNJqoJXveJA2UHwYB+OFm4K/GX81
jgFjeyOFUSQhrP04FpMWdSrwSerfoT/Ma7udhC7rho7KXNQgoaa5jTeefeFrRimI
FfNogsCODWwV0bVhajwXQyzOvuyhYVEhUOhLcA94UktWVbvyE/TLibczX1gjbGVB
3YqA4Li71Cbe8Dc7fu7TFRaNg6SyqGgFx7D0Am+jfPwPYu5xLafd/Mf19Ry+Gtq9
o2naJSPDTnyWmGRDIMJd1xU0vMeSE6UFr/hczWm+PRafMA+whtlqd19QeQmrPGAO
LBKbFjKyAOFeW8MN186ldUrGw014x01W
-----END CERTIFICATE-----