Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.mft
File:                     AXCw4NBuMUc8rBZOSwttIb300jc.mft (raw, json)
Hash identifier:          obPdM1WDvQRtrl2jg5THuQ885KrQm07PkDLrlyudEJc=
Subject key identifier:   49:32:F2:45:A9:CC:B7:69:8B:4B:FB:10:3B:41:9A:5C:BF:68:EF:DE
Authority key identifier: 01:70:B0:E0:D0:6E:31:47:3C:AC:16:4E:4B:0B:6D:21:BD:F4:D2:37
Certificate issuer:       /CN=A91AE9F7/serialNumber=0170B0E0D06E31473CAC164E4B0B6D21BDF4D237
Certificate serial:       0FBD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AXCw4NBuMUc8rBZOSwttIb300jc.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.mft
Manifest number:          0FB1
Signing time:             Fri 28 Mar 2025 17:37:30 +0000
Manifest this update:     Fri 28 Mar 2025 17:37:30 +0000
Manifest next update:     Fri 04 Apr 2025 17:37:30 +0000
Files and hashes:         1: AXCw4NBuMUc8rBZOSwttIb300jc.crl (hash: GLkb6EMihKe+yl8jm3qIc/lHMw4xCvGTK0jFGO6mAGc=)
                          2: 1585570A544C11E9BDFF2B2DC4F9AE02.roa (hash: jZa47LQUiVvIxoLDSyE/2t1CJaYFtRO42+/jeT3MONo=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4029 (0xfbd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91AE9F7
        Validity
            Not Before: Mar 28 17:37:30 2025 GMT
            Not After : Apr  4 17:37:30 2025 GMT
        Subject: CN=67e6de5a-e81c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a5:53:b6:ee:b0:ae:da:22:4a:78:57:52:21:
                    80:dd:12:61:77:9f:4e:fa:99:54:5b:3d:5d:c8:a8:
                    01:5d:ff:5b:5d:dd:66:1d:a4:a9:c0:b3:5a:a5:10:
                    bf:72:53:b8:29:93:74:36:63:b9:8e:e5:7c:d4:99:
                    c5:66:0a:20:88:a9:90:01:c0:ff:0b:c6:92:43:b9:
                    09:a1:8b:cc:4e:9e:77:18:b3:0b:df:2a:a3:de:cb:
                    6e:08:0a:34:1a:dc:ef:8a:03:a6:f5:0e:59:7c:27:
                    b2:f1:b0:79:65:0e:72:7c:98:b9:a8:73:5c:71:98:
                    27:18:ff:34:46:a6:a2:dc:64:75:9a:a3:08:5c:4f:
                    73:8d:90:19:3c:5d:7c:e4:d7:e4:93:27:ef:c8:60:
                    27:24:3a:9f:be:34:e8:60:e8:96:1c:cb:a8:04:f6:
                    ce:4f:dc:42:c5:3d:8e:c4:90:89:e3:e1:83:51:c0:
                    d6:d4:df:ed:af:84:81:2e:53:b1:a9:c1:75:d0:55:
                    b1:5b:65:cd:6b:e4:e5:ba:ee:5a:af:80:a2:e2:9c:
                    6a:ce:6c:6f:6a:eb:85:a5:99:a1:a8:d3:db:e1:65:
                    86:cf:f6:18:62:58:1b:74:cf:9d:2c:68:86:61:88:
                    5b:b0:59:5d:46:22:85:2c:63:18:73:b2:d0:da:da:
                    b5:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:32:F2:45:A9:CC:B7:69:8B:4B:FB:10:3B:41:9A:5C:BF:68:EF:DE
            X509v3 Authority Key Identifier:
                keyid:01:70:B0:E0:D0:6E:31:47:3C:AC:16:4E:4B:0B:6D:21:BD:F4:D2:37

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AXCw4NBuMUc8rBZOSwttIb300jc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE9F7/379EC742544A11E9A350C127C4F9AE02/AXCw4NBuMUc8rBZOSwttIb300jc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:75:e0:e2:db:1e:e4:a3:d8:f3:28:e7:16:c4:1f:05:9b:43:
         67:ce:9f:90:1e:4a:ca:8d:3b:15:90:46:32:a4:a9:3e:4d:a7:
         42:74:90:b7:0d:3c:9d:e8:70:6e:af:7c:e4:9b:84:5d:15:39:
         36:5d:54:06:8a:13:f0:90:0a:27:54:94:40:ea:97:b9:60:0a:
         57:f4:b0:d2:94:c3:f6:0c:18:25:03:eb:87:f8:19:21:60:95:
         9b:a2:2b:14:73:b0:23:09:e4:a9:a4:c4:cd:58:71:3e:ab:af:
         04:d3:5e:f9:41:c7:10:94:1e:99:85:f7:1e:ce:ca:98:11:c4:
         31:19:13:ec:df:9b:ea:0b:f0:ba:e0:58:4e:f3:22:a8:c1:82:
         91:c6:8d:85:59:7a:2e:4d:0c:7a:ac:58:6d:08:4e:27:05:80:
         51:d2:99:67:6a:66:5e:d7:a1:37:57:cf:a3:35:45:c8:54:bb:
         33:19:6b:a2:65:c5:f2:47:c9:7d:fb:81:1b:a9:b3:b4:6a:57:
         8a:5a:67:4c:eb:5a:d6:7e:58:74:3f:0d:5d:e8:15:f0:6d:a4:
         96:bb:93:3a:d5:b4:46:92:62:93:2d:f2:f9:68:76:d6:c7:d3:
         9c:76:a6:b1:b7:14:d3:54:32:9f:dd:31:b4:9a:c3:82:25:65:
         0c:73:5a:b3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICD70wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUU5RjcxMTAvBgNVBAUTKDAxNzBCMEUwRDA2RTMxNDczQ0FDMTY0RTRCMEI2RDIx
QkRGNEQyMzcwHhcNMjUwMzI4MTczNzMwWhcNMjUwNDA0MTczNzMwWjAYMRYwFAYD
VQQDEw02N2U2ZGU1YS1lODFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqqVTtu6wrtoiSnhXUiGA3RJhd59O+plUWz1dyKgBXf9bXd1mHaSpwLNapRC/
clO4KZN0NmO5juV81JnFZgogiKmQAcD/C8aSQ7kJoYvMTp53GLML3yqj3stuCAo0
GtzvigOm9Q5ZfCey8bB5ZQ5yfJi5qHNccZgnGP80Rqai3GR1mqMIXE9zjZAZPF18
5NfkkyfvyGAnJDqfvjToYOiWHMuoBPbOT9xCxT2OxJCJ4+GDUcDW1N/tr4SBLlOx
qcF10FWxW2XNa+Tluu5ar4Ci4pxqzmxvauuFpZmhqNPb4WWGz/YYYlgbdM+dLGiG
YYhbsFldRiKFLGMYc7LQ2tq1swIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEky8kWp
zLdpi0v7EDtBmly/aO/eMB8GA1UdIwQYMBaAFAFwsODQbjFHPKwWTksLbSG99NI3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTlGNy8zNzlFQzc0MjU0
NEExMUU5QTM1MEMxMjdDNEY5QUUwMi9BWEN3NE5CdU1VYzhyQlpPU3d0dEliMzAw
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FYQ3c0TkJ1TVVjOHJCWk9Td3R0SWIzMDBqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RTlGNy8zNzlFQzc0MjU0NEExMUU5QTM1MEMxMjdDNEY5QUUwMi9BWEN3NE5CdU1V
YzhyQlpPU3d0dEliMzAwamMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAodeDi2x7ko9jzKOcWxB8Fm0Nnzp+QHkrKjTsVkEYypKk+TadCdJC3
DTyd6HBur3zkm4RdFTk2XVQGihPwkAonVJRA6pe5YApX9LDSlMP2DBglA+uH+Bkh
YJWboisUc7AjCeSppMTNWHE+q68E0175QccQlB6ZhfcezsqYEcQxGRPs35vqC/C6
4FhO8yKowYKRxo2FWXouTQx6rFhtCE4nBYBR0plnamZe16E3V8+jNUXIVLszGWui
ZcXyR8l9+4EbqbO0aleKWmdM61rWflh0Pw1d6BXwbaSWu5M61bRGkmKTLfL5aHbW
x9OcdqaxtxTTVDKf3TG0msOCJWUMc1qz
-----END CERTIFICATE-----