Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft
File:                     X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft (raw, json)
Hash identifier:          Al8J/hvWXE0H2jx4Ux6BYL9eKCC5kKnHwEYMCt4oOCc=
Subject key identifier:   CE:17:FE:E1:5F:CA:B4:50:F4:16:AF:DA:49:16:7F:B3:2D:BC:69:7C
Authority key identifier: 5F:8A:F3:59:73:FD:4F:A5:63:F3:3B:73:76:53:46:82:10:7B:C8:F9
Certificate issuer:       /CN=A91CE285/serialNumber=5F8AF35973FD4FA563F33B7376534682107BC8F9
Certificate serial:       0999
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X4rzWXP9T6Vj8ztzdlNGghB7yPk.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft
Manifest number:          0993
Signing time:             Fri 28 Mar 2025 20:21:28 +0000
Manifest this update:     Fri 28 Mar 2025 20:21:28 +0000
Manifest next update:     Fri 04 Apr 2025 20:21:28 +0000
Files and hashes:         1: X4rzWXP9T6Vj8ztzdlNGghB7yPk.crl (hash: EJm6hjVmW2jNOc3LpagsmSbmqglomo9bkyc0ky5VMYI=)
                          2: E5C4974689CF11EAA39AF441C4F9AE02.roa (hash: FJBYOIrltpRMrNwPrut4yj3xc+CpMT9AOJtC+2kI31Y=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2457 (0x999)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CE285
        Validity
            Not Before: Mar 28 20:21:28 2025 GMT
            Not After : Apr  4 20:21:28 2025 GMT
        Subject: CN=67e704c8-5e25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:d4:fa:96:c0:94:d6:ad:eb:83:4e:ab:d0:15:
                    4f:d9:2f:95:8a:f4:3f:34:ab:c7:05:ec:d3:41:f4:
                    49:e9:2d:7c:ef:10:30:cd:13:19:c8:96:d7:9d:57:
                    bc:c0:3c:f8:e1:b9:c7:41:81:63:4c:18:28:37:da:
                    d2:ae:24:aa:6f:56:93:f2:ce:9e:4a:89:20:43:61:
                    a2:cc:56:b1:2c:87:54:89:d2:68:ea:c9:16:68:99:
                    bb:78:86:a4:34:3b:41:eb:31:02:72:a1:90:03:ad:
                    f9:a2:59:3f:30:0e:f8:89:5d:c1:85:03:f0:26:b6:
                    05:c5:fd:c2:68:b8:7b:d6:bf:ba:a7:a4:2e:ce:f6:
                    8f:c6:6c:17:1e:a9:8e:4a:81:cd:f0:b2:0e:1e:aa:
                    50:c8:a6:65:ce:f5:81:06:9d:18:5e:b6:c5:07:62:
                    ce:12:d5:81:71:21:8f:d6:58:71:0d:c2:c2:1c:d5:
                    f9:65:1e:4e:19:8d:57:ef:47:92:b1:ad:0b:65:83:
                    17:cb:12:d9:a7:db:46:cf:b8:79:ec:a3:e1:34:cd:
                    49:80:d2:a5:42:46:c0:cc:5c:a5:b1:e7:89:c0:18:
                    ad:97:6e:6f:13:da:d9:b9:a5:04:27:19:12:bb:75:
                    6e:25:97:cb:7d:9c:cd:13:49:9d:39:41:15:63:85:
                    f4:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:17:FE:E1:5F:CA:B4:50:F4:16:AF:DA:49:16:7F:B3:2D:BC:69:7C
            X509v3 Authority Key Identifier:
                keyid:5F:8A:F3:59:73:FD:4F:A5:63:F3:3B:73:76:53:46:82:10:7B:C8:F9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X4rzWXP9T6Vj8ztzdlNGghB7yPk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE285/5E1648B684BC11EAA5262263C4F9AE02/X4rzWXP9T6Vj8ztzdlNGghB7yPk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:38:47:1a:e1:9d:f6:35:99:4f:79:af:ec:5d:0b:42:95:b3:
         4f:9c:94:5b:b3:d3:ec:39:6b:c9:6e:3a:b8:18:b3:a4:6a:94:
         20:fe:f8:cc:1b:a6:b3:22:87:d6:e3:8b:ed:f4:25:f7:fc:97:
         7a:1f:97:64:25:58:e6:5e:ad:66:44:17:bd:ca:d7:0b:7a:f8:
         f6:08:e6:56:02:ef:a7:9d:1a:c1:fc:9d:33:a6:9f:93:51:d8:
         1c:fe:80:61:a9:5e:8f:ae:73:d6:7e:64:59:a4:c6:5f:3a:c1:
         68:8e:99:b2:29:1c:23:4c:41:ed:52:95:d7:ed:0f:18:9e:08:
         5e:c3:f8:1a:52:f1:37:11:f2:37:cb:4d:c7:be:da:49:09:fe:
         9f:2f:27:e9:fe:3d:a0:10:71:51:f0:22:da:9e:ae:e7:34:d5:
         63:3a:5f:aa:28:6b:8a:98:78:a9:8b:cb:04:a8:f9:ca:5d:87:
         41:b5:f8:e0:75:ed:86:12:ae:49:4d:e7:fb:2a:6a:2e:7b:3e:
         20:1d:37:d9:55:9d:6b:c6:eb:e9:93:4d:a4:16:aa:3b:b5:3f:
         7d:0a:c9:d2:81:ad:e2:05:7f:eb:e6:fc:b1:e5:8d:6c:08:29:
         23:22:d1:af:db:49:84:f1:f7:94:8b:fc:0f:24:87:16:a8:f2:
         c6:ce:2e:a9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCZkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0UyODUxMTAvBgNVBAUTKDVGOEFGMzU5NzNGRDRGQTU2M0YzM0I3Mzc2NTM0Njgy
MTA3QkM4RjkwHhcNMjUwMzI4MjAyMTI4WhcNMjUwNDA0MjAyMTI4WjAYMRYwFAYD
VQQDEw02N2U3MDRjOC01ZTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAztT6lsCU1q3rg06r0BVP2S+VivQ/NKvHBezTQfRJ6S187xAwzRMZyJbXnVe8
wDz44bnHQYFjTBgoN9rSriSqb1aT8s6eSokgQ2GizFaxLIdUidJo6skWaJm7eIak
NDtB6zECcqGQA635olk/MA74iV3BhQPwJrYFxf3CaLh71r+6p6QuzvaPxmwXHqmO
SoHN8LIOHqpQyKZlzvWBBp0YXrbFB2LOEtWBcSGP1lhxDcLCHNX5ZR5OGY1X70eS
sa0LZYMXyxLZp9tGz7h57KPhNM1JgNKlQkbAzFylseeJwBitl25vE9rZuaUEJxkS
u3VuJZfLfZzNE0mdOUEVY4X06QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM4X/uFf
yrRQ9Bav2kkWf7MtvGl8MB8GA1UdIwQYMBaAFF+K81lz/U+lY/M7c3ZTRoIQe8j5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTI4NS81RTE2NDhCNjg0
QkMxMUVBQTUyNjIyNjNDNEY5QUUwMi9YNHJ6V1hQOVQ2Vmo4enR6ZGxOR2doQjd5
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1g0cnpXWFA5VDZWajh6dHpkbE5HZ2hCN3lQay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RTI4NS81RTE2NDhCNjg0QkMxMUVBQTUyNjIyNjNDNEY5QUUwMi9YNHJ6V1hQOVQ2
Vmo4enR6ZGxOR2doQjd5UGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAvOEca4Z32NZlPea/sXQtClbNPnJRbs9PsOWvJbjq4GLOkapQg/vjM
G6azIofW44vt9CX3/Jd6H5dkJVjmXq1mRBe9ytcLevj2COZWAu+nnRrB/J0zpp+T
Udgc/oBhqV6PrnPWfmRZpMZfOsFojpmyKRwjTEHtUpXX7Q8Ynghew/gaUvE3EfI3
y03HvtpJCf6fLyfp/j2gEHFR8CLanq7nNNVjOl+qKGuKmHipi8sEqPnKXYdBtfjg
de2GEq5JTef7Kmouez4gHTfZVZ1rxuvpk02kFqo7tT99CsnSga3iBX/r5vyx5Y1s
CCkjItGv20mE8feUi/wPJIcWqPLGzi6p
-----END CERTIFICATE-----