Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/23jZ-TWOVn0wbuO9Hqx0jpYGv48.mft
File:                     23jZ-TWOVn0wbuO9Hqx0jpYGv48.mft (raw, json)
Hash identifier:          tS3CW1X03dEfX8eBNKUZ4PtBxB+PyM3Gr2YOjbmd5o4=
Subject key identifier:   81:A5:CC:DF:FC:A0:FB:73:5D:82:A2:CC:03:16:A7:23:B6:D7:F8:27
Authority key identifier: DB:78:D9:F9:35:8E:56:7D:30:6E:E3:BD:1E:AC:74:8E:96:06:BF:8F
Certificate issuer:       /CN=A91D72CC/serialNumber=DB78D9F9358E567D306EE3BD1EAC748E9606BF8F
Certificate serial:       2F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23jZ-TWOVn0wbuO9Hqx0jpYGv48.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/23jZ-TWOVn0wbuO9Hqx0jpYGv48.mft
Manifest number:          0DF8
Signing time:             Fri 28 Mar 2025 18:02:10 +0000
Manifest this update:     Fri 28 Mar 2025 18:02:09 +0000
Manifest next update:     Fri 04 Apr 2025 18:02:09 +0000
Files and hashes:         1: 23jZ-TWOVn0wbuO9Hqx0jpYGv48.crl (hash: TlZKfnZhHWvTe4pGNWf1pogStHVZZLjEQDZ6v5nJX/k=)
                          2: DEDE6B3CC8A911EFB805FB63C4F9AE02.roa (hash: vEfRiQNE3h/B834WLq9GOeXPVajCjfh3DLWpODG+4Jw=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47 (0x2f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D72CC
        Validity
            Not Before: Mar 28 18:02:09 2025 GMT
            Not After : Apr  4 18:02:09 2025 GMT
        Subject: CN=67e6e422-0116
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:90:4f:28:5b:1d:60:a7:fe:e9:05:c8:7e:f5:
                    75:40:9b:ca:9f:27:6d:b9:de:28:11:58:e4:98:56:
                    9e:81:7b:47:a2:d5:f8:87:68:ed:16:04:72:7f:87:
                    61:88:08:73:90:9c:30:ba:cf:8a:a6:67:d3:b8:91:
                    0d:94:aa:96:03:40:1e:29:0f:a5:cc:ca:05:31:60:
                    e3:ce:06:ea:7d:d8:b4:2e:ed:7b:dc:0b:ca:61:5a:
                    c0:4a:39:50:5a:36:b8:31:c2:e5:80:2d:e0:7e:98:
                    95:ca:c1:3e:dd:71:ed:d8:06:02:59:68:4b:b0:ce:
                    4a:02:fc:60:8f:4d:18:0d:9d:d7:a4:73:ee:21:e1:
                    a5:75:25:29:dc:45:b9:9f:8a:44:10:5c:75:86:3f:
                    fc:cc:4a:d8:b8:85:9d:3c:c4:a7:a1:d0:5d:07:32:
                    2c:a5:ec:44:19:25:ec:4c:2e:00:a2:d5:8b:89:b7:
                    af:99:ae:cb:2a:99:7f:8a:7b:28:5c:42:a7:6b:79:
                    3d:4b:6b:d5:2f:c3:9f:a8:4e:e7:7f:3c:85:eb:0c:
                    4a:44:17:2e:74:dd:07:ae:09:b7:aa:36:0c:b1:5b:
                    9b:87:e9:25:6c:c3:9f:98:d9:8f:32:3e:d1:2d:99:
                    7d:39:0f:4c:49:96:e8:a0:3b:c8:c4:c8:28:c8:cb:
                    7e:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:A5:CC:DF:FC:A0:FB:73:5D:82:A2:CC:03:16:A7:23:B6:D7:F8:27
            X509v3 Authority Key Identifier:
                keyid:DB:78:D9:F9:35:8E:56:7D:30:6E:E3:BD:1E:AC:74:8E:96:06:BF:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/23jZ-TWOVn0wbuO9Hqx0jpYGv48.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23jZ-TWOVn0wbuO9Hqx0jpYGv48.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/23jZ-TWOVn0wbuO9Hqx0jpYGv48.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         d2:33:d9:f3:bf:19:1d:68:c3:a3:fa:76:c0:56:98:f1:82:0f:
         e3:ad:12:9f:18:37:b7:0b:ad:49:a5:ae:c7:99:b8:27:e1:31:
         a1:d9:7c:6f:06:da:dd:c5:45:73:a6:0d:48:9e:e7:1f:82:83:
         5d:54:ee:de:38:00:71:b6:c8:fa:c2:31:aa:01:a4:b7:45:63:
         10:d5:81:18:f8:bb:d2:2e:4b:39:74:05:59:ae:92:76:e8:cc:
         74:3b:e2:aa:bb:01:c0:76:83:87:67:4a:89:4f:a0:5e:4b:be:
         a7:6a:03:5f:c5:ff:c5:37:44:24:9e:21:57:11:bb:b4:66:64:
         c1:07:ca:9b:a9:d1:43:c3:cf:9e:3b:8b:98:88:ec:c0:4b:de:
         63:95:94:d3:bd:f8:7f:19:a7:25:6f:e6:e7:ca:09:4e:64:00:
         b3:28:ec:69:63:37:2a:a7:ee:1f:f0:fe:d1:54:4d:ae:b2:94:
         b1:29:65:d2:32:f6:75:08:b8:22:e1:7a:8e:19:ff:2d:1b:a6:
         e2:9b:96:b8:77:14:68:a9:2d:dd:41:6f:0a:41:46:69:1b:f3:
         dc:03:a7:ea:4a:d4:43:70:52:5c:f4:e0:5c:13:67:13:49:7b:
         6f:c4:cf:b5:cf:90:70:fb:2f:65:2d:61:73:90:7e:2b:74:97:
         62:11:d7:86
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBLzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
NzJDQzExMC8GA1UEBRMoREI3OEQ5RjkzNThFNTY3RDMwNkVFM0JEMUVBQzc0OEU5
NjA2QkY4RjAeFw0yNTAzMjgxODAyMDlaFw0yNTA0MDQxODAyMDlaMBgxFjAUBgNV
BAMTDTY3ZTZlNDIyLTAxMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAkE8oWx1gp/7pBch+9XVAm8qfJ2253igRWOSYVp6Be0ei1fiHaO0WBHJ/h2GI
CHOQnDC6z4qmZ9O4kQ2UqpYDQB4pD6XMygUxYOPOBup92LQu7XvcC8phWsBKOVBa
NrgxwuWALeB+mJXKwT7dce3YBgJZaEuwzkoC/GCPTRgNndekc+4h4aV1JSncRbmf
ikQQXHWGP/zMSti4hZ08xKeh0F0HMiyl7EQZJexMLgCi1YuJt6+ZrssqmX+Keyhc
QqdreT1La9Uvw5+oTud/PIXrDEpEFy503QeuCbeqNgyxW5uH6SVsw5+Y2Y8yPtEt
mX05D0xJluigO8jEyCjIy34hAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUgaXM3/yg
+3NdgqLMAxanI7bX+CcwHwYDVR0jBBgwFoAU23jZ+TWOVn0wbuO9Hqx0jpYGv48w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ3MkNDLzQzMzBBQzlDQjM2
RDExRTk4MjQ2RUQwQUM0RjlBRTAyLzIzalotVFdPVm4wd2J1TzlIcXgwanBZR3Y0
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMjNqWi1UV09WbjB3YnVPOUhxeDBqcFlHdjQ4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ3
MkNDLzQzMzBBQzlDQjM2RDExRTk4MjQ2RUQwQUM0RjlBRTAyLzIzalotVFdPVm4w
d2J1TzlIcXgwanBZR3Y0OC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBANIz2fO/GR1ow6P6dsBWmPGCD+OtEp8YN7cLrUmlrseZuCfhMaHZfG8G
2t3FRXOmDUie5x+Cg11U7t44AHG2yPrCMaoBpLdFYxDVgRj4u9IuSzl0BVmuknbo
zHQ74qq7AcB2g4dnSolPoF5LvqdqA1/F/8U3RCSeIVcRu7RmZMEHypup0UPDz547
i5iI7MBL3mOVlNO9+H8ZpyVv5ufKCU5kALMo7GljNyqn7h/w/tFUTa6ylLEpZdIy
9nUIuCLheo4Z/y0bpuKblrh3FGipLd1BbwpBRmkb89wDp+pK1ENwUlz04FwTZxNJ
e2/Ez7XPkHD7L2UtYXOQfit0l2IR14Y=
-----END CERTIFICATE-----