Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8DCB/743F70C82F2C11E899D1E017C4F9AE02/6beh3yCMdbnrMDz4g8oSjqBPxQo.mft
File:                     6beh3yCMdbnrMDz4g8oSjqBPxQo.mft (raw, json)
Hash identifier:          gPZHG9ridp/91BzhB7gT/U5at+5rzThwlcD90zviNG0=
Subject key identifier:   42:DF:36:BB:3B:8B:AF:08:43:4C:79:05:A0:C1:66:57:BD:1F:1A:93
Authority key identifier: E9:B7:A1:DF:20:8C:75:B9:EB:30:3C:F8:83:CA:12:8E:A0:4F:C5:0A
Certificate issuer:       /CN=A91D8DCB/serialNumber=E9B7A1DF208C75B9EB303CF883CA128EA04FC50A
Certificate serial:       1582
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6beh3yCMdbnrMDz4g8oSjqBPxQo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91D8DCB/743F70C82F2C11E899D1E017C4F9AE02/6beh3yCMdbnrMDz4g8oSjqBPxQo.mft
Manifest number:          157A
Signing time:             Fri 28 Mar 2025 16:54:34 +0000
Manifest this update:     Fri 28 Mar 2025 16:54:33 +0000
Manifest next update:     Fri 04 Apr 2025 16:54:33 +0000
Files and hashes:         1: 6beh3yCMdbnrMDz4g8oSjqBPxQo.crl (hash: +EW/9my1SnVayoXmin2Yp0HIEHStaVDq1AxCjd1PESs=)
                          2: F1D384D031D311E88735EA0AC4F9AE02.roa (hash: 1WW3WJFCQXTAgfqp4BPT1d+bkbg/Wm5DIDF6W6wSe5I=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5506 (0x1582)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91D8DCB
        Validity
            Not Before: Mar 28 16:54:33 2025 GMT
            Not After : Apr  4 16:54:33 2025 GMT
        Subject: CN=67e6d449-2f53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:a3:fb:e9:32:b3:cf:0a:60:8b:18:38:5d:48:
                    d9:51:8a:49:25:a7:02:b4:e9:57:f5:80:63:f8:9e:
                    cd:88:80:c6:a7:2b:3b:d0:1e:9d:b8:1f:3b:e5:d5:
                    0f:52:c9:08:4c:d1:e9:8b:12:79:68:bc:7a:89:f9:
                    59:61:0b:58:8e:55:62:5d:04:82:e1:52:58:13:8f:
                    60:31:06:b6:2c:0b:9a:90:9c:25:9e:cf:83:48:ac:
                    e1:42:81:3a:0a:cc:b4:73:7b:0c:95:aa:34:38:9f:
                    78:34:a2:bc:9f:5d:2a:52:79:75:c1:27:2e:55:37:
                    89:a7:f3:0a:c1:e5:ea:55:0b:c8:f2:ce:23:99:96:
                    41:0d:c0:86:63:a2:b3:10:f9:c6:a9:e7:32:9d:6e:
                    7d:ef:3e:28:4f:7e:b4:30:40:63:dc:ad:8a:ae:ad:
                    57:e9:31:55:03:0d:f5:f7:fe:f3:49:5a:93:31:be:
                    fd:3d:6d:69:24:16:0f:d6:8c:8b:29:ca:4f:d6:3c:
                    12:ca:80:c4:28:bb:e4:b9:6b:19:68:6e:e5:09:f0:
                    70:20:09:1e:41:84:50:7a:c0:e8:88:91:2a:97:f3:
                    ab:95:fc:c9:0d:8e:2f:b6:fe:73:25:e3:73:3b:2e:
                    fe:78:1a:95:fa:96:57:38:48:60:01:e8:2f:3d:ae:
                    75:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:DF:36:BB:3B:8B:AF:08:43:4C:79:05:A0:C1:66:57:BD:1F:1A:93
            X509v3 Authority Key Identifier:
                keyid:E9:B7:A1:DF:20:8C:75:B9:EB:30:3C:F8:83:CA:12:8E:A0:4F:C5:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91D8DCB/743F70C82F2C11E899D1E017C4F9AE02/6beh3yCMdbnrMDz4g8oSjqBPxQo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6beh3yCMdbnrMDz4g8oSjqBPxQo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8DCB/743F70C82F2C11E899D1E017C4F9AE02/6beh3yCMdbnrMDz4g8oSjqBPxQo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:97:5d:2a:f0:1f:ed:6d:5a:39:d4:21:5f:f4:cb:bd:79:c4:
         6a:29:1f:f2:24:00:ae:9b:07:f8:35:4f:87:d4:65:ef:ab:14:
         c1:a9:56:67:68:32:4c:9b:17:c5:f6:d7:b9:61:0d:9c:60:96:
         07:2e:18:35:8d:6a:81:04:93:74:55:4d:65:74:5a:71:6f:e4:
         e4:bf:64:34:23:52:60:bb:9c:8f:a5:fa:f4:63:d8:cf:b0:ed:
         4f:a3:6a:6c:97:17:6d:c1:91:0f:df:e1:24:64:e4:24:7f:2e:
         16:49:b6:06:a4:ca:f9:65:e8:58:71:4f:0c:e3:0c:75:09:00:
         79:ae:bd:72:ed:b0:d1:4f:b2:fd:f5:6e:bb:fe:3b:b2:e0:9b:
         16:d6:15:7a:b3:35:9b:d3:c6:c1:fc:03:0c:0c:c1:7b:d2:b3:
         0f:ae:3a:74:71:b6:57:3c:4b:23:25:a7:73:65:85:4a:19:4c:
         4a:1d:5d:54:78:b2:2e:80:d5:b9:c6:30:7a:58:36:b4:61:10:
         12:ac:1f:13:94:27:68:6c:57:f9:b9:65:86:d0:d7:bd:86:f6:
         02:ed:de:c8:92:e5:2f:1c:9f:4b:cf:80:82:16:ec:c9:26:7e:
         9f:9a:a5:b0:13:8e:73:14:9c:2e:a2:fd:db:e0:93:b3:df:c7:
         c7:e9:56:77
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICFYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDhEQ0IxMTAvBgNVBAUTKEU5QjdBMURGMjA4Qzc1QjlFQjMwM0NGODgzQ0ExMjhF
QTA0RkM1MEEwHhcNMjUwMzI4MTY1NDMzWhcNMjUwNDA0MTY1NDMzWjAYMRYwFAYD
VQQDEw02N2U2ZDQ0OS0yZjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx6P76TKzzwpgixg4XUjZUYpJJacCtOlX9YBj+J7NiIDGpys70B6duB875dUP
UskITNHpixJ5aLx6iflZYQtYjlViXQSC4VJYE49gMQa2LAuakJwlns+DSKzhQoE6
Csy0c3sMlao0OJ94NKK8n10qUnl1wScuVTeJp/MKweXqVQvI8s4jmZZBDcCGY6Kz
EPnGqecynW597z4oT360MEBj3K2Krq1X6TFVAw319/7zSVqTMb79PW1pJBYP1oyL
KcpP1jwSyoDEKLvkuWsZaG7lCfBwIAkeQYRQesDoiJEql/OrlfzJDY4vtv5zJeNz
Oy7+eBqV+pZXOEhgAegvPa51jwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFELfNrs7
i68IQ0x5BaDBZle9HxqTMB8GA1UdIwQYMBaAFOm3od8gjHW56zA8+IPKEo6gT8UK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOERDQi83NDNGNzBDODJG
MkMxMUU4OTlEMUUwMTdDNEY5QUUwMi82YmVoM3lDTWRibnJNRHo0ZzhvU2pxQlB4
UW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZiZWgzeUNNZGJuck1EejRnOG9TanFCUHhRby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
OERDQi83NDNGNzBDODJGMkMxMUU4OTlEMUUwMTdDNEY5QUUwMi82YmVoM3lDTWRi
bnJNRHo0ZzhvU2pxQlB4UW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQByl10q8B/tbVo51CFf9Mu9ecRqKR/yJACumwf4NU+H1GXvqxTBqVZn
aDJMmxfF9te5YQ2cYJYHLhg1jWqBBJN0VU1ldFpxb+Tkv2Q0I1Jgu5yPpfr0Y9jP
sO1Po2pslxdtwZEP3+EkZOQkfy4WSbYGpMr5ZehYcU8M4wx1CQB5rr1y7bDRT7L9
9W67/juy4JsW1hV6szWb08bB/AMMDMF70rMPrjp0cbZXPEsjJadzZYVKGUxKHV1U
eLIugNW5xjB6WDa0YRASrB8TlCdobFf5uWWG0Ne9hvYC7d7IkuUvHJ9Lz4CCFuzJ
Jn6fmqWwE45zFJwuov3b4JOz38fH6VZ3
-----END CERTIFICATE-----