Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft
File:                     tDpaYNRoBqaf_vfGdiGexLqLo20.mft (raw, json)
Hash identifier:          RF1Cq2z5/spACkl0zQhQ9+6fVDt2slqC4N/M/XiiWL4=
Subject key identifier:   56:2E:B2:BA:7D:6E:62:8F:0B:EF:B1:EC:45:70:89:E4:32:1A:DC:E7
Authority key identifier: B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D
Certificate issuer:       /CN=A91E2AE5/serialNumber=B43A5A60D46806A69FFEF7C676219EC4BA8BA36D
Certificate serial:       2B70
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft
Manifest number:          2B4C
Signing time:             Fri 28 Mar 2025 15:38:55 +0000
Manifest this update:     Fri 28 Mar 2025 15:38:55 +0000
Manifest next update:     Fri 04 Apr 2025 15:38:54 +0000
Files and hashes:         1: tDpaYNRoBqaf_vfGdiGexLqLo20.crl (hash: KjnYmUuoWHIyCK/ULq1k7ir14HoWeWez6ka6XAyeZR4=)
                          2: 2815E7D4BF4211E9A93A3957C4F9AE02.roa (hash: q2QK7nleDfVKJdydH1BhBELt50ggXZGsQHTMsb+GgzQ=)
                          3: 43487B18BF1811E9A2C00E63C4F9AE02.roa (hash: R7GiqDFWTFG5/KzmRDTnU8CgA9M5hlMTeWah7zEstzM=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11120 (0x2b70)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E2AE5
        Validity
            Not Before: Mar 28 15:38:55 2025 GMT
            Not After : Apr  4 15:38:54 2025 GMT
        Subject: CN=67e6c28f-c908
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:d1:fd:6e:52:88:24:ba:ac:eb:89:e2:35:06:
                    f7:77:6d:f9:fd:e1:54:f9:a5:43:93:fd:3d:28:fe:
                    f7:6b:8a:3c:df:35:2a:de:89:20:60:9a:86:7e:8d:
                    bc:1c:25:b1:ea:67:a5:a3:75:1a:89:bb:a3:f9:cb:
                    2b:47:e3:38:df:80:ca:04:05:82:77:59:18:ac:d6:
                    42:cd:90:a1:97:19:db:78:74:1f:29:52:11:64:db:
                    c3:7f:6f:5a:86:1d:f2:fd:79:a7:7b:c5:82:19:42:
                    83:48:17:be:43:1b:db:a6:3f:de:01:b1:07:71:38:
                    ea:64:cc:32:6c:04:ba:b2:0c:33:96:f6:63:dc:50:
                    52:db:68:58:81:2a:3e:4a:c0:a5:cb:99:25:33:d8:
                    2b:74:a7:6c:61:73:78:6b:7f:34:e6:84:ce:f5:0b:
                    27:35:5a:fa:59:61:0f:27:3a:56:0d:84:92:13:e6:
                    1f:9a:fc:fc:50:05:7b:bc:bb:44:17:df:5b:82:98:
                    c1:34:d6:35:ec:ae:45:84:56:1d:c0:70:ef:b6:02:
                    cd:04:22:47:36:41:b1:df:e4:94:73:1e:91:97:59:
                    8e:b7:a9:eb:75:ba:9d:d9:ac:44:cb:66:86:b7:4b:
                    23:05:b9:0b:34:89:d1:3d:55:4a:ca:9f:f0:07:65:
                    4f:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:2E:B2:BA:7D:6E:62:8F:0B:EF:B1:EC:45:70:89:E4:32:1A:DC:E7
            X509v3 Authority Key Identifier:
                keyid:B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:25:0c:8e:3c:62:19:c5:35:30:30:01:80:ba:aa:e3:ef:cc:
         c2:e1:a5:c3:dc:9a:b4:7c:e0:b3:c3:d4:f1:86:ce:04:60:de:
         a0:46:d7:09:28:21:8b:2c:14:41:c6:34:e3:9b:40:2c:87:e3:
         c1:da:30:fc:53:49:f1:4a:d1:97:d0:85:29:61:e5:d4:46:9b:
         5a:82:2b:c4:f7:7f:cb:1a:3c:f1:9c:2a:c9:9f:26:77:4a:bc:
         da:6d:54:49:57:85:28:15:84:60:3e:fb:38:c4:b2:26:a4:92:
         49:d7:f0:eb:9e:cb:a4:08:20:a9:97:8f:b0:8d:74:82:c1:3d:
         ee:7b:cf:be:74:0d:29:4d:62:10:cd:e4:b4:28:e8:13:82:8c:
         ae:ab:c5:70:06:4c:c8:ed:e5:d7:52:a1:fc:d9:55:ba:8b:8f:
         87:f1:e6:8b:60:51:12:c2:6e:39:08:12:27:21:c9:b8:cf:28:
         c9:5e:1d:fe:d8:1a:4f:9e:8f:3a:0d:85:52:8c:71:13:37:81:
         53:f7:88:3c:7d:ac:28:e8:49:88:4c:55:ea:5d:49:49:4d:57:
         c5:cb:bd:21:f5:c6:db:c0:e0:c0:66:fb:da:aa:89:d0:89:59:
         e1:1e:f5:b6:d2:b2:c7:cc:a4:ed:f2:03:10:20:1c:ba:a7:3f:
         0c:4a:11:a6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICK3AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTJBRTUxMTAvBgNVBAUTKEI0M0E1QTYwRDQ2ODA2QTY5RkZFRjdDNjc2MjE5RUM0
QkE4QkEzNkQwHhcNMjUwMzI4MTUzODU1WhcNMjUwNDA0MTUzODU0WjAYMRYwFAYD
VQQDEw02N2U2YzI4Zi1jOTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAydH9blKIJLqs64niNQb3d235/eFU+aVDk/09KP73a4o83zUq3okgYJqGfo28
HCWx6melo3Uaibuj+csrR+M434DKBAWCd1kYrNZCzZChlxnbeHQfKVIRZNvDf29a
hh3y/Xmne8WCGUKDSBe+Qxvbpj/eAbEHcTjqZMwybAS6sgwzlvZj3FBS22hYgSo+
SsCly5klM9grdKdsYXN4a3805oTO9QsnNVr6WWEPJzpWDYSSE+Yfmvz8UAV7vLtE
F99bgpjBNNY17K5FhFYdwHDvtgLNBCJHNkGx3+SUcx6Rl1mOt6nrdbqd2axEy2aG
t0sjBbkLNInRPVVKyp/wB2VPBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFYusrp9
bmKPC++x7EVwieQyGtznMB8GA1UdIwQYMBaAFLQ6WmDUaAamn/73xnYhnsS6i6Nt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkFFNS84RDNFNTRFQUVE
NTkxMUUzQjA5MDExOTI1OTExRUEzMi90RHBhWU5Sb0JxYWZfdmZHZGlHZXhMcUxv
MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3REcGFZTlJvQnFhZl92ZkdkaUdleExxTG8yMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MkFFNS84RDNFNTRFQUVENTkxMUUzQjA5MDExOTI1OTExRUEzMi90RHBhWU5Sb0Jx
YWZfdmZHZGlHZXhMcUxvMjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAbJQyOPGIZxTUwMAGAuqrj78zC4aXD3Jq0fOCzw9Txhs4EYN6gRtcJ
KCGLLBRBxjTjm0Ash+PB2jD8U0nxStGX0IUpYeXURptagivE93/LGjzxnCrJnyZ3
SrzabVRJV4UoFYRgPvs4xLImpJJJ1/DrnsukCCCpl4+wjXSCwT3ue8++dA0pTWIQ
zeS0KOgTgoyuq8VwBkzI7eXXUqH82VW6i4+H8eaLYFESwm45CBInIcm4zyjJXh3+
2BpPno86DYVSjHETN4FT94g8fawo6EmITFXqXUlJTVfFy70h9cbbwODAZvvaqonQ
iVnhHvW20rLHzKTt8gMQIBy6pz8MShGm
-----END CERTIFICATE-----