Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.mft
File:                     g86FOnpm6rnh8jNGcR09yX1XWXg.mft (raw, json)
Hash identifier:          h2oXeKLwvj9zb7ARJqAXVgTIDzMiwt10Ff6Z4aiLRKI=
Subject key identifier:   13:1D:2A:EA:A5:86:BB:24:86:42:11:3E:AD:2D:F3:C2:08:81:6B:46
Authority key identifier: 83:CE:85:3A:7A:66:EA:B9:E1:F2:33:46:71:1D:3D:C9:7D:57:59:78
Certificate issuer:       /CN=A91E9BC4/serialNumber=83CE853A7A66EAB9E1F23346711D3DC97D575978
Certificate serial:       0E14
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g86FOnpm6rnh8jNGcR09yX1XWXg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.mft
Manifest number:          0E0B
Signing time:             Fri 28 Mar 2025 17:57:03 +0000
Manifest this update:     Fri 28 Mar 2025 17:57:02 +0000
Manifest next update:     Fri 04 Apr 2025 17:57:02 +0000
Files and hashes:         1: g86FOnpm6rnh8jNGcR09yX1XWXg.crl (hash: 8mU8nTgmHAIB60cTfWv76in8rnA3AFqARwuWF6p5uw8=)
                          2: 3B495FFCA46211E9B730310FC4F9AE02.roa (hash: 9CcirKqxpdNHPxtXI8/MHTjJYP2t94IiPdFAh8Rx4sE=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3604 (0xe14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E9BC4
        Validity
            Not Before: Mar 28 17:57:02 2025 GMT
            Not After : Apr  4 17:57:02 2025 GMT
        Subject: CN=67e6e2ee-fde6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:fe:ba:c8:a2:27:40:d3:b8:0f:37:c0:7a:27:
                    9e:ab:79:04:43:98:9b:7f:f4:ea:e3:79:9b:cd:7f:
                    2f:ab:86:31:f5:5a:56:18:10:4d:93:2f:1f:85:60:
                    24:f4:ae:79:e9:df:8f:66:f6:15:93:22:e0:71:05:
                    b4:cd:06:72:7a:d9:7d:24:94:fb:b9:af:8c:15:05:
                    d1:d3:a0:ff:d6:ea:09:b2:f5:67:28:f7:c8:68:8a:
                    d6:6a:b9:a2:d8:5b:83:a9:81:62:dc:90:3b:c3:4b:
                    2c:db:5e:4b:b0:5a:22:50:c9:62:ec:bb:b3:a2:b7:
                    1b:72:fe:10:be:62:cd:56:c3:8d:03:0c:3c:a6:1d:
                    aa:54:33:6f:2a:f5:d8:89:f9:72:82:04:ea:69:83:
                    6e:a2:30:14:3c:42:e9:89:72:06:3d:de:12:0f:e6:
                    af:12:ba:5d:4b:cd:b8:94:c8:7f:09:5a:07:54:99:
                    34:66:39:fa:e7:1f:b1:92:ec:36:3f:fd:cb:dc:63:
                    37:d4:9e:28:97:2a:8c:8b:42:01:4a:ec:e2:db:9e:
                    6f:46:24:4b:00:a0:99:cf:87:1e:73:e1:c6:d9:17:
                    c3:0a:44:76:02:f4:59:19:50:3a:69:ee:23:e1:94:
                    e2:c4:5d:e9:63:da:78:32:12:df:af:0c:29:90:d4:
                    c8:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:1D:2A:EA:A5:86:BB:24:86:42:11:3E:AD:2D:F3:C2:08:81:6B:46
            X509v3 Authority Key Identifier:
                keyid:83:CE:85:3A:7A:66:EA:B9:E1:F2:33:46:71:1D:3D:C9:7D:57:59:78

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g86FOnpm6rnh8jNGcR09yX1XWXg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:9c:dd:02:4b:fc:5d:07:e2:d8:10:f1:3e:45:54:40:c8:97:
         54:5b:99:b5:0b:f3:37:ce:14:3f:47:51:e1:78:56:34:fd:3a:
         c2:4b:8b:07:bb:99:26:04:7e:56:83:0f:e0:3a:67:05:90:9e:
         0b:b2:53:17:77:af:e8:cc:a8:e6:8f:1b:d0:3b:24:5f:23:6b:
         b2:4a:90:b2:21:6c:30:f4:40:4d:b5:11:d5:f8:46:88:d8:0b:
         fe:c2:4a:ae:d9:b6:b7:56:51:18:3d:9b:ea:d5:06:f8:f9:72:
         c1:e6:70:29:a6:bf:30:57:c7:f3:27:4b:33:fb:70:0e:84:ad:
         d3:26:73:cc:aa:8d:3a:68:b9:8e:b4:57:8a:84:64:50:62:eb:
         1c:57:f4:26:df:f6:d1:db:73:3d:19:30:74:72:fb:bc:f3:f1:
         f2:70:56:d4:d5:f3:85:93:8a:34:dc:84:7c:44:d5:cb:50:60:
         57:8d:34:bb:4c:76:28:96:d8:b4:32:96:eb:c6:cc:91:81:11:
         64:71:c6:dd:d8:38:15:16:90:6b:aa:59:7a:8b:c4:c4:e1:42:
         50:2d:67:58:83:2b:ed:e2:2e:b3:8a:53:c8:a6:10:50:39:ba:
         17:e8:28:1c:5a:a8:81:67:02:df:d1:da:07:ad:8e:1b:cf:53:
         ff:38:3e:e3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDhQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTlCQzQxMTAvBgNVBAUTKDgzQ0U4NTNBN0E2NkVBQjlFMUYyMzM0NjcxMUQzREM5
N0Q1NzU5NzgwHhcNMjUwMzI4MTc1NzAyWhcNMjUwNDA0MTc1NzAyWjAYMRYwFAYD
VQQDEw02N2U2ZTJlZS1mZGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7/66yKInQNO4DzfAeieeq3kEQ5ibf/Tq43mbzX8vq4Yx9VpWGBBNky8fhWAk
9K556d+PZvYVkyLgcQW0zQZyetl9JJT7ua+MFQXR06D/1uoJsvVnKPfIaIrWarmi
2FuDqYFi3JA7w0ss215LsFoiUMli7Luzorcbcv4QvmLNVsONAww8ph2qVDNvKvXY
iflyggTqaYNuojAUPELpiXIGPd4SD+avErpdS824lMh/CVoHVJk0Zjn65x+xkuw2
P/3L3GM31J4olyqMi0IBSuzi255vRiRLAKCZz4cec+HG2RfDCkR2AvRZGVA6ae4j
4ZTixF3pY9p4MhLfrwwpkNTI2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBMdKuql
hrskhkIRPq0t88IIgWtGMB8GA1UdIwQYMBaAFIPOhTp6Zuq54fIzRnEdPcl9V1l4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUJDNC85MkU4MjFGMEE0
NjAxMUU5ODEwQTVDMEJDNEY5QUUwMi9nODZGT25wbTZybmg4ak5HY1IwOXlYMVhX
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c4NkZPbnBtNnJuaDhqTkdjUjA5eVgxWFdYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OUJDNC85MkU4MjFGMEE0NjAxMUU5ODEwQTVDMEJDNEY5QUUwMi9nODZGT25wbTZy
bmg4ak5HY1IwOXlYMVhXWGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBQnN0CS/xdB+LYEPE+RVRAyJdUW5m1C/M3zhQ/R1HheFY0/TrCS4sH
u5kmBH5Wgw/gOmcFkJ4LslMXd6/ozKjmjxvQOyRfI2uySpCyIWww9EBNtRHV+EaI
2Av+wkqu2ba3VlEYPZvq1Qb4+XLB5nAppr8wV8fzJ0sz+3AOhK3TJnPMqo06aLmO
tFeKhGRQYuscV/Qm3/bR23M9GTB0cvu88/HycFbU1fOFk4o03IR8RNXLUGBXjTS7
THYolti0MpbrxsyRgRFkccbd2DgVFpBrqll6i8TE4UJQLWdYgyvt4i6zilPIphBQ
OboX6CgcWqiBZwLf0doHrY4bz1P/OD7j
-----END CERTIFICATE-----