Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91F65E4/793973204D0011E8A026E14AC4F9AE02/h8o5SM4cy-GiBMX4DbQwQQmoMXw.mft
File:                     h8o5SM4cy-GiBMX4DbQwQQmoMXw.mft (raw, json)
Hash identifier:          xfKWMoXsxIqMoctuCaXsZXpiJDlI10yTARYlHK1eYqs=
Subject key identifier:   AD:E6:60:7B:98:59:74:A5:80:A1:FD:EC:4D:B6:22:53:5F:30:59:EE
Authority key identifier: 87:CA:39:48:CE:1C:CB:E1:A2:04:C5:F8:0D:B4:30:41:09:A8:31:7C
Certificate issuer:       /CN=A91F65E4/serialNumber=87CA3948CE1CCBE1A204C5F80DB4304109A8317C
Certificate serial:       14F2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h8o5SM4cy-GiBMX4DbQwQQmoMXw.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91F65E4/793973204D0011E8A026E14AC4F9AE02/h8o5SM4cy-GiBMX4DbQwQQmoMXw.mft
Manifest number:          14E3
Signing time:             Fri 28 Mar 2025 16:56:50 +0000
Manifest this update:     Fri 28 Mar 2025 16:56:50 +0000
Manifest next update:     Fri 04 Apr 2025 16:56:50 +0000
Files and hashes:         1: h8o5SM4cy-GiBMX4DbQwQQmoMXw.crl (hash: //jghIWD3zEEn3/1YZe54LrFNWu/dSxb/2JesQSW5CA=)
                          2: 4A7E3036340811ED9D3D7620C4F9AE02.roa (hash: tzptSWrCu7leujBpAxl0r7s1OXoHlY5rMMlXgr5Raxw=)
                          3: F0326FAE4D0011E8A24EE324C4F9AE02.roa (hash: CYK+uI2bxtOr291BnZawHgoP/6miR+B6epnu6Vsoz0Y=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5362 (0x14f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F65E4
        Validity
            Not Before: Mar 28 16:56:50 2025 GMT
            Not After : Apr  4 16:56:50 2025 GMT
        Subject: CN=67e6d4d2-c2c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:fb:7c:69:f7:8d:39:e7:5f:b5:fb:4f:ae:d6:
                    4d:5c:45:36:85:73:25:fb:9e:8e:17:7d:3c:2c:4a:
                    9a:f6:ac:61:ea:d1:0f:ec:c1:ab:29:4c:59:e1:67:
                    40:26:56:d9:4f:2a:9d:8c:01:7a:f1:37:30:6c:00:
                    a4:1b:2e:11:50:07:4a:c0:45:4a:b6:e8:78:4d:69:
                    b6:a1:47:c4:41:40:bf:af:6d:21:f8:ab:ac:a6:11:
                    d7:26:9a:9e:7d:7c:0b:f0:76:6f:2e:44:70:cb:e0:
                    0b:c0:66:08:e8:86:93:6e:23:0e:b7:e2:0c:42:09:
                    01:b6:d1:97:4f:c0:0e:1f:5d:7d:1f:76:65:36:80:
                    ca:1f:2c:ca:75:e5:88:15:b7:cb:17:61:5a:5f:7f:
                    3a:04:1c:a8:43:75:ba:d7:4f:68:d0:be:33:49:1e:
                    a4:15:1d:38:f6:27:74:74:55:79:d9:4f:21:60:be:
                    cb:0b:5d:8c:23:dc:5c:1a:a3:c3:35:31:35:91:83:
                    7c:a4:7a:ed:a6:b3:8a:46:dd:ea:9d:7d:56:7e:db:
                    9d:00:aa:a0:31:df:9b:a2:ce:61:47:5d:ed:8e:3c:
                    4a:48:4d:98:36:15:a1:a0:c2:0e:38:39:cf:fa:48:
                    6a:2f:eb:63:62:12:11:e7:6e:63:f8:35:0e:ea:05:
                    e1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:E6:60:7B:98:59:74:A5:80:A1:FD:EC:4D:B6:22:53:5F:30:59:EE
            X509v3 Authority Key Identifier:
                keyid:87:CA:39:48:CE:1C:CB:E1:A2:04:C5:F8:0D:B4:30:41:09:A8:31:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91F65E4/793973204D0011E8A026E14AC4F9AE02/h8o5SM4cy-GiBMX4DbQwQQmoMXw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h8o5SM4cy-GiBMX4DbQwQQmoMXw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F65E4/793973204D0011E8A026E14AC4F9AE02/h8o5SM4cy-GiBMX4DbQwQQmoMXw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:11:38:69:b0:00:58:1d:f4:b4:75:e7:6a:8a:3f:ba:67:b2:
         a4:e3:3f:c5:25:5d:51:07:e4:e3:4a:cb:4a:fc:a1:cc:94:21:
         2e:ac:2b:46:94:70:2f:b3:6d:e4:25:77:c3:1a:e6:c1:42:7e:
         93:62:a1:6d:90:34:f5:e6:eb:0f:5e:83:8c:b9:1a:3a:8d:b0:
         8f:23:36:81:2d:ec:21:5a:e5:ff:f4:8c:e6:b7:2a:12:fd:6d:
         23:f1:41:bf:42:75:0b:58:bd:40:d7:8e:cb:99:b1:d9:48:c7:
         10:0b:07:9a:a1:d3:b0:f7:6f:c9:19:cc:0c:47:1b:52:b5:ec:
         dc:d4:4b:89:aa:5b:64:76:c9:d1:2e:0b:62:55:0f:73:f5:eb:
         3f:91:c0:a2:6a:a2:9e:e8:3a:2a:fb:50:0d:17:0e:ee:1f:fc:
         6e:cf:d6:a7:54:39:57:52:8d:6d:5b:6b:aa:2f:85:7e:56:52:
         89:3e:a4:c8:ae:55:35:12:ff:95:b5:28:2e:dc:61:e6:fc:50:
         03:88:48:81:5d:69:e7:2a:0d:db:0f:49:36:99:36:4d:41:76:
         6c:6f:72:ca:4e:d1:d0:84:05:54:5f:ee:62:96:17:8e:8c:6a:
         94:82:ce:80:4e:fe:6f:a2:86:c1:65:3e:66:13:ca:09:88:4f:
         d1:3a:ad:0a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICFPIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjY1RTQxMTAvBgNVBAUTKDg3Q0EzOTQ4Q0UxQ0NCRTFBMjA0QzVGODBEQjQzMDQx
MDlBODMxN0MwHhcNMjUwMzI4MTY1NjUwWhcNMjUwNDA0MTY1NjUwWjAYMRYwFAYD
VQQDEw02N2U2ZDRkMi1jMmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqvt8afeNOedftftPrtZNXEU2hXMl+56OF308LEqa9qxh6tEP7MGrKUxZ4WdA
JlbZTyqdjAF68TcwbACkGy4RUAdKwEVKtuh4TWm2oUfEQUC/r20h+KusphHXJpqe
fXwL8HZvLkRwy+ALwGYI6IaTbiMOt+IMQgkBttGXT8AOH119H3ZlNoDKHyzKdeWI
FbfLF2FaX386BByoQ3W6109o0L4zSR6kFR049id0dFV52U8hYL7LC12MI9xcGqPD
NTE1kYN8pHrtprOKRt3qnX1WftudAKqgMd+bos5hR13tjjxKSE2YNhWhoMIOODnP
+khqL+tjYhIR525j+DUO6gXhsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK3mYHuY
WXSlgKH97E22IlNfMFnuMB8GA1UdIwQYMBaAFIfKOUjOHMvhogTF+A20MEEJqDF8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjVFNC83OTM5NzMyMDRE
MDAxMUU4QTAyNkUxNEFDNEY5QUUwMi9oOG81U000Y3ktR2lCTVg0RGJRd1FRbW9N
WHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2g4bzVTTTRjeS1HaUJNWDREYlF3UVFtb01Ydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NjVFNC83OTM5NzMyMDREMDAxMUU4QTAyNkUxNEFDNEY5QUUwMi9oOG81U000Y3kt
R2lCTVg0RGJRd1FRbW9NWHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC1EThpsABYHfS0dedqij+6Z7Kk4z/FJV1RB+TjSstK/KHMlCEurCtG
lHAvs23kJXfDGubBQn6TYqFtkDT15usPXoOMuRo6jbCPIzaBLewhWuX/9IzmtyoS
/W0j8UG/QnULWL1A147LmbHZSMcQCweaodOw92/JGcwMRxtStezc1EuJqltkdsnR
LgtiVQ9z9es/kcCiaqKe6Doq+1ANFw7uH/xuz9anVDlXUo1tW2uqL4V+VlKJPqTI
rlU1Ev+VtSgu3GHm/FADiEiBXWnnKg3bD0k2mTZNQXZsb3LKTtHQhAVUX+5ilheO
jGqUgs6ATv5voobBZT5mE8oJiE/ROq0K
-----END CERTIFICATE-----