Manifest

$ rpki-client -vvf rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.mft
File:                     5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.mft (raw, json)
Hash identifier:          ckswa5PGrFPmEPZdfigL/gudm36354BWRvPFRJVOEWg=
Subject key identifier:   28:07:FA:7D:4A:6F:71:5E:11:60:1F:4E:09:78:49:63:4E:AB:62:2B
Authority key identifier: 5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
Certificate issuer:       /CN=A91DD5100000/serialNumber=5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B
Certificate serial:       093333F86AD356493EB970947173C136F862EBA6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject info access:      rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.mft
Manifest number:          8C
Signing time:             Fri 28 Mar 2025 19:29:14 +0000
Manifest this update:     Fri 28 Mar 2025 19:24:14 +0000
Manifest next update:     Sat 29 Mar 2025 20:38:14 +0000
Files and hashes:         1: 34332e3235322e32302e302f32342d3234203d3e203134363138.roa (hash: XDDdDDTvhwuUQNA2Wh+VHuXm9Rtlz4RE52q366sMQs0=)
                          2: 5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl (hash: e6bTMZ73TNDJYr4iJIpgcJmdwm3sWzy9oR08VlYoi9Q=)
                          3: 34332e3235322e32332e302f32342d3234203d3e203230343733.roa (hash: yB5EmgFmuHkQmIMlBchYOj01Cdsu/d7o9oi4COpYtAE=)
                          4: 34332e3235322e32312e302f32342d3234203d3e203530333835.roa (hash: baGBWXcDrtK+cAVKGJBMAmZee53ol0gPCj9NO0O551w=)
                          5: 34332e3235322e32302e302f32342d3234203d3e203136353039.roa (hash: guQ1d9UBBlP30nZtQVeNl3psArLTSiYHfIbHiGyRYfA=)
                          6: 34332e3235322e32322e302f32342d3234203d3e203438323636.roa (hash: lh0a38K8JAllhrAcZvOqWh+3NCJyyj25skARvaE+EWo=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:33:33:f8:6a:d3:56:49:3e:b9:70:94:71:73:c1:36:f8:62:eb:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DD5100000
        Validity
            Not Before: Mar 28 19:24:14 2025 GMT
            Not After : Mar 29 20:38:14 2025 GMT
        Subject: CN=2807FA7D4A6F715E11601F4E097849634EAB622B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:a8:57:d3:9b:df:2c:04:e7:fb:3d:5a:f3:62:
                    25:b9:b3:d0:a4:3b:bd:f5:96:54:cf:4c:b7:e9:16:
                    ec:27:63:1b:4e:f5:81:38:c5:c6:a3:a8:99:54:c2:
                    56:db:9c:71:77:3a:54:bb:43:de:0c:1b:83:3a:f8:
                    4e:82:e2:b9:d8:3a:d1:dd:d4:a4:b4:8d:02:a9:c9:
                    3b:53:b7:9b:81:7a:a3:8d:89:d2:4c:41:19:37:20:
                    42:9b:26:3e:30:e1:66:d3:d3:b1:56:bc:90:74:e9:
                    50:bd:01:93:f6:31:51:fe:9c:a2:26:74:a5:e7:f0:
                    a4:83:ac:c5:fd:2d:c7:cb:b5:25:f6:8e:ef:07:c8:
                    dd:58:b4:83:eb:ec:1d:69:e3:a4:49:92:a9:d4:cc:
                    29:82:25:b4:bb:f6:53:bc:da:4a:26:41:d6:71:1a:
                    8b:75:92:38:9b:ec:d0:22:0d:4d:ea:34:28:14:e2:
                    cd:8c:e7:51:b6:43:40:b6:34:40:db:08:2d:f9:77:
                    aa:14:41:0d:f6:62:22:ed:eb:d8:c0:2b:8c:9f:25:
                    9d:c6:94:04:54:a2:21:af:5d:fd:c7:5b:48:11:fd:
                    bc:ec:07:de:3d:ea:53:da:ed:5a:f7:39:b4:f4:62:
                    fa:81:fa:e2:2d:46:c8:40:bd:9a:3c:df:0c:3b:fa:
                    f9:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:07:FA:7D:4A:6F:71:5E:11:60:1F:4E:09:78:49:63:4E:AB:62:2B
            X509v3 Authority Key Identifier:
                keyid:5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:73:30:1e:06:12:19:bc:1b:9d:dd:ed:b8:99:27:b4:ac:4a:
         8d:7a:74:7c:85:7c:c8:ec:e5:45:84:3d:1f:7d:51:69:e6:8f:
         7e:3a:14:61:d6:e3:54:bb:0f:fe:13:ec:10:cf:8b:18:9c:29:
         fb:b0:f9:2b:44:1b:27:ac:e4:9a:7a:a3:b4:a7:0e:24:8a:dc:
         11:8e:94:40:06:2f:26:68:0f:0a:e2:9d:e1:a5:4e:f5:c4:d3:
         42:9e:80:4b:bb:dd:35:51:43:3c:fa:01:8a:ec:61:28:0c:2c:
         e8:e2:38:76:f9:48:96:c2:fa:42:1f:99:59:04:3b:67:67:e6:
         f1:46:fd:bd:49:ab:5b:ff:f9:16:31:76:0d:bf:74:32:ed:ce:
         c2:24:98:2b:bf:67:03:ad:0b:aa:09:ec:27:a1:9e:35:51:97:
         89:cf:a9:aa:ae:c1:d4:b2:4e:bc:73:3d:3d:93:1d:9c:0b:fd:
         26:28:6a:80:e3:7a:6a:ff:43:3c:97:51:5e:40:b3:6e:c1:15:
         00:94:af:25:84:62:48:b9:71:a8:7f:7e:e0:dd:55:81:73:77:
         fa:3f:c5:61:8b:cc:99:76:a9:7c:55:92:94:bc:81:9e:d0:06:
         40:3c:d4:fd:b5:29:c7:37:c9:17:69:db:f6:8a:79:d5:60:ad:
         1f:bf:7f:d6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUCTMz+GrTVkk+uXCUcXPBNvhi66YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxREQ1MTAwMDAwMTEwLwYDVQQFEyg1RDcwN0IwRDM1
Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCMB4XDTI1MDMyODE5MjQxNFoX
DTI1MDMyOTIwMzgxNFowMzExMC8GA1UEAxMoMjgwN0ZBN0Q0QTZGNzE1RTExNjAx
RjRFMDk3ODQ5NjM0RUFCNjIyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGoV9Ob3ywE5/s9WvNiJbmz0KQ7vfWWVM9Mt+kW7CdjG071gTjFxqOomVTC
VtuccXc6VLtD3gwbgzr4ToLiudg60d3UpLSNAqnJO1O3m4F6o42J0kxBGTcgQpsm
PjDhZtPTsVa8kHTpUL0Bk/YxUf6coiZ0pefwpIOsxf0tx8u1JfaO7wfI3Vi0g+vs
HWnjpEmSqdTMKYIltLv2U7zaSiZB1nEai3WSOJvs0CINTeo0KBTizYznUbZDQLY0
QNsILfl3qhRBDfZiIu3r2MArjJ8lncaUBFSiIa9d/cdbSBH9vOwH3j3qU9rtWvc5
tPRi+oH64i1GyEC9mjzfDDv6+aECAwEAAaOCAhswggIXMB0GA1UdDgQWBBQoB/p9
Sm9xXhFgH04JeEljTqtiKzAfBgNVHSMEGDAWgBRdcHsNNWliJDK0vcv9Mg+ai23c
ezAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFERDUxMDAwMDAvMC81RDcwN0Iw
RDM1Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9YWEI3RFRWcFlp
UXl0TDNMX1RJUG1vdHQzSHMuY2VyMH0GCCsGAQUFBwELBHEwbzBtBggrBgEFBQcw
C4ZhcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFERDUx
MDAwMDAvMC81RDcwN0IwRDM1Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdC
Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIw
EDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG
9w0BAQsFAAOCAQEAaXMwHgYSGbwbnd3tuJkntKxKjXp0fIV8yOzlRYQ9H31RaeaP
fjoUYdbjVLsP/hPsEM+LGJwp+7D5K0QbJ6zkmnqjtKcOJIrcEY6UQAYvJmgPCuKd
4aVO9cTTQp6AS7vdNVFDPPoBiuxhKAws6OI4dvlIlsL6Qh+ZWQQ7Z2fm8Ub9vUmr
W//5FjF2Db90Mu3OwiSYK79nA60LqgnsJ6GeNVGXic+pqq7B1LJOvHM9PZMdnAv9
JihqgON6av9DPJdRXkCzbsEVAJSvJYRiSLlxqH9+4N1VgXN3+j/FYYvMmXapfFWS
lLyBntAGQDzU/bUpxzfJF2nb9op51WCtH79/1g==
-----END CERTIFICATE-----