Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft
File:                     uko-NN2arQAtSR0TxciM5c3Jk6o.mft (raw, json)
Hash identifier:          kYmTeRMrDYOCxArUjBcLs8JQ6HNnMyX/SQXcF4RlqlE=
Subject key identifier:   BB:C9:6C:1A:3F:48:CC:C1:D7:8D:4E:E6:70:16:6F:54:DA:DB:CD:29
Authority key identifier: BA:4A:3E:34:DD:9A:AD:00:2D:49:1D:13:C5:C8:8C:E5:CD:C9:93:AA
Certificate issuer:       /CN=A9142127/serialNumber=BA4A3E34DD9AAD002D491D13C5C88CE5CDC993AA
Certificate serial:       0A90
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uko-NN2arQAtSR0TxciM5c3Jk6o.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft
Manifest number:          0A8B
Signing time:             Fri 28 Mar 2025 19:47:19 +0000
Manifest this update:     Fri 28 Mar 2025 19:47:19 +0000
Manifest next update:     Fri 04 Apr 2025 19:47:19 +0000
Files and hashes:         1: uko-NN2arQAtSR0TxciM5c3Jk6o.crl (hash: CvoLp6JuYRknJJ1TYLc9rHoY4MVmN5SPVKZ0LPmUjGw=)
                          2: 2FCB8FBA56DC11EA8D75187CC4F9AE02.roa (hash: le6qjqCzgyimHjECGdiCiB7624kiepl1Husd+YnK6FA=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2704 (0xa90)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9142127
        Validity
            Not Before: Mar 28 19:47:19 2025 GMT
            Not After : Apr  4 19:47:19 2025 GMT
        Subject: CN=67e6fcc7-7e69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:86:72:44:56:01:5e:9b:1f:17:85:3b:5f:12:
                    d6:c1:44:81:2b:53:d4:1d:75:81:4d:c4:74:73:ec:
                    b2:a9:7d:40:26:ef:e7:e0:90:57:21:39:91:36:52:
                    2e:af:05:4b:39:85:2e:88:ad:43:7d:33:10:3d:58:
                    55:ec:c9:eb:53:06:8b:9e:a0:83:1d:f5:a0:35:ce:
                    b9:e4:9c:41:2f:85:a6:d8:9a:e9:e2:68:3a:9e:a1:
                    82:e5:dd:c9:ef:f5:9f:bb:60:e6:3d:e3:ec:c3:32:
                    59:e8:55:fe:06:09:d7:07:17:e3:e5:e9:e1:a0:64:
                    53:45:10:9c:3f:16:eb:15:24:e1:45:b0:1c:d4:b0:
                    a3:d1:a4:71:bd:0a:d2:54:1d:32:bb:35:84:3d:e0:
                    5d:76:08:23:41:39:b8:c3:12:5e:23:d9:b4:de:56:
                    fd:a9:b0:c7:65:9b:ad:01:55:9a:87:ca:67:a5:33:
                    02:5b:35:18:69:fd:9f:62:bb:82:04:83:30:7d:35:
                    7c:a2:c1:8a:24:21:79:b9:d2:88:91:9e:ec:4b:cf:
                    0b:1e:39:6e:20:7c:64:7d:24:b1:01:6a:71:e4:71:
                    9d:a3:c6:98:ae:ba:63:e5:cb:98:c8:ef:cd:a6:78:
                    c7:c2:de:06:38:47:51:5b:a1:cb:ca:af:41:1a:44:
                    0d:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:C9:6C:1A:3F:48:CC:C1:D7:8D:4E:E6:70:16:6F:54:DA:DB:CD:29
            X509v3 Authority Key Identifier:
                keyid:BA:4A:3E:34:DD:9A:AD:00:2D:49:1D:13:C5:C8:8C:E5:CD:C9:93:AA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/uko-NN2arQAtSR0TxciM5c3Jk6o.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142127/337FBA44546D11EABDD3C117C4F9AE02/uko-NN2arQAtSR0TxciM5c3Jk6o.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:12:85:a9:4a:4b:1e:52:f4:b8:17:96:e9:85:f1:e0:92:5f:
         2d:40:84:c1:77:ea:6b:e5:40:98:90:25:e8:15:c1:13:79:45:
         37:ff:ce:56:ec:4e:f8:de:bd:b6:37:cd:dc:e9:bb:a0:c4:80:
         6f:79:3b:16:f8:7a:2d:a5:9e:74:fa:4f:fc:5d:dc:02:a1:10:
         a3:c7:7e:56:bf:54:51:89:fe:91:ba:63:2b:8a:85:3e:b7:d0:
         05:f7:d4:46:e9:ac:61:83:31:2a:b8:cf:ca:40:f8:60:45:73:
         1e:de:78:a9:8d:22:b3:fa:3e:eb:83:fa:68:e5:df:c8:a0:62:
         bf:75:95:d7:43:6a:5e:ab:61:78:7c:81:bf:31:f7:ff:c9:6c:
         a6:d4:7f:45:63:f3:e9:46:52:56:d1:3d:98:11:13:8d:08:06:
         fa:00:0b:ce:57:d6:23:09:9d:5d:51:30:0e:23:2e:e8:65:e8:
         4a:7d:40:2c:62:cb:7a:a8:ba:38:df:c4:55:c3:68:c9:98:ec:
         08:f5:6c:8a:4a:8b:91:a1:91:ab:ea:25:33:f8:4c:d6:51:93:
         dd:c8:ba:95:47:bf:a6:c3:00:78:38:17:a9:bc:40:c2:7d:a0:
         d2:2f:fd:2d:0a:ab:b7:a9:b2:74:05:5c:e4:34:e6:28:8c:dd:
         4d:8e:98:04
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCpAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDIxMjcxMTAvBgNVBAUTKEJBNEEzRTM0REQ5QUFEMDAyRDQ5MUQxM0M1Qzg4Q0U1
Q0RDOTkzQUEwHhcNMjUwMzI4MTk0NzE5WhcNMjUwNDA0MTk0NzE5WjAYMRYwFAYD
VQQDEw02N2U2ZmNjNy03ZTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA14ZyRFYBXpsfF4U7XxLWwUSBK1PUHXWBTcR0c+yyqX1AJu/n4JBXITmRNlIu
rwVLOYUuiK1DfTMQPVhV7MnrUwaLnqCDHfWgNc655JxBL4Wm2Jrp4mg6nqGC5d3J
7/Wfu2DmPePswzJZ6FX+BgnXBxfj5enhoGRTRRCcPxbrFSThRbAc1LCj0aRxvQrS
VB0yuzWEPeBddggjQTm4wxJeI9m03lb9qbDHZZutAVWah8pnpTMCWzUYaf2fYruC
BIMwfTV8osGKJCF5udKIkZ7sS88LHjluIHxkfSSxAWpx5HGdo8aYrrpj5cuYyO/N
pnjHwt4GOEdRW6HLyq9BGkQN7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLvJbBo/
SMzB141O5nAWb1Ta280pMB8GA1UdIwQYMBaAFLpKPjTdmq0ALUkdE8XIjOXNyZOq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjEyNy8zMzdGQkE0NDU0
NkQxMUVBQkREM0MxMTdDNEY5QUUwMi91a28tTk4yYXJRQXRTUjBUeGNpTTVjM0pr
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL3Vrby1OTjJhclFBdFNSMFR4Y2lNNWMzSms2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MjEyNy8zMzdGQkE0NDU0NkQxMUVBQkREM0MxMTdDNEY5QUUwMi91a28tTk4yYXJR
QXRTUjBUeGNpTTVjM0prNm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBGEoWpSkseUvS4F5bphfHgkl8tQITBd+pr5UCYkCXoFcETeUU3/85W
7E743r22N83c6bugxIBveTsW+HotpZ50+k/8XdwCoRCjx35Wv1RRif6RumMrioU+
t9AF99RG6axhgzEquM/KQPhgRXMe3nipjSKz+j7rg/po5d/IoGK/dZXXQ2peq2F4
fIG/Mff/yWym1H9FY/PpRlJW0T2YERONCAb6AAvOV9YjCZ1dUTAOIy7oZehKfUAs
Yst6qLo438RVw2jJmOwI9WyKSouRoZGr6iUz+EzWUZPdyLqVR7+mwwB4OBepvEDC
faDSL/0tCqu3qbJ0BVzkNOYojN1NjpgE
-----END CERTIFICATE-----