Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/lDrZvGF3q4wvjoExwUpUZexClU8.mft
File:                     lDrZvGF3q4wvjoExwUpUZexClU8.mft (raw, json)
Hash identifier:          648iLmtsLx67mTNFiifv4OU3oKt2Jn8cnS0Ah85/PjY=
Subject key identifier:   4D:EA:00:7A:C4:6D:53:F0:D5:EC:98:DE:BE:31:5B:4E:FC:C2:3E:8E
Authority key identifier: 94:3A:D9:BC:61:77:AB:8C:2F:8E:81:31:C1:4A:54:65:EC:42:95:4F
Certificate issuer:       /CN=A9158568/serialNumber=943AD9BC6177AB8C2F8E8131C14A5465EC42954F
Certificate serial:       0115
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/lDrZvGF3q4wvjoExwUpUZexClU8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/lDrZvGF3q4wvjoExwUpUZexClU8.mft
Manifest number:          0111
Signing time:             Fri 28 Mar 2025 19:02:24 +0000
Manifest this update:     Fri 28 Mar 2025 19:02:24 +0000
Manifest next update:     Fri 04 Apr 2025 19:02:24 +0000
Files and hashes:         1: lDrZvGF3q4wvjoExwUpUZexClU8.crl (hash: AmEAMnztB2viYEi7vmR/3XUKyzbs3C3ophP+YqMIpoY=)
                          2: 203DB338782111EEAFDDBD86C4F9AE02.roa (hash: wX9s/s7jxKKJJyFHtP8kJqChB04GKqVy3xgEjOBVe9Q=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 277 (0x115)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9158568
        Validity
            Not Before: Mar 28 19:02:24 2025 GMT
            Not After : Apr  4 19:02:24 2025 GMT
        Subject: CN=67e6f240-b078
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:91:80:0d:ea:ef:6e:93:37:d6:ff:45:44:ea:
                    a3:3a:ec:eb:e7:5e:f7:b7:25:c1:e8:05:a3:f5:74:
                    d0:8a:53:9b:be:e2:64:da:7f:13:1b:4c:ff:15:e1:
                    77:b2:bd:f7:96:3d:24:33:59:e3:e9:ef:08:b3:b3:
                    74:7c:f7:ce:84:c3:e8:75:a1:d4:39:4d:80:ee:d9:
                    8f:dd:5c:d5:91:76:fe:98:6e:e9:29:29:9c:ce:5e:
                    b6:f8:7d:c5:b9:5a:d0:4f:73:26:f1:58:a4:b3:89:
                    46:08:69:d1:8a:d4:f4:27:08:6e:6f:ab:db:53:16:
                    61:3f:42:ee:81:16:44:02:6d:1f:a7:71:43:4e:ad:
                    bb:2a:8a:80:fa:c0:01:f2:f7:c8:18:0e:4f:41:74:
                    ce:89:ba:3b:57:3c:5b:3e:92:61:e3:83:3e:3a:e7:
                    f4:c3:2e:5d:73:d4:56:36:b6:18:58:0f:43:e5:0e:
                    40:ef:20:12:d3:d2:96:58:7b:d5:ef:ac:d5:a6:de:
                    3d:cc:19:fe:c1:18:8d:ca:d1:4f:63:f6:61:ff:a4:
                    ac:a6:01:29:21:12:93:64:30:f0:a0:04:f4:62:e3:
                    a4:85:06:f9:99:6c:86:c7:31:4f:f0:a0:6a:e4:f4:
                    12:03:ca:59:73:bc:5d:05:91:7d:2d:52:a5:c6:5d:
                    2a:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:EA:00:7A:C4:6D:53:F0:D5:EC:98:DE:BE:31:5B:4E:FC:C2:3E:8E
            X509v3 Authority Key Identifier:
                keyid:94:3A:D9:BC:61:77:AB:8C:2F:8E:81:31:C1:4A:54:65:EC:42:95:4F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/lDrZvGF3q4wvjoExwUpUZexClU8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/lDrZvGF3q4wvjoExwUpUZexClU8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158568/3618AB6E72A311EE94557211C4F9AE02/lDrZvGF3q4wvjoExwUpUZexClU8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:f7:19:2c:19:2e:ac:c7:48:4d:7f:d8:2e:97:77:7b:5f:07:
         e3:49:1d:21:eb:b5:18:a7:24:cb:1e:bd:28:52:ae:c0:00:22:
         0f:9a:fc:bc:54:26:67:04:45:ac:cd:f7:34:e1:0b:e9:f6:71:
         59:13:b2:45:91:77:3a:b1:de:99:2f:25:48:e8:50:0e:1b:99:
         90:4b:0d:60:ce:1e:f6:48:cf:63:f3:aa:7a:73:a8:75:dd:4d:
         63:81:44:b5:bc:b2:6c:29:46:e1:36:c7:26:cd:5a:c3:9e:a4:
         f5:16:6a:a3:e8:9e:16:bb:28:ff:94:e1:2e:a3:78:2b:51:c4:
         a0:13:ec:cb:36:8a:ab:0c:b9:75:aa:9d:13:72:a1:f7:ff:9c:
         1a:56:43:a1:12:98:90:dd:3f:97:25:b2:c4:c4:69:45:cc:c7:
         88:e1:73:78:b1:04:2b:62:a6:45:65:11:16:d7:e1:4d:6e:3c:
         bd:7d:71:da:ef:39:d4:a2:c7:39:ba:3f:94:57:ef:ab:f7:57:
         cb:fc:b4:78:38:7f:50:c5:d0:e3:8a:b1:e6:f2:62:7b:2f:2d:
         64:b5:e1:ce:e9:4d:67:93:e4:ee:bb:9b:2f:21:56:62:de:e5:
         a2:17:ea:b6:b2:ce:ea:87:79:81:f3:e0:bc:d6:4c:41:dd:f8:
         9b:d5:86:f7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICARUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTg1NjgxMTAvBgNVBAUTKDk0M0FEOUJDNjE3N0FCOEMyRjhFODEzMUMxNEE1NDY1
RUM0Mjk1NEYwHhcNMjUwMzI4MTkwMjI0WhcNMjUwNDA0MTkwMjI0WjAYMRYwFAYD
VQQDEw02N2U2ZjI0MC1iMDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw5GADervbpM31v9FROqjOuzr5173tyXB6AWj9XTQilObvuJk2n8TG0z/FeF3
sr33lj0kM1nj6e8Is7N0fPfOhMPodaHUOU2A7tmP3VzVkXb+mG7pKSmczl62+H3F
uVrQT3Mm8Viks4lGCGnRitT0Jwhub6vbUxZhP0LugRZEAm0fp3FDTq27KoqA+sAB
8vfIGA5PQXTOibo7VzxbPpJh44M+Ouf0wy5dc9RWNrYYWA9D5Q5A7yAS09KWWHvV
76zVpt49zBn+wRiNytFPY/Zh/6SspgEpIRKTZDDwoAT0YuOkhQb5mWyGxzFP8KBq
5PQSA8pZc7xdBZF9LVKlxl0qYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE3qAHrE
bVPw1eyY3r4xW078wj6OMB8GA1UdIwQYMBaAFJQ62bxhd6uML46BMcFKVGXsQpVP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODU2OC8zNjE4QUI2RTcy
QTMxMUVFOTQ1NTcyMTFDNEY5QUUwMi9sRHJadkdGM3E0d3Zqb0V4d1VwVVpleENs
VTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL2xEclp2R0YzcTR3dmpvRXh3VXBVWmV4Q2xVOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
ODU2OC8zNjE4QUI2RTcyQTMxMUVFOTQ1NTcyMTFDNEY5QUUwMi9sRHJadkdGM3E0
d3Zqb0V4d1VwVVpleENsVTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBn9xksGS6sx0hNf9gul3d7XwfjSR0h67UYpyTLHr0oUq7AACIPmvy8
VCZnBEWszfc04Qvp9nFZE7JFkXc6sd6ZLyVI6FAOG5mQSw1gzh72SM9j86p6c6h1
3U1jgUS1vLJsKUbhNscmzVrDnqT1Fmqj6J4Wuyj/lOEuo3grUcSgE+zLNoqrDLl1
qp0TcqH3/5waVkOhEpiQ3T+XJbLExGlFzMeI4XN4sQQrYqZFZREW1+FNbjy9fXHa
7znUosc5uj+UV++r91fL/LR4OH9QxdDjirHm8mJ7Ly1kteHO6U1nk+Tuu5svIVZi
3uWiF+q2ss7qh3mB8+C81kxB3fib1Yb3
-----END CERTIFICATE-----