Manifest

$ rpki-client -vvf rpki.sub.apnic.net/repository/A91905300000/9/33F4082166A89FFF6F326AE09B44BFBEF1629FEB.mft
File:                     33F4082166A89FFF6F326AE09B44BFBEF1629FEB.mft (raw, json)
Hash identifier:          WU3rbO8BU+Ztkh/nOASEQtueiNJH/3GgfPnJYuDpEA4=
Subject key identifier:   FA:88:85:DE:42:BD:EC:23:2F:84:00:78:B9:0F:DF:1C:22:46:3B:70
Authority key identifier: 33:F4:08:21:66:A8:9F:FF:6F:32:6A:E0:9B:44:BF:BE:F1:62:9F:EB
Certificate issuer:       /CN=A919B0BE0000/serialNumber=33F4082166A89FFF6F326AE09B44BFBEF1629FEB
Certificate serial:       286466B7AA289F25725B2553347DE2F7A82A4429
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M_QIIWaon_9vMmrgm0S_vvFin-s.cer
Subject info access:      rsync://rpki.sub.apnic.net/repository/A91905300000/9/33F4082166A89FFF6F326AE09B44BFBEF1629FEB.mft
Manifest number:          0A
Signing time:             Fri 23 May 2025 02:43:06 +0000
Manifest this update:     Fri 23 May 2025 02:38:05 +0000
Manifest next update:     Sat 24 May 2025 05:07:05 +0000
Files and hashes:         1: 3230332e35372e32332e302f32342d3234203d3e2039393133.roa (hash: 9vPoyR5h4XW7VzKPshTgyqTHm+x238aD7PNshnOSJtk=)
                          2: 3130332e3233332e3230382e302f32322d3234203d3e2039393133.roa (hash: gjG1OZMW5faujAfknl/AsEqIEMo1X4J8rMD0eZTWBDg=)
                          3: 3230332e33312e3131302e302f32342d3234203d3e2039393133.roa (hash: Th3RG2y4VUTKhfMzlUUSBpKBps2IwB4thNo9+TULNBQ=)
                          4: 3230332e312e36382e302f32342d3234203d3e2039393133.roa (hash: sf6xpmLBwwFxYc5zLhbA2o5zERE4ANPwwQpcoFqWw9Y=)
                          5: 3230332e302e38302e302f32342d3234203d3e2039393133.roa (hash: 5CEE0bOW0MgpOlLO8lN9+nz4tABxvncSgkR6y2kvmq4=)
                          6: 3230332e312e36392e302f32342d3234203d3e2039393133.roa (hash: HYKqNuiBE/DUFFDQyKmuMZ6wkcvhITNaHWFYsHIuJlA=)
                          7: 33F4082166A89FFF6F326AE09B44BFBEF1629FEB.crl (hash: I3S2NWNT785CDZoDi0GUYrhPC1ZteoP/mhyIENm7Pj0=)
                          8: 3230332e33312e3131312e302f32342d3234203d3e2039393133.roa (hash: YlAvV8ZZuoYsPDhwbCWgqa9GkyYRu/NKCURMzPqa7q4=)
                          9: 3230322e31342e3134382e302f32342d3234203d3e2039393133.roa (hash: jEqn8jELxuDQMwvht+ON+P9QmjrSbE+0mwwGAYlItGo=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:64:66:b7:aa:28:9f:25:72:5b:25:53:34:7d:e2:f7:a8:2a:44:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919B0BE0000, serialNumber=33F4082166A89FFF6F326AE09B44BFBEF1629FEB
        Validity
            Not Before: May 23 02:38:05 2025 GMT
            Not After : May 24 05:07:05 2025 GMT
        Subject: CN=FA8885DE42BDEC232F840078B90FDF1C22463B70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:08:4a:d8:e7:67:e7:a4:2a:52:59:44:cc:06:
                    6a:b5:fe:28:1e:53:fe:8d:6f:30:c3:8d:89:47:4e:
                    4a:36:f6:3d:c4:8e:e5:51:19:3a:3a:d3:81:9a:4d:
                    87:f3:5b:05:37:6c:87:50:19:3c:88:90:c5:72:a1:
                    83:f7:b1:fe:68:b4:26:61:c9:ff:e9:b6:34:7d:9b:
                    6a:11:7a:b5:1d:a1:79:cb:63:16:a3:73:4c:80:a1:
                    0a:7a:ab:c6:d7:62:e1:5e:1b:2f:3e:2e:db:63:de:
                    f0:56:a6:61:fc:57:6b:bf:4c:55:8b:db:3b:02:74:
                    75:6a:6c:65:f8:08:46:57:cd:69:bb:81:64:14:7e:
                    ba:3f:ef:20:52:29:97:da:4a:f0:7b:d7:d5:49:fe:
                    75:8f:e5:38:96:3e:ba:e7:8b:7a:25:86:13:d7:81:
                    72:b8:79:f0:dd:05:74:40:6f:b4:ac:d2:21:f6:09:
                    ae:05:bb:a5:44:c8:0d:0f:f1:89:6f:2f:90:dc:a6:
                    c8:32:48:ea:e1:f3:86:b1:61:b5:ea:81:b3:62:70:
                    fb:df:ca:a0:fd:ac:77:c3:ed:52:29:23:8b:e1:bf:
                    a8:a7:c9:e4:6e:b1:68:e6:3b:99:43:d7:04:9c:be:
                    2c:a6:25:e6:d5:b6:cb:34:3d:96:0b:ac:5b:02:fa:
                    ae:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:88:85:DE:42:BD:EC:23:2F:84:00:78:B9:0F:DF:1C:22:46:3B:70
            X509v3 Authority Key Identifier:
                keyid:33:F4:08:21:66:A8:9F:FF:6F:32:6A:E0:9B:44:BF:BE:F1:62:9F:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.sub.apnic.net/repository/A91905300000/9/33F4082166A89FFF6F326AE09B44BFBEF1629FEB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M_QIIWaon_9vMmrgm0S_vvFin-s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/9/33F4082166A89FFF6F326AE09B44BFBEF1629FEB.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:52:7c:47:dc:31:8c:b3:17:24:79:76:08:b3:81:14:8e:ae:
         69:41:8f:b3:f0:18:bf:61:26:85:4b:53:aa:a1:37:d3:cf:f4:
         a5:2a:64:13:1b:60:be:9f:c7:32:ec:f4:f7:20:e8:50:d2:8f:
         ad:11:92:1e:b0:01:76:b0:be:c6:d4:fd:44:70:a0:52:98:a6:
         e0:e1:cd:65:1c:84:c0:08:4f:1d:5c:04:53:a7:2e:bc:dc:6c:
         21:3d:11:2e:5a:8f:3d:67:ea:ab:04:78:88:7e:ea:a6:7e:1a:
         27:37:2e:74:60:74:9a:71:ff:18:c4:a4:19:6f:cf:be:b8:cc:
         e9:ed:1f:8d:da:33:04:0e:da:cb:0a:d0:e6:01:df:5c:aa:f0:
         ae:81:ba:df:44:8d:b9:b8:ff:c5:27:a9:36:5e:ec:49:f8:5e:
         77:00:5e:39:9d:6e:6f:43:0b:1a:66:19:4e:1b:98:2b:f5:72:
         3b:8d:a3:21:b3:17:74:bb:75:b2:9c:62:5d:16:65:22:69:fd:
         da:63:4d:9f:d4:ab:0c:a7:76:cb:e7:c5:c4:26:bc:33:49:e4:
         5a:80:9a:f2:84:f5:e8:ea:86:71:24:e3:ac:e1:84:8d:c2:24:
         c1:6c:b8:9c:25:e5:d6:95:31:34:df:63:39:26:1f:fc:03:15:
         d0:1c:73:7b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUKGRmt6oonyVyWyVTNH3i96gqRCkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxOUIwQkUwMDAwMTEwLwYDVQQFEygzM0Y0MDgyMTY2
QTg5RkZGNkYzMjZBRTA5QjQ0QkZCRUYxNjI5RkVCMB4XDTI1MDUyMzAyMzgwNVoX
DTI1MDUyNDA1MDcwNVowMzExMC8GA1UEAxMoRkE4ODg1REU0MkJERUMyMzJGODQw
MDc4QjkwRkRGMUMyMjQ2M0I3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQIStjnZ+ekKlJZRMwGarX+KB5T/o1vMMONiUdOSjb2PcSO5VEZOjrTgZpN
h/NbBTdsh1AZPIiQxXKhg/ex/mi0JmHJ/+m2NH2bahF6tR2hectjFqNzTIChCnqr
xtdi4V4bLz4u22Pe8FamYfxXa79MVYvbOwJ0dWpsZfgIRlfNabuBZBR+uj/vIFIp
l9pK8HvX1Un+dY/lOJY+uueLeiWGE9eBcrh58N0FdEBvtKzSIfYJrgW7pUTIDQ/x
iW8vkNymyDJI6uHzhrFhteqBs2Jw+9/KoP2sd8PtUikji+G/qKfJ5G6xaOY7mUPX
BJy+LKYl5tW2yzQ9lgusWwL6rq0CAwEAAaOCAhswggIXMB0GA1UdDgQWBBT6iIXe
Qr3sIy+EAHi5D98cIkY7cDAfBgNVHSMEGDAWgBQz9AghZqif/28yauCbRL++8WKf
6zAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUzMDAwMDAvOS8zM0Y0MDgy
MTY2QTg5RkZGNkYzMjZBRTA5QjQ0QkZCRUYxNjI5RkVCLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9NX1FJSVdhb25f
OXZNbXJnbTBTX3Z2RmluLXMuY2VyMH0GCCsGAQUFBwELBHEwbzBtBggrBgEFBQcw
C4ZhcnN5bmM6Ly9ycGtpLnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTE5MDUz
MDAwMDAvOS8zM0Y0MDgyMTY2QTg5RkZGNkYzMjZBRTA5QjQ0QkZCRUYxNjI5RkVC
Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIw
EDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG
9w0BAQsFAAOCAQEAN1J8R9wxjLMXJHl2CLOBFI6uaUGPs/AYv2EmhUtTqqE308/0
pSpkExtgvp/HMuz09yDoUNKPrRGSHrABdrC+xtT9RHCgUpim4OHNZRyEwAhPHVwE
U6cuvNxsIT0RLlqPPWfqqwR4iH7qpn4aJzcudGB0mnH/GMSkGW/PvrjM6e0fjdoz
BA7aywrQ5gHfXKrwroG630SNubj/xSepNl7sSfhedwBeOZ1ub0MLGmYZThuYK/Vy
O42jIbMXdLt1spxiXRZlImn92mNNn9SrDKd2y+fFxCa8M0nkWoCa8oT16OqGcSTj
rOGEjcIkwWy4nCXl1pUxNN9jOSYf/AMV0Bxzew==
-----END CERTIFICATE-----