Manifest

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.mft
File:                     7EC9B5D22508C0231C15DABDAF5135990B66BFED.mft (raw, json)
Hash identifier:          kVxneVMgxY8LQDDSVkW0wo1QAdclFT/QG0f2q8dvv8s=
Subject key identifier:   C1:65:16:61:FD:63:A4:87:C8:4C:9B:AC:11:94:CF:07:07:6D:57:39
Authority key identifier: 7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
Certificate issuer:       /CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Certificate serial:       2E3A065CD834EE6B3C86BC8EE004FBB35D0E7FC1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.mft
Manifest number:          0469
Signing time:             Mon 29 Sep 2025 23:11:52 +0000
Manifest this update:     Mon 29 Sep 2025 23:06:52 +0000
Manifest next update:     Wed 01 Oct 2025 01:27:52 +0000
Files and hashes:         1: 3130342e33372e34302e302f32322d3232203d3e2030.roa (hash: vHzV9yuwB4p+FXvV7pq6ibofX3Oxg5SwuBjEw2YE3Pg=)
                          2: 7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl (hash: aw2NVS2p9PkIQC62h2e8SxxMURmuszhEQ2MDNGgQUQM=)
                          3: 3130342e33372e34302e302f32342d3234203d3e20393730.roa (hash: ek8Vg6kOrYHQQyaRN7UOy+nZ8uz9bhWO7ZAUVfTbaRI=)
                          4: AS970.asa (hash: aCqAqa36+Xna3fhTNM72Gk6jiiHCna4r5yVWhBqXYrs=)
                          5: AS21957.asa (hash: JfXRjy3PBHQ21sZWZ6j+8b+Oy1M6wY5jz3ZmlNCr4es=)
                          6: 3130342e33372e34312e302f32342d3234203d3e203231393537.roa (hash: IRTKWsv2EGeDRsQ97JvbtSG0Rc6W53GcEAl3eMmmpqs=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:3a:06:5c:d8:34:ee:6b:3c:86:bc:8e:e0:04:fb:b3:5d:0e:7f:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
        Validity
            Not Before: Sep 29 23:06:52 2025 GMT
            Not After : Oct  1 01:27:52 2025 GMT
        Subject: CN=C1651661FD63A487C84C9BAC1194CF07076D5739
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:df:f2:b5:ac:e6:fb:9f:ac:54:36:a7:58:01:
                    76:aa:35:58:51:2a:99:42:3b:8f:3e:40:ed:34:50:
                    1d:f7:82:90:cf:1b:b8:3a:2b:41:73:0c:06:71:f4:
                    cd:72:3a:4b:d4:67:00:22:fd:3e:0c:01:74:96:cc:
                    11:76:c0:52:98:97:2c:5b:45:e2:c5:55:ee:e9:ca:
                    60:ef:32:5d:70:51:25:8b:31:98:d7:ba:8f:63:96:
                    73:bf:7f:fd:ec:d4:60:ad:71:14:61:7d:19:a3:56:
                    0b:60:49:1d:69:3e:15:6d:21:da:1a:b6:48:89:30:
                    e8:3d:b0:25:f3:7c:c5:3c:d8:a7:d8:b6:14:1b:19:
                    e1:3d:2e:dd:97:ba:29:19:71:f3:22:23:ba:91:43:
                    e8:dd:d0:32:f0:46:98:76:f5:2e:d7:bf:9e:35:fe:
                    b7:88:c0:69:a8:cb:fe:ce:55:cd:ff:0e:1b:7e:20:
                    ee:10:f7:dd:30:34:e4:38:77:01:fe:a9:c9:48:bd:
                    f2:77:b3:6c:01:86:4c:0f:b6:3c:dc:43:91:cc:dd:
                    06:51:cc:e4:43:24:1c:b7:c4:05:dc:f5:02:84:ef:
                    11:4b:93:19:26:be:a0:58:1c:4c:5d:76:db:39:36:
                    b9:4f:0c:52:a4:ef:99:db:89:66:86:90:82:32:0d:
                    4a:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:65:16:61:FD:63:A4:87:C8:4C:9B:AC:11:94:CF:07:07:6D:57:39
            X509v3 Authority Key Identifier:
                keyid:7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:d7:c0:98:bb:a0:18:6f:19:5d:83:2c:d5:3e:b7:6f:8a:0f:
         32:8d:e9:5a:5e:f9:8f:b9:1e:5e:57:9e:fe:5d:9b:ef:e9:52:
         3e:db:73:8d:fb:76:33:fc:05:b2:bc:f7:5e:00:03:76:27:59:
         61:1f:1e:78:fb:8a:31:31:77:6e:07:6b:6b:dc:e6:9b:c5:74:
         d6:b2:86:aa:df:b2:9a:c0:df:a9:5c:ab:32:9f:b8:ec:c5:8c:
         cb:a0:d3:c3:4c:11:ca:b9:3f:e9:e3:dc:f9:7e:53:30:9a:24:
         e3:2e:55:f5:6d:44:06:65:45:6c:df:b1:d6:ec:c0:6b:ed:44:
         29:42:1f:e4:20:a5:2f:57:f8:09:af:42:fb:87:5d:ce:b5:9c:
         c3:bd:f2:ef:20:d4:b0:64:72:3b:56:ca:b5:f3:47:60:cc:21:
         58:2a:6c:bc:ce:8d:48:bf:d2:48:fe:5e:68:05:27:33:be:ac:
         28:92:8a:22:4e:df:0c:29:f7:81:71:f0:37:96:87:d0:ab:26:
         47:c5:41:81:88:8d:6e:ba:e0:0e:7a:a6:99:35:7a:01:83:b5:
         dd:f0:64:97:0f:c0:b3:85:d5:6b:3e:6f:90:42:94:19:6b:1c:
         9c:34:ce:17:25:4b:9f:66:ed:4b:78:5e:cc:4e:d5:71:1a:76:
         cd:50:27:72
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIULjoGXNg07ms8hryO4AT7s10Of8EwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5
YzA1ODliOTk1NmM1MWUzNTEwHhcNMjUwOTI5MjMwNjUyWhcNMjUxMDAxMDEyNzUy
WjAzMTEwLwYDVQQDEyhDMTY1MTY2MUZENjNBNDg3Qzg0QzlCQUMxMTk0Q0YwNzA3
NkQ1NzM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd/ytazm+5+s
VDanWAF2qjVYUSqZQjuPPkDtNFAd94KQzxu4OitBcwwGcfTNcjpL1GcAIv0+DAF0
lswRdsBSmJcsW0XixVXu6cpg7zJdcFElizGY17qPY5Zzv3/97NRgrXEUYX0Zo1YL
YEkdaT4VbSHaGrZIiTDoPbAl83zFPNin2LYUGxnhPS7dl7opGXHzIiO6kUPo3dAy
8EaYdvUu17+eNf63iMBpqMv+zlXN/w4bfiDuEPfdMDTkOHcB/qnJSL3yd7NsAYZM
D7Y83EORzN0GUczkQyQct8QF3PUChO8RS5MZJr6gWBxMXXbbOTa5TwxSpO+Z24lm
hpCCMg1KKQIDAQABo4ICeTCCAnUwHQYDVR0OBBYEFMFlFmH9Y6SHyEybrBGUzwcH
bVc5MB8GA1UdIwQYMBaAFH7JtdIlCMAjHBXava9RNZkLZr/tMA4GA1UdDwEB/wQE
AwIHgDBmBgNVHR8EXzBdMFugWaBXhlVyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtp
L0tlYXRvbkFHTGFpci8wLzdFQzlCNUQyMjUwOEMwMjMxQzE1REFCREFGNTEzNTk5
MEI2NkJGRUQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEt
NDViZi05NTg2LTkyZGQ0OWVmMzIyMy8zOTA2NWFjYy1iZWVkLTQxMTUtYmM2Yy02
M2RlMjMyZjJhMDQvMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5YzA1
ODliOTk1NmM1MWUzNTEuY2VyMHEGCCsGAQUFBwELBGUwYzBhBggrBgEFBQcwC4ZV
cnN5bmM6Ly9yZXBvLmthZ2wubWUvcnBraS9LZWF0b25BR0xhaXIvMC83RUM5QjVE
MjI1MDhDMDIzMUMxNURBQkRBRjUxMzU5OTBCNjZCRkVELm1mdDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANdfA
mLugGG8ZXYMs1T63b4oPMo3pWl75j7keXlee/l2b7+lSPttzjft2M/wFsrz3XgAD
didZYR8eePuKMTF3bgdra9zmm8V01rKGqt+ymsDfqVyrMp+47MWMy6DTw0wRyrk/
6ePc+X5TMJok4y5V9W1EBmVFbN+x1uzAa+1EKUIf5CClL1f4Ca9C+4ddzrWcw73y
7yDUsGRyO1bKtfNHYMwhWCpsvM6NSL/SSP5eaAUnM76sKJKKIk7fDCn3gXHwN5aH
0KsmR8VBgYiNbrrgDnqmmTV6AYO13fBklw/As4XVaz5vkEKUGWscnDTOFyVLn2bt
S3hezE7VcRp2zVAncg==
-----END CERTIFICATE-----