Manifest

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.mft
File:                     7EC9B5D22508C0231C15DABDAF5135990B66BFED.mft (raw, json)
Hash identifier:          cC8jWovnGYZvDqOFNEzVh9HWXYzpY16GF3MBKVqSOV0=
Subject key identifier:   C0:32:D8:86:B1:8F:4B:76:7B:77:06:D6:8A:BA:8E:42:D6:11:B0:A9
Authority key identifier: 7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED
Certificate issuer:       /CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
Certificate serial:       2672B069CB939E55880B00C762F15B6749423F97
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.mft
Manifest number:          03B7
Signing time:             Sun 27 Apr 2025 14:26:20 +0000
Manifest this update:     Sun 27 Apr 2025 14:21:20 +0000
Manifest next update:     Mon 28 Apr 2025 16:43:20 +0000
Files and hashes:         1: 3130342e33372e34302e302f32322d3232203d3e2030.roa (hash: vHzV9yuwB4p+FXvV7pq6ibofX3Oxg5SwuBjEw2YE3Pg=)
                          2: 3130342e33372e34312e302f32342d3234203d3e203231393537.roa (hash: IRTKWsv2EGeDRsQ97JvbtSG0Rc6W53GcEAl3eMmmpqs=)
                          3: 7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl (hash: K+qAdA3UQb8/FjtQpGM7prCG1bs1/6rNyjr9G48hFGU=)
                          4: 3130342e33372e34302e302f32342d3234203d3e20393730.roa (hash: ek8Vg6kOrYHQQyaRN7UOy+nZ8uz9bhWO7ZAUVfTbaRI=)
                          5: AS21957.asa (hash: v9+444bGaAkQtqJOIXn9P1VMcTrlW/WFkfocSw9xo/c=)
                          6: AS970.asa (hash: uUtIUuFVFE42+T1fqnnQdo7h/4VRg1akAdGbbCnAbEY=)
                          7: 3130342e33372e34322e302f32332d3234203d3e20393435.roa (hash: 15ZkZ3TfYDgn/2NuUygkkJxkxZnGlbkkKGi5Yto7PDI=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:72:b0:69:cb:93:9e:55:88:0b:00:c7:62:f1:5b:67:49:42:3f:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351
        Validity
            Not Before: Apr 27 14:21:20 2025 GMT
            Not After : Apr 28 16:43:20 2025 GMT
        Subject: CN=C032D886B18F4B767B7706D68ABA8E42D611B0A9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:43:06:f4:3f:5b:4f:b2:71:e1:7e:3e:ce:b2:
                    e1:70:0e:5b:de:94:b1:19:32:e1:e3:34:b6:30:8b:
                    20:ff:2f:66:69:56:7c:20:3c:ef:3d:03:b1:51:29:
                    71:f2:fe:10:b4:52:ac:25:2d:13:da:c1:54:cb:10:
                    90:08:18:0a:22:35:38:80:e8:9b:71:1d:99:0c:14:
                    67:0d:5e:83:b6:85:1f:d9:21:67:13:1f:fc:a0:74:
                    79:5e:c2:59:44:f7:a7:14:95:84:5b:2e:98:6c:73:
                    24:f5:c9:bf:44:c2:ad:87:bf:4a:c4:a0:9d:18:fe:
                    12:15:0b:58:93:1f:89:7a:94:4e:7f:7c:47:ba:ec:
                    4f:40:86:4c:c4:92:a4:59:53:f5:e8:a5:ea:c9:55:
                    70:7b:e8:7d:e3:73:96:aa:33:64:a7:28:20:3c:69:
                    ff:92:d3:cd:93:dd:1c:16:b9:d9:70:1c:61:05:06:
                    d4:a8:83:84:0d:39:91:3a:b6:bb:f3:2d:a1:1a:2e:
                    f3:9c:51:62:3b:43:9c:31:e5:ea:80:5c:e1:af:8f:
                    90:bb:33:6d:4d:db:0a:b4:14:b7:16:ab:c8:6a:63:
                    4d:dc:91:5e:c1:21:e7:da:2e:5a:74:6e:6f:c4:10:
                    43:b5:94:54:09:3f:b4:65:07:14:ff:24:b8:93:05:
                    e6:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:32:D8:86:B1:8F:4B:76:7B:77:06:D6:8A:BA:8E:42:D6:11:B0:A9
            X509v3 Authority Key Identifier:
                keyid:7E:C9:B5:D2:25:08:C0:23:1C:15:DA:BD:AF:51:35:99:0B:66:BF:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/39065acc-beed-4115-bc6c-63de232f2a04/02ba3f5254b88681ec6c5450a38717479c0589b9956c51e351.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair/0/7EC9B5D22508C0231C15DABDAF5135990B66BFED.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:87:80:9e:44:92:3f:93:83:06:54:71:c1:7d:04:42:10:82:
         0d:45:87:85:c7:17:ef:c5:79:7e:d6:dc:1a:90:4b:0d:6b:de:
         56:85:30:15:b6:8e:f2:cd:41:8a:ee:9a:ca:6f:b9:f8:52:f2:
         32:f1:dd:ff:3c:ba:51:b5:46:a5:03:39:75:49:c8:62:bd:b4:
         09:a7:0f:60:77:fc:6d:3c:e7:7e:fd:b5:6f:49:36:b2:27:f5:
         93:80:02:8a:66:ab:19:51:4c:4b:98:e0:23:79:0e:37:6d:0b:
         08:66:c8:0f:a9:2c:e6:c9:ba:3e:62:cd:23:e8:3b:ee:17:8a:
         89:e9:d5:a7:cb:77:43:fe:ea:b6:1b:4c:db:3d:17:61:1e:9e:
         d3:97:87:23:3c:3c:7b:eb:ff:bc:be:f7:ab:61:e4:c5:db:39:
         d1:c3:8d:a1:81:11:2b:ac:43:7a:d2:a2:2e:15:ea:77:c0:3d:
         26:10:d0:d3:63:c3:b2:75:08:a6:ee:4a:a4:b2:ff:0d:97:38:
         a4:aa:4a:19:04:7b:20:5a:b3:20:2e:4a:5e:27:70:e9:44:2f:
         ca:36:ce:dc:26:d3:92:54:e9:d3:74:f1:1c:9b:f0:85:c2:9c:
         ec:3a:77:45:ac:df:b3:20:6d:11:62:25:c8:af:03:55:23:0a:
         b1:10:92:12
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUJnKwacuTnlWICwDHYvFbZ0lCP5cwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5
YzA1ODliOTk1NmM1MWUzNTEwHhcNMjUwNDI3MTQyMTIwWhcNMjUwNDI4MTY0MzIw
WjAzMTEwLwYDVQQDEyhDMDMyRDg4NkIxOEY0Qjc2N0I3NzA2RDY4QUJBOEU0MkQ2
MTFCMEE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskMG9D9bT7Jx
4X4+zrLhcA5b3pSxGTLh4zS2MIsg/y9maVZ8IDzvPQOxUSlx8v4QtFKsJS0T2sFU
yxCQCBgKIjU4gOibcR2ZDBRnDV6DtoUf2SFnEx/8oHR5XsJZRPenFJWEWy6YbHMk
9cm/RMKth79KxKCdGP4SFQtYkx+JepROf3xHuuxPQIZMxJKkWVP16KXqyVVwe+h9
43OWqjNkpyggPGn/ktPNk90cFrnZcBxhBQbUqIOEDTmROra78y2hGi7znFFiO0Oc
MeXqgFzhr4+QuzNtTdsKtBS3FqvIamNN3JFewSHn2i5adG5vxBBDtZRUCT+0ZQcU
/yS4kwXmfwIDAQABo4ICeTCCAnUwHQYDVR0OBBYEFMAy2Iaxj0t2e3cG1oq6jkLW
EbCpMB8GA1UdIwQYMBaAFH7JtdIlCMAjHBXava9RNZkLZr/tMA4GA1UdDwEB/wQE
AwIHgDBmBgNVHR8EXzBdMFugWaBXhlVyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtp
L0tlYXRvbkFHTGFpci8wLzdFQzlCNUQyMjUwOEMwMjMxQzE1REFCREFGNTEzNTk5
MEI2NkJGRUQuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEt
NDViZi05NTg2LTkyZGQ0OWVmMzIyMy8zOTA2NWFjYy1iZWVkLTQxMTUtYmM2Yy02
M2RlMjMyZjJhMDQvMDJiYTNmNTI1NGI4ODY4MWVjNmM1NDUwYTM4NzE3NDc5YzA1
ODliOTk1NmM1MWUzNTEuY2VyMHEGCCsGAQUFBwELBGUwYzBhBggrBgEFBQcwC4ZV
cnN5bmM6Ly9yZXBvLmthZ2wubWUvcnBraS9LZWF0b25BR0xhaXIvMC83RUM5QjVE
MjI1MDhDMDIzMUMxNURBQkRBRjUxMzU5OTBCNjZCRkVELm1mdDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgAC
BQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMoeA
nkSSP5ODBlRxwX0EQhCCDUWHhccX78V5ftbcGpBLDWveVoUwFbaO8s1Biu6aym+5
+FLyMvHd/zy6UbVGpQM5dUnIYr20CacPYHf8bTznfv21b0k2sif1k4ACimarGVFM
S5jgI3kON20LCGbID6ks5sm6PmLNI+g77heKienVp8t3Q/7qthtM2z0XYR6e05eH
Izw8e+v/vL73q2Hkxds50cONoYERK6xDetKiLhXqd8A9JhDQ02PDsnUIpu5KpLL/
DZc4pKpKGQR7IFqzIC5KXidw6UQvyjbO3CbTklTp03TxHJvwhcKc7Dp3RazfsyBt
EWIlyK8DVSMKsRCSEg==
-----END CERTIFICATE-----