Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
File:                     95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft (raw, json)
Hash identifier:          zQ4cdh8Cxscm6SZW1uYkhcnDZdsikNx6c6ET3uqF8cI=
Subject key identifier:   39:8F:6F:A7:8D:9C:05:44:0B:BF:D3:8C:18:CF:53:BD:E7:56:DC:73
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       5A299536265C7588B17B3B33DB09990ED3855769
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
Manifest number:          042E
Signing time:             Wed 17 Apr 2024 09:01:23 +0000
Manifest this update:     Wed 17 Apr 2024 08:56:23 +0000
Manifest next update:     Sat 20 Apr 2024 18:22:23 +0000
Files and hashes:         1: 95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl (hash: LQSdKa5Swzd+uKs6cckjvsHpOK1w7Z4YUZx2UABlrHo=)
                          2: 34332e3234382e3231342e302f32342d3234203d3e203538343734.roa (hash: 6xeJVxGl9cVKsMk2E2MJqOXhWZaMs+uAA/sqXpWfXQM=)
                          3: 34332e3234382e3231322e302f32342d3234203d3e203538343734.roa (hash: dQ+AvgkXICKyZ+zEYdcb9hvvfKkBQmiJMwds7nIVEkY=)
                          4: 34332e3234382e3231352e302f32342d3234203d3e203538343734.roa (hash: SNF1Ne7UGGbQwdqcAXEqb1LfwnjeMcFpE1WTMfMPvxM=)
                          5: 323430343a666230303a3a2f33322d3332203d3e203538343734.roa (hash: e4Ds/KiLcpqiyiBa43lAe9WcFWj1j9dmYDedtLFiZAs=)
                          6: 3130332e32382e35362e302f32342d3234203d3e203538343734.roa (hash: bRlu1bn+fHNm+2hFdzetDNu7YnF/os0Vgh7YxQX14V8=)
                          7: 3130332e32382e35372e302f32342d3234203d3e203538343734.roa (hash: sviI4RCt8gx8BQZo/9izlwJ6mfI0xDjPBkVBzx2j5fk=)
                          8: 3130332e32382e35392e302f32342d3234203d3e203538343734.roa (hash: R5g3FK1RRxclqvD4x2B9kA/ZoI/KrqkS/aBjypqlKGE=)
                          9: 3130332e32382e35382e302f32342d3234203d3e203538343734.roa (hash: r5UPSPMv6PhMGamzt1MDct8F86Lmrj1CvK4TIHW37JY=)
                          10: 34332e3234382e3231332e302f32342d3234203d3e203538343734.roa (hash: AMJahCXoUmOLlxG2ARn9PIo6ZtTwbikiMuDEPq3NC2o=)

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 20 Apr 2024 17:27:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:29:95:36:26:5c:75:88:b1:7b:3b:33:db:09:99:0e:d3:85:57:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Apr 17 08:56:23 2024 GMT
            Not After : Apr 20 18:22:23 2024 GMT
        Subject: CN=398F6FA78D9C05440BBFD38C18CF53BDE756DC73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:4b:a3:00:72:94:73:c9:38:1c:6b:7a:05:4f:
                    fb:ee:a0:c4:33:37:ae:8a:d7:b4:2f:7c:b7:45:d6:
                    bc:5e:e8:4e:51:4d:13:6f:41:0b:2c:8c:a9:78:58:
                    cc:d2:a0:7e:51:f4:ca:6b:a5:ca:45:29:08:ab:df:
                    e1:70:8b:ae:e8:0c:6a:60:29:27:0e:a5:39:91:93:
                    31:fc:b7:48:56:dc:4a:3a:5a:f0:4c:2f:0a:6d:e6:
                    78:c2:fd:fa:0a:d7:94:e4:53:0e:82:8d:6b:f6:1a:
                    e3:b3:74:a4:a5:0c:71:d4:d5:2c:ca:71:12:26:bc:
                    ac:4c:71:bf:cb:27:37:93:c0:82:c6:08:3b:63:a6:
                    21:f9:99:09:7a:99:7f:c5:80:6b:11:14:23:77:98:
                    8b:8b:f2:85:93:96:69:71:f0:a1:45:51:b2:69:da:
                    c1:49:f7:b3:2c:67:2c:d6:25:63:84:33:56:9b:42:
                    01:8d:94:29:68:83:14:34:2e:12:29:01:4b:49:e4:
                    69:3a:81:a8:96:ee:18:b4:77:51:83:18:fa:ba:78:
                    0f:e6:e2:38:17:6a:62:f5:7c:87:46:4b:6a:ff:ee:
                    77:07:65:46:6d:01:aa:6d:b9:9a:09:8d:3d:c9:04:
                    9a:b2:90:95:8d:ae:3c:29:03:f6:d1:e9:44:68:65:
                    c2:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:8F:6F:A7:8D:9C:05:44:0B:BF:D3:8C:18:CF:53:BD:E7:56:DC:73
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:03:4a:f3:83:12:c9:17:eb:bb:80:67:35:0a:14:c7:b5:41:
         c7:cd:91:e2:28:e4:63:07:2a:d2:aa:71:ae:c7:15:ad:02:a1:
         08:59:a2:c1:fb:41:7a:6a:f5:2f:b7:55:67:a3:80:dc:75:17:
         5e:a1:2c:c4:d5:64:f5:c8:03:ce:5b:fc:71:24:ca:9e:ba:1e:
         56:59:97:3b:85:8f:17:c3:1d:86:26:86:37:28:28:91:0f:11:
         5e:16:f2:63:c5:ca:0c:3a:83:a2:44:6f:06:3c:36:0c:4e:c8:
         f9:5b:f7:b5:e3:9e:34:8f:88:33:5d:43:b3:9e:3f:fd:89:68:
         db:66:f0:b8:e5:3c:16:4e:82:f3:84:e2:77:18:2a:3d:c7:eb:
         ee:11:cc:4b:3a:f5:df:c4:f3:8b:32:22:a6:7b:b7:03:1f:7b:
         f3:af:e4:70:c9:10:18:58:60:0d:c9:c7:04:30:90:08:fe:2b:
         09:7b:88:f6:9d:ac:a7:ee:ae:49:2c:d7:a8:4e:fb:47:0b:ac:
         4c:f3:ba:1b:42:34:02:57:3e:02:86:e6:f2:01:d7:3c:5c:a4:
         69:8b:ab:d6:5b:98:98:20:71:dd:22:b4:97:54:d9:d9:29:81:
         73:35:44:12:d5:d0:28:42:9f:a5:5a:ee:38:5d:5f:57:33:67:
         c9:8e:00:30
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUWimVNiZcdYixezsz2wmZDtOFV2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNDA0MTcwODU2MjNaFw0yNDA0MjAxODIyMjNaMDMxMTAvBgNV
BAMTKDM5OEY2RkE3OEQ5QzA1NDQwQkJGRDM4QzE4Q0Y1M0JERTc1NkRDNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgS6MAcpRzyTgca3oFT/vuoMQz
N66K17QvfLdF1rxe6E5RTRNvQQssjKl4WMzSoH5R9MprpcpFKQir3+Fwi67oDGpg
KScOpTmRkzH8t0hW3Eo6WvBMLwpt5njC/foK15TkUw6CjWv2GuOzdKSlDHHU1SzK
cRImvKxMcb/LJzeTwILGCDtjpiH5mQl6mX/FgGsRFCN3mIuL8oWTlmlx8KFFUbJp
2sFJ97MsZyzWJWOEM1abQgGNlClogxQ0LhIpAUtJ5Gk6gaiW7hi0d1GDGPq6eA/m
4jgXamL1fIdGS2r/7ncHZUZtAaptuZoJjT3JBJqykJWNrjwpA/bR6URoZcKfAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUOY9vp42cBUQLv9OMGM9TvedW3HMwHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMwNTE3N2EtYTUwMC00OTk2LWIz
ZmYtNzBjMTQ0ZWRmZWNlLzAvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgy
QjQzREEyRjA5OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAB0DSvODEskX67uAZzUKFMe1QcfNkeIo5GMH
KtKqca7HFa0CoQhZosH7QXpq9S+3VWejgNx1F16hLMTVZPXIA85b/HEkyp66HlZZ
lzuFjxfDHYYmhjcoKJEPEV4W8mPFygw6g6JEbwY8NgxOyPlb97XjnjSPiDNdQ7Oe
P/2JaNtm8LjlPBZOgvOE4ncYKj3H6+4RzEs69d/E84syIqZ7twMfe/Ov5HDJEBhY
YA3JxwQwkAj+Kwl7iPadrKfurkks16hO+0cLrEzzuhtCNAJXPgKG5vIB1zxcpGmL
q9ZbmJggcd0itJdU2dkpgXM1RBLV0ChCn6Va7jhdX1czZ8mOADA=
-----END CERTIFICATE-----