Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
File:                     95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft (raw, json)
Hash identifier:          5SZajDGpxLcoh7Vrm7ADb7eHN1oQLmfLFlxf4LysoRM=
Subject key identifier:   F3:DD:C1:31:61:47:A1:54:31:1E:59:1F:65:50:E7:4D:E0:07:7C:1D
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       0AC0793DBB1D5730FD1DA6ACA92C4970D624553D
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
Manifest number:          0525
Signing time:             Sun 26 Oct 2025 19:01:46 +0000
Manifest this update:     Sun 26 Oct 2025 18:56:46 +0000
Manifest next update:     Wed 29 Oct 2025 21:23:46 +0000
Files and hashes:         1: 323430343a666230303a3a2f33322d3332203d3e203538343734.roa (hash: T0GxcffUorQqKvKWvoQBmwT56g/pt1WC0GNCeIbnIXI=)
                          2: 3130332e32382e35392e302f32342d3234203d3e203538343734.roa (hash: GggD4UAIQuJ2Ici9kI1FCxhBRH2erQ0+Zgb75d0bwAQ=)
                          3: 3130332e32382e35382e302f32342d3234203d3e203538343734.roa (hash: SVVnOcpEzNW3GyvGQSrBzvX2ix4zPecYqTfJmTpW5Ek=)
                          4: 34332e3234382e3231322e302f32342d3234203d3e203538343734.roa (hash: lJiN/1jPk6sVzBu+b+dWtXwNwMFWgXWbUliAdUar1AU=)
                          5: 3130332e32382e35362e302f32342d3234203d3e203538343734.roa (hash: lS8odvouHADOZvGcEIZX6cESZX3v05ZwGGbLJRnmmPg=)
                          6: 3130332e32382e35372e302f32342d3234203d3e203538343734.roa (hash: RKuA2CS77/iBc1MhX2FD3Oj8MLTo/sw4r4vfbH4WpPI=)
                          7: 95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl (hash: MkFeJVTaTc7fW3gGrrx6z0JEHluNFZonYpEAK44lKuQ=)
                          8: 34332e3234382e3231332e302f32342d3234203d3e203538343734.roa (hash: I3OA1TXXrn7Ho4Bbdaoik2HHmIJMRdT3vdvqOadCgWc=)
                          9: 34332e3234382e3231352e302f32342d3234203d3e203538343734.roa (hash: 2rfcy4tUpo7HgU2cGwZC6pQYZQAR7WSsi/1k28TkJlU=)
                          10: 34332e3234382e3231342e302f32342d3234203d3e203538343734.roa (hash: KABMcwwuj0PcVg0DF+2S7mT8pkOrI1Q8USpOkuuxMXI=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 29 Oct 2025 21:23:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:c0:79:3d:bb:1d:57:30:fd:1d:a6:ac:a9:2c:49:70:d6:24:55:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Oct 26 18:56:46 2025 GMT
            Not After : Oct 29 21:23:46 2025 GMT
        Subject: CN=F3DDC1316147A154311E591F6550E74DE0077C1D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:94:ec:b0:c5:c4:26:23:63:f4:b8:1b:e8:74:
                    5a:9f:00:47:84:63:7a:c1:57:8a:4e:23:9f:99:17:
                    b9:2c:f8:e1:24:50:97:e6:e6:4a:0e:e7:36:86:78:
                    a1:ce:30:50:00:86:b4:bc:6d:46:6d:5e:ca:01:43:
                    1f:7a:39:df:78:49:0b:f4:d7:e2:d9:6a:4e:39:66:
                    74:d8:8f:58:53:dd:22:22:84:0f:f8:e9:9d:33:cf:
                    8c:5f:e6:9b:20:cd:43:e8:d2:db:db:3b:17:80:25:
                    10:29:fa:85:c7:f9:47:47:f8:37:64:57:0b:8e:71:
                    68:d5:6e:bb:96:ec:dc:87:31:4e:f7:73:2c:d1:80:
                    10:ce:e7:e7:8d:62:cb:e0:53:13:bc:cc:af:04:3a:
                    11:34:f6:1f:b3:e4:98:e3:9f:f4:8e:bf:39:f1:40:
                    b9:07:c7:84:bb:9e:c5:a9:66:49:19:98:d7:96:c3:
                    3e:46:f2:26:d4:48:3c:32:b1:03:e8:aa:25:75:66:
                    f6:f3:d8:73:6a:b7:e2:dd:03:41:f6:26:23:de:ed:
                    bf:c0:0d:66:32:4a:46:cb:ba:bb:79:a4:85:e5:3b:
                    c6:4f:7d:20:80:fa:85:27:71:c2:6a:39:7a:84:95:
                    46:9b:d8:fb:22:b6:5a:be:f2:62:eb:bf:2c:82:99:
                    1d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:DD:C1:31:61:47:A1:54:31:1E:59:1F:65:50:E7:4D:E0:07:7C:1D
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:e4:8f:ab:42:0c:4e:9d:12:c6:e7:56:f9:8e:75:a8:61:01:
         d4:08:38:4e:7f:f2:22:ec:3a:d1:e3:96:7c:d7:06:eb:e5:e5:
         53:1e:c5:30:1e:b1:49:ba:0b:98:10:7d:13:46:85:a7:2b:22:
         fb:dc:4e:96:4f:a5:c0:8c:09:ad:94:91:89:ad:c3:cb:82:fe:
         94:78:a7:d8:43:b7:52:9d:ec:63:13:1e:71:96:15:90:42:60:
         6a:ee:78:ce:2e:78:22:bf:40:51:cc:d3:6a:1d:c1:e7:81:a4:
         32:4a:3e:86:77:69:2b:27:73:93:b8:8f:5d:fb:84:d6:6d:4a:
         7b:3a:57:36:92:51:b4:91:c3:a0:11:80:c8:4a:9b:ca:a6:6e:
         81:53:1e:fb:ef:50:51:c8:77:f4:49:13:b7:5b:53:65:8b:de:
         1e:da:85:5c:3e:3e:06:e0:94:c0:1d:04:3f:0a:f8:aa:00:8e:
         8e:42:87:f8:d8:28:6b:0e:2f:d7:4f:cb:2e:95:cd:2a:41:f6:
         84:49:16:8f:91:fc:3a:62:6e:d9:b6:3e:67:10:06:b7:7f:be:
         a2:51:a8:d8:a7:27:9b:a1:56:4e:f3:75:a9:84:ca:d7:cc:4a:
         3d:6b:85:a4:68:04:11:1b:1f:78:ab:2d:86:b5:b3:c1:b3:88:
         bb:65:af:20
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUCsB5PbsdVzD9HaasqSxJcNYkVT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNTEwMjYxODU2NDZaFw0yNTEwMjkyMTIzNDZaMDMxMTAvBgNV
BAMTKEYzRERDMTMxNjE0N0ExNTQzMTFFNTkxRjY1NTBFNzRERTAwNzdDMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6lOywxcQmI2P0uBvodFqfAEeE
Y3rBV4pOI5+ZF7ks+OEkUJfm5koO5zaGeKHOMFAAhrS8bUZtXsoBQx96Od94SQv0
1+LZak45ZnTYj1hT3SIihA/46Z0zz4xf5psgzUPo0tvbOxeAJRAp+oXH+UdH+Ddk
VwuOcWjVbruW7NyHMU73cyzRgBDO5+eNYsvgUxO8zK8EOhE09h+z5Jjjn/SOvznx
QLkHx4S7nsWpZkkZmNeWwz5G8ibUSDwysQPoqiV1Zvbz2HNqt+LdA0H2JiPe7b/A
DWYySkbLurt5pIXlO8ZPfSCA+oUnccJqOXqElUab2Psitlq+8mLrvyyCmR1tAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU893BMWFHoVQxHlkfZVDnTeAHfB0wHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMwNTE3N2EtYTUwMC00OTk2LWIz
ZmYtNzBjMTQ0ZWRmZWNlLzAvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgy
QjQzREEyRjA5OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAErkj6tCDE6dEsbnVvmOdahhAdQIOE5/8iLs
OtHjlnzXBuvl5VMexTAesUm6C5gQfRNGhacrIvvcTpZPpcCMCa2UkYmtw8uC/pR4
p9hDt1Kd7GMTHnGWFZBCYGrueM4ueCK/QFHM02odweeBpDJKPoZ3aSsnc5O4j137
hNZtSns6VzaSUbSRw6ARgMhKm8qmboFTHvvvUFHId/RJE7dbU2WL3h7ahVw+Pgbg
lMAdBD8K+KoAjo5Ch/jYKGsOL9dPyy6VzSpB9oRJFo+R/Dpibtm2PmcQBrd/vqJR
qNinJ5uhVk7zdamEytfMSj1rhaRoBBEbH3irLYa1s8GziLtlryA=
-----END CERTIFICATE-----