Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/a95901cc-1b8e-4f3f-a3d0-3269f0e16c41/0/70FE5658A7C2993DC505F75545A128384472227E.mft
File:                     70FE5658A7C2993DC505F75545A128384472227E.mft (raw, json)
Hash identifier:          JUP4GrgoKlEEiMXmAPS9WA34sTjdrEwH9AAL4GRO4mc=
Subject key identifier:   5F:77:38:FF:6F:76:7F:A4:AE:84:5B:53:8A:CE:04:65:16:60:67:16
Authority key identifier: 70:FE:56:58:A7:C2:99:3D:C5:05:F7:55:45:A1:28:38:44:72:22:7E
Certificate issuer:       /CN=70FE5658A7C2993DC505F75545A128384472227E
Certificate serial:       2ADA074F8D195D3E6CB5626CEAC371DA931E95F7
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/70FE5658A7C2993DC505F75545A128384472227E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a95901cc-1b8e-4f3f-a3d0-3269f0e16c41/0/70FE5658A7C2993DC505F75545A128384472227E.mft
Manifest number:          02CA
Signing time:             Tue 28 Apr 2026 13:41:25 +0000
Manifest this update:     Tue 28 Apr 2026 13:36:25 +0000
Manifest next update:     Fri 01 May 2026 18:42:25 +0000
Files and hashes:         1: 3130332e3137392e3234392e302f32342d3234203d3e2039333431.roa (hash: +ZStO4qmRvdLYRUifxrnZ6iCCxDWhq1QC8uZT5sFhJk=)
                          2: 70FE5658A7C2993DC505F75545A128384472227E.crl (hash: 8z+vubCiQpN0kYvB8Hg+02EzuDlCtOGe8K5Ed5S8vHE=)
                          3: 3130332e3137392e3234382e302f32342d3234203d3e2039333431.roa (hash: mFq2b38/RUkUkCh1MVybkTba/DYg5kwfb6uDHIQj6Gk=)
                          4: 3130332e3137392e3234382e302f32332d3233203d3e2039333431.roa (hash: Ov8NRVnVqFMBFhQjGCU710LWI7k2FUziabpa7227XyA=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:da:07:4f:8d:19:5d:3e:6c:b5:62:6c:ea:c3:71:da:93:1e:95:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70FE5658A7C2993DC505F75545A128384472227E
        Validity
            Not Before: Apr 28 13:36:25 2026 GMT
            Not After : May  1 18:42:25 2026 GMT
        Subject: CN=5F7738FF6F767FA4AE845B538ACE046516606716
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:d3:b7:e7:49:c1:1a:34:f7:1b:96:ef:99:d2:
                    cf:3c:6e:22:b3:e7:b7:8f:8c:40:c0:fb:12:52:4d:
                    57:8e:ed:46:f6:dd:01:fe:44:8a:d3:e8:f4:a8:04:
                    40:e5:46:e6:63:37:ce:3a:03:d4:e5:28:bc:f7:be:
                    6a:82:c0:2a:c9:90:d1:3b:b9:28:ee:91:03:77:2e:
                    49:d7:22:51:b3:bd:6b:68:d8:c9:be:0d:08:42:34:
                    00:0e:fc:fd:6b:dc:75:11:d0:66:76:bd:68:b7:ea:
                    d2:4e:a6:63:6d:59:bd:d3:e0:2b:fe:e4:69:70:1a:
                    79:0b:2a:ad:a0:af:1c:89:e4:a7:c6:8c:e7:0a:75:
                    e4:6c:c3:af:e6:56:46:c5:f8:62:14:7f:9f:17:e4:
                    73:de:2e:6c:40:ce:5a:5a:12:49:3b:42:69:b5:42:
                    94:ed:32:54:14:5a:b1:ce:31:e8:15:78:39:93:af:
                    c2:f5:bd:31:f8:f4:62:2d:5e:a6:d1:99:e3:68:03:
                    99:55:cc:e7:2a:f0:96:fe:ad:bc:ac:33:94:73:92:
                    84:5e:12:0e:b0:cd:81:ad:9d:ee:e3:48:9a:06:bd:
                    5e:c0:28:1e:fa:92:85:fd:2c:ce:91:f3:ab:1f:49:
                    2b:71:2f:d8:c3:0f:0a:ab:1d:8c:06:b7:4d:d6:3e:
                    db:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:77:38:FF:6F:76:7F:A4:AE:84:5B:53:8A:CE:04:65:16:60:67:16
            X509v3 Authority Key Identifier:
                keyid:70:FE:56:58:A7:C2:99:3D:C5:05:F7:55:45:A1:28:38:44:72:22:7E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a95901cc-1b8e-4f3f-a3d0-3269f0e16c41/0/70FE5658A7C2993DC505F75545A128384472227E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/70FE5658A7C2993DC505F75545A128384472227E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a95901cc-1b8e-4f3f-a3d0-3269f0e16c41/0/70FE5658A7C2993DC505F75545A128384472227E.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:a9:1f:2e:40:cb:25:44:98:da:de:76:f0:6f:fa:4c:18:9b:
         18:77:53:76:ef:64:cd:82:91:aa:3f:d3:1f:67:01:b3:0c:75:
         df:3a:3e:2d:6a:4f:14:8b:dc:4c:7f:cc:5a:00:27:34:71:70:
         02:82:ac:4a:b0:7e:b6:4b:01:ae:6c:db:5a:1e:d9:8f:c3:ed:
         78:36:23:8c:9e:a2:1a:a9:c1:04:bb:18:af:07:51:d1:a9:4b:
         ba:97:15:92:2b:75:21:4f:c1:e8:12:0f:16:fb:e8:a0:4b:7f:
         34:c3:cc:e4:b0:f6:f3:f9:b9:c8:99:e0:f8:2d:0d:74:a1:67:
         79:f0:d5:52:98:88:6e:f4:95:ed:90:14:9c:4d:6f:cc:50:5e:
         4e:df:0f:34:1b:bd:45:a0:38:8c:89:56:87:d6:c5:6f:d2:28:
         ad:7c:0c:a1:b7:0a:7d:f5:77:00:74:98:11:34:53:71:19:51:
         be:ee:a1:19:2d:98:09:fa:d3:cc:b9:54:74:3c:d5:f6:23:10:
         bb:49:19:4b:27:b1:52:7f:e2:46:4e:49:14:6d:e4:53:3f:2b:
         b5:75:aa:14:0d:32:ce:ee:33:ff:dc:1f:32:85:1a:30:50:ce:
         f2:dc:97:25:03:98:ec:35:68:4c:70:32:aa:41:58:8a:cc:25:
         26:65:1c:5e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUKtoHT40ZXT5stWJs6sNx2pMelfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBGRTU2NThBN0MyOTkzREM1MDVGNzU1NDVBMTI4Mzg0
NDcyMjI3RTAeFw0yNjA0MjgxMzM2MjVaFw0yNjA1MDExODQyMjVaMDMxMTAvBgNV
BAMTKDVGNzczOEZGNkY3NjdGQTRBRTg0NUI1MzhBQ0UwNDY1MTY2MDY3MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo07fnScEaNPcblu+Z0s88biKz
57ePjEDA+xJSTVeO7Ub23QH+RIrT6PSoBEDlRuZjN846A9TlKLz3vmqCwCrJkNE7
uSjukQN3LknXIlGzvWto2Mm+DQhCNAAO/P1r3HUR0GZ2vWi36tJOpmNtWb3T4Cv+
5GlwGnkLKq2grxyJ5KfGjOcKdeRsw6/mVkbF+GIUf58X5HPeLmxAzlpaEkk7Qmm1
QpTtMlQUWrHOMegVeDmTr8L1vTH49GItXqbRmeNoA5lVzOcq8Jb+rbysM5RzkoRe
Eg6wzYGtne7jSJoGvV7AKB76koX9LM6R86sfSStxL9jDDwqrHYwGt03WPtstAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUX3c4/292f6SuhFtTis4EZRZgZxYwHwYDVR0j
BBgwFoAUcP5WWKfCmT3FBfdVRaEoOERyIn4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
OTU5MDFjYy0xYjhlLTRmM2YtYTNkMC0zMjY5ZjBlMTZjNDEvMC83MEZFNTY1OEE3
QzI5OTNEQzUwNUY3NTU0NUExMjgzODQ0NzIyMjdFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNzBGRTU2NThBN0MyOTkzREM1MDVGNzU1NDVBMTI4Mzg0NDcy
MjI3RS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTk1OTAxY2MtMWI4ZS00ZjNmLWEz
ZDAtMzI2OWYwZTE2YzQxLzAvNzBGRTU2NThBN0MyOTkzREM1MDVGNzU1NDVBMTI4
Mzg0NDcyMjI3RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAH2pHy5AyyVEmNredvBv+kwYmxh3U3bvZM2C
kao/0x9nAbMMdd86Pi1qTxSL3Ex/zFoAJzRxcAKCrEqwfrZLAa5s21oe2Y/D7Xg2
I4yeohqpwQS7GK8HUdGpS7qXFZIrdSFPwegSDxb76KBLfzTDzOSw9vP5uciZ4Pgt
DXShZ3nw1VKYiG70le2QFJxNb8xQXk7fDzQbvUWgOIyJVofWxW/SKK18DKG3Cn31
dwB0mBE0U3EZUb7uoRktmAn608y5VHQ81fYjELtJGUsnsVJ/4kZOSRRt5FM/K7V1
qhQNMs7uM//cHzKFGjBQzvLclyUDmOw1aExwMqpBWIrMJSZlHF4=
-----END CERTIFICATE-----