Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/88BD1AAEA16D8A24550416CDB95E232152249B3E.mft
File:                     88BD1AAEA16D8A24550416CDB95E232152249B3E.mft (raw, json)
Hash identifier:          are9ZXsnReWAkkLxervd9lCR6Jp9ZrNFMHD+DAD0Nok=
Subject key identifier:   CF:4E:EB:B5:F8:D5:C5:72:57:D9:A5:57:44:55:01:AC:D0:C2:97:59
Authority key identifier: 88:BD:1A:AE:A1:6D:8A:24:55:04:16:CD:B9:5E:23:21:52:24:9B:3E
Certificate issuer:       /CN=88BD1AAEA16D8A24550416CDB95E232152249B3E
Certificate serial:       047DAD60DE4D5BE1D70A5598B4D88569D0C5FCBE
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/88BD1AAEA16D8A24550416CDB95E232152249B3E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/88BD1AAEA16D8A24550416CDB95E232152249B3E.mft
Manifest number:          02E1
Signing time:             Mon 21 Jul 2025 17:22:17 +0000
Manifest this update:     Mon 21 Jul 2025 17:17:17 +0000
Manifest next update:     Fri 25 Jul 2025 04:30:17 +0000
Files and hashes:         1: 323430343a636534303a3a2f34382d3438203d3e20313338383834.roa (hash: 18b0Gg5/45qsHWWMKCPhmvKnsrcZsZ/fmda1ZKbjIBk=)
                          2: 323430343a636534303a333a3a2f34382d3438203d3e20313338383834.roa (hash: Em18K+MRLc18yaX14YQfb1826gcDLLiSRdz/WlnRnnE=)
                          3: 323430343a636534303a3a2f33362d3336203d3e20313338383834.roa (hash: Qn8e6r99j+EuTQtrHbDbOQqJz+jY/ebvh6ZX3n1vOEk=)
                          4: 3130332e3133382e37302e302f32332d3233203d3e20313338383834.roa (hash: 0oC6hCIX4duxQdOJVzVwn+akSK/l98G+66CJXryC3ns=)
                          5: 323430343a636534303a323a3a2f34382d3438203d3e20313338383834.roa (hash: C+T8dBvggaTCEh5/1ll1reorawVQeZDheWzvM6XklTw=)
                          6: 3130332e3133382e37302e302f32342d3234203d3e20313338383834.roa (hash: k0M2XXKfU9k9Nif7dWEUq5fC7OBAzB0Ygp6xrywPUqs=)
                          7: 3130332e3133382e37312e302f32342d3234203d3e20313338383834.roa (hash: fYqB3hAfKrlAMalkQPBsDTPyMiJqV+nU7PcLz8QhSAc=)
                          8: 323430343a636534303a313a3a2f34382d3438203d3e20313338383834.roa (hash: /mZXNu9+SQReAU7jMOiZ9/UmtltzHLxdMGIPnZIiib4=)
                          9: 88BD1AAEA16D8A24550416CDB95E232152249B3E.crl (hash: 4DxNjSBP3F5P7Jmd3YPk3bfzjG7qXmRGBWKwh5HvDG8=)
                          10: 323430343a636534303a3a2f33322d3332203d3e20313338383834.roa (hash: DcgpR3dumYc3Eoce65U1RiuqJ3FJu3j4JD+CZ1GSu4U=)
                          11: 323430343a636534303a313030303a3a2f33362d3336203d3e20313338383834.roa (hash: 4N83F1FY8HtDNTq6OMGSFNYU4XLLuDbuSDKgz6IAVpA=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/88BD1AAEA16D8A24550416CDB95E232152249B3E.crl
                          rsync://repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/88BD1AAEA16D8A24550416CDB95E232152249B3E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/88BD1AAEA16D8A24550416CDB95E232152249B3E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 25 Jul 2025 04:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:7d:ad:60:de:4d:5b:e1:d7:0a:55:98:b4:d8:85:69:d0:c5:fc:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88BD1AAEA16D8A24550416CDB95E232152249B3E
        Validity
            Not Before: Jul 21 17:17:17 2025 GMT
            Not After : Jul 25 04:30:17 2025 GMT
        Subject: CN=CF4EEBB5F8D5C57257D9A557445501ACD0C29759
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:88:f8:96:21:b5:3d:bb:a7:32:76:cb:16:26:
                    d1:80:7f:57:34:5c:6f:c2:5f:3e:bd:fa:02:bb:a3:
                    f8:b9:82:6c:58:c5:f3:36:d6:8b:05:43:5a:ae:14:
                    6d:54:68:c8:70:1c:d1:59:ea:df:d3:93:4c:a6:14:
                    f4:7e:be:50:41:3e:59:4d:aa:e4:cd:ac:10:b5:39:
                    e1:31:03:b2:db:15:4e:12:d2:8c:0b:e0:94:82:bf:
                    cb:57:3b:62:e6:20:d2:e7:2c:de:a9:4b:89:30:fd:
                    a1:72:2b:39:f4:8d:32:af:99:2a:17:7c:4c:74:0a:
                    b9:1d:b6:35:5f:c8:1d:9d:89:b8:43:f6:b6:aa:3b:
                    ba:02:cb:b0:83:55:b1:1c:04:02:65:c5:9d:f2:ef:
                    99:ee:25:81:38:5c:2d:8b:ae:a0:c0:3b:9e:c4:7b:
                    8a:e2:02:32:9d:e2:f7:94:a7:65:52:46:01:1d:b8:
                    21:44:fd:c1:eb:41:b8:46:b9:43:13:23:1b:47:ad:
                    65:68:c4:4d:f6:25:ee:e8:a9:e6:44:d8:41:7c:cc:
                    a3:a5:e4:04:cd:20:7f:d5:a7:ed:e8:e0:3f:39:c4:
                    33:2d:81:e6:ff:11:53:9c:59:0f:b9:77:a2:cf:75:
                    08:73:e5:19:45:b1:5d:a4:4d:20:48:8f:fb:a7:de:
                    b8:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:4E:EB:B5:F8:D5:C5:72:57:D9:A5:57:44:55:01:AC:D0:C2:97:59
            X509v3 Authority Key Identifier:
                keyid:88:BD:1A:AE:A1:6D:8A:24:55:04:16:CD:B9:5E:23:21:52:24:9B:3E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/88BD1AAEA16D8A24550416CDB95E232152249B3E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/88BD1AAEA16D8A24550416CDB95E232152249B3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/88BD1AAEA16D8A24550416CDB95E232152249B3E.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:02:99:b3:18:e3:17:a7:30:53:e2:d4:64:96:1d:ca:4a:0c:
         e8:af:16:93:6c:5c:95:83:20:c4:bc:75:45:31:32:56:34:f3:
         0a:e5:f2:27:c5:fd:92:aa:10:1f:1d:96:75:c6:08:8d:a6:07:
         49:f8:fa:28:1b:72:bd:8c:60:57:2e:5a:e2:5a:80:0f:24:42:
         b8:f9:cc:5e:66:3d:2c:39:2f:1b:30:f4:34:65:39:ea:d3:77:
         a0:79:9b:d2:50:f0:da:dc:80:76:54:d2:31:3b:37:14:dc:03:
         01:d4:81:95:87:d5:0a:b1:f3:65:10:10:4e:65:1f:af:24:43:
         d7:26:ea:0e:2c:de:82:8b:84:7b:51:6e:75:52:00:87:71:76:
         29:d4:37:5a:a6:ef:3d:05:18:07:f8:35:af:4c:4a:e0:28:82:
         5f:c7:75:08:20:fb:6a:f2:b9:13:8b:6b:c8:d0:fb:b9:a2:fd:
         ef:4f:e4:19:ed:f1:b7:bc:09:a0:aa:4a:d0:a0:ae:e2:7b:cc:
         63:43:89:26:11:99:83:c2:ce:43:a6:3e:66:91:89:60:ea:97:
         0a:72:bd:9d:f0:1c:89:1d:1e:5e:54:38:0a:23:92:49:81:30:
         9e:66:3c:6e:36:ba:8c:0e:32:f2:46:0f:7e:d1:6e:51:f5:21:
         29:aa:86:9d
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUBH2tYN5NW+HXClWYtNiFadDF/L4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhCRDFBQUVBMTZEOEEyNDU1MDQxNkNEQjk1RTIzMjE1
MjI0OUIzRTAeFw0yNTA3MjExNzE3MTdaFw0yNTA3MjUwNDMwMTdaMDMxMTAvBgNV
BAMTKENGNEVFQkI1RjhENUM1NzI1N0Q5QTU1NzQ0NTUwMUFDRDBDMjk3NTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCiPiWIbU9u6cydssWJtGAf1c0
XG/CXz69+gK7o/i5gmxYxfM21osFQ1quFG1UaMhwHNFZ6t/Tk0ymFPR+vlBBPllN
quTNrBC1OeExA7LbFU4S0owL4JSCv8tXO2LmINLnLN6pS4kw/aFyKzn0jTKvmSoX
fEx0CrkdtjVfyB2dibhD9raqO7oCy7CDVbEcBAJlxZ3y75nuJYE4XC2LrqDAO57E
e4riAjKd4veUp2VSRgEduCFE/cHrQbhGuUMTIxtHrWVoxE32Je7oqeZE2EF8zKOl
5ATNIH/Vp+3o4D85xDMtgeb/EVOcWQ+5d6LPdQhz5RlFsV2kTSBIj/un3rgvAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUz07rtfjVxXJX2aVXRFUBrNDCl1kwHwYDVR0j
BBgwFoAUiL0arqFtiiRVBBbNuV4jIVIkmz4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
MjBjNmQ2OS02MjkwLTQwMmYtYTg0ZS1kMjg5YzZlOTNhNzMvMC84OEJEMUFBRUEx
NkQ4QTI0NTUwNDE2Q0RCOTVFMjMyMTUyMjQ5QjNFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODhCRDFBQUVBMTZEOEEyNDU1MDQxNkNEQjk1RTIzMjE1MjI0
OUIzRS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjIwYzZkNjktNjI5MC00MDJmLWE4
NGUtZDI4OWM2ZTkzYTczLzAvODhCRDFBQUVBMTZEOEEyNDU1MDQxNkNEQjk1RTIz
MjE1MjI0OUIzRS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBACgCmbMY4xenMFPi1GSWHcpKDOivFpNsXJWD
IMS8dUUxMlY08wrl8ifF/ZKqEB8dlnXGCI2mB0n4+igbcr2MYFcuWuJagA8kQrj5
zF5mPSw5Lxsw9DRlOerTd6B5m9JQ8NrcgHZU0jE7NxTcAwHUgZWH1Qqx82UQEE5l
H68kQ9cm6g4s3oKLhHtRbnVSAIdxdinUN1qm7z0FGAf4Na9MSuAogl/HdQgg+2ry
uROLa8jQ+7mi/e9P5Bnt8be8CaCqStCgruJ7zGNDiSYRmYPCzkOmPmaRiWDqlwpy
vZ3wHIkdHl5UOAojkkmBMJ5mPG42uowOMvJGD37RblH1ISmqhp0=
-----END CERTIFICATE-----
Generated at Wed Jul 23 08:01:54 2025 by rpki-client