Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0/AFEE1C7B016628482294E3D894CFC6851BBB63BE.mft
File:                     AFEE1C7B016628482294E3D894CFC6851BBB63BE.mft (raw, json)
Hash identifier:          v++sdJRTR4TT0PmJHKxUWVAzrlBV1r3aYvUfmZqbgSs=
Subject key identifier:   04:2B:DB:FD:28:D5:87:7F:CA:9B:D7:20:74:C5:30:A5:C0:58:DA:84
Authority key identifier: AF:EE:1C:7B:01:66:28:48:22:94:E3:D8:94:CF:C6:85:1B:BB:63:BE
Certificate issuer:       /CN=AFEE1C7B016628482294E3D894CFC6851BBB63BE
Certificate serial:       711DE657CB09D56A63CFD99AC887351F7066E61E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AFEE1C7B016628482294E3D894CFC6851BBB63BE.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0/AFEE1C7B016628482294E3D894CFC6851BBB63BE.mft
Manifest number:          0217
Signing time:             Fri 28 Mar 2025 17:41:35 +0000
Manifest this update:     Fri 28 Mar 2025 17:36:35 +0000
Manifest next update:     Mon 31 Mar 2025 19:19:35 +0000
Files and hashes:         1: 3130332e3137392e37322e302f32332d3233203d3e2039333431.roa (hash: oEGvz5ekNRTmyT1q5mWcENYutpVCXsuKwR/aZOFrdsI=)
                          2: 3130332e3137392e37322e302f32342d3234203d3e2039333431.roa (hash: KQr7FT5BTt34iZBSKfWuQXM57WNoh3bm/oXmMRuQ3Ho=)
                          3: AFEE1C7B016628482294E3D894CFC6851BBB63BE.crl (hash: mh5J5I77aJzg4Alr+vtvtQHSyf7jFKeRGD/K5/eC/CQ=)
                          4: 3130332e3137392e37332e302f32342d3234203d3e2039333431.roa (hash: g4PKHZmnKpavtsuSJMsF2PYbJyBS2V/nDYQxkb5Lx0g=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:1d:e6:57:cb:09:d5:6a:63:cf:d9:9a:c8:87:35:1f:70:66:e6:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AFEE1C7B016628482294E3D894CFC6851BBB63BE
        Validity
            Not Before: Mar 28 17:36:35 2025 GMT
            Not After : Mar 31 19:19:35 2025 GMT
        Subject: CN=042BDBFD28D5877FCA9BD72074C530A5C058DA84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:be:35:ff:0c:5d:86:b9:64:0b:4e:77:9b:23:
                    d3:6e:e0:3e:b0:69:e2:55:ed:a9:b1:f2:11:fc:b9:
                    41:91:f5:c5:20:5b:b2:6b:68:dc:75:84:fd:5b:1c:
                    c8:f1:77:bf:fe:33:9e:18:76:55:53:7e:8e:e3:32:
                    4b:fc:d8:25:5a:78:97:43:54:4a:a6:20:ab:63:15:
                    d9:fb:d7:19:68:29:c4:9f:4e:73:8c:85:d9:0d:57:
                    92:31:a0:a9:8e:6e:23:10:9a:7c:a7:e9:b4:ef:86:
                    b0:cb:05:5c:f0:ac:ba:dd:d6:e7:b1:34:85:f2:f3:
                    59:f8:91:af:27:19:f9:f1:e0:15:12:66:0b:ea:ae:
                    81:a8:a6:06:4e:08:8a:a3:db:a6:19:d5:91:dd:d5:
                    ee:81:a9:0d:7a:29:e9:80:d2:c1:46:2f:36:d9:df:
                    93:c2:ce:5d:42:08:bc:f7:fc:49:d3:1b:d1:dd:d1:
                    bd:21:65:f3:f0:f9:6d:62:c5:fb:39:f0:c9:65:e6:
                    71:a3:32:64:92:cd:b3:11:09:3f:d8:af:3c:1e:cc:
                    da:ed:9b:3a:ce:3f:79:fa:48:60:cd:17:0a:a1:97:
                    d8:38:69:47:54:45:7b:aa:a4:3c:1d:22:27:92:a8:
                    b0:65:4c:f4:55:dd:a8:c8:23:9f:39:e3:3a:f6:b0:
                    68:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:2B:DB:FD:28:D5:87:7F:CA:9B:D7:20:74:C5:30:A5:C0:58:DA:84
            X509v3 Authority Key Identifier:
                keyid:AF:EE:1C:7B:01:66:28:48:22:94:E3:D8:94:CF:C6:85:1B:BB:63:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0/AFEE1C7B016628482294E3D894CFC6851BBB63BE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AFEE1C7B016628482294E3D894CFC6851BBB63BE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0/AFEE1C7B016628482294E3D894CFC6851BBB63BE.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:b1:b5:ea:5e:e0:82:77:34:88:93:ea:5b:a9:7e:b5:b9:54:
         ec:4b:bd:5e:da:3f:47:b0:fa:1d:53:bc:60:29:ba:46:36:18:
         4d:5c:35:55:86:a5:d9:87:2f:bf:33:0f:93:a5:a6:22:d3:9f:
         72:f5:a2:4e:43:99:b3:32:eb:be:ed:eb:22:49:38:18:61:d9:
         41:87:4b:89:d1:1d:4d:38:1c:32:d2:bd:a7:e2:02:6a:9b:b3:
         0c:10:12:a9:ca:eb:83:9e:74:47:17:ca:54:9e:da:79:f0:3a:
         ed:a6:6d:8b:e9:2a:ae:27:b1:c9:e1:68:cf:f6:e4:73:cb:f9:
         91:18:b1:54:70:fe:01:56:8a:03:a2:4e:43:4f:6f:56:ed:94:
         e4:c5:6f:c0:65:7a:19:dd:99:63:cd:e2:0d:72:98:ec:b6:74:
         ee:4a:cf:f8:42:c4:b1:3f:3a:31:f9:fa:37:f1:59:04:d6:61:
         36:f6:8c:47:69:5c:b9:87:19:4d:2d:21:68:bb:bb:36:20:a8:
         71:0f:47:72:c6:b7:ef:a1:14:75:19:9e:b2:cb:af:ed:fd:17:
         b1:16:b1:ad:c4:3e:d7:51:65:c4:f3:1a:46:b5:b9:fe:1b:86:
         92:cf:79:d4:b1:92:18:99:f5:e8:f9:49:02:b1:02:b5:95:01:
         40:d5:2c:3c
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUcR3mV8sJ1Wpjz9mayIc1H3Bm5h4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUZFRTFDN0IwMTY2Mjg0ODIyOTRFM0Q4OTRDRkM2ODUx
QkJCNjNCRTAeFw0yNTAzMjgxNzM2MzVaFw0yNTAzMzExOTE5MzVaMDMxMTAvBgNV
BAMTKDA0MkJEQkZEMjhENTg3N0ZDQTlCRDcyMDc0QzUzMEE1QzA1OERBODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtvjX/DF2GuWQLTnebI9Nu4D6w
aeJV7amx8hH8uUGR9cUgW7JraNx1hP1bHMjxd7/+M54YdlVTfo7jMkv82CVaeJdD
VEqmIKtjFdn71xloKcSfTnOMhdkNV5IxoKmObiMQmnyn6bTvhrDLBVzwrLrd1uex
NIXy81n4ka8nGfnx4BUSZgvqroGopgZOCIqj26YZ1ZHd1e6BqQ16KemA0sFGLzbZ
35PCzl1CCLz3/EnTG9Hd0b0hZfPw+W1ixfs58Mll5nGjMmSSzbMRCT/YrzwezNrt
mzrOP3n6SGDNFwqhl9g4aUdURXuqpDwdIieSqLBlTPRV3ajII5854zr2sGhjAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUBCvb/SjVh3/Km9cgdMUwpcBY2oQwHwYDVR0j
BBgwFoAUr+4cewFmKEgilOPYlM/GhRu7Y74wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MWFiOGE1OC1mMTNmLTRmNzEtOWRkZS1hZWQ1N2VhNmRjYTcvMC9BRkVFMUM3QjAx
NjYyODQ4MjI5NEUzRDg5NENGQzY4NTFCQkI2M0JFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQUZFRTFDN0IwMTY2Mjg0ODIyOTRFM0Q4OTRDRkM2ODUxQkJC
NjNCRS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzFhYjhhNTgtZjEzZi00ZjcxLTlk
ZGUtYWVkNTdlYTZkY2E3LzAvQUZFRTFDN0IwMTY2Mjg0ODIyOTRFM0Q4OTRDRkM2
ODUxQkJCNjNCRS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAE2xtepe4IJ3NIiT6lupfrW5VOxLvV7aP0ew
+h1TvGApukY2GE1cNVWGpdmHL78zD5OlpiLTn3L1ok5DmbMy677t6yJJOBhh2UGH
S4nRHU04HDLSvafiAmqbswwQEqnK64OedEcXylSe2nnwOu2mbYvpKq4nscnhaM/2
5HPL+ZEYsVRw/gFWigOiTkNPb1btlOTFb8BlehndmWPN4g1ymOy2dO5Kz/hCxLE/
OjH5+jfxWQTWYTb2jEdpXLmHGU0tIWi7uzYgqHEPR3LGt++hFHUZnrLLr+39F7EW
sa3EPtdRZcTzGka1uf4bhpLPedSxkhiZ9ej5SQKxArWVAUDVLDw=
-----END CERTIFICATE-----