Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
File:                     95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft (raw, json)
Hash identifier:          /OESCoNQSsAqdsVDrJXDECXiUtqnyD87tgSDk66POMM=
Subject key identifier:   EF:34:8D:4F:34:ED:E4:D4:1D:A1:60:CA:C3:AD:96:CA:35:60:04:91
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       6D620269653A1DA4E7BCEF60B78F406E7C1BC5BA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
Manifest number:          048E
Signing time:             Wed 20 Nov 2024 04:51:42 +0000
Manifest this update:     Wed 20 Nov 2024 04:46:42 +0000
Manifest next update:     Sat 23 Nov 2024 16:49:42 +0000
Files and hashes:         1: 34332e3234382e3231352e302f32342d3234203d3e203538343734.roa (hash: hgLfhjfwIZWutgOiENx1B/1zXLdWd6NT3iL2V0hzBm0=)
                          2: 3130332e32382e35362e302f32342d3234203d3e203538343734.roa (hash: DeLSQFfELIsCBteEIe9giWzCWLH2CFola9GnxccGEcI=)
                          3: 3130332e32382e35392e302f32342d3234203d3e203538343734.roa (hash: RxoBR7IgqwvZQhHoUeS2THnUjeeOMC/Li/OZd4zalVk=)
                          4: 3130332e32382e35382e302f32342d3234203d3e203538343734.roa (hash: 2w5XwJtYHGp7kLGkRgJLESPyKEX6dzPi8sNumuXEyGY=)
                          5: 323430343a666230303a3a2f33322d3332203d3e203538343734.roa (hash: grgdG8OoUNxpOhcfTbbut/WvBOQGDavrGHNbzyqo7TA=)
                          6: 34332e3234382e3231332e302f32342d3234203d3e203538343734.roa (hash: 1buqcEkNcpZqwU2RTb5bdnOebm4gK/rhJeTPc24TtHw=)
                          7: 34332e3234382e3231342e302f32342d3234203d3e203538343734.roa (hash: wQmGKqaa+YSiRmaLGWEMq8mJpTHj8TfVNhWMDunfL+s=)
                          8: 3130332e32382e35372e302f32342d3234203d3e203538343734.roa (hash: 4gGLGsruUsTli5S71gqgaVjZ1FJbCfgz4Cb6M2Xf9S8=)
                          9: 34332e3234382e3231322e302f32342d3234203d3e203538343734.roa (hash: pg0ViMH1wjYLBratw2hvbKKsWrlS5/ljazg4HhV4YD8=)
                          10: 95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl (hash: H9zOsWPwSHWLofx+StcSKc1C+BwWAJCghLLJc1uxMPk=)

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 23 Nov 2024 13:54:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:62:02:69:65:3a:1d:a4:e7:bc:ef:60:b7:8f:40:6e:7c:1b:c5:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Nov 20 04:46:42 2024 GMT
            Not After : Nov 23 16:49:42 2024 GMT
        Subject: CN=EF348D4F34EDE4D41DA160CAC3AD96CA35600491
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:5f:66:c8:90:4d:35:af:20:71:b7:fd:a1:da:
                    07:4f:16:fd:6b:d1:e1:9f:54:c9:38:ae:63:26:ec:
                    f9:33:4d:50:3a:27:36:d1:ed:c2:89:e8:f6:7d:ea:
                    40:8f:9e:0a:01:23:45:a4:50:8f:66:a2:b5:27:71:
                    1d:f3:cd:f0:89:07:87:b6:0d:01:81:9f:8c:50:9e:
                    aa:22:0c:f8:cc:79:c7:d7:8c:d6:3f:2f:65:a8:c0:
                    2b:c1:be:a8:3d:5f:c7:27:6a:08:cf:00:2a:78:bd:
                    f3:bd:e8:84:eb:f7:8e:19:42:eb:e6:d3:64:d6:1f:
                    fa:f7:7d:ac:3a:ad:81:03:a9:47:2d:21:7f:2d:bb:
                    07:43:1b:86:00:41:bb:c1:37:35:4b:ba:cf:e3:94:
                    d2:ab:60:06:e4:b3:31:14:b5:37:50:25:17:07:84:
                    8c:4f:c5:32:c0:6a:c5:72:b4:ab:ca:c2:35:1e:44:
                    17:71:c3:c9:f4:d7:99:3c:b5:f0:b9:76:ed:8a:f3:
                    c6:2d:77:26:3e:ab:80:5a:c2:91:fa:db:a3:6c:e3:
                    e6:33:76:72:e0:a6:7d:81:5f:05:bf:df:de:69:da:
                    e0:db:e0:0a:3f:73:11:78:7c:ba:41:0b:4b:b1:a7:
                    7d:74:82:cf:7b:78:d4:79:cb:09:8a:ed:1f:a9:e6:
                    3b:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:34:8D:4F:34:ED:E4:D4:1D:A1:60:CA:C3:AD:96:CA:35:60:04:91
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:8d:90:8b:6d:fa:6e:71:b8:8c:25:86:f0:24:52:39:18:6b:
         38:cd:bd:6c:a4:7b:15:d0:ed:51:21:5f:7a:bf:db:68:ff:5a:
         a2:18:21:d4:0e:d1:5e:d2:50:1e:61:19:ba:99:6e:2b:07:b0:
         f4:05:31:9f:d9:1d:3b:31:2d:4f:64:4d:9a:39:59:dc:2e:34:
         97:7b:d8:30:10:47:76:c2:e8:c0:22:e1:91:1f:aa:39:df:87:
         cb:0b:cb:cb:5f:0b:62:1b:31:56:9f:19:8d:ee:f6:47:46:42:
         6f:4c:28:dd:10:9b:d3:db:f0:68:5a:b6:db:cb:de:16:ef:1c:
         71:26:d4:fd:2e:91:ef:91:cc:fc:23:ea:a2:92:14:6c:dc:a7:
         84:7f:63:77:4b:f8:57:02:cf:39:9d:67:f8:c9:7e:b1:ec:78:
         7a:0a:73:6e:40:01:bd:2d:5e:b6:98:89:03:3d:53:19:68:99:
         a7:9b:9f:2f:52:89:3d:1f:0f:64:22:5e:d5:00:19:3d:6b:de:
         ef:5c:0a:fc:a2:fc:d7:47:ac:5a:90:d5:28:5c:fe:a8:85:bf:
         8d:8c:42:02:59:d6:fc:7b:da:f7:64:8e:4d:70:e2:17:2c:48:
         7d:57:ce:46:9e:f0:c6:e5:2d:d6:5c:4b:e9:8b:9c:68:f9:51:
         d1:19:bc:16
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUbWICaWU6HaTnvO9gt49AbnwbxbowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNDExMjAwNDQ2NDJaFw0yNDExMjMxNjQ5NDJaMDMxMTAvBgNV
BAMTKEVGMzQ4RDRGMzRFREU0RDQxREExNjBDQUMzQUQ5NkNBMzU2MDA0OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPX2bIkE01ryBxt/2h2gdPFv1r
0eGfVMk4rmMm7PkzTVA6JzbR7cKJ6PZ96kCPngoBI0WkUI9morUncR3zzfCJB4e2
DQGBn4xQnqoiDPjMecfXjNY/L2WowCvBvqg9X8cnagjPACp4vfO96ITr944ZQuvm
02TWH/r3faw6rYEDqUctIX8tuwdDG4YAQbvBNzVLus/jlNKrYAbkszEUtTdQJRcH
hIxPxTLAasVytKvKwjUeRBdxw8n015k8tfC5du2K88YtdyY+q4BawpH626Ns4+Yz
dnLgpn2BXwW/395p2uDb4Ao/cxF4fLpBC0uxp310gs97eNR5ywmK7R+p5jsNAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU7zSNTzTt5NQdoWDKw62WyjVgBJEwHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMwNTE3N2EtYTUwMC00OTk2LWIz
ZmYtNzBjMTQ0ZWRmZWNlLzAvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgy
QjQzREEyRjA5OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAHSNkItt+m5xuIwlhvAkUjkYazjNvWykexXQ
7VEhX3q/22j/WqIYIdQO0V7SUB5hGbqZbisHsPQFMZ/ZHTsxLU9kTZo5WdwuNJd7
2DAQR3bC6MAi4ZEfqjnfh8sLy8tfC2IbMVafGY3u9kdGQm9MKN0Qm9Pb8GhattvL
3hbvHHEm1P0uke+RzPwj6qKSFGzcp4R/Y3dL+FcCzzmdZ/jJfrHseHoKc25AAb0t
XraYiQM9Uxlomaebny9SiT0fD2QiXtUAGT1r3u9cCvyi/NdHrFqQ1Shc/qiFv42M
QgJZ1vx72vdkjk1w4hcsSH1Xzkae8MblLdZcS+mLnGj5UdEZvBY=
-----END CERTIFICATE-----