Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
File:                     95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft (raw, json)
Hash identifier:          rHfBtVnkCwRgJ89aUhlSDSBxlhFsXDpCcmaeKaVSpgo=
Subject key identifier:   7D:0D:45:58:7E:74:E7:CC:3F:A4:B1:9C:D4:25:4F:7B:65:5E:88:42
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       522E42B132970956C86BF8CF283B849D6C4833D1
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
Manifest number:          04E4
Signing time:             Tue 03 Jun 2025 15:11:36 +0000
Manifest this update:     Tue 03 Jun 2025 15:06:36 +0000
Manifest next update:     Sat 07 Jun 2025 01:43:36 +0000
Files and hashes:         1: 34332e3234382e3231332e302f32342d3234203d3e203538343734.roa (hash: 1buqcEkNcpZqwU2RTb5bdnOebm4gK/rhJeTPc24TtHw=)
                          2: 34332e3234382e3231342e302f32342d3234203d3e203538343734.roa (hash: wQmGKqaa+YSiRmaLGWEMq8mJpTHj8TfVNhWMDunfL+s=)
                          3: 3130332e32382e35372e302f32342d3234203d3e203538343734.roa (hash: 4gGLGsruUsTli5S71gqgaVjZ1FJbCfgz4Cb6M2Xf9S8=)
                          4: 3130332e32382e35382e302f32342d3234203d3e203538343734.roa (hash: 2w5XwJtYHGp7kLGkRgJLESPyKEX6dzPi8sNumuXEyGY=)
                          5: 323430343a666230303a3a2f33322d3332203d3e203538343734.roa (hash: grgdG8OoUNxpOhcfTbbut/WvBOQGDavrGHNbzyqo7TA=)
                          6: 34332e3234382e3231322e302f32342d3234203d3e203538343734.roa (hash: pg0ViMH1wjYLBratw2hvbKKsWrlS5/ljazg4HhV4YD8=)
                          7: 3130332e32382e35362e302f32342d3234203d3e203538343734.roa (hash: DeLSQFfELIsCBteEIe9giWzCWLH2CFola9GnxccGEcI=)
                          8: 34332e3234382e3231352e302f32342d3234203d3e203538343734.roa (hash: hgLfhjfwIZWutgOiENx1B/1zXLdWd6NT3iL2V0hzBm0=)
                          9: 95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl (hash: OvipyzAOBreuhBrSeRj6EubEMJn2aIAJIdG0Smc81l0=)
                          10: 3130332e32382e35392e302f32342d3234203d3e203538343734.roa (hash: RxoBR7IgqwvZQhHoUeS2THnUjeeOMC/Li/OZd4zalVk=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 07 Jun 2025 01:43:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:2e:42:b1:32:97:09:56:c8:6b:f8:cf:28:3b:84:9d:6c:48:33:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Jun  3 15:06:36 2025 GMT
            Not After : Jun  7 01:43:36 2025 GMT
        Subject: CN=7D0D45587E74E7CC3FA4B19CD4254F7B655E8842
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7c:83:e0:64:eb:10:cf:5c:5c:5c:00:6b:39:
                    1d:3f:57:1e:e3:af:78:fa:33:3e:51:56:73:c5:3e:
                    02:1f:34:b8:45:79:4b:48:4b:a0:63:b4:50:29:38:
                    5b:83:56:44:ad:a8:9b:a3:cd:2f:52:d3:e6:78:ba:
                    70:97:27:cb:f2:3e:24:f8:cc:01:98:9f:39:25:6f:
                    c0:c2:26:9d:75:bc:e8:73:81:cf:c5:b7:17:10:14:
                    c3:0e:7e:51:6e:e4:02:88:56:0c:50:b0:bb:d3:63:
                    2c:d9:6e:f1:3b:a0:d9:12:39:5b:b9:c4:6c:fb:18:
                    b8:cd:61:b3:f5:5d:e4:ed:38:8e:4c:7d:9a:a0:d6:
                    75:c0:b0:c2:60:f9:f6:07:71:ad:f1:40:6c:ae:6f:
                    f6:aa:40:38:5d:71:64:bf:ae:10:08:c7:7a:20:c8:
                    ca:86:21:18:f3:7d:55:c8:30:7b:48:c1:36:26:df:
                    1a:e5:f6:91:41:55:ec:b1:9c:9f:db:69:12:a2:2c:
                    5d:64:e8:af:95:bc:d3:30:75:57:81:71:0e:dc:4d:
                    66:2d:f3:93:3f:98:e0:0e:5b:bc:2f:03:b0:e6:7f:
                    4a:75:82:72:5e:59:a6:e3:a8:d5:4f:a6:4f:40:5b:
                    e5:96:63:f6:80:4c:43:e8:2d:66:f0:1c:e1:46:6f:
                    29:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:0D:45:58:7E:74:E7:CC:3F:A4:B1:9C:D4:25:4F:7B:65:5E:88:42
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:8a:51:d1:2d:2d:bf:37:bf:2a:5e:1c:8f:83:27:c8:80:b3:
         51:ff:e1:f0:92:fb:39:77:a2:a2:4f:45:f5:92:d2:0f:7e:e0:
         87:74:f5:25:56:e5:25:eb:2e:bc:a7:b9:a0:6a:38:13:79:0c:
         65:e8:39:55:c4:18:96:f8:37:b3:9a:4e:92:44:02:81:e9:30:
         b6:d4:b6:b8:f0:fb:0f:f6:58:81:0d:77:72:7f:74:9a:8e:82:
         33:a9:13:33:99:b5:61:51:30:d8:91:f6:3f:53:d6:1e:85:69:
         d9:ef:b1:0a:7a:91:65:0d:ce:89:a4:70:7a:6c:0f:80:23:b1:
         2f:2a:e8:ec:1a:16:f8:e2:27:35:65:77:6d:df:6a:95:9d:ec:
         d9:cc:ae:6e:d1:4b:a5:cb:74:9c:e7:f0:cd:04:db:e3:d0:44:
         36:a5:23:5b:78:eb:da:a9:f6:45:27:ed:72:36:6b:4f:ff:c5:
         e9:1c:07:3b:07:26:f8:af:ea:4b:24:a3:05:be:6c:00:9c:23:
         31:95:9e:b9:6d:05:f8:6c:f3:b2:42:e7:94:5a:cc:38:81:94:
         0b:79:29:a6:55:18:36:04:d6:15:aa:ad:b0:89:38:de:d3:58:
         22:2e:25:4d:e3:fc:4f:f6:86:7d:a4:22:20:e5:e8:41:34:e8:
         66:ca:29:7a
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUUi5CsTKXCVbIa/jPKDuEnWxIM9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNTA2MDMxNTA2MzZaFw0yNTA2MDcwMTQzMzZaMDMxMTAvBgNV
BAMTKDdEMEQ0NTU4N0U3NEU3Q0MzRkE0QjE5Q0Q0MjU0RjdCNjU1RTg4NDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8fIPgZOsQz1xcXABrOR0/Vx7j
r3j6Mz5RVnPFPgIfNLhFeUtIS6BjtFApOFuDVkStqJujzS9S0+Z4unCXJ8vyPiT4
zAGYnzklb8DCJp11vOhzgc/FtxcQFMMOflFu5AKIVgxQsLvTYyzZbvE7oNkSOVu5
xGz7GLjNYbP1XeTtOI5MfZqg1nXAsMJg+fYHca3xQGyub/aqQDhdcWS/rhAIx3og
yMqGIRjzfVXIMHtIwTYm3xrl9pFBVeyxnJ/baRKiLF1k6K+VvNMwdVeBcQ7cTWYt
85M/mOAOW7wvA7Dmf0p1gnJeWabjqNVPpk9AW+WWY/aATEPoLWbwHOFGbynvAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUfQ1FWH5058w/pLGc1CVPe2VeiEIwHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMwNTE3N2EtYTUwMC00OTk2LWIz
ZmYtNzBjMTQ0ZWRmZWNlLzAvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgy
QjQzREEyRjA5OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBACGKUdEtLb83vypeHI+DJ8iAs1H/4fCS+zl3
oqJPRfWS0g9+4Id09SVW5SXrLrynuaBqOBN5DGXoOVXEGJb4N7OaTpJEAoHpMLbU
trjw+w/2WIENd3J/dJqOgjOpEzOZtWFRMNiR9j9T1h6FadnvsQp6kWUNzomkcHps
D4AjsS8q6OwaFvjiJzVld23fapWd7NnMrm7RS6XLdJzn8M0E2+PQRDalI1t469qp
9kUn7XI2a0//xekcBzsHJviv6kskowW+bACcIzGVnrltBfhs87JC55RazDiBlAt5
KaZVGDYE1hWqrbCJON7TWCIuJU3j/E/2hn2kIiDl6EE06GbKKXo=
-----END CERTIFICATE-----