Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft
File:                     2D18956397FA6055A44153CABF07303FD6E55E44.mft (raw, json)
Hash identifier:          VfY0b39xZS3RfFv9Q4+kn8BSsBtls4B1SO8wzi5hX7M=
Subject key identifier:   57:8F:92:8A:19:DF:A3:A5:36:AA:CC:09:CC:65:2C:13:B9:82:EF:28
Authority key identifier: 2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44
Certificate issuer:       /CN=2D18956397FA6055A44153CABF07303FD6E55E44
Certificate serial:       0796BCED3438452F47944543AF7171368F50EEE0
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft
Manifest number:          043D
Signing time:             Tue 28 May 2024 13:11:48 +0000
Manifest this update:     Tue 28 May 2024 13:06:48 +0000
Manifest next update:     Fri 31 May 2024 19:30:48 +0000
Files and hashes:         1: 323430363a373734303a3a2f33322d3438203d3e20313431303733.roa (hash: MVU1WBH4Bf5DRpQvoLi6KqhCgXU126whT3cse5/TdSk=)
                          2: 3130332e3135352e3230302e302f32342d3234203d3e20313431303733.roa (hash: ro68L8+4CyvNYq+FXBZFKPjGXWYM2Z+yKLpFOIXc79U=)
                          3: 3130332e3135352e3230312e302f32342d3234203d3e20313431303733.roa (hash: HprrK1DrRXvF+DEBv59pb8TodIbhtEldkv1xON1F4K4=)
                          4: 3130332e3135352e3230302e302f32332d3233203d3e20313431303733.roa (hash: cG0jqtiRaam6yK6FpJnEUJ21yH0pEKL1sDn6IHOg6BA=)
                          5: 2D18956397FA6055A44153CABF07303FD6E55E44.crl (hash: g5GnlkvnSZeXLb2GlklveF9gekXzQxstFQyH8/+FrS0=)
                          6: 3130332e3135352e3230302e302f32332d3234203d3e20313431303733.roa (hash: QlzJ/xeVRrTJPumT32aGQMH+v6gP8YnAasN6CoqTH+4=)
                          7: 323430363a373734303a3a2f33322d3332203d3e20313431303733.roa (hash: qlalw0TKUEkhAOIlr5yuFJmB2Ev+HKMNrhiNPtAu/8I=)

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl
                          rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 31 May 2024 17:07:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:96:bc:ed:34:38:45:2f:47:94:45:43:af:71:71:36:8f:50:ee:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D18956397FA6055A44153CABF07303FD6E55E44
        Validity
            Not Before: May 28 13:06:48 2024 GMT
            Not After : May 31 19:30:48 2024 GMT
        Subject: CN=578F928A19DFA3A536AACC09CC652C13B982EF28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a3:be:4c:ab:c4:12:7e:4b:b6:31:df:d0:98:
                    ba:49:a5:76:b5:1a:4d:7d:88:6c:74:b8:83:12:8d:
                    ac:6c:d0:89:62:49:9e:f6:d7:77:1a:1a:8f:0e:87:
                    82:71:2e:cc:da:76:c0:74:f9:b4:4e:e2:0f:1c:38:
                    6c:ac:eb:32:72:80:69:d2:05:30:e5:89:5d:74:8a:
                    0f:88:bd:7a:02:26:09:a2:8a:e7:6d:c0:84:e2:ff:
                    11:eb:70:e6:26:a3:cd:dc:dd:a6:ba:61:32:5c:21:
                    34:33:2e:18:d9:8e:f7:8e:1a:43:b2:bc:bb:00:fb:
                    a5:0c:65:0f:79:a2:ce:e8:d8:4b:24:01:fd:c6:02:
                    91:3e:70:29:8c:93:43:88:7e:c4:93:49:42:13:1a:
                    ca:c2:36:a0:37:b4:53:a1:7c:3a:83:f4:75:39:2c:
                    52:f6:cc:3d:97:30:d8:e8:45:95:65:df:b0:38:c5:
                    c3:c5:c6:b8:71:d3:9c:49:be:2c:64:c7:6d:a4:31:
                    4b:23:81:f3:08:30:33:e0:71:0c:77:37:d0:1a:72:
                    69:f3:33:33:36:1c:72:2e:76:bd:ef:4f:67:ec:e1:
                    e1:08:f1:72:a9:d5:a4:a1:e7:b8:8f:35:ee:15:b1:
                    08:d6:ea:4f:72:c1:a4:15:97:d9:9a:45:45:08:d9:
                    1e:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:8F:92:8A:19:DF:A3:A5:36:AA:CC:09:CC:65:2C:13:B9:82:EF:28
            X509v3 Authority Key Identifier:
                keyid:2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:25:11:f8:05:7a:6a:08:d4:8d:c4:36:71:51:0c:aa:85:05:
         13:47:b5:ed:81:fc:c5:d7:82:76:9e:59:98:d2:17:75:21:9b:
         5e:70:42:5f:17:ba:59:ce:c7:d2:ba:cf:f2:9b:04:3f:09:f0:
         d3:a0:46:70:71:a9:cf:c9:3a:83:ff:50:cd:b6:cd:8e:b7:5b:
         c1:af:b6:ec:ed:46:f7:9b:20:ad:33:52:58:64:86:d6:b9:da:
         65:98:25:2c:ff:f4:d5:59:75:62:c7:5a:7e:b6:ca:91:25:13:
         6d:1c:7d:91:95:f9:e0:44:dc:8a:04:62:c9:bd:71:64:04:05:
         52:ff:1e:58:e0:0b:b1:b7:8e:05:7d:2c:ad:7b:c6:91:dd:95:
         ec:d2:43:47:6a:46:63:de:98:78:91:77:ac:40:5e:93:c8:8d:
         a7:49:76:d8:e1:8b:56:d0:21:c6:14:3e:25:3d:be:f6:2f:f4:
         57:52:21:cb:6e:fd:b0:ab:08:12:33:30:24:a9:26:74:f8:04:
         45:fc:f7:a2:46:d0:43:a9:27:bf:0e:97:c9:05:70:f3:71:6a:
         de:32:72:04:41:60:24:e2:e8:05:14:2c:ef:47:72:e5:7a:0d:
         97:eb:5b:90:d5:a6:b6:b4:02:fd:8b:0e:0b:39:d3:b5:f7:8b:
         6a:db:1a:8f
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUB5a87TQ4RS9HlEVDr3FxNo9Q7uAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZE
NkU1NUU0NDAeFw0yNDA1MjgxMzA2NDhaFw0yNDA1MzExOTMwNDhaMDMxMTAvBgNV
BAMTKDU3OEY5MjhBMTlERkEzQTUzNkFBQ0MwOUNDNjUyQzEzQjk4MkVGMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCto75Mq8QSfku2Md/QmLpJpXa1
Gk19iGx0uIMSjaxs0IliSZ7213caGo8Oh4JxLszadsB0+bRO4g8cOGys6zJygGnS
BTDliV10ig+IvXoCJgmiiudtwITi/xHrcOYmo83c3aa6YTJcITQzLhjZjveOGkOy
vLsA+6UMZQ95os7o2EskAf3GApE+cCmMk0OIfsSTSUITGsrCNqA3tFOhfDqD9HU5
LFL2zD2XMNjoRZVl37A4xcPFxrhx05xJvixkx22kMUsjgfMIMDPgcQx3N9Aacmnz
MzM2HHIudr3vT2fs4eEI8XKp1aSh57iPNe4VsQjW6k9ywaQVl9maRUUI2R7BAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUV4+Sihnfo6U2qswJzGUsE7mC7ygwHwYDVR0j
BBgwFoAULRiVY5f6YFWkQVPKvwcwP9blXkQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
ODU4Zjg1Yy1hNDU4LTRhNTgtYmJkZS00YmZiMzQzZGM0YjAvMC8yRDE4OTU2Mzk3
RkE2MDU1QTQ0MTUzQ0FCRjA3MzAzRkQ2RTU1RTQ0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZENkU1
NUU0NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDg1OGY4NWMtYTQ1OC00YTU4LWJi
ZGUtNGJmYjM0M2RjNGIwLzAvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMw
M0ZENkU1NUU0NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAL0lEfgFemoI1I3ENnFRDKqFBRNHte2B/MXX
gnaeWZjSF3Uhm15wQl8XulnOx9K6z/KbBD8J8NOgRnBxqc/JOoP/UM22zY63W8Gv
tuztRvebIK0zUlhkhta52mWYJSz/9NVZdWLHWn62ypElE20cfZGV+eBE3IoEYsm9
cWQEBVL/HljgC7G3jgV9LK17xpHdlezSQ0dqRmPemHiRd6xAXpPIjadJdtjhi1bQ
IcYUPiU9vvYv9FdSIctu/bCrCBIzMCSpJnT4BEX896JG0EOpJ78Ol8kFcPNxat4y
cgRBYCTi6AUULO9HcuV6DZfrW5DVpra0Av2LDgs507X3i2rbGo8=
-----END CERTIFICATE-----