Manifest

$ rpki-client -vvf rpki-rsync.idnic.net/repo/9904f670-7dac-4cf4-991d-50539e3d3f5e/0/3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2.mft
File:                     3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2.mft (raw, json)
Hash identifier:          w+D/ea6m/LBKSib8TmYJFTxSNZeHHRykDZ/9Ivq1sw8=
Subject key identifier:   3D:2D:E6:F4:9D:75:D0:DC:B7:86:A6:95:96:1F:45:28:25:85:8C:40
Authority key identifier: 38:99:C9:2D:D0:D4:2F:93:D7:DA:85:40:34:FD:88:BA:B4:A5:AF:D2
Certificate issuer:       /CN=3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2
Certificate serial:       6880B923EA117D5BDF5F0153A3AF72EE03808DDE
Authority info access:    rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/9904f670-7dac-4cf4-991d-50539e3d3f5e/0/3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2.mft
Manifest number:          2B
Signing time:             Tue 02 Jun 2026 19:38:50 +0000
Manifest this update:     Tue 02 Jun 2026 19:33:50 +0000
Manifest next update:     Wed 03 Jun 2026 20:17:50 +0000
Files and hashes:         1: 3130332e3133312e31382e302f32342d3234203d3e20313338303839.roa (hash: 35sB3F+pYRWs2vzmYiPiuHmOw2zefVJi3xxGSLrd8Oc=)
                          2: 3130332e3133312e31362e302f32332d3234203d3e20313338303830.roa (hash: oaMZvvPhg7sQ6sU35Q1iSLRP325On6qyrsdfo7OOPY8=)
                          3: 3130332e3133312e31392e302f32342d3234203d3e20313338303839.roa (hash: X+ZlO7h/pL9t4N4Gq7NgEd0rssKL3EkGKfZrYxmlYG4=)
                          4: 3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2.crl (hash: AZo58Ky7Bg+TCnKTdPjgl2qW4D2pHhBLFWj0S4MQIXc=)
                          5: 3130332e3133312e31362e302f32342d3234203d3e20313338303830.roa (hash: B5ukxagssxCFfNmL/M+i5ue/1MCU5d6NS/ddZ7eTpIY=)
                          6: 3130332e3133312e31382e302f32332d3234203d3e20313338303839.roa (hash: lzLPq+5ACK3Fp2G9Qq15Ai5VNsw2ESnTuC604MZBsC4=)
                          7: 3130332e3133312e31372e302f32342d3234203d3e20313338303830.roa (hash: bXRUilxrcrzJiP9PjPQFqMqVk2Gw/CWvQhfR/EgAeXU=)
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/9904f670-7dac-4cf4-991d-50539e3d3f5e/0/3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2.crl
                          rsync://rpki-rsync.idnic.net/repo/9904f670-7dac-4cf4-991d-50539e3d3f5e/0/3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2.mft
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2.cer
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 03 Jun 2026 10:27:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:80:b9:23:ea:11:7d:5b:df:5f:01:53:a3:af:72:ee:03:80:8d:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2
        Validity
            Not Before: Jun  2 19:33:50 2026 GMT
            Not After : Jun  3 20:17:50 2026 GMT
        Subject: CN=3D2DE6F49D75D0DCB786A695961F452825858C40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:51:54:ff:fc:bd:38:8d:57:86:ce:c2:ff:e2:
                    3c:9d:12:7e:2f:d6:02:a0:bf:c8:5c:17:e7:2b:6f:
                    b8:31:21:ef:ed:c0:af:e9:35:02:e1:b3:91:91:c7:
                    14:6f:e5:9b:ab:f6:00:d7:de:01:6a:c9:4c:87:3a:
                    0e:6a:1c:8a:17:37:77:c8:d9:cc:9b:3b:39:92:f2:
                    93:15:9a:47:14:77:4b:d7:71:91:68:18:30:9c:cc:
                    98:e5:c9:68:78:55:71:cd:47:10:b7:e9:cf:27:4c:
                    ff:a3:3b:93:ba:c2:6b:1e:ec:a0:ff:86:75:0a:c4:
                    70:e3:54:2b:84:16:02:31:1e:ec:73:1c:8a:62:0d:
                    3d:17:40:7a:9f:44:07:47:45:c6:3d:44:c0:4e:99:
                    de:eb:2b:b5:94:31:12:dd:5e:94:03:9e:f5:f9:be:
                    91:2a:3f:5a:67:71:f8:39:ba:bf:a0:c8:33:a8:9c:
                    ff:c8:bc:85:75:38:89:1a:3b:0d:a5:46:96:1e:35:
                    06:6b:eb:43:80:63:1f:10:65:ee:6f:53:1e:f2:e6:
                    b0:bc:ef:43:2b:db:c3:1a:a2:8b:74:9b:f8:dd:3b:
                    64:f9:21:6d:6b:db:95:70:1a:2b:eb:52:5e:6b:95:
                    f3:d3:ef:67:0a:2e:16:70:ad:27:2d:16:8a:44:0c:
                    dc:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:2D:E6:F4:9D:75:D0:DC:B7:86:A6:95:96:1F:45:28:25:85:8C:40
            X509v3 Authority Key Identifier:
                keyid:38:99:C9:2D:D0:D4:2F:93:D7:DA:85:40:34:FD:88:BA:B4:A5:AF:D2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/9904f670-7dac-4cf4-991d-50539e3d3f5e/0/3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/9904f670-7dac-4cf4-991d-50539e3d3f5e/0/3899C92DD0D42F93D7DA854034FD88BAB4A5AFD2.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:3a:98:be:46:f9:fb:b6:d2:f8:e9:7c:33:d2:4b:85:1c:68:
         c5:97:b9:b3:ad:97:f1:ef:36:ff:2c:87:5a:70:56:78:94:b5:
         65:4e:06:cc:21:99:56:36:24:63:05:6f:57:f9:23:29:ab:77:
         e9:45:ab:5b:69:bd:90:b0:1b:13:1b:58:21:b7:54:3a:68:07:
         c3:be:35:fc:b5:bf:6d:52:12:a6:3f:18:ff:a9:5f:4f:5a:95:
         aa:1d:20:b2:49:85:0a:fd:c5:49:99:d5:de:68:c6:89:f8:8c:
         b6:eb:5d:68:f6:1b:1d:bd:7d:a6:3d:3a:35:64:6f:14:14:ce:
         0b:62:21:e7:42:8a:59:c2:49:50:c8:35:18:d7:f8:d8:fc:0f:
         2a:61:15:6e:c8:39:ba:36:25:75:44:55:76:a1:9e:5f:89:ed:
         8a:93:fa:38:a2:ec:16:9c:41:f1:84:80:43:6d:df:52:56:4a:
         da:6a:68:f6:53:44:b7:28:18:8f:df:c3:6c:89:92:4d:bc:14:
         66:33:c4:fe:65:85:4b:e7:cf:d9:b7:67:87:1b:d6:b9:d0:31:
         cc:0d:da:d4:a4:d1:85:ff:a9:9e:33:6b:4a:31:a1:88:fb:ce:
         57:ae:63:11:2d:86:97:54:ad:fc:8f:97:13:b3:ba:51:46:2d:
         79:ab:13:4e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUaIC5I+oRfVvfXwFTo69y7gOAjd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzg5OUM5MkREMEQ0MkY5M0Q3REE4NTQwMzRGRDg4QkFC
NEE1QUZEMjAeFw0yNjA2MDIxOTMzNTBaFw0yNjA2MDMyMDE3NTBaMDMxMTAvBgNV
BAMTKDNEMkRFNkY0OUQ3NUQwRENCNzg2QTY5NTk2MUY0NTI4MjU4NThDNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzUVT//L04jVeGzsL/4jydEn4v
1gKgv8hcF+crb7gxIe/twK/pNQLhs5GRxxRv5Zur9gDX3gFqyUyHOg5qHIoXN3fI
2cybOzmS8pMVmkcUd0vXcZFoGDCczJjlyWh4VXHNRxC36c8nTP+jO5O6wmse7KD/
hnUKxHDjVCuEFgIxHuxzHIpiDT0XQHqfRAdHRcY9RMBOmd7rK7WUMRLdXpQDnvX5
vpEqP1pncfg5ur+gyDOonP/IvIV1OIkaOw2lRpYeNQZr60OAYx8QZe5vUx7y5rC8
70Mr28Maoot0m/jdO2T5IW1r25VwGivrUl5rlfPT72cKLhZwrSctFopEDNyzAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUPS3m9J110Ny3hqaVlh9FKCWFjEAwHwYDVR0j
BBgwFoAUOJnJLdDUL5PX2oVANP2IurSlr9IwDgYDVR0PAQH/BAQDAgeAMIGGBgNV
HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v
OTkwNGY2NzAtN2RhYy00Y2Y0LTk5MWQtNTA1MzllM2QzZjVlLzAvMzg5OUM5MkRE
MEQ0MkY5M0Q3REE4NTQwMzRGRDg4QkFCNEE1QUZEMi5jcmwwcgYIKwYBBQUHAQEE
ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl
cG8vSUROSUMvMS8zODk5QzkyREQwRDQyRjkzRDdEQTg1NDAzNEZEODhCQUI0QTVB
RkQyLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov
L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vOTkwNGY2NzAtN2RhYy00Y2Y0LTk5
MWQtNTA1MzllM2QzZjVlLzAvMzg5OUM5MkREMEQ0MkY5M0Q3REE4NTQwMzRGRDg4
QkFCNEE1QUZEMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAAA6mL5G+fu20vjpfDPSS4UcaMWXubOtl/Hv
Nv8sh1pwVniUtWVOBswhmVY2JGMFb1f5Iymrd+lFq1tpvZCwGxMbWCG3VDpoB8O+
Nfy1v21SEqY/GP+pX09alaodILJJhQr9xUmZ1d5oxon4jLbrXWj2Gx29faY9OjVk
bxQUzgtiIedCilnCSVDINRjX+Nj8DyphFW7IObo2JXVEVXahnl+J7YqT+jii7Bac
QfGEgENt31JWStpqaPZTRLcoGI/fw2yJkk28FGYzxP5lhUvnz9m3Z4cb1rnQMcwN
2tSk0YX/qZ4za0oxoYj7zleuYxEthpdUrfyPlxOzulFGLXmrE04=
-----END CERTIFICATE-----