Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
File:                     B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft (raw, json)
Hash identifier:          Q4yyw/RSiQlLzpBU+bViw2MfBFnrJNwm3651OBntrP8=
Subject key identifier:   00:67:A3:D2:ED:AE:1A:5E:18:66:DE:32:F1:79:53:0B:05:5A:97:F9
Authority key identifier: B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1
Certificate issuer:       /CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
Certificate serial:       35FBCB5536E0EE692931F2AEE6756AB290DA7B6D
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
Manifest number:          02AD
Signing time:             Mon 20 Oct 2025 06:41:52 +0000
Manifest this update:     Mon 20 Oct 2025 06:36:52 +0000
Manifest next update:     Thu 23 Oct 2025 10:11:52 +0000
Files and hashes:         1: 3130332e33302e3232302e302f32342d3234203d3e203338313438.roa (hash: o3fKHuVWFD6jkUIoyhNcY5O2uYQKepNEkJqsRTcT0Zs=)
                          2: 323430313a396230303a3a2f33322d3438203d3e203338313438.roa (hash: KdtiKUAOdh5Pdj0OkOpsBFHlVClUvcCXmF1ngZraMiI=)
                          3: B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl (hash: ylhkL818e+K2osq1KK49jXGUAbAYlCTfrzpjwKd7PJo=)
                          4: 3130332e33302e3232302e302f32322d3233203d3e203338313438.roa (hash: dip5cfpPOxv7j5avMlkj27CtA1ffgVlncphql09alQk=)
                          5: 3132322e3230302e3134342e302f32312d3234203d3e203338313438.roa (hash: q36ZaNZnng4e3YSesfRm7Xhg/e4wHbxv2r58SbE/Hyw=)
                          6: 3130332e33302e3232312e302f32342d3234203d3e203338313438.roa (hash: 7jwgwmu5p9Vx0nJtBBICc1jR6TLu2T+YBURAKlHLhFY=)
                          7: 3130332e33302e3232322e302f32342d3234203d3e203338313438.roa (hash: +SJaFJQyqBdRsoSnVqf1c6YDNbR+iItpuCQMYo/GJwM=)
                          8: 3130332e33302e3232332e302f32342d3234203d3e203338313438.roa (hash: Oz3xD+pukxgYWpnFQL+j6A86Gc4jUZiZu2sP1l7btM0=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl
                          rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 23 Oct 2025 10:11:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:fb:cb:55:36:e0:ee:69:29:31:f2:ae:e6:75:6a:b2:90:da:7b:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
        Validity
            Not Before: Oct 20 06:36:52 2025 GMT
            Not After : Oct 23 10:11:52 2025 GMT
        Subject: CN=0067A3D2EDAE1A5E1866DE32F179530B055A97F9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:f9:b3:41:69:25:22:73:59:e3:3f:56:90:41:
                    82:51:4b:e6:38:4a:51:01:59:31:a5:91:97:01:0b:
                    d7:84:71:3e:65:cf:06:85:fe:aa:1a:c2:a7:e9:af:
                    ad:57:d6:0b:5f:ee:42:a7:aa:95:16:e1:63:94:ac:
                    0f:47:6d:85:27:7b:9b:fb:8c:10:09:bf:ea:88:7a:
                    92:c5:c7:63:bf:fb:fc:a5:8d:c6:e3:f2:c3:f0:7a:
                    60:78:15:80:4c:d3:84:3f:98:8c:1d:c2:f6:30:dd:
                    4f:e8:2b:fc:08:72:41:50:0c:a3:ac:be:9c:45:aa:
                    f2:9a:22:c5:64:bb:09:89:ac:5a:b5:5c:b6:00:8a:
                    1e:15:6e:a3:d3:cd:da:12:b0:22:c4:22:cf:10:84:
                    b4:bc:fc:84:94:da:ea:8c:6a:c9:59:dd:2c:36:54:
                    f9:09:55:4c:db:c7:b0:54:c2:98:dc:d9:0d:b9:dc:
                    cb:64:a3:cd:72:e2:7f:f0:04:00:fb:3d:d1:a0:01:
                    ab:e5:e2:5e:e4:97:f5:3f:6f:93:23:ce:a4:b8:83:
                    1b:42:b2:2f:74:37:c5:03:88:f0:99:39:73:6f:4e:
                    aa:90:a0:c9:fa:c1:c7:4b:78:13:14:9a:72:ba:0d:
                    cf:3d:23:fe:83:4d:47:62:a7:b1:a9:06:19:e2:de:
                    09:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:67:A3:D2:ED:AE:1A:5E:18:66:DE:32:F1:79:53:0B:05:5A:97:F9
            X509v3 Authority Key Identifier:
                keyid:B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:66:33:39:1e:6c:44:9c:29:8b:57:c0:5e:e6:3c:94:91:5f:
         84:65:a6:f5:da:3b:70:79:2c:56:6f:21:66:2d:97:95:c4:44:
         d1:31:e1:0a:7a:db:97:53:90:b3:31:de:fa:7f:fc:08:61:be:
         b8:27:1b:6b:25:68:57:1d:25:b3:bb:7e:ed:4d:31:62:a6:26:
         80:7c:b0:98:45:9f:f0:53:9d:71:11:4d:ec:ba:2a:bc:a1:07:
         1c:40:64:f3:e7:e7:6d:65:2a:69:90:5d:91:c5:f8:42:24:26:
         a6:35:d5:07:27:fa:8d:89:75:08:2f:3b:b4:4b:2b:ee:62:16:
         77:ef:56:39:12:be:96:55:8e:26:cf:0c:f2:4b:e4:92:49:95:
         95:cc:dc:15:e4:a6:59:6d:84:84:a1:d7:1e:16:55:7f:c2:9f:
         d1:58:b1:a3:42:e1:e0:27:97:f4:c4:fc:6a:d8:d1:fd:17:61:
         7e:4e:e7:30:8d:41:3c:6c:ca:8b:48:de:7f:87:94:bf:81:f7:
         33:ae:c1:96:09:d1:ab:66:64:49:8a:1c:94:a4:09:bb:af:6a:
         b5:81:ce:70:a4:6f:f4:f0:7c:ad:61:d5:ed:8d:6f:3a:08:1d:
         1b:ba:31:cc:c0:01:e8:68:f1:5c:3e:d5:44:e0:69:8f:d4:5b:
         b3:2c:a4:c4
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUNfvLVTbg7mkpMfKu5nVqspDae20wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEw
RUIzODRFMTAeFw0yNTEwMjAwNjM2NTJaFw0yNTEwMjMxMDExNTJaMDMxMTAvBgNV
BAMTKDAwNjdBM0QyRURBRTFBNUUxODY2REUzMkYxNzk1MzBCMDU1QTk3RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDi+bNBaSUic1njP1aQQYJRS+Y4
SlEBWTGlkZcBC9eEcT5lzwaF/qoawqfpr61X1gtf7kKnqpUW4WOUrA9HbYUne5v7
jBAJv+qIepLFx2O/+/yljcbj8sPwemB4FYBM04Q/mIwdwvYw3U/oK/wIckFQDKOs
vpxFqvKaIsVkuwmJrFq1XLYAih4VbqPTzdoSsCLEIs8QhLS8/ISU2uqMaslZ3Sw2
VPkJVUzbx7BUwpjc2Q253Mtko81y4n/wBAD7PdGgAavl4l7kl/U/b5MjzqS4gxtC
si90N8UDiPCZOXNvTqqQoMn6wcdLeBMUmnK6Dc89I/6DTUdip7GpBhni3glxAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUAGej0u2uGl4YZt4y8XlTCwVal/kwHwYDVR0j
BBgwFoAUuSHaq7hJSd3CUA1PCm2T+g6zhOEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
NTkyYzI3NC0xMWRiLTQxMjctYmFiYi1hZWFlOTkyODRiMDAvMC9COTIxREFBQkI4
NDk0OUREQzI1MDBENEYwQTZEOTNGQTBFQjM4NEUxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEwRUIz
ODRFMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTU5MmMyNzQtMTFkYi00MTI3LWJh
YmItYWVhZTk5Mjg0YjAwLzAvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkz
RkEwRUIzODRFMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAA5mMzkebEScKYtXwF7mPJSRX4RlpvXaO3B5
LFZvIWYtl5XERNEx4Qp625dTkLMx3vp//AhhvrgnG2slaFcdJbO7fu1NMWKmJoB8
sJhFn/BTnXERTey6KryhBxxAZPPn521lKmmQXZHF+EIkJqY11Qcn+o2JdQgvO7RL
K+5iFnfvVjkSvpZVjibPDPJL5JJJlZXM3BXkpllthISh1x4WVX/Cn9FYsaNC4eAn
l/TE/GrY0f0XYX5O5zCNQTxsyotI3n+HlL+B9zOuwZYJ0atmZEmKHJSkCbuvarWB
znCkb/TwfK1h1e2NbzoIHRu6MczAAeho8Vw+1UTgaY/UW7MspMQ=
-----END CERTIFICATE-----