Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
File:                     95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft (raw, json)
Hash identifier:          O2OEjahjmI3zc0I6x2uGHvPYI9S8fziVBwhTkWz2F10=
Subject key identifier:   5B:DE:15:FC:3A:C1:BA:C0:BD:63:87:07:59:D9:F9:71:84:1F:D4:9B
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       36F2BB1D7864AD541EF8167701395199659E298F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
Manifest number:          04F0
Signing time:             Tue 01 Jul 2025 07:11:40 +0000
Manifest this update:     Tue 01 Jul 2025 07:06:40 +0000
Manifest next update:     Fri 04 Jul 2025 10:57:40 +0000
Files and hashes:         1: 34332e3234382e3231332e302f32342d3234203d3e203538343734.roa (hash: 1buqcEkNcpZqwU2RTb5bdnOebm4gK/rhJeTPc24TtHw=)
                          2: 3130332e32382e35382e302f32342d3234203d3e203538343734.roa (hash: 2w5XwJtYHGp7kLGkRgJLESPyKEX6dzPi8sNumuXEyGY=)
                          3: 3130332e32382e35392e302f32342d3234203d3e203538343734.roa (hash: RxoBR7IgqwvZQhHoUeS2THnUjeeOMC/Li/OZd4zalVk=)
                          4: 34332e3234382e3231342e302f32342d3234203d3e203538343734.roa (hash: wQmGKqaa+YSiRmaLGWEMq8mJpTHj8TfVNhWMDunfL+s=)
                          5: 34332e3234382e3231352e302f32342d3234203d3e203538343734.roa (hash: hgLfhjfwIZWutgOiENx1B/1zXLdWd6NT3iL2V0hzBm0=)
                          6: 3130332e32382e35372e302f32342d3234203d3e203538343734.roa (hash: 4gGLGsruUsTli5S71gqgaVjZ1FJbCfgz4Cb6M2Xf9S8=)
                          7: 95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl (hash: XciooU8EMaz/2pgIf+4co0yYxuy9z/TERW3n4OcLWNw=)
                          8: 323430343a666230303a3a2f33322d3332203d3e203538343734.roa (hash: grgdG8OoUNxpOhcfTbbut/WvBOQGDavrGHNbzyqo7TA=)
                          9: 3130332e32382e35362e302f32342d3234203d3e203538343734.roa (hash: DeLSQFfELIsCBteEIe9giWzCWLH2CFola9GnxccGEcI=)
                          10: 34332e3234382e3231322e302f32342d3234203d3e203538343734.roa (hash: pg0ViMH1wjYLBratw2hvbKKsWrlS5/ljazg4HhV4YD8=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 04 Jul 2025 10:57:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:f2:bb:1d:78:64:ad:54:1e:f8:16:77:01:39:51:99:65:9e:29:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Jul  1 07:06:40 2025 GMT
            Not After : Jul  4 10:57:40 2025 GMT
        Subject: CN=5BDE15FC3AC1BAC0BD63870759D9F971841FD49B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:c8:a8:c7:44:44:5e:a4:8d:cf:4a:02:37:dd:
                    5f:f3:85:da:b9:a8:88:6d:18:e6:ec:6b:13:68:c5:
                    c1:fb:d5:b6:3a:6b:93:dc:b7:9e:7d:b8:e2:7b:8a:
                    9f:c2:f3:b0:87:f4:ce:b3:6c:20:cd:83:27:b9:96:
                    54:53:0e:60:ae:e1:80:38:b3:ef:ce:1a:9b:75:cd:
                    19:83:0e:d9:93:75:6c:c4:f8:8e:1a:87:08:17:89:
                    7c:a6:2e:32:a6:97:66:73:aa:86:8b:5f:78:7c:8d:
                    15:0c:2c:7b:be:48:76:0b:00:a6:0f:a2:5c:40:01:
                    d9:30:78:dc:f9:f1:99:57:03:de:9d:06:c3:ab:06:
                    b2:7e:f6:6c:3a:77:0a:30:53:57:3a:7f:1b:0a:6e:
                    99:2d:fc:31:61:13:4c:15:66:bb:df:4b:23:08:3e:
                    7d:9c:ea:44:e8:da:6f:5f:9a:5a:20:b1:2c:e6:4a:
                    e3:2c:ae:e1:3d:2c:3a:f5:3c:20:1c:aa:b9:aa:e1:
                    07:27:f3:fa:1e:76:b2:48:75:5e:6f:fc:5c:b8:96:
                    81:64:bc:95:f3:74:2d:37:5b:c4:a5:75:2a:6a:7b:
                    52:45:e7:80:cf:e2:8b:f3:77:88:e0:0a:12:76:fd:
                    66:b6:07:4f:8d:58:e3:43:71:b7:88:14:df:de:b9:
                    2b:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:DE:15:FC:3A:C1:BA:C0:BD:63:87:07:59:D9:F9:71:84:1F:D4:9B
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:65:99:62:05:3b:1a:ad:d1:9f:af:91:ce:9d:e0:0b:f8:3e:
         7f:f1:a7:3d:ed:05:b4:81:b6:fc:90:12:bf:2e:e6:34:39:a1:
         7e:42:15:68:d9:38:fc:42:3b:e7:12:d2:49:df:99:33:24:c9:
         21:ab:de:f8:89:03:01:be:53:c9:a5:00:c9:5d:6f:05:79:03:
         a8:87:21:ad:2d:bb:8b:15:ac:58:14:df:41:07:7a:2a:78:b4:
         98:7d:85:56:26:4a:0a:3f:4f:fe:43:88:c8:69:b9:f7:e2:46:
         89:79:ee:8a:9b:57:24:13:2c:e8:25:00:06:c4:57:0a:ca:82:
         43:b1:82:b3:b7:52:db:f9:f0:60:27:b9:92:4d:21:ea:81:2f:
         64:cd:19:18:f9:6e:cf:5d:45:7b:d9:84:0b:8e:e5:0a:e1:93:
         f5:84:92:3b:d6:dc:e8:62:34:68:2b:6c:11:f5:cc:f6:4e:b1:
         bb:c1:d3:e4:9a:4d:90:cc:c8:00:9a:80:a5:3b:b8:ef:61:a5:
         4a:85:7a:eb:1c:fc:fe:d7:51:f9:05:56:ee:0a:06:b4:1e:e8:
         33:27:b1:9a:d5:a1:42:99:7b:4b:f0:4f:2e:0f:0a:d1:77:7d:
         3d:fd:47:06:2b:d1:10:82:c6:1d:ca:56:0f:b2:28:98:5e:cd:
         cc:73:52:83
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUNvK7HXhkrVQe+BZ3ATlRmWWeKY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNTA3MDEwNzA2NDBaFw0yNTA3MDQxMDU3NDBaMDMxMTAvBgNV
BAMTKDVCREUxNUZDM0FDMUJBQzBCRDYzODcwNzU5RDlGOTcxODQxRkQ0OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDByKjHRERepI3PSgI33V/zhdq5
qIhtGObsaxNoxcH71bY6a5Pct559uOJ7ip/C87CH9M6zbCDNgye5llRTDmCu4YA4
s+/OGpt1zRmDDtmTdWzE+I4ahwgXiXymLjKml2ZzqoaLX3h8jRUMLHu+SHYLAKYP
olxAAdkweNz58ZlXA96dBsOrBrJ+9mw6dwowU1c6fxsKbpkt/DFhE0wVZrvfSyMI
Pn2c6kTo2m9fmlogsSzmSuMsruE9LDr1PCAcqrmq4Qcn8/oedrJIdV5v/Fy4loFk
vJXzdC03W8SldSpqe1JF54DP4ovzd4jgChJ2/Wa2B0+NWONDcbeIFN/euSsVAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUW94V/DrBusC9Y4cHWdn5cYQf1JswHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMwNTE3N2EtYTUwMC00OTk2LWIz
ZmYtNzBjMTQ0ZWRmZWNlLzAvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgy
QjQzREEyRjA5OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAMNlmWIFOxqt0Z+vkc6d4Av4Pn/xpz3tBbSB
tvyQEr8u5jQ5oX5CFWjZOPxCO+cS0knfmTMkySGr3viJAwG+U8mlAMldbwV5A6iH
Ia0tu4sVrFgU30EHeip4tJh9hVYmSgo/T/5DiMhpuffiRol57oqbVyQTLOglAAbE
VwrKgkOxgrO3Utv58GAnuZJNIeqBL2TNGRj5bs9dRXvZhAuO5Qrhk/WEkjvW3Ohi
NGgrbBH1zPZOsbvB0+SaTZDMyACagKU7uO9hpUqFeusc/P7XUfkFVu4KBrQe6DMn
sZrVoUKZe0vwTy4PCtF3fT39RwYr0RCCxh3KVg+yKJhezcxzUoM=
-----END CERTIFICATE-----