Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
File:                     95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft (raw, json)
Hash identifier:          qb947trbwFVTqZKfpNk2eGjROasRzto8DqlEpnv0Ark=
Subject key identifier:   0A:DE:3D:E3:1D:7A:0A:0A:F6:47:DD:9E:F3:93:B4:29:D3:41:EB:0A
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       7506E062E59A089311F577E1B7A92B52DBAFCB9A
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
Manifest number:          0567
Signing time:             Wed 25 Mar 2026 00:31:49 +0000
Manifest this update:     Wed 25 Mar 2026 00:26:49 +0000
Manifest next update:     Sat 28 Mar 2026 04:04:49 +0000
Files and hashes:         1: 3130332e32382e35362e302f32342d3234203d3e203538343734.roa (hash: lS8odvouHADOZvGcEIZX6cESZX3v05ZwGGbLJRnmmPg=)
                          2: 34332e3234382e3231332e302f32342d3234203d3e203538343734.roa (hash: I3OA1TXXrn7Ho4Bbdaoik2HHmIJMRdT3vdvqOadCgWc=)
                          3: 323430343a666230303a3a2f33322d3332203d3e203538343734.roa (hash: T0GxcffUorQqKvKWvoQBmwT56g/pt1WC0GNCeIbnIXI=)
                          4: 3130332e32382e35392e302f32342d3234203d3e203538343734.roa (hash: GggD4UAIQuJ2Ici9kI1FCxhBRH2erQ0+Zgb75d0bwAQ=)
                          5: 3130332e32382e35372e302f32342d3234203d3e203538343734.roa (hash: RKuA2CS77/iBc1MhX2FD3Oj8MLTo/sw4r4vfbH4WpPI=)
                          6: 34332e3234382e3231322e302f32342d3234203d3e203538343734.roa (hash: lJiN/1jPk6sVzBu+b+dWtXwNwMFWgXWbUliAdUar1AU=)
                          7: 3130332e32382e35382e302f32342d3234203d3e203538343734.roa (hash: SVVnOcpEzNW3GyvGQSrBzvX2ix4zPecYqTfJmTpW5Ek=)
                          8: 34332e3234382e3231352e302f32342d3234203d3e203538343734.roa (hash: 2rfcy4tUpo7HgU2cGwZC6pQYZQAR7WSsi/1k28TkJlU=)
                          9: 95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl (hash: tq8TYpqu5kgbILp8QolcwTMev80+gCvNiHxKjKhI/xY=)
                          10: 34332e3234382e3231342e302f32342d3234203d3e203538343734.roa (hash: KABMcwwuj0PcVg0DF+2S7mT8pkOrI1Q8USpOkuuxMXI=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 28 Mar 2026 04:04:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:06:e0:62:e5:9a:08:93:11:f5:77:e1:b7:a9:2b:52:db:af:cb:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Mar 25 00:26:49 2026 GMT
            Not After : Mar 28 04:04:49 2026 GMT
        Subject: CN=0ADE3DE31D7A0A0AF647DD9EF393B429D341EB0A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:97:ee:0a:c3:59:ab:39:62:72:29:f1:55:58:
                    57:13:92:cd:93:1c:79:4e:b4:6e:8c:73:3a:db:e5:
                    89:ef:7a:3c:a4:db:8c:1d:27:98:15:25:00:0c:4a:
                    48:f7:95:81:16:95:82:e1:37:57:38:4f:57:c2:70:
                    e0:ee:6b:b4:bd:21:f1:10:f4:f9:91:89:c9:04:21:
                    a4:51:f0:ac:bf:e2:c2:27:09:c7:c3:4d:c7:94:4b:
                    4e:16:99:79:68:ff:e4:01:7e:76:d3:50:35:47:21:
                    02:4e:1b:2f:47:90:c2:11:40:e1:5b:13:49:10:c8:
                    1d:cc:75:ba:ad:53:1a:e8:38:47:a7:00:48:5f:25:
                    c0:2d:da:08:17:29:c6:98:d4:13:cc:3e:cd:5e:b2:
                    2a:b9:40:7d:10:bd:5b:5b:3b:d1:8b:76:3e:78:cd:
                    e7:5d:d2:94:7b:81:0f:5c:1d:28:ab:c3:20:5f:6b:
                    6a:d4:4a:56:f0:7f:ed:01:fe:6e:b3:d6:be:fb:ce:
                    cd:eb:53:a1:a1:69:ce:21:ca:46:8b:63:81:4a:6a:
                    29:1b:b8:29:5c:87:c0:7b:02:8d:b6:3d:9b:fc:7c:
                    a9:34:58:aa:bf:14:1b:3a:07:cc:10:4e:2b:35:c1:
                    a6:03:01:ab:f1:ca:ff:01:99:04:80:5b:3d:6d:a8:
                    db:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:DE:3D:E3:1D:7A:0A:0A:F6:47:DD:9E:F3:93:B4:29:D3:41:EB:0A
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:65:97:97:73:dc:1e:76:63:7c:64:a3:48:98:c7:6a:83:6d:
         48:7b:cc:78:55:f8:da:c0:a9:de:85:fb:18:5f:21:70:43:3b:
         9b:a8:da:ef:0e:60:eb:03:b6:0e:48:2c:f8:c8:e0:c0:48:8f:
         ce:77:d2:82:ba:fc:60:7b:b8:58:61:08:fa:7c:a0:f9:07:99:
         32:17:90:d2:e0:4c:e2:2a:07:70:44:ff:ee:b6:d9:67:5e:35:
         ff:de:ed:0f:20:39:fb:4a:7f:25:27:a9:8b:bc:87:76:b2:1c:
         34:9d:cb:2d:f3:0f:7e:30:f1:13:3f:38:a2:71:22:db:49:85:
         38:80:76:fa:61:2d:5f:53:9a:70:f4:ac:b2:8a:22:3b:9f:16:
         45:8d:8f:10:be:c1:7c:20:3a:ee:96:b1:54:16:b7:ad:bb:4e:
         60:18:a7:9b:8f:39:c1:bc:c8:54:7b:12:b8:a0:0a:f7:ac:6e:
         5c:cd:f9:cd:4d:28:eb:6f:05:70:12:e6:20:d0:e3:1b:bc:8b:
         f7:0d:0d:a9:ff:8f:82:a4:67:d2:97:49:04:46:1d:65:19:45:
         90:33:48:48:42:f2:c2:80:a9:09:3e:7d:6c:2a:2e:32:29:58:
         50:55:1c:12:02:2b:aa:c8:21:0a:9a:9c:7b:7d:81:0b:88:4c:
         90:b1:2a:48
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUdQbgYuWaCJMR9Xfht6krUtuvy5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNjAzMjUwMDI2NDlaFw0yNjAzMjgwNDA0NDlaMDMxMTAvBgNV
BAMTKDBBREUzREUzMUQ3QTBBMEFGNjQ3REQ5RUYzOTNCNDI5RDM0MUVCMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtl+4Kw1mrOWJyKfFVWFcTks2T
HHlOtG6Mczrb5Ynvejyk24wdJ5gVJQAMSkj3lYEWlYLhN1c4T1fCcODua7S9IfEQ
9PmRickEIaRR8Ky/4sInCcfDTceUS04WmXlo/+QBfnbTUDVHIQJOGy9HkMIRQOFb
E0kQyB3MdbqtUxroOEenAEhfJcAt2ggXKcaY1BPMPs1esiq5QH0QvVtbO9GLdj54
zedd0pR7gQ9cHSirwyBfa2rUSlbwf+0B/m6z1r77zs3rU6Ghac4hykaLY4FKaikb
uClch8B7Ao22PZv8fKk0WKq/FBs6B8wQTis1waYDAavxyv8BmQSAWz1tqNvlAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUCt494x16Cgr2R92e85O0KdNB6wowHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMwNTE3N2EtYTUwMC00OTk2LWIz
ZmYtNzBjMTQ0ZWRmZWNlLzAvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgy
QjQzREEyRjA5OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBABBll5dz3B52Y3xko0iYx2qDbUh7zHhV+NrA
qd6F+xhfIXBDO5uo2u8OYOsDtg5ILPjI4MBIj8530oK6/GB7uFhhCPp8oPkHmTIX
kNLgTOIqB3BE/+622WdeNf/e7Q8gOftKfyUnqYu8h3ayHDSdyy3zD34w8RM/OKJx
IttJhTiAdvphLV9TmnD0rLKKIjufFkWNjxC+wXwgOu6WsVQWt627TmAYp5uPOcG8
yFR7ErigCvesblzN+c1NKOtvBXAS5iDQ4xu8i/cNDan/j4KkZ9KXSQRGHWUZRZAz
SEhC8sKAqQk+fWwqLjIpWFBVHBICK6rIIQqanHt9gQuITJCxKkg=
-----END CERTIFICATE-----