Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft
File:                     21F5E152BA3E25561EA4D2E2986546412F44F15B.mft (raw, json)
Hash identifier:          /3HWyNjPJwie0ZwzhdSNOParARpB9cb0f1batXEE4gE=
Subject key identifier:   40:CA:B1:2C:2F:FB:E5:99:5E:B1:9D:0B:F7:D0:1E:39:AD:30:82:7D
Authority key identifier: 21:F5:E1:52:BA:3E:25:56:1E:A4:D2:E2:98:65:46:41:2F:44:F1:5B
Certificate issuer:       /CN=21F5E152BA3E25561EA4D2E2986546412F44F15B
Certificate serial:       0B867A713FE9C9C970B263984786860D56AA7261
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft
Manifest number:          8B
Signing time:             Thu 21 Aug 2025 13:41:54 +0000
Manifest this update:     Thu 21 Aug 2025 13:36:54 +0000
Manifest next update:     Sun 24 Aug 2025 17:03:54 +0000
Files and hashes:         1: 3130332e3130362e37372e302f32342d3234203d3e203436303233.roa (hash: iziNbMfSG5lJ/Wc6NMmyz4JELED2OvK44piqUsCFc7c=)
                          2: 21F5E152BA3E25561EA4D2E2986546412F44F15B.crl (hash: 6uqJ/n1cxtm68HZId+cx47NPyVeLohHUcd1a7Vdjm68=)
                          3: 3130332e3130362e37362e302f32322d3232203d3e203436303233.roa (hash: 2GYoGVGasxR8uDpvI7BrmDmU9LmzA4rGOfrvv4FSPFU=)
                          4: 3130332e3130362e37362e302f32342d3234203d3e203436303233.roa (hash: rou4lQQn7ojgWvv4wv09Ssy99ZSAyWazNJbw+IJaxNs=)
                          5: 3130332e3130362e37382e302f32342d3234203d3e203436303233.roa (hash: FSBT4Cl2oIA3FZ2v8CwqLAvZnqhyh2xxPvGzfautFn8=)
                          6: 3130332e3130362e37392e302f32342d3234203d3e203436303233.roa (hash: +JichmiRgdBO5Ls93QqucE3C6EV+z6Am+M+Wk0rjli0=)
                          7: 3130332e3130362e37362e302f32332d3233203d3e203436303233.roa (hash: cL7ZL6RvGqaM5lLXVnNe5p70LEzT1elnw9tJI0VweII=)
                          8: 3130332e3130362e37382e302f32332d3233203d3e203436303233.roa (hash: eJ9GbsoPpuqjf9GV+xkr8k7F5h0W8otETbBjey1b6zQ=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.crl
                          rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Aug 2025 17:03:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:86:7a:71:3f:e9:c9:c9:70:b2:63:98:47:86:86:0d:56:aa:72:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21F5E152BA3E25561EA4D2E2986546412F44F15B
        Validity
            Not Before: Aug 21 13:36:54 2025 GMT
            Not After : Aug 24 17:03:54 2025 GMT
        Subject: CN=40CAB12C2FFBE5995EB19D0BF7D01E39AD30827D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:5f:00:53:c7:b0:a3:e3:43:99:c8:11:63:c9:
                    8c:57:30:19:6f:ae:94:58:b3:2c:53:58:48:b3:b3:
                    ab:ec:74:9a:0d:8d:d7:71:67:ea:3b:ac:7e:31:63:
                    24:e0:2f:d4:ff:46:e8:c4:36:fc:7c:01:e7:6b:c8:
                    b5:a2:c3:f1:19:44:d7:a5:c0:07:8c:4f:2d:7d:b4:
                    1b:71:96:12:10:48:41:63:5e:1c:bd:d7:b3:bd:4e:
                    0a:08:b1:79:4b:ac:eb:36:a2:07:d1:5e:a0:e4:9b:
                    20:0f:c8:54:48:2d:ea:0e:87:37:ba:17:22:76:c3:
                    84:e4:9e:2b:b1:c8:1f:e0:0a:1c:e3:e8:81:ca:70:
                    a1:98:5c:75:04:d5:ec:23:7e:4c:d1:64:24:96:f0:
                    c4:04:43:9b:48:0c:8c:e0:3a:43:6c:d8:d1:31:cc:
                    11:32:bc:07:41:3d:5c:b1:f8:3a:75:87:4c:6d:57:
                    93:f3:c9:51:ac:e0:15:fe:b4:27:49:2b:ad:00:02:
                    86:72:7c:aa:a9:9f:87:b5:05:2d:65:6f:f7:52:62:
                    be:df:c8:d3:46:ac:a4:d2:0d:ed:56:0f:67:63:10:
                    5e:cd:2a:f4:6e:39:e6:af:df:f9:f2:fe:e4:ca:40:
                    7f:33:c4:5e:a6:e2:4d:a5:a7:c6:b7:c7:d7:ee:b4:
                    93:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:CA:B1:2C:2F:FB:E5:99:5E:B1:9D:0B:F7:D0:1E:39:AD:30:82:7D
            X509v3 Authority Key Identifier:
                keyid:21:F5:E1:52:BA:3E:25:56:1E:A4:D2:E2:98:65:46:41:2F:44:F1:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:ec:cd:d2:ac:ea:86:0c:1f:fa:f8:59:71:44:97:c7:e7:f3:
         21:f0:1b:f3:84:3f:0c:01:d5:f5:f2:fa:be:2a:6b:77:af:e1:
         26:1b:76:d1:8a:97:aa:5c:0a:36:2b:e2:f3:e1:62:b3:a2:da:
         d2:87:4a:ce:31:24:12:ca:d1:73:76:44:72:db:c0:52:f9:0c:
         47:ef:89:72:28:05:27:ee:12:96:a3:be:c6:c4:87:b2:32:7e:
         98:d5:95:cd:b2:23:24:ac:01:4b:1d:1d:e6:a9:3f:39:0c:43:
         d4:91:99:e5:82:30:37:b4:15:c6:77:7f:2a:e0:c0:6e:f2:aa:
         e3:2c:50:14:20:64:1f:6c:1f:45:1a:bb:2b:e4:2d:45:db:9d:
         bd:80:55:81:23:02:a3:90:58:64:67:1f:08:6a:36:97:15:99:
         c1:87:f9:ef:f3:de:13:31:a4:48:eb:b4:ec:84:fb:4c:df:8b:
         10:ce:41:1d:ec:56:94:7c:ff:77:d0:de:e3:70:62:eb:33:d2:
         ef:27:50:f1:71:4a:c0:43:d1:8b:eb:10:7b:29:1a:5f:53:7f:
         d2:9e:98:62:b2:98:c8:c1:c9:79:d7:ce:40:fc:78:0b:9b:3c:
         ce:32:cd:88:df:3b:dd:dc:f2:00:b0:72:63:9f:80:58:2d:3b:
         a8:45:4e:e1
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUC4Z6cT/pyclwsmOYR4aGDVaqcmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2NDEy
RjQ0RjE1QjAeFw0yNTA4MjExMzM2NTRaFw0yNTA4MjQxNzAzNTRaMDMxMTAvBgNV
BAMTKDQwQ0FCMTJDMkZGQkU1OTk1RUIxOUQwQkY3RDAxRTM5QUQzMDgyN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfXwBTx7Cj40OZyBFjyYxXMBlv
rpRYsyxTWEizs6vsdJoNjddxZ+o7rH4xYyTgL9T/RujENvx8AedryLWiw/EZRNel
wAeMTy19tBtxlhIQSEFjXhy917O9TgoIsXlLrOs2ogfRXqDkmyAPyFRILeoOhze6
FyJ2w4TkniuxyB/gChzj6IHKcKGYXHUE1ewjfkzRZCSW8MQEQ5tIDIzgOkNs2NEx
zBEyvAdBPVyx+Dp1h0xtV5PzyVGs4BX+tCdJK60AAoZyfKqpn4e1BS1lb/dSYr7f
yNNGrKTSDe1WD2djEF7NKvRuOeav3/ny/uTKQH8zxF6m4k2lp8a3x9futJN9AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUQMqxLC/75ZlesZ0L99AeOa0wgn0wHwYDVR0j
BBgwFoAUIfXhUro+JVYepNLimGVGQS9E8VswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
M2RkNjEzNS01NDhjLTQ4ODEtYWY3OC05M2FmOWYyYTI1MTYvMC8yMUY1RTE1MkJB
M0UyNTU2MUVBNEQyRTI5ODY1NDY0MTJGNDRGMTVCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2NDEyRjQ0
RjE1Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYzNkZDYxMzUtNTQ4Yy00ODgxLWFm
NzgtOTNhZjlmMmEyNTE2LzAvMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2
NDEyRjQ0RjE1Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAD3szdKs6oYMH/r4WXFEl8fn8yHwG/OEPwwB
1fXy+r4qa3ev4SYbdtGKl6pcCjYr4vPhYrOi2tKHSs4xJBLK0XN2RHLbwFL5DEfv
iXIoBSfuEpajvsbEh7IyfpjVlc2yIySsAUsdHeapPzkMQ9SRmeWCMDe0FcZ3fyrg
wG7yquMsUBQgZB9sH0UauyvkLUXbnb2AVYEjAqOQWGRnHwhqNpcVmcGH+e/z3hMx
pEjrtOyE+0zfixDOQR3sVpR8/3fQ3uNwYusz0u8nUPFxSsBD0YvrEHspGl9Tf9Ke
mGKymMjByXnXzkD8eAubPM4yzYjfO93c8gCwcmOfgFgtO6hFTuE=
-----END CERTIFICATE-----