Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/c7fc54fb-724e-4316-b9bc-1c4b06ea57ae/0/1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F.mft
File:                     1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F.mft (raw, json)
Hash identifier:          ZqKXYzmyzjJwyXp0d4WxQQr9socr3d9Ve2CRsZTzsgo=
Subject key identifier:   0E:F9:DA:58:D0:A5:48:9C:45:14:3B:DA:C2:DB:07:50:D2:68:23:B1
Authority key identifier: 1B:F9:9D:4D:CD:5B:F5:03:BE:97:23:AB:F5:51:DD:D7:0D:C1:46:4F
Certificate issuer:       /CN=1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F
Certificate serial:       29006D43CC1C085006AE5981180445CB3765E986
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c7fc54fb-724e-4316-b9bc-1c4b06ea57ae/0/1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F.mft
Manifest number:          0173
Signing time:             Sun 04 May 2025 02:50:05 +0000
Manifest this update:     Sun 04 May 2025 02:45:05 +0000
Manifest next update:     Wed 07 May 2025 10:31:05 +0000
Files and hashes:         1: 3131342e3134312e39352e302f32342d3234203d3e20313338383138.roa (hash: hHpqodeyU8amc0Yg+Vz1Yb1kEzG9g5qGdXKGONkFhDE=)
                          2: 3131342e3134312e39302e302f32342d3234203d3e203338373733.roa (hash: 9CQ6JFUhExdNBAYYYWcUpyzc1PDrxOfBKcNbdLlWf6U=)
                          3: 3131342e3134312e38392e302f32342d3234203d3e203338373733.roa (hash: 8i3x4gBaZ9q2FeKL77QwQugTPoFrVoqppzokcKf7V9U=)
                          4: 3131342e3134312e38382e302f32342d3234203d3e203338373733.roa (hash: uzdxCFJ60y1EqFPWBfLgLUEnJ7LWJrfPQeMyJb9m5FM=)
                          5: 3131342e3134312e39342e302f32342d3234203d3e20313338383138.roa (hash: CSQkGTmQt+s2JfwWnvim+F5o3slRbbgf9XyF9r9GepU=)
                          6: 3131342e3134312e39312e302f32342d3234203d3e20313338383138.roa (hash: IJ/QrpohwAAMEHf60VyOYZyE2rLKrvAARpcXl8wmM9I=)
                          7: 3131342e3134312e39322e302f32342d3234203d3e20313338383138.roa (hash: K3N55cBe6+W2+UEDhGR/EreK/NsWeZinIyNl1uxEyoA=)
                          8: 1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F.crl (hash: dQgxObDDCAab5FKH6kczB7JbU/oqrqXUGwo1qlVpk+c=)
                          9: 3131342e3134312e39332e302f32342d3234203d3e20313338383138.roa (hash: FqS1mlGjIL0BP5gK9enlmVRuaz2y9/mIcmX+UTD+qKA=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c7fc54fb-724e-4316-b9bc-1c4b06ea57ae/0/1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F.crl
                          rsync://repo-rpki.idnic.net/repo/c7fc54fb-724e-4316-b9bc-1c4b06ea57ae/0/1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 07 May 2025 10:31:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:00:6d:43:cc:1c:08:50:06:ae:59:81:18:04:45:cb:37:65:e9:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F
        Validity
            Not Before: May  4 02:45:05 2025 GMT
            Not After : May  7 10:31:05 2025 GMT
        Subject: CN=0EF9DA58D0A5489C45143BDAC2DB0750D26823B1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:fe:46:d1:a8:2b:23:f3:1f:f9:b0:35:2d:73:
                    28:7a:b1:02:c8:cf:cb:92:9c:47:75:87:d8:14:0d:
                    4d:ce:96:ef:08:93:ec:9c:b3:9f:25:f0:be:56:d1:
                    4d:0e:50:f1:df:d4:87:09:0d:54:2a:80:0f:7d:74:
                    99:3e:64:b0:b6:79:e1:67:fb:08:92:f5:c2:f1:c7:
                    17:08:64:61:83:76:55:4f:8c:b2:1d:de:ed:d7:4f:
                    1a:ea:f4:45:84:47:e1:76:c2:8e:c8:f4:6e:78:ac:
                    0e:31:98:85:5e:ff:5b:07:c8:e0:0a:9e:a0:81:2e:
                    a3:bb:bb:18:fe:e4:c3:2e:68:3a:62:2d:ba:ae:07:
                    f9:f8:36:f7:1e:d2:a4:3f:a8:82:9a:a8:34:40:ba:
                    0a:05:5d:fe:49:97:d6:ce:4f:a1:f7:06:31:58:f3:
                    55:ef:48:65:92:78:68:99:fe:31:3c:f9:41:1e:68:
                    ac:2b:68:b3:7c:8a:01:0a:41:a3:63:3c:3d:c5:7b:
                    5d:13:9b:b5:ba:2c:40:a9:58:4a:8f:b6:2f:e0:a8:
                    c9:e5:1e:51:58:70:cc:8d:0e:fb:50:55:ef:38:41:
                    17:81:e7:f9:e8:21:fd:61:44:b8:7d:8a:61:b8:16:
                    c3:d6:cc:a6:ed:0b:8a:a9:a6:41:54:c0:fe:87:35:
                    b9:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:F9:DA:58:D0:A5:48:9C:45:14:3B:DA:C2:DB:07:50:D2:68:23:B1
            X509v3 Authority Key Identifier:
                keyid:1B:F9:9D:4D:CD:5B:F5:03:BE:97:23:AB:F5:51:DD:D7:0D:C1:46:4F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c7fc54fb-724e-4316-b9bc-1c4b06ea57ae/0/1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c7fc54fb-724e-4316-b9bc-1c4b06ea57ae/0/1BF99D4DCD5BF503BE9723ABF551DDD70DC1464F.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:6c:8e:af:60:cf:85:50:36:b8:94:fd:ee:7e:8f:9b:cf:49:
         0b:be:6d:ae:10:7d:dc:cd:3a:88:41:46:0d:05:9b:90:05:c3:
         61:64:1c:cb:64:ca:43:b3:fb:1a:c2:c8:9e:05:c3:1f:b1:5f:
         bd:4a:33:a6:b3:90:c7:9d:e9:00:dd:0c:7c:03:23:6d:d9:f8:
         e2:68:7d:8f:41:0f:74:d8:0e:b6:ca:c0:0c:e8:59:75:18:0e:
         bd:19:1d:79:ef:bc:12:f2:ba:be:59:d4:5e:61:f1:5e:6f:60:
         19:ce:e7:05:38:1b:41:dd:b6:50:59:6f:ae:3e:af:3e:5c:87:
         11:26:f5:54:8d:36:df:10:98:74:34:d3:e0:21:ed:94:34:ef:
         3b:97:cf:92:4e:67:88:a2:20:fb:34:32:31:b5:5c:0d:8f:59:
         81:82:65:59:63:f9:2d:d0:ad:7b:49:63:f5:58:e1:b7:cf:91:
         ba:27:10:f9:12:65:63:b7:ee:ee:66:aa:71:ae:1f:66:5b:61:
         dd:a7:97:f0:94:b1:3a:90:b1:88:d5:38:d3:5a:0c:ae:6e:a0:
         81:d1:50:5a:d3:04:9b:01:44:ff:07:d3:21:eb:97:1f:87:a3:
         6b:52:75:14:af:c6:fc:94:3e:b5:4c:b0:95:69:57:25:c3:2d:
         2b:35:f8:06
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUKQBtQ8wcCFAGrlmBGARFyzdl6YYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUJGOTlENERDRDVCRjUwM0JFOTcyM0FCRjU1MURERDcw
REMxNDY0RjAeFw0yNTA1MDQwMjQ1MDVaFw0yNTA1MDcxMDMxMDVaMDMxMTAvBgNV
BAMTKDBFRjlEQTU4RDBBNTQ4OUM0NTE0M0JEQUMyREIwNzUwRDI2ODIzQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ/kbRqCsj8x/5sDUtcyh6sQLI
z8uSnEd1h9gUDU3Olu8Ik+ycs58l8L5W0U0OUPHf1IcJDVQqgA99dJk+ZLC2eeFn
+wiS9cLxxxcIZGGDdlVPjLId3u3XTxrq9EWER+F2wo7I9G54rA4xmIVe/1sHyOAK
nqCBLqO7uxj+5MMuaDpiLbquB/n4Nvce0qQ/qIKaqDRAugoFXf5Jl9bOT6H3BjFY
81XvSGWSeGiZ/jE8+UEeaKwraLN8igEKQaNjPD3Fe10Tm7W6LECpWEqPti/gqMnl
HlFYcMyNDvtQVe84QReB5/noIf1hRLh9imG4FsPWzKbtC4qppkFUwP6HNbnpAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUDvnaWNClSJxFFDvawtsHUNJoI7EwHwYDVR0j
BBgwFoAUG/mdTc1b9QO+lyOr9VHd1w3BRk8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
N2ZjNTRmYi03MjRlLTQzMTYtYjliYy0xYzRiMDZlYTU3YWUvMC8xQkY5OUQ0RENE
NUJGNTAzQkU5NzIzQUJGNTUxRERENzBEQzE0NjRGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMUJGOTlENERDRDVCRjUwM0JFOTcyM0FCRjU1MURERDcwREMx
NDY0Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYzdmYzU0ZmItNzI0ZS00MzE2LWI5
YmMtMWM0YjA2ZWE1N2FlLzAvMUJGOTlENERDRDVCRjUwM0JFOTcyM0FCRjU1MURE
RDcwREMxNDY0Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAJVsjq9gz4VQNriU/e5+j5vPSQu+ba4QfdzN
OohBRg0Fm5AFw2FkHMtkykOz+xrCyJ4Fwx+xX71KM6azkMed6QDdDHwDI23Z+OJo
fY9BD3TYDrbKwAzoWXUYDr0ZHXnvvBLyur5Z1F5h8V5vYBnO5wU4G0HdtlBZb64+
rz5chxEm9VSNNt8QmHQ00+Ah7ZQ07zuXz5JOZ4iiIPs0MjG1XA2PWYGCZVlj+S3Q
rXtJY/VY4bfPkbonEPkSZWO37u5mqnGuH2ZbYd2nl/CUsTqQsYjVONNaDK5uoIHR
UFrTBJsBRP8H0yHrlx+Ho2tSdRSvxvyUPrVMsJVpVyXDLSs1+AY=
-----END CERTIFICATE-----