Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
File:                     95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft (raw, json)
Hash identifier:          UtoIzDKfUNijrpXqaOYMZlF4n3DyZbAWWd5AunSFlqw=
Subject key identifier:   E1:90:55:54:47:9A:99:14:3B:A0:E8:67:78:A2:E8:60:2F:4F:1D:E6
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       39757F8055AF9F809D535B41CF139EB664B89D2F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
Manifest number:          04D3
Signing time:             Fri 25 Apr 2025 10:51:33 +0000
Manifest this update:     Fri 25 Apr 2025 10:46:33 +0000
Manifest next update:     Mon 28 Apr 2025 22:04:33 +0000
Files and hashes:         1: 3130332e32382e35362e302f32342d3234203d3e203538343734.roa (hash: DeLSQFfELIsCBteEIe9giWzCWLH2CFola9GnxccGEcI=)
                          2: 34332e3234382e3231342e302f32342d3234203d3e203538343734.roa (hash: wQmGKqaa+YSiRmaLGWEMq8mJpTHj8TfVNhWMDunfL+s=)
                          3: 34332e3234382e3231352e302f32342d3234203d3e203538343734.roa (hash: hgLfhjfwIZWutgOiENx1B/1zXLdWd6NT3iL2V0hzBm0=)
                          4: 3130332e32382e35392e302f32342d3234203d3e203538343734.roa (hash: RxoBR7IgqwvZQhHoUeS2THnUjeeOMC/Li/OZd4zalVk=)
                          5: 323430343a666230303a3a2f33322d3332203d3e203538343734.roa (hash: grgdG8OoUNxpOhcfTbbut/WvBOQGDavrGHNbzyqo7TA=)
                          6: 95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl (hash: nVW3pQq9jFMnYzYaliZyXd56oPfp6b+50wCrOtycEsE=)
                          7: 34332e3234382e3231322e302f32342d3234203d3e203538343734.roa (hash: pg0ViMH1wjYLBratw2hvbKKsWrlS5/ljazg4HhV4YD8=)
                          8: 3130332e32382e35372e302f32342d3234203d3e203538343734.roa (hash: 4gGLGsruUsTli5S71gqgaVjZ1FJbCfgz4Cb6M2Xf9S8=)
                          9: 34332e3234382e3231332e302f32342d3234203d3e203538343734.roa (hash: 1buqcEkNcpZqwU2RTb5bdnOebm4gK/rhJeTPc24TtHw=)
                          10: 3130332e32382e35382e302f32342d3234203d3e203538343734.roa (hash: 2w5XwJtYHGp7kLGkRgJLESPyKEX6dzPi8sNumuXEyGY=)

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 28 Apr 2025 14:02:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:75:7f:80:55:af:9f:80:9d:53:5b:41:cf:13:9e:b6:64:b8:9d:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Apr 25 10:46:33 2025 GMT
            Not After : Apr 28 22:04:33 2025 GMT
        Subject: CN=E1905554479A99143BA0E86778A2E8602F4F1DE6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:4e:b6:42:b5:29:33:b1:9f:bb:57:c8:45:81:
                    c6:1d:24:b0:71:34:e9:90:c2:3d:57:7f:2c:2e:ee:
                    58:b7:d8:14:c3:c3:04:05:e1:a9:cf:fd:b0:94:33:
                    05:e8:d5:c2:93:1a:fe:8d:0d:4a:6a:47:e5:b7:0d:
                    6c:50:ba:68:30:bb:ff:0a:cf:4c:f0:6b:15:b0:57:
                    5d:06:17:91:5f:75:9c:dc:09:da:30:f0:eb:21:3e:
                    11:a2:7f:33:7e:db:90:e5:34:62:0c:ab:f2:7b:15:
                    90:5c:51:64:dc:0a:9a:85:e1:fa:b4:67:e7:c3:5f:
                    d9:e8:40:ab:a4:70:30:1a:e7:73:73:09:dd:57:8a:
                    e6:a0:19:29:2a:de:6b:f6:6f:be:ab:22:03:fa:c6:
                    40:c0:7d:60:54:6c:50:72:f5:2d:77:70:66:22:b8:
                    7f:6f:6d:65:9f:c8:73:14:35:18:fc:b4:40:24:36:
                    d8:53:df:95:f6:f4:52:21:41:a7:93:74:35:9d:c0:
                    1b:84:26:e9:ac:75:35:ab:3d:b1:8f:56:24:53:54:
                    84:7f:fe:c0:99:da:aa:47:b9:08:cc:55:c6:93:51:
                    f2:8a:85:bf:55:9a:c6:14:7f:da:ce:e5:90:c9:88:
                    1a:4c:1a:e3:96:14:32:5d:10:00:aa:cb:de:6c:2c:
                    29:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:90:55:54:47:9A:99:14:3B:A0:E8:67:78:A2:E8:60:2F:4F:1D:E6
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:4a:a6:54:1a:bd:d5:1c:e0:1b:2d:fd:08:9c:df:14:56:3d:
         85:3d:83:11:2a:ef:c8:bf:cf:00:9e:f4:36:d1:93:07:42:da:
         9b:5d:98:4f:81:b7:02:4e:be:60:1d:c9:f7:a7:88:dc:32:33:
         5b:d2:de:1a:5d:e4:2e:8d:7d:96:f4:db:eb:4e:f5:87:2a:d4:
         8d:7d:d0:99:00:79:5d:7b:2e:ff:62:0b:a8:09:17:98:91:54:
         39:a7:c2:13:ea:cc:8c:93:d6:a5:78:ec:fa:2f:30:4e:d1:43:
         d4:ca:a8:87:ac:76:1a:56:a0:f4:5f:28:0c:37:34:27:9d:4c:
         8c:f6:4c:45:2b:91:08:f4:7e:cd:ff:7d:a7:c3:65:f5:23:1d:
         66:bc:6d:cd:38:51:d7:21:be:f0:6a:70:5a:07:c5:7e:4e:db:
         22:ce:0c:df:81:73:07:dd:90:91:5b:9b:09:88:7d:ea:ed:a7:
         1e:f0:5f:4c:3c:6d:f1:48:ef:04:b6:bf:3d:75:00:7b:90:6f:
         b9:54:4a:fe:56:55:e2:91:e9:a8:94:84:4b:12:78:f5:52:9a:
         08:dd:06:70:4c:32:e0:a0:0f:1b:10:e8:5d:1a:d4:60:d2:6a:
         41:97:fe:49:bc:81:99:4d:71:8f:0f:e5:1a:20:36:f1:65:53:
         c1:b1:a8:37
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUOXV/gFWvn4CdU1tBzxOetmS4nS8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNTA0MjUxMDQ2MzNaFw0yNTA0MjgyMjA0MzNaMDMxMTAvBgNV
BAMTKEUxOTA1NTU0NDc5QTk5MTQzQkEwRTg2Nzc4QTJFODYwMkY0RjFERTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCTrZCtSkzsZ+7V8hFgcYdJLBx
NOmQwj1Xfywu7li32BTDwwQF4anP/bCUMwXo1cKTGv6NDUpqR+W3DWxQumgwu/8K
z0zwaxWwV10GF5FfdZzcCdow8OshPhGifzN+25DlNGIMq/J7FZBcUWTcCpqF4fq0
Z+fDX9noQKukcDAa53NzCd1XiuagGSkq3mv2b76rIgP6xkDAfWBUbFBy9S13cGYi
uH9vbWWfyHMUNRj8tEAkNthT35X29FIhQaeTdDWdwBuEJumsdTWrPbGPViRTVIR/
/sCZ2qpHuQjMVcaTUfKKhb9VmsYUf9rO5ZDJiBpMGuOWFDJdEACqy95sLClfAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU4ZBVVEeamRQ7oOhneKLoYC9PHeYwHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMwNTE3N2EtYTUwMC00OTk2LWIz
ZmYtNzBjMTQ0ZWRmZWNlLzAvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgy
QjQzREEyRjA5OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAEJKplQavdUc4Bst/Qic3xRWPYU9gxEq78i/
zwCe9DbRkwdC2ptdmE+BtwJOvmAdyfeniNwyM1vS3hpd5C6NfZb02+tO9Ycq1I19
0JkAeV17Lv9iC6gJF5iRVDmnwhPqzIyT1qV47PovME7RQ9TKqIesdhpWoPRfKAw3
NCedTIz2TEUrkQj0fs3/fafDZfUjHWa8bc04UdchvvBqcFoHxX5O2yLODN+Bcwfd
kJFbmwmIfertpx7wX0w8bfFI7wS2vz11AHuQb7lUSv5WVeKR6aiUhEsSePVSmgjd
BnBMMuCgDxsQ6F0a1GDSakGX/km8gZlNcY8P5RogNvFlU8GxqDc=
-----END CERTIFICATE-----