Manifest

$ rpki-client -vvf rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.mft
File:                     3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.mft (raw, json)
Hash identifier:          DWZm+tgTs0qEK1WBQJqRADtAz0cuAQHcE1mkDLrJSI8=
Subject key identifier:   FF:CE:B2:47:F4:10:2A:45:99:C0:F2:91:22:A4:9F:34:51:37:DA:74
Authority key identifier: 3D:5A:1B:2B:6D:E4:87:DB:B9:5C:EE:51:47:5E:26:56:F1:E9:BF:85
Certificate issuer:       /CN=3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85
Certificate serial:       27DD111375B600A332518D907434A251C527AAAB
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.mft
Manifest number:          0205
Signing time:             Sat 26 Apr 2025 17:23:33 +0000
Manifest this update:     Sat 26 Apr 2025 17:18:33 +0000
Manifest next update:     Sun 27 Apr 2025 19:04:33 +0000
Files and hashes:         1: 323830343a343863633a3a2f33322d3336203d3e20323637313435.roa (hash: NSwKuhbVlfit/GeKv12qgi1Nx7DDA7JtYsEpX7CmB8w=)
                          2: 34352e3233302e32382e302f32322d3234203d3e20323637313435.roa (hash: e3gDh30bCFxyxSG6XiET0YR4C4e+fAFmToi+8txavoA=)
                          3: 3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.crl (hash: K5eoyZ/XK3+R2A2INY5RmUrUGJvPjtcLw5GLfjBbGBY=)
                          4: 323830343a343863633a3a2f33322d3332203d3e20323637313435.roa (hash: HNupAxl8oMElAlMIADjTG2BvnPU5Tc59G7TgMyPX9Ao=)
                          5: 34352e3233302e32382e302f32332d3233203d3e20323637313435.roa (hash: u/lhR3CHoa7v3eJgTqrpENVDe1bNzDUZyrTvS8ROing=)
                          6: 34352e3233302e33302e302f32332d3233203d3e20323637313435.roa (hash: 8mq7LAyV4zpphQCT6aJXBf9deHUkCKF3FjC0r+TIX70=)
                          7: 34352e3233302e32382e302f32322d3232203d3e20323637313435.roa (hash: 58Lh0C2pZjsNmVclMzYtj4STKQIjyU4p9tAosH1A1Vk=)

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.crl
                          rsync://rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 27 Apr 2025 19:04:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:dd:11:13:75:b6:00:a3:32:51:8d:90:74:34:a2:51:c5:27:aa:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85
        Validity
            Not Before: Apr 26 17:18:33 2025 GMT
            Not After : Apr 27 19:04:33 2025 GMT
        Subject: CN=FFCEB247F4102A4599C0F29122A49F345137DA74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:06:79:18:de:25:79:cf:33:6f:85:17:06:54:
                    7e:2d:47:dc:e1:7d:8e:73:09:67:87:bf:d2:48:3f:
                    c0:a7:e0:09:98:d4:6e:2f:c1:21:88:f0:a9:1e:3b:
                    36:5b:4d:ee:0d:f8:8f:51:bf:6f:0e:c7:ba:e6:ef:
                    de:84:ac:27:d7:15:ff:54:6b:ee:eb:26:f1:25:a2:
                    b6:52:59:3d:8c:37:d9:b0:bb:52:13:b9:e0:20:f8:
                    b0:5b:69:f0:e0:94:ba:58:36:24:5a:1d:da:e0:51:
                    73:60:d9:d6:e8:e4:0e:c8:0d:87:04:4e:bd:c9:b1:
                    80:f4:43:63:ca:08:97:b6:7f:6a:ef:47:1e:79:ca:
                    9b:81:83:2e:79:68:89:8d:c5:df:7b:85:d4:c6:88:
                    0a:7f:2a:62:23:94:4a:d1:0f:db:5b:ae:ed:88:6d:
                    02:f2:60:59:95:a1:77:02:fb:ce:ad:97:a4:38:c7:
                    ec:de:d2:8e:fc:4b:a1:4a:d6:f9:d5:c6:a0:9e:96:
                    fe:1d:59:8f:90:03:6d:60:e9:e6:cf:f1:6b:44:63:
                    7e:22:55:a6:10:6e:c3:80:5e:86:03:4f:c5:da:76:
                    6a:23:03:2b:27:0f:10:fa:f5:0f:75:44:b8:88:83:
                    83:23:99:e6:94:d6:19:58:e0:79:14:da:07:0f:6b:
                    bb:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:CE:B2:47:F4:10:2A:45:99:C0:F2:91:22:A4:9F:34:51:37:DA:74
            X509v3 Authority Key Identifier:
                keyid:3D:5A:1B:2B:6D:E4:87:DB:B9:5C:EE:51:47:5E:26:56:F1:E9:BF:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e1:23:a4:2b:ee:a9:a1:b8:17:ab:ea:a2:f7:fe:c1:92:38:50:
         9c:80:c5:9e:01:0f:47:0e:e2:be:d8:44:0e:a6:5d:f0:38:3e:
         d8:e2:40:61:cf:47:c1:54:29:c6:f5:bd:81:3d:0e:c3:51:77:
         20:4b:e6:28:84:71:68:29:54:a8:2b:24:56:65:b1:de:56:c2:
         c6:29:ac:7a:5b:e6:82:52:1e:85:a6:ce:85:e3:ee:ce:07:34:
         b9:d8:8f:bd:d5:09:0c:21:9b:f2:67:67:1e:c5:a7:a6:3c:f4:
         33:f8:b8:67:b8:7e:0c:76:5d:d5:93:31:ff:a4:ef:05:81:ed:
         ef:60:f3:3c:0e:46:01:d7:79:76:90:bb:7f:70:76:97:f5:43:
         0b:51:f9:ac:ea:64:56:e1:35:d1:79:f1:66:4f:2b:10:85:a8:
         e5:ea:6f:41:ef:93:85:97:74:ad:e5:d1:f4:30:f2:09:c7:25:
         19:d8:45:a4:27:b2:24:bb:e0:75:dd:e5:a3:a8:4e:d3:bc:bc:
         0f:b3:eb:7a:35:85:b1:3c:1e:c6:56:86:d6:53:3f:e5:11:9a:
         ff:03:5b:5e:ab:e5:b2:50:15:75:05:fe:a9:ad:36:f0:38:ff:
         c1:54:0a:8e:a1:71:36:a4:24:d4:05:d1:35:bc:7f:3a:26:37:
         d0:4c:c0:a5
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIUJ90RE3W2AKMyUY2QdDSiUcUnqqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Q1QTFCMkI2REU0ODdEQkI5NUNFRTUxNDc1RTI2NTZG
MUU5QkY4NTAeFw0yNTA0MjYxNzE4MzNaFw0yNTA0MjcxOTA0MzNaMDMxMTAvBgNV
BAMTKEZGQ0VCMjQ3RjQxMDJBNDU5OUMwRjI5MTIyQTQ5RjM0NTEzN0RBNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZBnkY3iV5zzNvhRcGVH4tR9zh
fY5zCWeHv9JIP8Cn4AmY1G4vwSGI8KkeOzZbTe4N+I9Rv28Ox7rm796ErCfXFf9U
a+7rJvElorZSWT2MN9mwu1ITueAg+LBbafDglLpYNiRaHdrgUXNg2dbo5A7IDYcE
Tr3JsYD0Q2PKCJe2f2rvRx55ypuBgy55aImNxd97hdTGiAp/KmIjlErRD9tbru2I
bQLyYFmVoXcC+86tl6Q4x+ze0o78S6FK1vnVxqCelv4dWY+QA21g6ebP8WtEY34i
VaYQbsOAXoYDT8XadmojAysnDxD69Q91RLiIg4MjmeaU1hlY4HkU2gcPa7t1AgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQU/86yR/QQKkWZwPKRIqSfNFE32nQwHwYDVR0j
BBgwFoAUPVobK23kh9u5XO5RR14mVvHpv4UwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vREppNUQzRk1iVzFrTldDdE5NZXBiMmkxRm9acEhQSm50ZkJvTUtzTk5q
Y0ovMS8zRDVBMUIyQjZERTQ4N0RCQjk1Q0VFNTE0NzVFMjY1NkYxRTlCRjg1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzNENUExQjJCNkRFNDg3REJC
OTVDRUU1MTQ3NUUyNjU2RjFFOUJGODUuY2VyMIGdBggrBgEFBQcBCwSBkDCBjTCB
igYIKwYBBQUHMAuGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJyL3JlcG8v
REppNUQzRk1iVzFrTldDdE5NZXBiMmkxRm9acEhQSm50ZkJvTUtzTk5qY0ovMS8z
RDVBMUIyQjZERTQ4N0RCQjk1Q0VFNTE0NzVFMjY1NkYxRTlCRjg1Lm1mdDAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUA
MAYEAgACBQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOC
AQEA4SOkK+6pobgXq+qi9/7BkjhQnIDFngEPRw7ivthEDqZd8Dg+2OJAYc9HwVQp
xvW9gT0Ow1F3IEvmKIRxaClUqCskVmWx3lbCximselvmglIehabOhePuzgc0udiP
vdUJDCGb8mdnHsWnpjz0M/i4Z7h+DHZd1ZMx/6TvBYHt72DzPA5GAdd5dpC7f3B2
l/VDC1H5rOpkVuE10XnxZk8rEIWo5epvQe+ThZd0reXR9DDyCcclGdhFpCeyJLvg
dd3lo6hO07y8D7PrejWFsTwexlaG1lM/5RGa/wNbXqvlslAVdQX+qa028Dj/wVQK
jqFxNqQk1AXRNbx/OiY30EzApQ==
-----END CERTIFICATE-----