Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
File:                     B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft (raw, json)
Hash identifier:          1mEwc4XLJ2nFriUrVXkT3TmE683upQf/bwbq5RPwlvE=
Subject key identifier:   EA:5A:65:E1:EB:1C:44:C6:3A:68:2E:11:D3:6C:B0:1A:CD:8B:CB:A6
Authority key identifier: B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1
Certificate issuer:       /CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
Certificate serial:       73A44B56960CF58B474CE3F6B02B62003158E9A6
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
Manifest number:          02FD
Signing time:             Sat 18 Apr 2026 13:52:09 +0000
Manifest this update:     Sat 18 Apr 2026 13:47:09 +0000
Manifest next update:     Tue 21 Apr 2026 22:26:09 +0000
Files and hashes:         1: 3132322e3230302e3134342e302f32312d3234203d3e203338313438.roa (hash: q36ZaNZnng4e3YSesfRm7Xhg/e4wHbxv2r58SbE/Hyw=)
                          2: 323430313a396230303a3a2f33322d3438203d3e203338313438.roa (hash: KdtiKUAOdh5Pdj0OkOpsBFHlVClUvcCXmF1ngZraMiI=)
                          3: 3130332e33302e3232302e302f32342d3234203d3e203338313438.roa (hash: o3fKHuVWFD6jkUIoyhNcY5O2uYQKepNEkJqsRTcT0Zs=)
                          4: B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl (hash: k8VOYu2vkGDgG9DlM05vBwIPBwU6ey5dvvNB3vr33Tk=)
                          5: 3130332e33302e3232332e302f32342d3234203d3e203338313438.roa (hash: Oz3xD+pukxgYWpnFQL+j6A86Gc4jUZiZu2sP1l7btM0=)
                          6: 3130332e33302e3232302e302f32322d3233203d3e203338313438.roa (hash: dip5cfpPOxv7j5avMlkj27CtA1ffgVlncphql09alQk=)
                          7: 3130332e33302e3232312e302f32342d3234203d3e203338313438.roa (hash: 7jwgwmu5p9Vx0nJtBBICc1jR6TLu2T+YBURAKlHLhFY=)
                          8: 3130332e33302e3232322e302f32342d3234203d3e203338313438.roa (hash: +SJaFJQyqBdRsoSnVqf1c6YDNbR+iItpuCQMYo/GJwM=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl
                          rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 21 Apr 2026 20:42:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:a4:4b:56:96:0c:f5:8b:47:4c:e3:f6:b0:2b:62:00:31:58:e9:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1
        Validity
            Not Before: Apr 18 13:47:09 2026 GMT
            Not After : Apr 21 22:26:09 2026 GMT
        Subject: CN=EA5A65E1EB1C44C63A682E11D36CB01ACD8BCBA6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:ad:12:9b:30:07:eb:f9:fc:22:75:0f:a1:68:
                    ed:da:c8:57:6f:b8:70:1d:17:de:9f:be:c9:5c:f4:
                    07:9e:a7:f5:a4:9f:70:a6:6c:ba:29:1c:e3:d9:89:
                    ea:96:44:35:d5:b5:24:09:73:96:0e:e9:5c:96:e0:
                    51:32:a2:64:1b:64:a9:33:b8:fb:f7:c5:60:0e:74:
                    bd:3a:c6:0a:7c:47:f0:80:26:42:cd:c1:49:c2:d9:
                    62:73:83:29:86:6f:4a:af:71:c4:f7:87:c5:89:df:
                    16:14:da:b2:43:c8:1d:46:be:04:34:55:8c:7d:23:
                    75:5f:64:44:82:cf:c2:55:56:c9:0e:e0:2d:c4:76:
                    b1:94:22:8c:53:21:6a:8b:f1:f8:21:1b:89:c3:c0:
                    ef:45:13:72:5d:13:ef:7b:21:a3:fe:62:05:55:c0:
                    8b:ab:5e:96:f7:2f:07:9e:cf:41:a8:1d:6c:17:60:
                    ad:17:be:02:36:87:20:48:8e:2d:2e:36:19:3a:5c:
                    cf:5f:f3:3e:e2:a3:9e:48:29:57:28:60:11:92:64:
                    2b:7f:d2:fc:c0:1d:66:e7:1f:df:ef:c0:fe:85:70:
                    74:bc:4d:74:92:ff:9a:e2:f8:a5:13:55:6d:3f:1b:
                    f0:7d:df:fc:cd:ba:df:a8:c7:97:9d:5d:a5:28:22:
                    9f:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:5A:65:E1:EB:1C:44:C6:3A:68:2E:11:D3:6C:B0:1A:CD:8B:CB:A6
            X509v3 Authority Key Identifier:
                keyid:B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:30:61:9b:eb:ba:4b:bb:6f:ff:ed:3b:2e:2d:0f:f5:ff:51:
         a3:37:c9:3d:85:7b:ef:70:e2:d7:2d:12:64:af:b9:4f:ab:ce:
         fc:9e:a0:2a:fd:2e:8f:d6:24:27:a0:4b:89:9b:72:45:09:48:
         38:cd:c3:98:34:02:2d:e8:f4:ad:63:2a:5e:4b:11:97:b7:97:
         13:bd:13:eb:b7:f1:05:cc:d6:23:fc:56:6d:b8:0f:7f:2d:bc:
         1c:53:0e:ff:2a:c9:2e:c3:da:f8:99:a4:0f:33:c8:b7:28:fa:
         7a:d6:f1:78:9a:29:b2:38:2c:34:3a:ed:5b:90:75:5a:a7:e4:
         52:f0:2d:d6:25:92:e6:04:90:3c:de:fb:7b:52:de:c3:2e:43:
         01:43:b9:f4:6b:5f:45:d5:8d:eb:c7:cf:fc:d1:7b:c4:53:62:
         5d:6b:f3:57:df:d2:f6:2c:9e:ac:50:e7:20:7e:bd:bd:9d:32:
         54:25:0e:9c:a4:11:43:dd:88:f8:be:fa:4b:1d:19:ac:23:d7:
         8e:6b:ce:11:4e:4d:cf:e0:7d:eb:9a:f8:51:de:3f:57:ac:49:
         68:f3:77:81:47:68:7b:84:04:d0:83:da:8b:de:74:32:62:ce:
         2c:a0:b8:3c:d1:db:c1:c9:f0:ad:8c:26:5d:e8:3d:a6:55:9d:
         3a:ee:96:23
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUc6RLVpYM9YtHTOP2sCtiADFY6aYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEw
RUIzODRFMTAeFw0yNjA0MTgxMzQ3MDlaFw0yNjA0MjEyMjI2MDlaMDMxMTAvBgNV
BAMTKEVBNUE2NUUxRUIxQzQ0QzYzQTY4MkUxMUQzNkNCMDFBQ0Q4QkNCQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGrRKbMAfr+fwidQ+haO3ayFdv
uHAdF96fvslc9Aeep/Wkn3CmbLopHOPZieqWRDXVtSQJc5YO6VyW4FEyomQbZKkz
uPv3xWAOdL06xgp8R/CAJkLNwUnC2WJzgymGb0qvccT3h8WJ3xYU2rJDyB1GvgQ0
VYx9I3VfZESCz8JVVskO4C3EdrGUIoxTIWqL8fghG4nDwO9FE3JdE+97IaP+YgVV
wIurXpb3Lweez0GoHWwXYK0XvgI2hyBIji0uNhk6XM9f8z7io55IKVcoYBGSZCt/
0vzAHWbnH9/vwP6FcHS8TXSS/5ri+KUTVW0/G/B93/zNut+ox5edXaUoIp+BAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU6lpl4escRMY6aC4R02ywGs2Ly6YwHwYDVR0j
BBgwFoAUuSHaq7hJSd3CUA1PCm2T+g6zhOEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
NTkyYzI3NC0xMWRiLTQxMjctYmFiYi1hZWFlOTkyODRiMDAvMC9COTIxREFBQkI4
NDk0OUREQzI1MDBENEYwQTZEOTNGQTBFQjM4NEUxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEwRUIz
ODRFMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTU5MmMyNzQtMTFkYi00MTI3LWJh
YmItYWVhZTk5Mjg0YjAwLzAvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkz
RkEwRUIzODRFMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAKIwYZvruku7b//tOy4tD/X/UaM3yT2Fe+9w
4tctEmSvuU+rzvyeoCr9Lo/WJCegS4mbckUJSDjNw5g0Ai3o9K1jKl5LEZe3lxO9
E+u38QXM1iP8Vm24D38tvBxTDv8qyS7D2viZpA8zyLco+nrW8XiaKbI4LDQ67VuQ
dVqn5FLwLdYlkuYEkDze+3tS3sMuQwFDufRrX0XVjevHz/zRe8RTYl1r81ff0vYs
nqxQ5yB+vb2dMlQlDpykEUPdiPi++ksdGawj145rzhFOTc/gfeua+FHeP1esSWjz
d4FHaHuEBNCD2ovedDJiziyguDzR28HJ8K2MJl3oPaZVnTruliM=
-----END CERTIFICATE-----