Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft
File:                     3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft (raw, json)
Hash identifier:          lvKHxV7eVDVFH9WhedEA74R+8gFNgU5thDqVri2/JMo=
Subject key identifier:   BA:F0:AC:38:27:E1:0D:33:83:7F:66:BA:00:AC:EC:AE:2D:D1:3D:3B
Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51
Certificate issuer:       /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251
Certificate serial:       4241586DDC503A1BCB9108A358F41B81ED920E69
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft
Manifest number:          0217
Signing time:             Mon 04 Aug 2025 09:22:13 +0000
Manifest this update:     Mon 04 Aug 2025 09:17:13 +0000
Manifest next update:     Thu 07 Aug 2025 17:34:13 +0000
Files and hashes:         1: 3132302e32392e3233312e302f32342d3234203d3e203338373634.roa (hash: 3zNl9QPxwFV4edQhVMCJxnLjianzmdRSes5SZUBTIJM=)
                          2: 3132302e32392e3232362e302f32342d3234203d3e203338373634.roa (hash: mysGAJlaNM3q0YL8uE3Xz1GWVqbaXG+zqdMdDsNe4Gc=)
                          3: 3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl (hash: SWf/1g2Mrci7iOmBGB/ONuMBOPrT9lWXW8cV3piZkd8=)
                          4: 3132302e32392e3233302e302f32342d3234203d3e203338373634.roa (hash: 8F55uNQoN3zi97DtY0Vq2ak+DmYZUOFPxOyq8OUlCl0=)
                          5: 3132302e32392e3232392e302f32342d3234203d3e203338373634.roa (hash: qDCFFlpgV3kLnT4aXYTKC6LV3pb8e9ELxOyK+x211n0=)
                          6: 3132302e32392e3233312e302f32342d3234203d3e203139393035.roa (hash: r2yKO3KrSmkrfjQ84qnMxwLYCnCinVawrYAR52ueF/A=)
                          7: 3132302e32392e3232362e302f32342d3234203d3e203139393035.roa (hash: 3HF7GKrMWvA2HVJvaEA0TLWlABe/FvvXdYdd308g/bM=)
                          8: 3132302e32392e3232372e302f32342d3234203d3e203338373634.roa (hash: kizpm5pMXSzgoWrppvdtyhcaCD0lO2EdJCuHJxptLZU=)
                          9: 3132302e32392e3232382e302f32342d3234203d3e203338373634.roa (hash: RPYaZow5ZwQZRWzcXVmYwaCDDEvxoHSoWyb9lPO3JzQ=)
                          10: 3132302e32392e3232352e302f32342d3234203d3e203338373634.roa (hash: iVloZrBIKi8lO+ez3IilhigHeiC4/XBak2SIy/5eYbE=)
                          11: 3132302e32392e3232392e302f32342d3234203d3e203139393035.roa (hash: VUbT8SHEyKOKmASLTaMwWEhd8ggbwmzz2pEnc4bB2PQ=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl
                          rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 07 Aug 2025 17:34:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:41:58:6d:dc:50:3a:1b:cb:91:08:a3:58:f4:1b:81:ed:92:0e:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251
        Validity
            Not Before: Aug  4 09:17:13 2025 GMT
            Not After : Aug  7 17:34:13 2025 GMT
        Subject: CN=BAF0AC3827E10D33837F66BA00ACECAE2DD13D3B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:94:6a:de:a0:70:b4:5b:4c:62:af:9a:1f:b2:
                    3e:be:dc:96:da:b0:e8:0d:43:e7:73:52:43:d7:ec:
                    2e:85:a2:bc:a2:63:32:1c:01:58:83:0b:ce:3e:c0:
                    a3:5d:54:f8:ef:bc:f0:02:f4:a0:50:15:16:03:01:
                    70:8f:c7:4a:e8:70:b2:60:f7:ab:b4:10:01:25:6e:
                    ed:44:24:11:e2:b3:a7:2b:2c:d1:f1:d0:06:ef:e4:
                    04:20:75:e3:07:d6:a5:eb:2e:e6:b3:aa:f0:83:74:
                    62:9b:63:37:ce:80:ee:0d:87:10:c2:d6:60:5f:f1:
                    da:79:8b:cc:d9:ec:82:27:c7:b8:5c:46:9e:40:c2:
                    ee:e8:be:6b:29:48:cd:a1:1e:11:9d:f5:7a:cb:fc:
                    d0:30:36:3d:6d:1b:be:c2:23:79:cd:c3:c7:f1:6a:
                    f9:2e:a5:6f:4e:e3:47:26:55:97:46:4b:8e:87:ae:
                    ef:dc:c7:91:a5:42:ab:f2:e8:bf:ac:9f:a6:c6:f7:
                    09:81:96:a6:c8:3f:4e:37:07:35:81:9b:e6:1b:db:
                    70:04:6b:37:c3:57:b1:f8:cb:5f:c5:1f:05:21:1c:
                    a5:66:14:6f:a3:81:0e:2a:b1:7a:b2:48:a1:b9:0e:
                    8e:e7:53:93:d7:bf:c7:96:0d:40:67:24:72:8d:c3:
                    7b:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:F0:AC:38:27:E1:0D:33:83:7F:66:BA:00:AC:EC:AE:2D:D1:3D:3B
            X509v3 Authority Key Identifier:
                keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:e9:9f:36:9b:6c:c3:3a:46:b1:dd:ee:15:10:bf:c8:96:f0:
         aa:b2:b5:b5:b3:1e:21:71:0d:cf:b4:e9:c3:09:76:4d:2f:d6:
         6a:7b:d7:dc:51:a5:4f:9f:78:30:bf:e1:b9:7e:01:3f:07:15:
         da:ee:89:07:a7:33:6c:f7:e9:d5:ee:47:59:29:ee:d8:c3:4d:
         ff:38:b6:07:8d:bc:11:f5:3f:1a:47:e0:11:2a:37:d1:5a:a3:
         44:29:ec:55:0b:84:17:aa:95:02:43:59:e6:fa:07:b3:32:46:
         9a:a2:81:a1:b2:b7:d5:51:76:d3:9c:04:28:3d:df:2f:5e:bb:
         c0:7d:f0:e2:7b:f9:e6:4e:1a:8d:77:6c:9b:43:b8:eb:81:b5:
         ca:64:3f:73:10:a3:4c:7a:14:1f:ea:10:cf:16:0e:b9:7b:a3:
         81:86:de:7e:cd:e4:dc:84:42:c5:b1:9b:e9:4b:36:a0:60:1a:
         f4:e9:02:2b:9f:38:bf:6b:34:23:96:94:0e:dd:c3:91:1c:45:
         dc:9b:bf:a1:8d:74:36:f0:50:4e:13:32:52:a6:a0:c5:bb:a1:
         73:f3:55:91:c7:b0:a7:fc:9b:ef:75:db:5f:f4:65:89:e7:2a:
         b8:25:e1:db:c1:b0:7c:c2:99:36:70:b3:8e:73:20:f4:6b:a2:
         32:da:3c:44
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUQkFYbdxQOhvLkQijWPQbge2SDmkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB
MzVCMDI1MTAeFw0yNTA4MDQwOTE3MTNaFw0yNTA4MDcxNzM0MTNaMDMxMTAvBgNV
BAMTKEJBRjBBQzM4MjdFMTBEMzM4MzdGNjZCQTAwQUNFQ0FFMkREMTNEM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrlGreoHC0W0xir5ofsj6+3Jba
sOgNQ+dzUkPX7C6ForyiYzIcAViDC84+wKNdVPjvvPAC9KBQFRYDAXCPx0rocLJg
96u0EAElbu1EJBHis6crLNHx0Abv5AQgdeMH1qXrLuazqvCDdGKbYzfOgO4NhxDC
1mBf8dp5i8zZ7IInx7hcRp5Awu7ovmspSM2hHhGd9XrL/NAwNj1tG77CI3nNw8fx
avkupW9O40cmVZdGS46Hru/cx5GlQqvy6L+sn6bG9wmBlqbIP043BzWBm+Yb23AE
azfDV7H4y1/FHwUhHKVmFG+jgQ4qsXqySKG5Do7nU5PXv8eWDUBnJHKNw3tdAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUuvCsOCfhDTODf2a6AKzsri3RPTswHwYDVR0j
BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz
Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC
MDI1MS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjIxYzljYWQtYzNiOS00NWEwLWJl
YjYtYmNlNDhlMmIyMjcyLzAvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1
NTdBMzVCMDI1MS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAHbpnzabbMM6RrHd7hUQv8iW8KqytbWzHiFx
Dc+06cMJdk0v1mp719xRpU+feDC/4bl+AT8HFdruiQenM2z36dXuR1kp7tjDTf84
tgeNvBH1PxpH4BEqN9Fao0Qp7FULhBeqlQJDWeb6B7MyRpqigaGyt9VRdtOcBCg9
3y9eu8B98OJ7+eZOGo13bJtDuOuBtcpkP3MQo0x6FB/qEM8WDrl7o4GG3n7N5NyE
QsWxm+lLNqBgGvTpAiufOL9rNCOWlA7dw5EcRdybv6GNdDbwUE4TMlKmoMW7oXPz
VZHHsKf8m+9121/0ZYnnKrgl4dvBsHzCmTZws45zIPRrojLaPEQ=
-----END CERTIFICATE-----
Generated at Wed Aug 6 18:25:26 2025 by rpki-client