Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
File:                     95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft (raw, json)
Hash identifier:          DY1Is2wh2GbzDeAPeddQ4GooWN4/Q9w32DH6PKSpZv0=
Subject key identifier:   E7:6A:83:8C:F7:5B:C0:66:6C:B1:E9:C4:A7:14:59:73:A9:2C:33:8F
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       480F9940388FD58F019A09B68F2285639F3F497A
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
Manifest number:          04EA
Signing time:             Tue 17 Jun 2025 13:11:36 +0000
Manifest this update:     Tue 17 Jun 2025 13:06:36 +0000
Manifest next update:     Fri 20 Jun 2025 17:30:36 +0000
Files and hashes:         1: 34332e3234382e3231342e302f32342d3234203d3e203538343734.roa (hash: wQmGKqaa+YSiRmaLGWEMq8mJpTHj8TfVNhWMDunfL+s=)
                          2: 3130332e32382e35382e302f32342d3234203d3e203538343734.roa (hash: 2w5XwJtYHGp7kLGkRgJLESPyKEX6dzPi8sNumuXEyGY=)
                          3: 3130332e32382e35392e302f32342d3234203d3e203538343734.roa (hash: RxoBR7IgqwvZQhHoUeS2THnUjeeOMC/Li/OZd4zalVk=)
                          4: 3130332e32382e35372e302f32342d3234203d3e203538343734.roa (hash: 4gGLGsruUsTli5S71gqgaVjZ1FJbCfgz4Cb6M2Xf9S8=)
                          5: 34332e3234382e3231322e302f32342d3234203d3e203538343734.roa (hash: pg0ViMH1wjYLBratw2hvbKKsWrlS5/ljazg4HhV4YD8=)
                          6: 34332e3234382e3231352e302f32342d3234203d3e203538343734.roa (hash: hgLfhjfwIZWutgOiENx1B/1zXLdWd6NT3iL2V0hzBm0=)
                          7: 323430343a666230303a3a2f33322d3332203d3e203538343734.roa (hash: grgdG8OoUNxpOhcfTbbut/WvBOQGDavrGHNbzyqo7TA=)
                          8: 3130332e32382e35362e302f32342d3234203d3e203538343734.roa (hash: DeLSQFfELIsCBteEIe9giWzCWLH2CFola9GnxccGEcI=)
                          9: 95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl (hash: MOSh8cI/5JL3HxioC2ETAHNXOUF7j6RCSrnnDymhsXc=)
                          10: 34332e3234382e3231332e302f32342d3234203d3e203538343734.roa (hash: 1buqcEkNcpZqwU2RTb5bdnOebm4gK/rhJeTPc24TtHw=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 20 Jun 2025 17:30:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:0f:99:40:38:8f:d5:8f:01:9a:09:b6:8f:22:85:63:9f:3f:49:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Jun 17 13:06:36 2025 GMT
            Not After : Jun 20 17:30:36 2025 GMT
        Subject: CN=E76A838CF75BC0666CB1E9C4A7145973A92C338F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:f1:1e:f8:2d:b7:f5:54:7a:76:0f:c5:8e:c2:
                    39:c7:19:2b:ea:e7:58:37:77:c0:16:f7:55:d9:76:
                    e5:07:89:47:1e:8d:56:4c:0e:b5:cd:7d:c0:99:57:
                    d6:1f:6f:fc:14:2a:34:2f:c0:a9:82:2c:26:5d:e2:
                    7a:cf:c7:df:ea:55:1f:ec:89:41:2b:f2:c2:a9:82:
                    c8:41:70:56:0d:91:7b:e3:bd:4d:46:4f:20:71:6e:
                    b4:21:f2:8f:7e:92:42:7c:4e:d5:bc:c3:65:52:17:
                    18:97:46:01:65:5e:1a:ed:a2:f2:ac:8c:c1:5b:b9:
                    58:7a:cf:78:d0:04:2f:f8:6d:fb:76:e5:5a:04:7a:
                    11:fd:d4:92:dd:22:14:70:d7:69:67:0c:54:e1:72:
                    6d:6c:1a:8b:df:7a:9b:20:ae:08:91:6b:0e:8a:45:
                    77:3d:f0:79:88:53:d4:f3:7d:ab:04:de:0c:81:e1:
                    2e:c3:3a:37:08:cd:81:a4:40:b0:19:a3:57:23:a3:
                    ae:08:1f:f7:5c:7e:fa:fb:2e:72:29:25:55:3c:67:
                    bc:19:ed:e2:2a:c4:ed:b4:a4:70:24:78:84:28:4e:
                    2f:89:a9:a8:49:6a:13:f1:72:09:d4:a8:9e:0f:d5:
                    eb:44:08:88:32:2b:7b:40:45:48:44:9e:38:af:25:
                    a1:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:6A:83:8C:F7:5B:C0:66:6C:B1:E9:C4:A7:14:59:73:A9:2C:33:8F
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ca:fe:d4:b1:67:58:f7:0e:d2:8d:63:37:1b:47:0c:e8:1a:a7:
         9b:ee:ab:97:a6:86:90:40:79:9e:38:1b:ab:66:a2:35:57:cc:
         c6:74:75:32:20:1c:32:d5:ae:4c:e3:a8:aa:f2:da:a2:c8:ac:
         2e:4b:9e:e4:7e:1c:d6:4e:9b:31:9d:a1:d7:92:37:e0:45:0c:
         17:d6:b4:eb:c0:f2:7e:88:11:7e:6f:2f:2a:fc:5a:ba:6f:67:
         6d:df:0e:e0:51:0c:7f:17:cc:d6:4e:65:6d:7e:10:04:5c:30:
         0e:c2:76:58:eb:6e:4e:98:c1:f5:4d:81:39:6f:da:de:14:77:
         81:75:31:8e:f7:08:5c:4d:4e:80:66:8c:fe:4f:71:a5:b7:c4:
         25:10:a5:a9:4a:58:3d:e9:fd:21:2e:5b:bb:67:a5:4c:2a:6b:
         71:f9:1e:9e:29:71:2e:ad:bc:f4:f5:2e:67:62:f1:9c:86:01:
         9f:29:b6:18:f8:ac:79:5a:34:83:59:ff:c9:0d:32:15:bf:2e:
         5f:f9:63:e5:19:2e:9a:ae:2e:d2:86:3b:8a:1e:ef:24:c8:e2:
         43:0c:cb:18:4b:bf:02:03:c0:34:fa:9b:3c:cd:eb:e6:bc:47:
         29:fb:80:75:1e:49:76:f0:d0:73:7c:2b:2a:62:59:c0:fe:e9:
         b5:fa:13:4c
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUSA+ZQDiP1Y8Bmgm2jyKFY58/SXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNTA2MTcxMzA2MzZaFw0yNTA2MjAxNzMwMzZaMDMxMTAvBgNV
BAMTKEU3NkE4MzhDRjc1QkMwNjY2Q0IxRTlDNEE3MTQ1OTczQTkyQzMzOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT8R74Lbf1VHp2D8WOwjnHGSvq
51g3d8AW91XZduUHiUcejVZMDrXNfcCZV9Yfb/wUKjQvwKmCLCZd4nrPx9/qVR/s
iUEr8sKpgshBcFYNkXvjvU1GTyBxbrQh8o9+kkJ8TtW8w2VSFxiXRgFlXhrtovKs
jMFbuVh6z3jQBC/4bft25VoEehH91JLdIhRw12lnDFThcm1sGovfepsgrgiRaw6K
RXc98HmIU9TzfasE3gyB4S7DOjcIzYGkQLAZo1cjo64IH/dcfvr7LnIpJVU8Z7wZ
7eIqxO20pHAkeIQoTi+JqahJahPxcgnUqJ4P1etECIgyK3tARUhEnjivJaHTAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU52qDjPdbwGZssenEpxRZc6ksM48wHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMwNTE3N2EtYTUwMC00OTk2LWIz
ZmYtNzBjMTQ0ZWRmZWNlLzAvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgy
QjQzREEyRjA5OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAMr+1LFnWPcO0o1jNxtHDOgap5vuq5emhpBA
eZ44G6tmojVXzMZ0dTIgHDLVrkzjqKry2qLIrC5LnuR+HNZOmzGdodeSN+BFDBfW
tOvA8n6IEX5vLyr8WrpvZ23fDuBRDH8XzNZOZW1+EARcMA7Cdljrbk6YwfVNgTlv
2t4Ud4F1MY73CFxNToBmjP5PcaW3xCUQpalKWD3p/SEuW7tnpUwqa3H5Hp4pcS6t
vPT1Lmdi8ZyGAZ8pthj4rHlaNINZ/8kNMhW/Ll/5Y+UZLpquLtKGO4oe7yTI4kMM
yxhLvwIDwDT6mzzN6+a8Ryn7gHUeSXbw0HN8KypiWcD+6bX6E0w=
-----END CERTIFICATE-----