Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
File:                     95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft (raw, json)
Hash identifier:          3uwn/NJ8Ms+OUiFhM+kJrzHsDG3ZpKRr2mTqY6NXAZg=
Subject key identifier:   23:11:83:B4:46:30:DD:91:C4:F7:B2:3E:4A:AD:4E:A6:AE:90:7B:1A
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       4051C85E86A19413FF33D02A42B581FDC93CD8AB
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
Manifest number:          0528
Signing time:             Sun 02 Nov 2025 07:41:38 +0000
Manifest this update:     Sun 02 Nov 2025 07:36:38 +0000
Manifest next update:     Wed 05 Nov 2025 07:48:38 +0000
Files and hashes:         1: 34332e3234382e3231342e302f32342d3234203d3e203538343734.roa (hash: KABMcwwuj0PcVg0DF+2S7mT8pkOrI1Q8USpOkuuxMXI=)
                          2: 3130332e32382e35362e302f32342d3234203d3e203538343734.roa (hash: lS8odvouHADOZvGcEIZX6cESZX3v05ZwGGbLJRnmmPg=)
                          3: 323430343a666230303a3a2f33322d3332203d3e203538343734.roa (hash: T0GxcffUorQqKvKWvoQBmwT56g/pt1WC0GNCeIbnIXI=)
                          4: 3130332e32382e35382e302f32342d3234203d3e203538343734.roa (hash: SVVnOcpEzNW3GyvGQSrBzvX2ix4zPecYqTfJmTpW5Ek=)
                          5: 34332e3234382e3231352e302f32342d3234203d3e203538343734.roa (hash: 2rfcy4tUpo7HgU2cGwZC6pQYZQAR7WSsi/1k28TkJlU=)
                          6: 95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl (hash: JoUevlOQ4DQXgtTUYB2ddtQMxJnfV122hfjNCDxg7qA=)
                          7: 3130332e32382e35372e302f32342d3234203d3e203538343734.roa (hash: RKuA2CS77/iBc1MhX2FD3Oj8MLTo/sw4r4vfbH4WpPI=)
                          8: 34332e3234382e3231332e302f32342d3234203d3e203538343734.roa (hash: I3OA1TXXrn7Ho4Bbdaoik2HHmIJMRdT3vdvqOadCgWc=)
                          9: 34332e3234382e3231322e302f32342d3234203d3e203538343734.roa (hash: lJiN/1jPk6sVzBu+b+dWtXwNwMFWgXWbUliAdUar1AU=)
                          10: 3130332e32382e35392e302f32342d3234203d3e203538343734.roa (hash: GggD4UAIQuJ2Ici9kI1FCxhBRH2erQ0+Zgb75d0bwAQ=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 05 Nov 2025 07:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:51:c8:5e:86:a1:94:13:ff:33:d0:2a:42:b5:81:fd:c9:3c:d8:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Nov  2 07:36:38 2025 GMT
            Not After : Nov  5 07:48:38 2025 GMT
        Subject: CN=231183B44630DD91C4F7B23E4AAD4EA6AE907B1A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:33:84:34:3b:8e:d8:bd:3e:c6:dd:5c:00:5e:
                    dc:ae:22:36:59:17:9f:c2:a6:59:a0:ee:f2:75:9b:
                    60:26:11:ec:8f:9b:84:6d:b1:c2:e5:05:6c:2a:95:
                    01:80:46:fd:2e:c4:da:24:96:5a:7f:39:4b:1c:68:
                    29:8c:be:8e:35:3e:5e:de:bc:3a:cf:24:b0:df:26:
                    b9:53:bc:be:2e:08:31:b7:24:58:b0:84:f9:b5:d3:
                    56:0a:74:41:ca:aa:f2:f2:fa:ee:1c:73:f9:2b:69:
                    94:dc:9c:69:e2:a2:e5:f2:9e:a0:b1:c3:33:e8:41:
                    d7:ed:98:b4:5b:b5:6e:9e:01:ef:24:8c:e3:34:72:
                    9b:d4:53:20:ec:ef:29:9b:e3:2b:9a:49:8f:33:15:
                    aa:e5:7d:04:42:6b:bc:d1:68:e2:76:8b:54:61:98:
                    97:29:f9:d8:fb:fa:90:83:24:e2:fa:c6:af:06:46:
                    34:11:65:9c:28:e7:d1:02:71:13:2f:8c:c0:7b:39:
                    0f:e6:e2:df:6f:9a:f8:de:e7:dc:ea:a8:37:f7:73:
                    19:1c:63:c9:39:39:02:28:1f:61:39:6a:64:b1:ce:
                    00:ac:f1:60:2c:02:4b:56:13:03:36:80:0a:8f:28:
                    c6:49:d2:e2:c9:60:02:16:85:35:70:30:85:22:13:
                    56:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:11:83:B4:46:30:DD:91:C4:F7:B2:3E:4A:AD:4E:A6:AE:90:7B:1A
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:89:30:8c:d1:4b:2e:df:bd:13:1b:bf:92:38:fe:59:04:34:
         f2:e3:41:32:3f:cf:22:e2:db:b4:ef:80:77:5d:89:ed:df:4d:
         e2:9e:88:8f:a2:95:b7:62:22:17:c0:c2:d3:8d:c0:cc:d0:ff:
         38:05:35:75:93:82:e6:2f:36:f3:78:4c:53:90:60:07:61:8c:
         ce:11:55:73:dc:94:3b:90:de:31:58:70:f7:37:da:c7:a1:42:
         85:90:f0:64:a3:5c:2e:f2:c5:11:0b:ef:4f:7d:c5:fd:34:75:
         ad:e6:91:25:53:7a:04:cb:30:42:99:c0:94:9d:2f:f6:1a:61:
         6a:ca:ef:e1:16:44:21:ef:ad:30:34:d4:02:36:ef:2e:ef:c0:
         28:ed:d9:a9:1b:c4:e1:fd:bd:7e:e4:40:11:0e:d5:57:ef:92:
         00:cb:cc:de:0f:af:af:91:52:33:7b:2f:42:61:b8:ee:8c:98:
         35:77:81:0a:de:6b:59:4f:7d:d9:b5:24:74:3a:68:5d:d6:ce:
         3c:6b:29:3c:24:47:17:b6:dd:7b:1e:43:16:ca:e8:e5:a7:a9:
         e2:46:94:06:0f:c4:5d:46:a9:61:19:05:ee:7e:4b:f1:0d:e5:
         51:7d:95:d0:2d:96:ab:14:51:b5:d3:ab:1e:42:fd:13:c8:ec:
         7f:45:d8:6e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUQFHIXoahlBP/M9AqQrWB/ck82KswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNTExMDIwNzM2MzhaFw0yNTExMDUwNzQ4MzhaMDMxMTAvBgNV
BAMTKDIzMTE4M0I0NDYzMEREOTFDNEY3QjIzRTRBQUQ0RUE2QUU5MDdCMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAM4Q0O47YvT7G3VwAXtyuIjZZ
F5/Cplmg7vJ1m2AmEeyPm4RtscLlBWwqlQGARv0uxNokllp/OUscaCmMvo41Pl7e
vDrPJLDfJrlTvL4uCDG3JFiwhPm101YKdEHKqvLy+u4cc/kraZTcnGniouXynqCx
wzPoQdftmLRbtW6eAe8kjOM0cpvUUyDs7ymb4yuaSY8zFarlfQRCa7zRaOJ2i1Rh
mJcp+dj7+pCDJOL6xq8GRjQRZZwo59ECcRMvjMB7OQ/m4t9vmvje59zqqDf3cxkc
Y8k5OQIoH2E5amSxzgCs8WAsAktWEwM2gAqPKMZJ0uLJYAIWhTVwMIUiE1Y7AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUIxGDtEYw3ZHE97I+Sq1Opq6QexowHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMwNTE3N2EtYTUwMC00OTk2LWIz
ZmYtNzBjMTQ0ZWRmZWNlLzAvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgy
QjQzREEyRjA5OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAH+JMIzRSy7fvRMbv5I4/lkENPLjQTI/zyLi
27TvgHddie3fTeKeiI+ilbdiIhfAwtONwMzQ/zgFNXWTguYvNvN4TFOQYAdhjM4R
VXPclDuQ3jFYcPc32sehQoWQ8GSjXC7yxREL7099xf00da3mkSVTegTLMEKZwJSd
L/YaYWrK7+EWRCHvrTA01AI27y7vwCjt2akbxOH9vX7kQBEO1VfvkgDLzN4Pr6+R
UjN7L0JhuO6MmDV3gQrea1lPfdm1JHQ6aF3WzjxrKTwkRxe23XseQxbK6OWnqeJG
lAYPxF1GqWEZBe5+S/EN5VF9ldAtlqsUUbXTqx5C/RPI7H9F2G4=
-----END CERTIFICATE-----