Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
File:                     95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft (raw, json)
Hash identifier:          z+HuPEFlDwrdSWMrfNFxKKCu7wzsbZCSWFRao/VBlko=
Subject key identifier:   BD:8C:0C:AD:F0:79:03:2B:AF:F6:62:46:57:99:2B:EC:0D:22:1B:64
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       0C88301E0189C8DD66E6FC5062D482DEDD7F5438
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
Manifest number:          0572
Signing time:             Sat 18 Apr 2026 03:11:51 +0000
Manifest this update:     Sat 18 Apr 2026 03:06:51 +0000
Manifest next update:     Tue 21 Apr 2026 09:30:51 +0000
Files and hashes:         1: 34332e3234382e3231342e302f32342d3234203d3e203538343734.roa (hash: KABMcwwuj0PcVg0DF+2S7mT8pkOrI1Q8USpOkuuxMXI=)
                          2: 34332e3234382e3231352e302f32342d3234203d3e203538343734.roa (hash: 2rfcy4tUpo7HgU2cGwZC6pQYZQAR7WSsi/1k28TkJlU=)
                          3: 323430343a666230303a3a2f33322d3332203d3e203538343734.roa (hash: T0GxcffUorQqKvKWvoQBmwT56g/pt1WC0GNCeIbnIXI=)
                          4: 95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl (hash: T3iGfyuTw30pbNMx/z6tE2FPgxFFZjGRyxiHqpv0UnA=)
                          5: 3130332e32382e35362e302f32342d3234203d3e203538343734.roa (hash: lS8odvouHADOZvGcEIZX6cESZX3v05ZwGGbLJRnmmPg=)
                          6: 3130332e32382e35392e302f32342d3234203d3e203538343734.roa (hash: GggD4UAIQuJ2Ici9kI1FCxhBRH2erQ0+Zgb75d0bwAQ=)
                          7: 3130332e32382e35372e302f32342d3234203d3e203538343734.roa (hash: RKuA2CS77/iBc1MhX2FD3Oj8MLTo/sw4r4vfbH4WpPI=)
                          8: 34332e3234382e3231332e302f32342d3234203d3e203538343734.roa (hash: I3OA1TXXrn7Ho4Bbdaoik2HHmIJMRdT3vdvqOadCgWc=)
                          9: 3130332e32382e35382e302f32342d3234203d3e203538343734.roa (hash: SVVnOcpEzNW3GyvGQSrBzvX2ix4zPecYqTfJmTpW5Ek=)
                          10: 34332e3234382e3231322e302f32342d3234203d3e203538343734.roa (hash: lJiN/1jPk6sVzBu+b+dWtXwNwMFWgXWbUliAdUar1AU=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 21 Apr 2026 09:30:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:88:30:1e:01:89:c8:dd:66:e6:fc:50:62:d4:82:de:dd:7f:54:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Apr 18 03:06:51 2026 GMT
            Not After : Apr 21 09:30:51 2026 GMT
        Subject: CN=BD8C0CADF079032BAFF6624657992BEC0D221B64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:9b:f6:2c:46:07:ae:c2:62:af:61:24:8a:f1:
                    2a:84:aa:a1:1e:97:74:1c:af:d7:e9:1a:1c:94:2d:
                    b4:3a:53:64:64:60:35:7f:c8:90:74:6b:48:65:b9:
                    60:8d:5e:9c:e5:bb:06:e6:7d:72:f6:8c:6d:57:a9:
                    d7:e2:87:f9:36:47:af:a2:83:36:98:b8:85:61:86:
                    2a:0d:8f:a8:68:0f:6b:cb:a1:b5:b3:75:35:0c:e0:
                    76:82:fb:54:70:07:5f:9b:ad:7f:27:68:d9:97:22:
                    20:84:59:fa:08:4f:f2:1c:9d:07:47:3b:44:96:d4:
                    3f:e3:3a:c2:25:69:0e:e7:a9:b0:c4:e4:b2:ae:8c:
                    4f:38:fd:b7:3b:a9:e2:f3:c7:12:aa:1d:72:7c:b3:
                    86:e2:f1:93:10:a5:0b:e2:66:3f:7c:11:d0:3c:07:
                    f0:2b:aa:63:87:23:b8:5e:00:3d:9f:e9:bf:af:be:
                    86:94:06:be:99:9f:b9:bb:31:4f:e0:f2:7b:2f:98:
                    b0:3c:f5:6a:a3:89:69:2d:24:21:3e:37:70:a0:13:
                    34:1b:04:2f:57:05:14:b3:d9:f9:5b:1d:8a:0e:39:
                    f9:e2:e8:c7:de:ec:40:a5:a0:8c:25:7d:64:e6:6a:
                    26:2d:38:41:82:3d:b3:db:ea:27:a7:dc:87:aa:56:
                    0c:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:8C:0C:AD:F0:79:03:2B:AF:F6:62:46:57:99:2B:EC:0D:22:1B:64
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:d2:a4:e3:9b:2f:f6:e6:b1:ce:a7:ca:e8:97:05:d9:da:c3:
         4b:74:1d:d0:4c:4b:ba:d3:8d:35:a2:65:ef:c1:98:e7:9e:22:
         f3:73:0b:a2:7e:b5:1a:7a:28:73:c3:f0:80:6c:aa:0c:05:90:
         bb:f6:f8:26:c0:c4:1d:f1:b9:1c:ab:cb:81:8e:a6:86:86:eb:
         75:34:5e:54:2e:c9:99:8b:97:e6:93:29:1f:f6:a9:74:40:14:
         14:66:cb:ff:30:bc:24:fc:92:d9:57:e4:3f:0a:e7:74:fc:52:
         99:40:af:36:69:75:2d:5d:c1:7a:61:56:e5:4e:2b:b6:46:37:
         6e:a3:ac:b0:05:2a:04:68:5c:1e:4c:b8:32:07:c9:74:ea:82:
         75:f1:d0:fb:34:99:b5:16:79:db:41:64:55:7a:9b:7b:89:d8:
         af:1e:32:d4:42:40:a7:b1:06:60:ca:d9:13:98:51:d3:4d:7c:
         bd:a4:0a:60:00:ba:9d:dc:84:b4:8c:db:31:fa:2a:d0:1c:57:
         11:56:ca:a1:6a:df:82:a7:de:3d:2d:4b:03:32:b6:9c:6e:43:
         24:01:a7:b9:66:64:47:a1:70:ce:c1:b0:fe:49:0d:c9:44:94:
         5a:ab:fa:d2:ec:3f:25:43:c2:53:d6:d3:69:c0:87:d0:b0:1c:
         d1:38:29:b5
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUDIgwHgGJyN1m5vxQYtSC3t1/VDgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNjA0MTgwMzA2NTFaFw0yNjA0MjEwOTMwNTFaMDMxMTAvBgNV
BAMTKEJEOEMwQ0FERjA3OTAzMkJBRkY2NjI0NjU3OTkyQkVDMEQyMjFCNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpm/YsRgeuwmKvYSSK8SqEqqEe
l3Qcr9fpGhyULbQ6U2RkYDV/yJB0a0hluWCNXpzluwbmfXL2jG1Xqdfih/k2R6+i
gzaYuIVhhioNj6hoD2vLobWzdTUM4HaC+1RwB1+brX8naNmXIiCEWfoIT/IcnQdH
O0SW1D/jOsIlaQ7nqbDE5LKujE84/bc7qeLzxxKqHXJ8s4bi8ZMQpQviZj98EdA8
B/ArqmOHI7heAD2f6b+vvoaUBr6Zn7m7MU/g8nsvmLA89WqjiWktJCE+N3CgEzQb
BC9XBRSz2flbHYoOOfni6Mfe7ECloIwlfWTmaiYtOEGCPbPb6ien3IeqVgypAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUvYwMrfB5Ayuv9mJGV5kr7A0iG2QwHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMwNTE3N2EtYTUwMC00OTk2LWIz
ZmYtNzBjMTQ0ZWRmZWNlLzAvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgy
QjQzREEyRjA5OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBABHSpOObL/bmsc6nyuiXBdnaw0t0HdBMS7rT
jTWiZe/BmOeeIvNzC6J+tRp6KHPD8IBsqgwFkLv2+CbAxB3xuRyry4GOpoaG63U0
XlQuyZmLl+aTKR/2qXRAFBRmy/8wvCT8ktlX5D8K53T8UplArzZpdS1dwXphVuVO
K7ZGN26jrLAFKgRoXB5MuDIHyXTqgnXx0Ps0mbUWedtBZFV6m3uJ2K8eMtRCQKex
BmDK2ROYUdNNfL2kCmAAup3chLSM2zH6KtAcVxFWyqFq34Kn3j0tSwMytpxuQyQB
p7lmZEehcM7BsP5JDclElFqr+tLsPyVDwlPW02nAh9CwHNE4KbU=
-----END CERTIFICATE-----