Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
File:                     95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft (raw, json)
Hash identifier:          cnT+xqTOHy7xpn1tfGICT4o02xmq5PuEWWhhfFpOz04=
Subject key identifier:   9D:04:4C:A8:6C:DB:58:F1:A7:BB:24:79:27:90:4E:1F:ED:DC:31:87
Authority key identifier: 95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98
Certificate issuer:       /CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
Certificate serial:       0186531106D236C15B552CE3F438203A3EB54254
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
Manifest number:          055D
Signing time:             Mon 02 Mar 2026 07:01:48 +0000
Manifest this update:     Mon 02 Mar 2026 06:56:48 +0000
Manifest next update:     Thu 05 Mar 2026 16:59:48 +0000
Files and hashes:         1: 34332e3234382e3231332e302f32342d3234203d3e203538343734.roa (hash: I3OA1TXXrn7Ho4Bbdaoik2HHmIJMRdT3vdvqOadCgWc=)
                          2: 95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl (hash: 48i8YtXcmAxqiPAcnacqlYhqz8RW5v0h6hdUG8SY6q0=)
                          3: 34332e3234382e3231352e302f32342d3234203d3e203538343734.roa (hash: 2rfcy4tUpo7HgU2cGwZC6pQYZQAR7WSsi/1k28TkJlU=)
                          4: 3130332e32382e35372e302f32342d3234203d3e203538343734.roa (hash: RKuA2CS77/iBc1MhX2FD3Oj8MLTo/sw4r4vfbH4WpPI=)
                          5: 3130332e32382e35382e302f32342d3234203d3e203538343734.roa (hash: SVVnOcpEzNW3GyvGQSrBzvX2ix4zPecYqTfJmTpW5Ek=)
                          6: 34332e3234382e3231322e302f32342d3234203d3e203538343734.roa (hash: lJiN/1jPk6sVzBu+b+dWtXwNwMFWgXWbUliAdUar1AU=)
                          7: 3130332e32382e35362e302f32342d3234203d3e203538343734.roa (hash: lS8odvouHADOZvGcEIZX6cESZX3v05ZwGGbLJRnmmPg=)
                          8: 34332e3234382e3231342e302f32342d3234203d3e203538343734.roa (hash: KABMcwwuj0PcVg0DF+2S7mT8pkOrI1Q8USpOkuuxMXI=)
                          9: 3130332e32382e35392e302f32342d3234203d3e203538343734.roa (hash: GggD4UAIQuJ2Ici9kI1FCxhBRH2erQ0+Zgb75d0bwAQ=)
                          10: 323430343a666230303a3a2f33322d3332203d3e203538343734.roa (hash: T0GxcffUorQqKvKWvoQBmwT56g/pt1WC0GNCeIbnIXI=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl
                          rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 05 Mar 2026 06:31:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:53:11:06:d2:36:c1:5b:55:2c:e3:f4:38:20:3a:3e:b5:42:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95FC6072A4A690A61A0B5F14B36882B43DA2F098
        Validity
            Not Before: Mar  2 06:56:48 2026 GMT
            Not After : Mar  5 16:59:48 2026 GMT
        Subject: CN=9D044CA86CDB58F1A7BB247927904E1FEDDC3187
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:6c:0b:9e:1f:de:8c:27:4f:b2:49:71:e9:b3:
                    df:5f:a2:8c:03:34:b8:9a:19:f0:be:c4:e2:4c:f0:
                    35:12:04:58:27:3c:78:e4:a7:0e:87:b9:68:c3:2b:
                    1e:5d:27:80:d3:0c:04:13:ec:37:b7:e0:29:a0:aa:
                    ec:d3:66:53:47:51:39:ba:b7:68:3c:85:69:8e:56:
                    af:59:4a:18:46:2d:c5:d8:fd:5b:01:d1:a2:ba:08:
                    e2:76:59:e8:13:38:c2:78:12:7c:a2:68:51:c9:5d:
                    f5:32:6f:e0:0c:04:eb:bc:ce:ed:c8:c3:a8:07:a9:
                    d7:5b:62:80:fe:ba:83:91:6b:d9:2e:0f:e2:07:86:
                    27:e7:3f:44:e1:4d:9a:00:4d:25:8c:54:e6:78:47:
                    1c:0b:f6:d7:d6:8f:d5:1a:90:a5:f4:af:a3:6c:13:
                    4e:03:69:34:ca:cd:d0:53:79:c1:62:58:77:ee:d3:
                    c3:b7:f3:b2:66:39:e8:fb:6d:bf:e5:e7:c4:73:81:
                    3f:2d:94:a4:6b:dc:86:77:ab:1b:fa:77:04:e0:b0:
                    a8:c5:c6:47:23:7e:74:0c:84:9a:1f:4e:4c:c5:95:
                    56:06:09:66:a4:e1:0b:39:cd:f1:92:44:47:6b:7d:
                    f9:99:74:ec:df:73:02:fc:02:ad:5f:aa:f0:95:b4:
                    8b:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:04:4C:A8:6C:DB:58:F1:A7:BB:24:79:27:90:4E:1F:ED:DC:31:87
            X509v3 Authority Key Identifier:
                keyid:95:FC:60:72:A4:A6:90:A6:1A:0B:5F:14:B3:68:82:B4:3D:A2:F0:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/95FC6072A4A690A61A0B5F14B36882B43DA2F098.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3305177a-a500-4996-b3ff-70c144edfece/0/95FC6072A4A690A61A0B5F14B36882B43DA2F098.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:68:c0:47:61:69:1b:65:80:b3:a3:9e:4d:9b:53:37:c7:b1:
         fe:15:42:0b:de:9c:8e:39:19:27:29:42:05:76:88:59:fc:fe:
         4e:d9:6e:7e:ee:db:0f:be:3a:f0:54:09:25:f4:b0:e2:5a:98:
         ad:82:c0:fb:29:32:37:3a:c6:12:2f:fe:85:f9:d0:0c:53:5d:
         6e:4a:55:85:c7:8c:43:9f:88:9a:9c:7b:bf:f5:00:d4:23:86:
         57:49:30:0e:01:ba:03:b9:7e:4c:05:ef:19:d3:6e:c2:69:4c:
         a0:e1:b5:4d:25:e4:32:f6:14:2a:b1:e4:01:ee:db:00:d9:18:
         a8:7e:41:b7:45:f6:98:73:97:00:3d:39:6a:1f:90:a0:a2:59:
         2e:36:8f:62:65:b8:05:00:45:6d:27:59:66:d5:c6:51:56:72:
         7c:d2:d7:2a:22:3b:75:0b:4c:cd:b5:6d:94:bf:fe:ab:b3:17:
         7c:bd:a9:99:c1:1a:a8:dc:1c:f4:d4:7e:de:cd:0c:c3:f9:22:
         dc:28:f3:bb:05:34:2f:29:ec:1b:05:42:53:fe:5f:d7:2a:03:
         61:32:dc:a2:85:68:c7:4a:1a:a1:fc:be:41:01:b6:24:e3:0f:
         b4:98:57:da:07:ce:84:00:be:a4:94:e8:c4:40:e5:aa:24:26:
         27:45:56:5e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUAYZTEQbSNsFbVSzj9DggOj61QlQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQz
REEyRjA5ODAeFw0yNjAzMDIwNjU2NDhaFw0yNjAzMDUxNjU5NDhaMDMxMTAvBgNV
BAMTKDlEMDQ0Q0E4NkNEQjU4RjFBN0JCMjQ3OTI3OTA0RTFGRUREQzMxODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCebAueH96MJ0+ySXHps99foowD
NLiaGfC+xOJM8DUSBFgnPHjkpw6HuWjDKx5dJ4DTDAQT7De34CmgquzTZlNHUTm6
t2g8hWmOVq9ZShhGLcXY/VsB0aK6COJ2WegTOMJ4EnyiaFHJXfUyb+AMBOu8zu3I
w6gHqddbYoD+uoORa9kuD+IHhifnP0ThTZoATSWMVOZ4RxwL9tfWj9UakKX0r6Ns
E04DaTTKzdBTecFiWHfu08O387JmOej7bb/l58RzgT8tlKRr3IZ3qxv6dwTgsKjF
xkcjfnQMhJofTkzFlVYGCWak4Qs5zfGSREdrffmZdOzfcwL8Aq1fqvCVtIuBAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUnQRMqGzbWPGnuyR5J5BOH+3cMYcwHwYDVR0j
BBgwFoAUlfxgcqSmkKYaC18Us2iCtD2i8JgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzA1MTc3YS1hNTAwLTQ5OTYtYjNmZi03MGMxNDRlZGZlY2UvMC85NUZDNjA3MkE0
QTY5MEE2MUEwQjVGMTRCMzY4ODJCNDNEQTJGMDk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgyQjQzREEy
RjA5OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzMwNTE3N2EtYTUwMC00OTk2LWIz
ZmYtNzBjMTQ0ZWRmZWNlLzAvOTVGQzYwNzJBNEE2OTBBNjFBMEI1RjE0QjM2ODgy
QjQzREEyRjA5OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAEVowEdhaRtlgLOjnk2bUzfHsf4VQgvenI45
GScpQgV2iFn8/k7Zbn7u2w++OvBUCSX0sOJamK2CwPspMjc6xhIv/oX50AxTXW5K
VYXHjEOfiJqce7/1ANQjhldJMA4BugO5fkwF7xnTbsJpTKDhtU0l5DL2FCqx5AHu
2wDZGKh+QbdF9phzlwA9OWofkKCiWS42j2JluAUARW0nWWbVxlFWcnzS1yoiO3UL
TM21bZS//quzF3y9qZnBGqjcHPTUft7NDMP5Itwo87sFNC8p7BsFQlP+X9cqA2Ey
3KKFaMdKGqH8vkEBtiTjD7SYV9oHzoQAvqSU6MRA5aokJidFVl4=
-----END CERTIFICATE-----