Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.mft
File:                     0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.mft (raw, json)
Hash identifier:          RukdFZ6yWGMuG7Dv1CoL/ckO1FeXtoF1K+4Ajsr0Wuc=
Subject key identifier:   3C:6B:AB:BF:F9:24:92:1A:D8:D2:02:27:73:70:A0:20:35:53:68:C8
Authority key identifier: 03:21:C8:92:A6:AA:C0:A6:EA:4A:30:35:D8:8C:A6:BC:68:67:BF:79
Certificate issuer:       /CN=0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79
Certificate serial:       517FCA413832389D8C6B5D676B9B42FBC2AFA235
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.mft
Manifest number:          0202
Signing time:             Wed 15 Apr 2026 21:41:40 +0000
Manifest this update:     Wed 15 Apr 2026 21:36:40 +0000
Manifest next update:     Sun 19 Apr 2026 01:16:40 +0000
Files and hashes:         1: 3130332e39362e35322e302f32332d3233203d3e20323135373237.roa (hash: 1aKuOLZIAFfW1+Cqdr1xm8xWMdWqMvn5lk2N7M8OzCk=)
                          2: 3130332e39362e35322e302f32342d3234203d3e20323135373237.roa (hash: 0krbsaRXLF7hhh/0+kJdsVsdN97iwgE+irNWTCAqAI8=)
                          3: 3130332e39362e35322e302f32342d3234203d3e20313534343130.roa (hash: G0ILmU3zG9dk4y3Amsp/ANA86e6j9AhzItyGctPkHC0=)
                          4: 0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.crl (hash: tKwoLPLRgkwXYuT4dxB1KJOeGdejTh77Bt3t7/sEL/g=)
                          5: 3130332e39362e35332e302f32342d3234203d3e20313530393232.roa (hash: gP7psFKFA2RfBnHhdOuG7ZGFzw3Cq/MLVUDPQT38lCM=)
                          6: 3130332e39362e35322e302f32342d3234203d3e20313530393232.roa (hash: 2ugfUbs5cJ20pMlsi1Lpn48hHyXGtkrzKxCtrqkovSE=)
                          7: 3130332e39362e35322e302f32332d3233203d3e20313534343130.roa (hash: I1xGBGbMoTpFLIbjNVesHP5LRYPwXtpfc+9MFkqpZXg=)
                          8: 323030313a6466323a6634303a3a2f34382d3438203d3e20313530393232.roa (hash: C3HGpl1ThenH4EorAZEJtVKi4KUYV7opK2C6bqklYfw=)
                          9: 3130332e39362e35332e302f32342d3234203d3e20323135373237.roa (hash: I1eMGkofitxFBUkKIJAAEKHOmSas6t5BDo8K12fS+ps=)
                          10: 3130332e39362e35332e302f32342d3234203d3e20313534343130.roa (hash: q5hea4w5eW+1JC2efAtWBTto0TQU50ClmJGUcfUe31c=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.crl
                          rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 19 Apr 2026 01:16:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:7f:ca:41:38:32:38:9d:8c:6b:5d:67:6b:9b:42:fb:c2:af:a2:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79
        Validity
            Not Before: Apr 15 21:36:40 2026 GMT
            Not After : Apr 19 01:16:40 2026 GMT
        Subject: CN=3C6BABBFF924921AD8D202277370A020355368C8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:c7:4c:e8:cf:17:e9:7c:e1:ee:c4:68:f4:81:
                    28:42:7b:c5:74:23:af:a7:83:d1:95:c0:50:e1:fa:
                    08:12:b0:1e:61:32:61:c3:95:5b:1d:28:11:1f:9f:
                    6d:77:b9:7e:3e:b2:d5:50:e1:7e:43:cb:73:1b:bd:
                    62:1b:d7:e9:1f:11:b1:d6:6b:24:34:8e:ed:04:5a:
                    34:1c:95:12:f3:f8:7d:0e:be:b1:a0:20:c3:fc:23:
                    92:85:fe:cd:4d:8e:fd:a5:bc:52:10:4d:95:89:ff:
                    a4:e8:36:77:24:25:6d:78:2a:6b:82:7d:99:54:37:
                    07:55:6b:58:c5:fb:41:ae:1f:49:ab:ba:62:dd:7c:
                    39:3c:3c:04:06:56:34:94:15:f5:88:90:1e:04:61:
                    81:de:2d:59:d9:8e:51:6e:82:72:a1:f8:81:fb:4b:
                    e8:a9:17:b9:90:f1:7d:85:d8:a6:d3:3e:81:5e:82:
                    77:4d:a0:29:c0:74:fb:00:4f:53:8f:1f:c6:db:fd:
                    2c:04:f7:32:db:c2:88:5e:95:6d:31:62:78:07:39:
                    47:e5:25:b6:a3:cf:55:93:94:1f:de:64:02:29:ce:
                    33:67:10:26:42:f0:36:16:94:80:55:68:84:52:0c:
                    83:58:92:4d:e8:41:f4:f7:ac:a0:a6:fd:94:fd:9c:
                    08:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:6B:AB:BF:F9:24:92:1A:D8:D2:02:27:73:70:A0:20:35:53:68:C8
            X509v3 Authority Key Identifier:
                keyid:03:21:C8:92:A6:AA:C0:A6:EA:4A:30:35:D8:8C:A6:BC:68:67:BF:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:f5:87:06:e7:14:7b:b9:15:47:4d:a2:51:18:9c:2c:6f:79:
         3a:86:b4:da:49:ff:b7:24:a4:3a:f3:cb:b8:73:4d:37:70:f5:
         64:45:95:a9:0c:1f:38:f6:9b:1c:82:0c:22:7f:e0:cf:a4:3e:
         82:c3:5c:a2:de:f9:7b:73:e9:41:e5:6b:7c:58:0d:75:55:d0:
         35:a9:7e:e6:f2:67:32:b4:95:36:05:5c:32:a6:92:db:6c:80:
         59:de:0b:82:66:e4:26:c0:e1:fb:15:6a:21:07:ac:c7:22:67:
         7e:c8:ab:97:3d:9a:f1:f6:03:ce:ec:6e:a4:75:db:2b:17:f0:
         87:a0:cc:b5:7e:b9:cb:d9:1d:c3:60:d8:16:dd:83:ae:36:33:
         37:a0:d3:8a:12:d9:2a:b3:52:88:8f:81:f5:0a:33:39:b9:68:
         e9:8f:1f:b1:ac:ce:41:45:9b:f2:1b:6a:a0:77:7d:58:89:dd:
         3e:d1:0d:94:8d:70:36:ec:e9:be:3e:75:01:5a:34:08:3a:fd:
         a9:5c:cf:6a:14:ca:bd:01:d8:d6:5c:d3:37:bb:14:cf:d2:25:
         0e:fe:f8:51:f9:bc:69:5f:56:05:fd:5b:9c:9c:43:d2:04:80:
         1b:b2:12:9f:17:7a:8d:f1:6d:a3:80:6a:e1:36:d4:50:9c:f4:
         38:22:ef:01
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUUX/KQTgyOJ2Ma11na5tC+8KvojUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDMyMUM4OTJBNkFBQzBBNkVBNEEzMDM1RDg4Q0E2QkM2
ODY3QkY3OTAeFw0yNjA0MTUyMTM2NDBaFw0yNjA0MTkwMTE2NDBaMDMxMTAvBgNV
BAMTKDNDNkJBQkJGRjkyNDkyMUFEOEQyMDIyNzczNzBBMDIwMzU1MzY4QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChx0zozxfpfOHuxGj0gShCe8V0
I6+ng9GVwFDh+ggSsB5hMmHDlVsdKBEfn213uX4+stVQ4X5Dy3MbvWIb1+kfEbHW
ayQ0ju0EWjQclRLz+H0OvrGgIMP8I5KF/s1Njv2lvFIQTZWJ/6ToNnckJW14KmuC
fZlUNwdVa1jF+0GuH0mrumLdfDk8PAQGVjSUFfWIkB4EYYHeLVnZjlFugnKh+IH7
S+ipF7mQ8X2F2KbTPoFegndNoCnAdPsAT1OPH8bb/SwE9zLbwohelW0xYngHOUfl
Jbajz1WTlB/eZAIpzjNnECZC8DYWlIBVaIRSDINYkk3oQfT3rKCm/ZT9nAgNAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUPGurv/kkkhrY0gInc3CgIDVTaMgwHwYDVR0j
BBgwFoAUAyHIkqaqwKbqSjA12IymvGhnv3kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
YTFjNGMxZi03MTQxLTQ3ZDYtYTdmOC1lMzVmZmUxMTc0MDQvMC8wMzIxQzg5MkE2
QUFDMEE2RUE0QTMwMzVEODhDQTZCQzY4NjdCRjc5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDMyMUM4OTJBNkFBQzBBNkVBNEEzMDM1RDg4Q0E2QkM2ODY3
QkY3OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vN2ExYzRjMWYtNzE0MS00N2Q2LWE3
ZjgtZTM1ZmZlMTE3NDA0LzAvMDMyMUM4OTJBNkFBQzBBNkVBNEEzMDM1RDg4Q0E2
QkM2ODY3QkY3OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBACL1hwbnFHu5FUdNolEYnCxveTqGtNpJ/7ck
pDrzy7hzTTdw9WRFlakMHzj2mxyCDCJ/4M+kPoLDXKLe+Xtz6UHla3xYDXVV0DWp
fubyZzK0lTYFXDKmkttsgFneC4Jm5CbA4fsVaiEHrMciZ37Iq5c9mvH2A87sbqR1
2ysX8IegzLV+ucvZHcNg2Bbdg642Mzeg04oS2SqzUoiPgfUKMzm5aOmPH7GszkFF
m/IbaqB3fViJ3T7RDZSNcDbs6b4+dQFaNAg6/alcz2oUyr0B2NZc0ze7FM/SJQ7+
+FH5vGlfVgX9W5ycQ9IEgBuyEp8Xeo3xbaOAauE21FCc9Dgi7wE=
-----END CERTIFICATE-----