Manifest

$ rpki-client -vvf repo-rpki.idnic.net/repo/c8d0e640-22e9-441c-8634-f9525307da76/0/023DAF793CD2BAF6C7BC7A45A13DF236B7401661.mft
File:                     023DAF793CD2BAF6C7BC7A45A13DF236B7401661.mft (raw, json)
Hash identifier:          RYhRzSuOH+bgEC7LIzTqRtG6MsaNfgrIMDwrUXP8JeU=
Subject key identifier:   C3:1D:FC:17:FA:51:93:28:40:6C:03:4E:09:5B:50:4B:07:98:0C:08
Authority key identifier: 02:3D:AF:79:3C:D2:BA:F6:C7:BC:7A:45:A1:3D:F2:36:B7:40:16:61
Certificate issuer:       /CN=023DAF793CD2BAF6C7BC7A45A13DF236B7401661
Certificate serial:       0EE7E0C5CB2B87CF53688D5A58A263FE50C7AB01
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/023DAF793CD2BAF6C7BC7A45A13DF236B7401661.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c8d0e640-22e9-441c-8634-f9525307da76/0/023DAF793CD2BAF6C7BC7A45A13DF236B7401661.mft
Manifest number:          023A
Signing time:             Sun 15 Jun 2025 19:52:09 +0000
Manifest this update:     Sun 15 Jun 2025 19:47:09 +0000
Manifest next update:     Wed 18 Jun 2025 22:51:09 +0000
Files and hashes:         1: 3130332e3134392e3132302e302f32332d3233203d3e20313339393532.roa (hash: TIp9WHuUqK5QCHJsHK2qMd4Di3b+YgT1J52ydC6PYvs=)
                          2: 3130332e3134392e3132302e302f32332d3234203d3e20313430303233.roa (hash: RZP1u67IkDY1VxYw8axwNJaL5jYZcoL8kOhW1c7O+Eg=)
                          3: 3130332e3134392e3132312e302f32342d3234203d3e20313430303233.roa (hash: 2gVCxg+hDmKkdBfr1IN+Jz7t1loTVbupLhThyLDp4zk=)
                          4: 3130332e3134392e3132312e302f32342d3234203d3e2037373133.roa (hash: zVGnPMz6FjIWNaiokQGONx21w4m18vhd71uDshC7eyA=)
                          5: 3130332e3134392e3132312e302f32342d3234203d3e20313339393532.roa (hash: s6MFeDXqeIkTAot5lzYFNGxoGgi1Yjw/2CsMKFqccxU=)
                          6: 3130332e3134392e3132302e302f32342d3234203d3e20313339393532.roa (hash: fr8+FrmlPGl8AfQlow8lySzaZVznKtOBprgMvRW46vw=)
                          7: 023DAF793CD2BAF6C7BC7A45A13DF236B7401661.crl (hash: m9WX5JxDPTvZX6NG/RIit47JldcNkUedaxfHmsvu58Y=)
                          8: 3130332e3134392e3132302e302f32332d3233203d3e2037373133.roa (hash: yOR4ha1iNJToiWgXnk0oG7heqETlfk80W41Jvd2P1xg=)
                          9: 3130332e3134392e3132302e302f32342d3234203d3e2037373133.roa (hash: Q49EnVockO7Wf1pEkALOtAUiauf7qPnxOjOocdL9Yus=)
                          10: 3130332e3134392e3132302e302f32332d3233203d3e20313430303233.roa (hash: B08azy3XQsiTZf5UppG1ngPrOYAEwHH6x3322yJGfrI=)
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c8d0e640-22e9-441c-8634-f9525307da76/0/023DAF793CD2BAF6C7BC7A45A13DF236B7401661.crl
                          rsync://repo-rpki.idnic.net/repo/c8d0e640-22e9-441c-8634-f9525307da76/0/023DAF793CD2BAF6C7BC7A45A13DF236B7401661.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/023DAF793CD2BAF6C7BC7A45A13DF236B7401661.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 18 Jun 2025 22:51:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:e7:e0:c5:cb:2b:87:cf:53:68:8d:5a:58:a2:63:fe:50:c7:ab:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=023DAF793CD2BAF6C7BC7A45A13DF236B7401661
        Validity
            Not Before: Jun 15 19:47:09 2025 GMT
            Not After : Jun 18 22:51:09 2025 GMT
        Subject: CN=C31DFC17FA519328406C034E095B504B07980C08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:fe:84:b4:d1:05:1f:bb:d3:ec:36:ff:b5:36:
                    0a:7e:32:5b:aa:d4:dd:01:70:6b:43:de:ab:cc:c3:
                    b8:4d:a4:18:35:1a:12:5c:32:70:35:0b:ef:ec:13:
                    f6:0f:5e:57:2b:0d:15:ec:5d:3d:b8:35:eb:64:65:
                    05:71:16:16:30:1c:d6:65:74:d5:59:7e:ef:f9:87:
                    00:ae:95:b9:5b:b6:ad:4c:89:a6:f1:14:69:10:e0:
                    76:ba:c4:7f:a8:e9:61:a8:01:96:73:aa:d8:7c:59:
                    b9:35:0a:dc:10:41:96:dd:48:c1:c7:97:f5:b3:b0:
                    13:ef:1f:bc:1c:22:b6:ff:e4:7c:8a:79:56:94:30:
                    eb:1a:45:2c:e0:65:5b:ed:c4:1c:70:2e:99:d3:99:
                    fb:14:dc:43:c9:fa:9e:f4:1b:0c:73:0f:fd:3d:c0:
                    bb:40:cb:61:fd:99:22:50:a9:30:0f:49:fa:e8:8a:
                    32:4c:c6:9c:96:eb:48:a0:5b:32:5a:a5:50:33:30:
                    44:5b:49:19:5c:de:b3:29:f5:8a:1c:bf:9f:03:dd:
                    59:0f:7e:79:cb:6a:f9:a5:92:3c:45:db:c6:b7:05:
                    cf:4f:1c:1c:a5:f9:45:37:92:24:2d:f0:bb:75:06:
                    28:0f:38:ca:24:81:87:99:fc:e3:dd:c1:b4:e5:bd:
                    6f:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:1D:FC:17:FA:51:93:28:40:6C:03:4E:09:5B:50:4B:07:98:0C:08
            X509v3 Authority Key Identifier:
                keyid:02:3D:AF:79:3C:D2:BA:F6:C7:BC:7A:45:A1:3D:F2:36:B7:40:16:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c8d0e640-22e9-441c-8634-f9525307da76/0/023DAF793CD2BAF6C7BC7A45A13DF236B7401661.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/023DAF793CD2BAF6C7BC7A45A13DF236B7401661.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c8d0e640-22e9-441c-8634-f9525307da76/0/023DAF793CD2BAF6C7BC7A45A13DF236B7401661.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:a4:5f:54:47:d2:92:88:bf:5a:68:b4:f8:87:5a:a8:5a:f7:
         d4:fd:8f:74:2f:5c:94:35:66:65:9e:ea:e7:00:4d:72:64:c5:
         8d:25:fd:10:04:14:06:cf:28:70:85:83:f9:77:6d:b4:6b:c4:
         df:3d:0c:7b:56:7a:50:89:a0:8e:fa:f7:e7:93:1f:c0:c5:ac:
         86:a0:e3:50:38:e5:dc:20:20:eb:8b:43:b8:07:e2:0d:a4:4a:
         9b:d3:03:e3:12:b5:e9:4a:d1:dc:af:b0:11:8c:70:7b:ea:c5:
         9a:1f:fa:7d:dd:70:00:a0:af:4c:70:09:60:4b:91:68:16:0c:
         c8:f7:62:8c:24:09:1c:25:c7:9c:9e:a3:10:e3:60:c2:93:0b:
         61:b3:b6:ff:41:3b:7e:74:69:6d:a3:8d:08:09:e4:88:95:cb:
         b0:d5:df:f7:98:76:ed:f9:04:e7:b2:dd:2d:1d:92:11:96:b4:
         6b:62:aa:7a:3c:8d:bd:59:40:3f:b8:df:11:16:8d:e3:6d:0c:
         25:75:0b:61:7d:7c:21:30:4a:63:69:e7:25:a8:ce:3d:85:f8:
         45:b7:37:cb:f2:f8:0d:69:89:35:c4:4b:60:14:9c:b5:6a:67:
         9b:2d:c6:55:c0:bb:85:af:79:38:5c:0d:be:93:3e:73:7f:0b:
         c1:7c:1a:3e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUDufgxcsrh89TaI1aWKJj/lDHqwEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDIzREFGNzkzQ0QyQkFGNkM3QkM3QTQ1QTEzREYyMzZC
NzQwMTY2MTAeFw0yNTA2MTUxOTQ3MDlaFw0yNTA2MTgyMjUxMDlaMDMxMTAvBgNV
BAMTKEMzMURGQzE3RkE1MTkzMjg0MDZDMDM0RTA5NUI1MDRCMDc5ODBDMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7/oS00QUfu9PsNv+1Ngp+Mluq
1N0BcGtD3qvMw7hNpBg1GhJcMnA1C+/sE/YPXlcrDRXsXT24NetkZQVxFhYwHNZl
dNVZfu/5hwCulblbtq1MiabxFGkQ4Ha6xH+o6WGoAZZzqth8Wbk1CtwQQZbdSMHH
l/WzsBPvH7wcIrb/5HyKeVaUMOsaRSzgZVvtxBxwLpnTmfsU3EPJ+p70GwxzD/09
wLtAy2H9mSJQqTAPSfroijJMxpyW60igWzJapVAzMERbSRlc3rMp9Yocv58D3VkP
fnnLavmlkjxF28a3Bc9PHByl+UU3kiQt8Lt1BigPOMokgYeZ/OPdwbTlvW8rAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUwx38F/pRkyhAbANOCVtQSweYDAgwHwYDVR0j
BBgwFoAUAj2veTzSuvbHvHpFoT3yNrdAFmEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
OGQwZTY0MC0yMmU5LTQ0MWMtODYzNC1mOTUyNTMwN2RhNzYvMC8wMjNEQUY3OTND
RDJCQUY2QzdCQzdBNDVBMTNERjIzNkI3NDAxNjYxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDIzREFGNzkzQ0QyQkFGNkM3QkM3QTQ1QTEzREYyMzZCNzQw
MTY2MS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYzhkMGU2NDAtMjJlOS00NDFjLTg2
MzQtZjk1MjUzMDdkYTc2LzAvMDIzREFGNzkzQ0QyQkFGNkM3QkM3QTQ1QTEzREYy
MzZCNzQwMTY2MS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBABKkX1RH0pKIv1potPiHWqha99T9j3QvXJQ1
ZmWe6ucATXJkxY0l/RAEFAbPKHCFg/l3bbRrxN89DHtWelCJoI769+eTH8DFrIag
41A45dwgIOuLQ7gH4g2kSpvTA+MStelK0dyvsBGMcHvqxZof+n3dcACgr0xwCWBL
kWgWDMj3YowkCRwlx5yeoxDjYMKTC2Gztv9BO350aW2jjQgJ5IiVy7DV3/eYdu35
BOey3S0dkhGWtGtiqno8jb1ZQD+43xEWjeNtDCV1C2F9fCEwSmNp5yWozj2F+EW3
N8vy+A1piTXES2AUnLVqZ5stxlXAu4WveThcDb6TPnN/C8F8Gj4=
-----END CERTIFICATE-----
Generated at Tue Jun 17 03:26:42 2025 by rpki-client