Manifest

$ rpki-client -vvf rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.mft
File:                     3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.mft (raw, json)
Hash identifier:          u7UPWvipMxC4v2nIudySvgrYxXQBKcGcufMWBHcXMjo=
Subject key identifier:   F0:42:AB:C2:38:9F:F1:1C:B7:FE:0B:74:BE:1E:61:8A:D3:F4:3A:D9
Authority key identifier: 3D:5A:1B:2B:6D:E4:87:DB:B9:5C:EE:51:47:5E:26:56:F1:E9:BF:85
Certificate issuer:       /CN=3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85
Certificate serial:       39B9D65520C2B44AE37719DC23777E1CBFB72E2A
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.mft
Manifest number:          020A
Signing time:             Wed 30 Apr 2025 13:10:47 +0000
Manifest this update:     Wed 30 Apr 2025 13:05:47 +0000
Manifest next update:     Thu 01 May 2025 14:27:47 +0000
Files and hashes:         1: 323830343a343863633a3a2f33322d3336203d3e20323637313435.roa (hash: NSwKuhbVlfit/GeKv12qgi1Nx7DDA7JtYsEpX7CmB8w=)
                          2: 3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.crl (hash: 5sp3RHXOA7Fk0AFoS6IH2HH180BJhWGpndrAb6zd5TI=)
                          3: 34352e3233302e33302e302f32332d3233203d3e20323637313435.roa (hash: 8mq7LAyV4zpphQCT6aJXBf9deHUkCKF3FjC0r+TIX70=)
                          4: 323830343a343863633a3a2f33322d3332203d3e20323637313435.roa (hash: HNupAxl8oMElAlMIADjTG2BvnPU5Tc59G7TgMyPX9Ao=)
                          5: 34352e3233302e32382e302f32322d3232203d3e20323637313435.roa (hash: 58Lh0C2pZjsNmVclMzYtj4STKQIjyU4p9tAosH1A1Vk=)
                          6: 34352e3233302e32382e302f32322d3234203d3e20323637313435.roa (hash: e3gDh30bCFxyxSG6XiET0YR4C4e+fAFmToi+8txavoA=)
                          7: 34352e3233302e32382e302f32332d3233203d3e20323637313435.roa (hash: u/lhR3CHoa7v3eJgTqrpENVDe1bNzDUZyrTvS8ROing=)
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.crl
                          rsync://rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 01 May 2025 13:04:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:b9:d6:55:20:c2:b4:4a:e3:77:19:dc:23:77:7e:1c:bf:b7:2e:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85
        Validity
            Not Before: Apr 30 13:05:47 2025 GMT
            Not After : May  1 14:27:47 2025 GMT
        Subject: CN=F042ABC2389FF11CB7FE0B74BE1E618AD3F43AD9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:56:d4:8a:b6:d0:a8:26:ed:65:ff:07:7b:e7:
                    72:96:25:12:27:62:50:0d:73:ef:16:65:cc:b0:20:
                    8f:1a:cc:76:e8:ee:9a:46:a0:2d:f5:b5:9c:71:76:
                    b8:4c:6e:74:d4:dc:1b:df:b7:e8:cb:1b:dd:35:fa:
                    9f:cc:22:4b:2b:e8:29:db:63:64:d4:29:bc:4c:8f:
                    26:f7:08:4a:e7:ab:ca:82:fc:cf:94:cd:47:ad:76:
                    ad:4f:7c:ca:6c:a9:6a:f8:00:8c:c4:d0:ff:cc:1a:
                    23:bd:6e:42:55:cc:b3:0d:54:73:cd:4a:42:61:07:
                    d5:bb:9b:3b:2a:e1:9b:99:33:7b:68:93:5e:04:da:
                    93:f0:9d:f8:34:de:7e:f7:59:4f:93:4e:89:cb:f9:
                    0e:c2:35:67:97:14:74:d8:a7:d6:71:a8:9b:f2:55:
                    0a:e8:3e:ba:b3:ef:50:6b:d6:0c:e0:a9:82:02:c3:
                    52:1e:c4:7b:ad:04:8f:65:7b:18:f4:2c:2d:af:a1:
                    fb:b4:dc:94:89:51:82:7b:35:8e:af:2f:11:eb:c0:
                    79:83:04:f9:f7:56:36:90:a9:51:c8:55:6e:3a:b3:
                    06:b4:3b:bb:a7:8b:32:c0:5a:bb:58:a8:90:f6:22:
                    09:11:65:66:c7:9e:b5:93:05:d5:77:89:93:d9:4f:
                    e6:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:42:AB:C2:38:9F:F1:1C:B7:FE:0B:74:BE:1E:61:8A:D3:F4:3A:D9
            X509v3 Authority Key Identifier:
                keyid:3D:5A:1B:2B:6D:E4:87:DB:B9:5C:EE:51:47:5E:26:56:F1:E9:BF:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/DJi5D3FMbW1kNWCtNMepb2i1FoZpHPJntfBoMKsNNjcJ/1/3D5A1B2B6DE487DBB95CEE51475E2656F1E9BF85.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:27:9c:9c:df:9d:d3:92:7e:ff:f4:f3:6b:05:dc:9f:a9:a4:
         f8:4a:b8:f0:06:32:7e:69:36:5b:3b:d1:47:1d:a5:d7:40:46:
         ad:8b:96:df:09:63:4b:3e:6a:52:fa:86:6c:d1:ac:e3:73:93:
         6a:38:f9:f8:e5:7c:26:8b:2b:72:91:88:2f:9a:e8:4f:c7:99:
         3d:b8:28:69:3b:52:11:0c:5c:5d:5a:1f:2d:51:88:a2:50:49:
         e1:f1:23:14:85:86:ea:74:2e:d7:7b:6a:81:8f:df:f7:0a:46:
         0a:a1:c6:ce:6b:5a:d8:35:ec:ab:fb:13:be:af:33:b9:b7:7b:
         c3:6c:c4:60:a6:ac:db:26:f4:2b:60:36:7f:fc:c5:31:3c:e3:
         d4:bb:78:9b:f2:b3:ba:cd:75:d4:52:fc:03:dc:78:3a:b1:ad:
         89:4d:3b:3d:b7:b4:4a:4f:3f:63:2a:a7:5e:0c:8a:c3:d5:42:
         2b:e0:ac:b6:cc:e9:18:6a:29:ca:82:81:95:20:83:d0:27:29:
         05:14:e8:ac:d9:10:a9:df:ec:1f:b5:5d:9d:ba:b1:2c:7b:3e:
         b5:61:bc:d8:be:67:60:7c:d2:28:33:1c:42:25:e9:ce:d6:47:
         9c:f7:0d:64:af:d3:72:0b:07:e7:fc:fe:d4:85:59:e1:da:61:
         97:a8:88:58
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIUObnWVSDCtErjdxncI3d+HL+3LiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Q1QTFCMkI2REU0ODdEQkI5NUNFRTUxNDc1RTI2NTZG
MUU5QkY4NTAeFw0yNTA0MzAxMzA1NDdaFw0yNTA1MDExNDI3NDdaMDMxMTAvBgNV
BAMTKEYwNDJBQkMyMzg5RkYxMUNCN0ZFMEI3NEJFMUU2MThBRDNGNDNBRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2VtSKttCoJu1l/wd753KWJRIn
YlANc+8WZcywII8azHbo7ppGoC31tZxxdrhMbnTU3Bvft+jLG901+p/MIksr6Cnb
Y2TUKbxMjyb3CErnq8qC/M+UzUetdq1PfMpsqWr4AIzE0P/MGiO9bkJVzLMNVHPN
SkJhB9W7mzsq4ZuZM3tok14E2pPwnfg03n73WU+TTonL+Q7CNWeXFHTYp9ZxqJvy
VQroPrqz71Br1gzgqYICw1IexHutBI9lexj0LC2vofu03JSJUYJ7NY6vLxHrwHmD
BPn3VjaQqVHIVW46swa0O7unizLAWrtYqJD2IgkRZWbHnrWTBdV3iZPZT+Z3AgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQU8EKrwjif8Ry3/gt0vh5hitP0OtkwHwYDVR0j
BBgwFoAUPVobK23kh9u5XO5RR14mVvHpv4UwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vREppNUQzRk1iVzFrTldDdE5NZXBiMmkxRm9acEhQSm50ZkJvTUtzTk5q
Y0ovMS8zRDVBMUIyQjZERTQ4N0RCQjk1Q0VFNTE0NzVFMjY1NkYxRTlCRjg1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzNENUExQjJCNkRFNDg3REJC
OTVDRUU1MTQ3NUUyNjU2RjFFOUJGODUuY2VyMIGdBggrBgEFBQcBCwSBkDCBjTCB
igYIKwYBBQUHMAuGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJyL3JlcG8v
REppNUQzRk1iVzFrTldDdE5NZXBiMmkxRm9acEhQSm50ZkJvTUtzTk5qY0ovMS8z
RDVBMUIyQjZERTQ4N0RCQjk1Q0VFNTE0NzVFMjY1NkYxRTlCRjg1Lm1mdDAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUA
MAYEAgACBQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAKSecnN+d05J+//TzawXcn6mk+Eq48AYyfmk2WzvRRx2l10BGrYuW3wljSz5q
UvqGbNGs43OTajj5+OV8JosrcpGIL5roT8eZPbgoaTtSEQxcXVofLVGIolBJ4fEj
FIWG6nQu13tqgY/f9wpGCqHGzmta2DXsq/sTvq8zubd7w2zEYKas2yb0K2A2f/zF
MTzj1Lt4m/Kzus111FL8A9x4OrGtiU07Pbe0Sk8/YyqnXgyKw9VCK+CstszpGGop
yoKBlSCD0CcpBRTorNkQqd/sH7VdnbqxLHs+tWG82L5nYHzSKDMcQiXpztZHnPcN
ZK/TcgsH5/z+1IVZ4dphl6iIWA==
-----END CERTIFICATE-----