Manifest

$ rpki-client -vvf rpki-rsync.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/2535F6A9A65395B5881ADB0B432A16679C88CC60.mft
File:                     2535F6A9A65395B5881ADB0B432A16679C88CC60.mft (raw, json)
Hash identifier:          RrKEohHVF+WPBO8rVFWBr8rhoyx/IKkYHdMYTIUpONA=
Subject key identifier:   F4:43:C0:27:A8:C2:C2:F5:6B:C1:72:95:FC:B8:8D:16:43:D5:E0:0C
Authority key identifier: 25:35:F6:A9:A6:53:95:B5:88:1A:DB:0B:43:2A:16:67:9C:88:CC:60
Certificate issuer:       /CN=2535F6A9A65395B5881ADB0B432A16679C88CC60
Certificate serial:       5853ED3911BABA6D1E159953681F332F64825626
Authority info access:    rsync://rpki-rsync.idnic.net/repo/IDNIC/1/2535F6A9A65395B5881ADB0B432A16679C88CC60.cer
Subject info access:      rsync://rpki-rsync.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/2535F6A9A65395B5881ADB0B432A16679C88CC60.mft
Manifest number:          3D
Signing time:             Wed 17 Jun 2026 04:07:48 +0000
Manifest this update:     Wed 17 Jun 2026 04:02:48 +0000
Manifest next update:     Thu 18 Jun 2026 06:14:48 +0000
Files and hashes:         1: 3230322e312e3233362e302f32342d3234203d3e203435373233.roa (hash: E2CZqc55ytVQ+gL56PQklO6/e15IEHDs3ZeA7hBho40=)
                          2: 3130332e32382e38312e302f32342d3234203d3e203435373233.roa (hash: perZ7IpCPM80Glsi8eW1EfkZGuK/3Og6OKBH6xj5CZ0=)
                          3: 3130332e32382e38302e302f32342d3234203d3e203435373233.roa (hash: IT4wEh8zWC2aFJaduZl+3xieFOQo82r5tnnrLJAHogw=)
                          4: 323430333a316130303a343a3a2f34372d3437203d3e203435373233.roa (hash: kVXs9OKO5SWhYY8QAUmq6Wo0PmjBkNXoXhlgjZszj5Q=)
                          5: 3130332e32382e38322e302f32342d3234203d3e203435373233.roa (hash: zWsBUB0EsryhwZbrxTe3du0LXbDcYqcCoZB7f/2SeQs=)
                          6: 2535F6A9A65395B5881ADB0B432A16679C88CC60.crl (hash: 1QPP1zkMRUlMkuPrz3IBD1TL+6Zx0W+4UHd1jFVPDGk=)
                          7: 3231382e3130302e37342e302f32342d3234203d3e203535363539.roa (hash: 5nElrE2bFD3jeHzGP2EqItlqHxQy+rl4TSko98reQ+k=)
                          8: 3130332e32382e38332e302f32342d3234203d3e203435373233.roa (hash: LXt8OGULAdQpoNoWK4gxLrA5MzZUVnNwkr0fY1oAkvc=)
                          9: 3130332e32382e38302e302f32322d3232203d3e203435373233.roa (hash: lwZi0IQOzBkg5Jj3Quf3uQ8uDEGUC6KSV1rKBtsm4K4=)
Validation:               OK
Signature path:           rsync://rpki-rsync.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/2535F6A9A65395B5881ADB0B432A16679C88CC60.crl
                          rsync://rpki-rsync.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/2535F6A9A65395B5881ADB0B432A16679C88CC60.mft
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/2535F6A9A65395B5881ADB0B432A16679C88CC60.cer
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl
                          rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 18 Jun 2026 03:08:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:53:ed:39:11:ba:ba:6d:1e:15:99:53:68:1f:33:2f:64:82:56:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2535F6A9A65395B5881ADB0B432A16679C88CC60
        Validity
            Not Before: Jun 17 04:02:48 2026 GMT
            Not After : Jun 18 06:14:48 2026 GMT
        Subject: CN=F443C027A8C2C2F56BC17295FCB88D1643D5E00C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:cc:6a:37:b9:3c:37:6d:3e:7d:3e:3a:b6:8e:
                    ca:14:d6:c2:90:c0:f9:fa:16:ae:0c:67:06:4d:ba:
                    fb:4f:37:59:cd:de:64:11:23:3b:37:c9:19:38:ad:
                    17:e7:af:bd:1d:81:cd:bc:b8:ff:a2:87:ab:ec:45:
                    f0:44:a5:98:2c:b3:cb:73:71:83:a9:ac:b6:75:95:
                    75:ed:e1:29:f5:5e:44:46:3f:50:bd:a9:60:35:0c:
                    c5:eb:36:2e:85:3a:43:77:a0:55:f5:cb:dd:ca:9f:
                    04:f0:af:77:f0:c3:88:ed:91:75:72:4b:6e:e4:33:
                    b1:65:96:71:e0:7a:d3:10:e3:b6:c3:f5:97:46:fc:
                    92:d1:74:86:7d:25:51:13:d6:a3:f4:06:73:90:79:
                    c0:8a:1d:0c:d5:59:32:2f:60:44:90:e1:2d:c9:78:
                    31:ec:c5:d1:fb:e0:82:10:8e:3e:35:65:95:e4:3a:
                    f7:e1:85:04:98:f2:52:13:fa:b5:b7:c0:c1:a0:1f:
                    84:4a:f8:d7:56:83:85:f1:40:12:e0:23:21:5b:9a:
                    55:86:34:7d:9e:28:f3:44:bd:13:4d:ea:d1:7c:1f:
                    16:8a:ca:05:91:07:e4:ed:f1:95:ad:a9:69:31:05:
                    fd:0c:ed:e0:ed:ac:23:9f:ea:64:aa:22:b2:32:01:
                    09:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:43:C0:27:A8:C2:C2:F5:6B:C1:72:95:FC:B8:8D:16:43:D5:E0:0C
            X509v3 Authority Key Identifier:
                keyid:25:35:F6:A9:A6:53:95:B5:88:1A:DB:0B:43:2A:16:67:9C:88:CC:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/2535F6A9A65395B5881ADB0B432A16679C88CC60.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/2535F6A9A65395B5881ADB0B432A16679C88CC60.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/41db3730-f499-449f-b6f2-7a5deb532b0c/0/2535F6A9A65395B5881ADB0B432A16679C88CC60.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:0c:e7:e9:b8:23:d9:6d:bb:8b:fa:0e:88:dd:ea:8b:4a:f0:
         07:9a:e8:d8:d4:20:23:24:bd:4c:b9:64:0c:4f:17:e8:36:3c:
         45:aa:ad:00:f6:24:18:7a:6d:97:c1:23:03:d4:0b:b4:ec:b3:
         e6:fc:7d:fd:e7:c8:2f:4e:1b:32:a7:08:bb:58:6b:0b:4a:62:
         f9:9a:10:d6:6b:c0:7f:25:82:88:da:0a:f4:16:42:50:69:52:
         c5:19:70:69:89:96:a8:6e:32:fc:02:6b:10:e1:18:4f:45:45:
         75:6d:15:6d:ad:c7:23:a7:cc:78:32:26:34:77:00:e9:87:24:
         9f:f7:a7:35:59:3a:91:d6:26:2b:92:05:cf:be:f5:5c:98:ba:
         8b:d7:1a:53:2e:b3:1b:fb:e0:9c:a8:86:67:cb:c3:d8:5c:8e:
         91:e0:89:fa:69:80:5e:40:d9:89:fa:e6:9b:30:f1:ec:7f:b7:
         1c:7a:88:da:87:0a:19:46:6e:ac:86:49:34:c9:3d:d4:0d:5e:
         e8:62:87:40:6b:e6:e7:67:d2:5d:4b:fe:ec:f3:e8:73:be:a0:
         9f:4e:32:09:80:d1:cd:9c:13:76:97:de:59:a8:95:af:2c:fa:
         4f:f1:1d:e8:6b:28:9a:52:c0:83:36:a2:fa:69:9d:31:9e:de:
         6d:18:ff:4b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUWFPtORG6um0eFZlTaB8zL2SCViYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjUzNUY2QTlBNjUzOTVCNTg4MUFEQjBCNDMyQTE2Njc5
Qzg4Q0M2MDAeFw0yNjA2MTcwNDAyNDhaFw0yNjA2MTgwNjE0NDhaMDMxMTAvBgNV
BAMTKEY0NDNDMDI3QThDMkMyRjU2QkMxNzI5NUZDQjg4RDE2NDNENUUwMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCzGo3uTw3bT59Pjq2jsoU1sKQ
wPn6Fq4MZwZNuvtPN1nN3mQRIzs3yRk4rRfnr70dgc28uP+ih6vsRfBEpZgss8tz
cYOprLZ1lXXt4Sn1XkRGP1C9qWA1DMXrNi6FOkN3oFX1y93KnwTwr3fww4jtkXVy
S27kM7FllnHgetMQ47bD9ZdG/JLRdIZ9JVET1qP0BnOQecCKHQzVWTIvYESQ4S3J
eDHsxdH74IIQjj41ZZXkOvfhhQSY8lIT+rW3wMGgH4RK+NdWg4XxQBLgIyFbmlWG
NH2eKPNEvRNN6tF8HxaKygWRB+Tt8ZWtqWkxBf0M7eDtrCOf6mSqIrIyAQkNAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU9EPAJ6jCwvVrwXKV/LiNFkPV4AwwHwYDVR0j
BBgwFoAUJTX2qaZTlbWIGtsLQyoWZ5yIzGAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV
HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v
NDFkYjM3MzAtZjQ5OS00NDlmLWI2ZjItN2E1ZGViNTMyYjBjLzAvMjUzNUY2QTlB
NjUzOTVCNTg4MUFEQjBCNDMyQTE2Njc5Qzg4Q0M2MC5jcmwwcgYIKwYBBQUHAQEE
ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl
cG8vSUROSUMvMS8yNTM1RjZBOUE2NTM5NUI1ODgxQURCMEI0MzJBMTY2NzlDODhD
QzYwLmNlcjCBlAYIKwYBBQUHAQsEgYcwgYQwgYEGCCsGAQUFBzALhnVyc3luYzov
L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vNDFkYjM3MzAtZjQ5OS00NDlmLWI2
ZjItN2E1ZGViNTMyYjBjLzAvMjUzNUY2QTlBNjUzOTVCNTg4MUFEQjBCNDMyQTE2
Njc5Qzg4Q0M2MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAJcM5+m4I9ltu4v6Dojd6otK8Aea6NjUICMk
vUy5ZAxPF+g2PEWqrQD2JBh6bZfBIwPUC7Tss+b8ff3nyC9OGzKnCLtYawtKYvma
ENZrwH8lgojaCvQWQlBpUsUZcGmJlqhuMvwCaxDhGE9FRXVtFW2txyOnzHgyJjR3
AOmHJJ/3pzVZOpHWJiuSBc++9VyYuovXGlMusxv74JyohmfLw9hcjpHgifppgF5A
2Yn65psw8ex/txx6iNqHChlGbqyGSTTJPdQNXuhih0Br5udn0l1L/uzz6HO+oJ9O
MgmA0c2cE3aX3lmola8s+k/xHehrKJpSwIM2ovppnTGe3m0Y/0s=
-----END CERTIFICATE-----