$ rpki-client -vvf repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft File: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft (raw, json) Hash identifier: XuTKp+IggMA1TprW58VAJzU1w+6BQTaRIMy7MyV99+o= Subject key identifier: 18:2D:41:50:C4:48:39:6B:63:3F:9E:21:55:28:01:1F:2F:B2:3B:50 Authority key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Certificate issuer: /CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Certificate serial: 12CF0375942BBB92E3D8214DCA619DABC917B870 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft Manifest number: 9A Signing time: Tue 01 Jul 2025 08:21:42 +0000 Manifest this update: Tue 01 Jul 2025 08:16:42 +0000 Manifest next update: Fri 04 Jul 2025 10:14:42 +0000 Files and hashes: 1: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl (hash: QvBeOPzaNLVQxfCmWyfvYmn8eYrwRf4ba4E5VhyIWNQ=) 2: 3136302e32322e31332e302f32342d3234203d3e20313532373935.roa (hash: 4zrjWTGjIfmRVD7KoG+5XB5sYDfQiVJOsTHraO00txU=) 3: 3136302e32322e31322e302f32342d3234203d3e20313532373935.roa (hash: c7u9a3tNo+sinKbXEOZIkxb5lpQ3V3xHWxLJ0wK62sQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 10:14:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:cf:03:75:94:2b:bb:92:e3:d8:21:4d:ca:61:9d:ab:c9:17:b8:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Validity Not Before: Jul 1 08:16:42 2025 GMT Not After : Jul 4 10:14:42 2025 GMT Subject: CN=182D4150C448396B633F9E215528011F2FB23B50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:9c:b7:2a:db:20:ff:70:a8:16:e2:3b:6d:1a: 53:d9:a4:ea:08:7d:99:47:2e:44:84:e5:f4:73:c2: e9:d2:f0:03:68:28:dd:ef:9f:26:80:62:c4:ff:7a: fd:db:0a:32:8f:10:d1:e6:6b:37:cd:40:ce:82:4e: 1e:f9:c0:6c:5d:78:37:f1:af:f4:cf:8f:c1:66:da: 0c:8f:6c:28:ad:e0:46:d4:3f:23:64:bc:73:94:b4: 6e:85:7e:c6:24:b5:9b:6c:86:0c:38:e2:e9:3a:4f: 03:87:6a:d5:46:c4:e4:93:e0:53:03:56:a5:02:4b: 05:51:f1:d8:a2:ac:79:7d:7a:02:39:d1:d1:0f:b3: 2a:f6:db:97:42:36:2a:b9:97:e0:88:57:e3:d0:e4: 85:d2:f4:27:d0:bc:64:86:1c:6f:73:f4:5f:38:48: 63:b2:fc:db:6a:fa:47:b1:ad:f6:9b:4b:dc:98:1e: 35:9c:2c:14:ec:e5:ac:80:fb:dd:fe:f7:0e:80:07: 4c:47:20:58:ab:93:45:9b:6f:6c:bd:22:bc:b9:cf: 1c:fa:33:a9:b5:b2:43:62:3c:73:2a:bb:5e:18:47: a1:43:76:b1:35:e2:56:ff:8f:a8:39:2d:5f:f4:10: eb:93:3f:e5:c5:ba:d2:27:3b:61:f4:58:7e:d0:d2: 70:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:2D:41:50:C4:48:39:6B:63:3F:9E:21:55:28:01:1F:2F:B2:3B:50 X509v3 Authority Key Identifier: keyid:58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:de:03:30:98:cc:17:7e:cc:1f:e1:bc:47:aa:c6:d5:fa:dc: 3d:6b:ed:3d:fc:74:fd:68:3a:28:49:73:3b:82:f6:a7:0b:4a: af:6c:82:6d:a4:01:84:cb:b4:39:80:9e:ce:8a:ed:2e:dd:c1: 64:41:91:de:80:11:16:7e:7c:36:7d:9c:ff:f4:94:67:90:c0: f0:99:c2:3d:79:a1:8a:76:ec:bf:57:c3:06:5d:b8:41:59:6b: 3f:13:3e:19:6d:1c:d1:4d:3d:ff:7f:92:97:e6:89:5b:e3:65: 57:e2:92:dc:0d:dd:81:54:ac:30:a0:cb:7f:67:b9:16:1e:d7: 9c:82:d9:c8:f9:24:b9:0d:b9:02:2a:d2:73:a5:4f:90:86:40: 28:02:66:bf:e9:0a:ab:ea:5c:f6:5e:36:f2:dc:90:68:21:94: 42:a4:f3:e8:39:c9:2c:e6:f3:b6:bb:77:44:67:e9:5e:65:bb: 07:5a:e6:4c:90:f7:2d:48:04:a1:4b:9e:15:8c:dd:27:87:99: 49:3b:25:45:59:1c:4d:59:a6:75:f3:af:78:74:7d:5c:43:f6: 67:2a:85:64:b2:dd:4a:d8:1e:de:d6:02:73:2e:a4:33:18:37: 50:98:26:69:67:04:32:ed:e9:d7:66:cd:63:eb:f4:46:66:bb: d3:16:33:fe -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUEs8DdZQru5Lj2CFNymGdq8kXuHAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdF MEU0RDA2OTAeFw0yNTA3MDEwODE2NDJaFw0yNTA3MDQxMDE0NDJaMDMxMTAvBgNV BAMTKDE4MkQ0MTUwQzQ0ODM5NkI2MzNGOUUyMTU1MjgwMTFGMkZCMjNCNTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvnLcq2yD/cKgW4jttGlPZpOoI fZlHLkSE5fRzwunS8ANoKN3vnyaAYsT/ev3bCjKPENHmazfNQM6CTh75wGxdeDfx r/TPj8Fm2gyPbCit4EbUPyNkvHOUtG6FfsYktZtshgw44uk6TwOHatVGxOST4FMD VqUCSwVR8diirHl9egI50dEPsyr225dCNiq5l+CIV+PQ5IXS9CfQvGSGHG9z9F84 SGOy/Ntq+kexrfabS9yYHjWcLBTs5ayA+93+9w6AB0xHIFirk0Wbb2y9Iry5zxz6 M6m1skNiPHMqu14YR6FDdrE14lb/j6g5LV/0EOuTP+XFutInO2H0WH7Q0nC7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUGC1BUMRIOWtjP54hVSgBHy+yO1AwHwYDVR0j BBgwFoAUWI3Q/OS8JDzJxtaK4E6EZ+Dk0GkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMC81ODhERDBGQ0U0 QkMyNDNDQzlDNkQ2OEFFMDRFODQ2N0UwRTREMDY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdFMEU0 RDA2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDE5OWU1NDEtMTg2MS00ZDZhLThl MjgtYjAyODQ1ODYxNDk2LzAvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0 NjdFMEU0RDA2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACHeAzCYzBd+zB/hvEeqxtX63D1r7T38dP1o OihJczuC9qcLSq9sgm2kAYTLtDmAns6K7S7dwWRBkd6AERZ+fDZ9nP/0lGeQwPCZ wj15oYp27L9XwwZduEFZaz8TPhltHNFNPf9/kpfmiVvjZVfiktwN3YFUrDCgy39n uRYe15yC2cj5JLkNuQIq0nOlT5CGQCgCZr/pCqvqXPZeNvLckGghlEKk8+g5ySzm 87a7d0Rn6V5luwda5kyQ9y1IBKFLnhWM3SeHmUk7JUVZHE1ZpnXzr3h0fVxD9mcq hWSy3UrYHt7WAnMupDMYN1CYJmlnBDLt6ddmzWPr9EZmu9MWM/4= -----END CERTIFICATE-----Generated at Wed Jul 2 05:33:18 2025 by rpki-client