$ rpki-client -vvf repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft File: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft (raw, json) Hash identifier: DZL+9ezf21p/A6ECU5dafMQEK5PCvB7fRSOpW5ChCGE= Subject key identifier: 51:27:F7:30:F8:A6:AD:E2:34:F0:07:3D:1A:14:DA:A0:DF:0E:26:82 Authority key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Certificate issuer: /CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Certificate serial: 40422E1EDE3B79D7C16666AD978E7FC3C268408A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft Manifest number: B2 Signing time: Sat 23 Aug 2025 19:01:56 +0000 Manifest this update: Sat 23 Aug 2025 18:56:56 +0000 Manifest next update: Tue 26 Aug 2025 20:34:56 +0000 Files and hashes: 1: 3136302e32322e31332e302f32342d3234203d3e20313532373935.roa (hash: CjQ8LjHFMEFZAKqjfhXd2Dui1+KhZzwEUkNHDbRDo5c=) 2: 3136302e32322e31322e302f32342d3234203d3e20313532373935.roa (hash: kSF1VyQJjpek8Mf3gy+lWICO98IQh62K2L543jgKTUA=) 3: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl (hash: YYxgVF2w2mD02BTchE6HLHa0zEsCJrc4I0HVU6yVwSM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 10:24:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:42:2e:1e:de:3b:79:d7:c1:66:66:ad:97:8e:7f:c3:c2:68:40:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Validity Not Before: Aug 23 18:56:56 2025 GMT Not After : Aug 26 20:34:56 2025 GMT Subject: CN=5127F730F8A6ADE234F0073D1A14DAA0DF0E2682 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:d7:e4:27:33:33:c4:b4:dd:2b:e1:54:4e:9d: cd:5b:6c:ec:2b:28:df:a1:33:9f:b0:91:81:94:16: a7:7d:9c:ca:2f:88:8a:b1:5a:a2:cb:30:96:42:56: 7e:32:09:c4:1f:f9:3c:0c:45:c3:d7:94:ee:01:33: 70:12:39:6b:9d:94:f9:97:d7:d2:2d:bf:f9:2b:ca: 0e:d6:71:b5:27:31:73:18:0a:a7:44:7d:0e:f8:6b: e7:f7:b7:7e:ee:30:ca:77:f2:91:45:b2:b0:1b:a3: aa:ca:e1:fe:af:d3:72:fd:fc:42:86:29:af:17:91: ef:fb:19:76:f8:af:43:7b:9b:88:66:11:64:73:42: 42:b0:0b:cc:84:ee:bc:40:23:ee:5d:c2:af:32:2b: c2:ba:21:78:99:09:a2:2d:36:6c:45:38:58:8a:26: 85:e5:9e:e5:4f:60:94:9a:a6:82:db:01:a8:1b:35: 3d:68:16:6f:29:1c:70:dc:b0:57:3d:a2:44:64:4a: bb:34:9a:0c:7a:df:b7:b4:a5:02:f7:cb:b5:36:3b: fe:e4:51:b1:e2:f7:4d:14:74:14:c9:4e:d0:69:2e: f2:bb:9a:91:11:48:5b:8f:eb:33:7c:e4:90:1f:e1: bb:63:fe:8b:46:9b:62:ca:6f:81:83:c7:6f:df:d9: 74:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:27:F7:30:F8:A6:AD:E2:34:F0:07:3D:1A:14:DA:A0:DF:0E:26:82 X509v3 Authority Key Identifier: keyid:58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:98:19:ac:61:88:b4:dc:54:31:e2:60:8f:50:1c:7c:9f:e0: 74:ee:c0:04:18:25:5b:56:46:39:fd:23:3f:0c:d3:f5:40:c8: 2a:8b:c6:33:99:c6:8b:bd:74:0d:84:a2:a7:4b:7d:8f:6d:88: 7d:e5:4f:6d:0b:6c:7e:d9:b1:fd:fd:11:3b:86:c1:fc:de:35: f2:05:48:92:de:cc:56:a0:d4:9b:59:69:b6:37:00:49:b4:0c: b6:0e:db:db:e3:70:56:c3:86:59:d1:77:f4:4c:90:83:e7:6b: 81:dd:2e:b7:9f:60:0f:a5:25:ef:b8:44:3e:3f:cc:de:8d:72: a5:14:3e:c5:d4:10:d4:a6:cb:58:9a:cb:62:3b:17:38:84:23: 85:c0:ed:6e:ad:ea:1c:c3:fa:54:97:59:f5:ee:63:2d:c0:81: 92:e1:e6:d6:32:0a:09:fa:11:5d:99:f5:bb:2a:58:41:19:63: c9:ac:d9:4c:59:b0:a4:2f:b1:a4:ec:09:d5:a8:95:45:67:e8: 48:60:53:27:22:7a:e2:1c:62:84:8f:02:7b:d4:13:4e:28:a7: a4:82:80:ec:78:1d:66:e6:e7:b7:a3:51:66:58:d0:d6:9b:41: 78:9c:e9:d4:9a:e5:3d:f0:c0:ac:06:2a:d3:94:5a:26:cf:c6: e7:eb:13:ac -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQEIuHt47edfBZmatl45/w8JoQIowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdF MEU0RDA2OTAeFw0yNTA4MjMxODU2NTZaFw0yNTA4MjYyMDM0NTZaMDMxMTAvBgNV BAMTKDUxMjdGNzMwRjhBNkFERTIzNEYwMDczRDFBMTREQUEwREYwRTI2ODIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD41+QnMzPEtN0r4VROnc1bbOwr KN+hM5+wkYGUFqd9nMoviIqxWqLLMJZCVn4yCcQf+TwMRcPXlO4BM3ASOWudlPmX 19Itv/kryg7WcbUnMXMYCqdEfQ74a+f3t37uMMp38pFFsrAbo6rK4f6v03L9/EKG Ka8Xke/7GXb4r0N7m4hmEWRzQkKwC8yE7rxAI+5dwq8yK8K6IXiZCaItNmxFOFiK JoXlnuVPYJSapoLbAagbNT1oFm8pHHDcsFc9okRkSrs0mgx637e0pQL3y7U2O/7k UbHi900UdBTJTtBpLvK7mpERSFuP6zN85JAf4btj/otGm2LKb4GDx2/f2XRzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUUSf3MPimreI08Ac9GhTaoN8OJoIwHwYDVR0j BBgwFoAUWI3Q/OS8JDzJxtaK4E6EZ+Dk0GkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMC81ODhERDBGQ0U0 QkMyNDNDQzlDNkQ2OEFFMDRFODQ2N0UwRTREMDY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdFMEU0 RDA2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDE5OWU1NDEtMTg2MS00ZDZhLThl MjgtYjAyODQ1ODYxNDk2LzAvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0 NjdFMEU0RDA2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKyYGaxhiLTcVDHiYI9QHHyf4HTuwAQYJVtW Rjn9Iz8M0/VAyCqLxjOZxou9dA2EoqdLfY9tiH3lT20LbH7Zsf39ETuGwfzeNfIF SJLezFag1JtZabY3AEm0DLYO29vjcFbDhlnRd/RMkIPna4HdLrefYA+lJe+4RD4/ zN6NcqUUPsXUENSmy1iay2I7FziEI4XA7W6t6hzD+lSXWfXuYy3AgZLh5tYyCgn6 EV2Z9bsqWEEZY8ms2UxZsKQvsaTsCdWolUVn6EhgUycieuIcYoSPAnvUE04op6SC gOx4HWbm57ejUWZY0NabQXic6dSa5T3wwKwGKtOUWibPxufrE6w= -----END CERTIFICATE-----Generated at Sun Aug 24 04:33:26 2025 by rpki-client