$ rpki-client -vvf repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft File: 43A0899A11D5A51202F1304338672AF19B201A74.mft (raw, json) Hash identifier: JaJzZeYOsgW4dAGGL31nKBA0O5mWX6h25Jr5K5TdAJ4= Subject key identifier: 7D:37:50:32:D3:CC:DF:2D:E6:A1:FC:B0:73:09:BB:23:73:FD:D1:53 Authority key identifier: 43:A0:89:9A:11:D5:A5:12:02:F1:30:43:38:67:2A:F1:9B:20:1A:74 Certificate issuer: /CN=43A0899A11D5A51202F1304338672AF19B201A74 Certificate serial: 461A5CFD58B8E42986523BB471BFD0C02F4EE351 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/43A0899A11D5A51202F1304338672AF19B201A74.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft Manifest number: 03A7 Signing time: Sat 10 May 2025 01:42:00 +0000 Manifest this update: Sat 10 May 2025 01:37:00 +0000 Manifest next update: Tue 13 May 2025 06:38:00 +0000 Files and hashes: 1: 43A0899A11D5A51202F1304338672AF19B201A74.crl (hash: oBuXUnxrIxJNoBNnRvtI7LWBn1OqQp9saWt+SLAWV1Q=) 2: 3130332e32392e3231322e302f32322d3234203d3e203538333737.roa (hash: bEv5NJFvGjCqOM99MFNub18kUBXqluJLuz63DD7/xZ4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.crl rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/43A0899A11D5A51202F1304338672AF19B201A74.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 06:38:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:1a:5c:fd:58:b8:e4:29:86:52:3b:b4:71:bf:d0:c0:2f:4e:e3:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43A0899A11D5A51202F1304338672AF19B201A74 Validity Not Before: May 10 01:37:00 2025 GMT Not After : May 13 06:38:00 2025 GMT Subject: CN=7D375032D3CCDF2DE6A1FCB07309BB2373FDD153 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:c5:44:1c:7c:15:1f:70:ce:45:ed:65:00:d1: 2e:8f:4e:7d:3a:d8:bf:9a:27:23:4d:58:cf:cf:b5: 31:ac:71:40:04:d8:f1:7a:32:90:fc:70:72:bc:e4: 71:83:96:4c:32:ca:4d:f1:22:0e:c4:da:d3:df:db: e7:e9:d9:ea:83:48:8b:63:29:8e:5e:92:74:61:08: ad:61:ee:11:9d:70:3e:bf:73:bf:b0:6c:77:70:44: 38:49:bc:82:b3:33:50:16:16:a5:ba:48:19:be:4a: 4b:e6:06:34:8d:01:ee:4e:cb:14:67:1a:3e:b0:a0: 95:43:76:fe:6d:05:a9:27:8f:dc:9f:86:05:d3:e2: 15:52:27:af:0d:56:97:9b:b7:79:48:d5:65:3f:f9: bf:01:5d:65:92:d8:69:6c:8a:5e:45:98:d5:d2:53: 9e:a4:a0:ed:4d:93:dd:c2:05:1e:c5:96:65:c6:ea: 40:50:e6:4f:fc:07:34:73:74:37:f5:bf:73:f2:c4: 2a:c2:57:2b:d9:b7:df:46:f4:d2:3b:4d:02:2c:4b: 48:50:4e:f5:08:3b:ad:65:b1:72:da:df:43:bc:d3: cf:ea:91:ec:fa:81:4a:0e:d1:7b:d4:38:8b:90:a7: da:e4:69:d7:22:d2:6a:08:da:2a:a2:60:c5:c1:c2: 9c:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:37:50:32:D3:CC:DF:2D:E6:A1:FC:B0:73:09:BB:23:73:FD:D1:53 X509v3 Authority Key Identifier: keyid:43:A0:89:9A:11:D5:A5:12:02:F1:30:43:38:67:2A:F1:9B:20:1A:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/43A0899A11D5A51202F1304338672AF19B201A74.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:9f:a3:6e:cb:18:90:1c:c2:75:0b:fb:cc:dc:cf:ca:7e:70: 4d:3f:cb:42:5b:ee:06:4d:68:d9:81:d1:0d:67:0d:18:c9:38: da:1d:63:e4:b6:ec:0b:11:ba:ab:27:11:59:90:ff:a5:a6:e6: de:ba:0b:a8:83:b7:38:6a:e3:c1:5d:41:7a:25:c9:e7:84:96: 31:29:fe:99:06:da:2b:4c:9b:57:06:ca:7e:b2:89:ee:f5:74: b0:b7:c7:f2:6a:93:10:02:13:5a:c6:9d:02:f6:27:2c:10:ad: a8:5f:d8:4c:eb:9d:77:dc:3c:2b:99:dd:b9:2c:64:9b:6a:fb: 2e:86:39:77:5d:bd:e5:09:9c:1a:a9:99:33:e2:e1:a2:7a:ea: 57:c0:ef:31:68:45:d4:50:71:68:82:37:e1:06:c5:4a:ef:95: 58:2b:2a:29:6e:ef:c4:b5:b3:54:20:a3:7e:51:39:c8:03:d1: b4:bb:99:e9:dd:7f:98:84:c2:ca:98:f8:05:ba:f8:de:54:b8: 88:85:a0:1e:07:c1:b9:8e:15:da:84:99:ef:44:81:df:11:df: d5:4c:68:fe:5d:db:65:8e:1d:11:87:a5:07:f3:0b:ec:e6:af: 1f:22:21:9e:73:e1:32:de:fe:45:9a:42:b1:e2:67:bc:48:ce: 9a:2d:46:a7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURhpc/Vi45CmGUju0cb/QwC9O41EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDNBMDg5OUExMUQ1QTUxMjAyRjEzMDQzMzg2NzJBRjE5 QjIwMUE3NDAeFw0yNTA1MTAwMTM3MDBaFw0yNTA1MTMwNjM4MDBaMDMxMTAvBgNV BAMTKDdEMzc1MDMyRDNDQ0RGMkRFNkExRkNCMDczMDlCQjIzNzNGREQxNTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkxUQcfBUfcM5F7WUA0S6PTn06 2L+aJyNNWM/PtTGscUAE2PF6MpD8cHK85HGDlkwyyk3xIg7E2tPf2+fp2eqDSItj KY5eknRhCK1h7hGdcD6/c7+wbHdwRDhJvIKzM1AWFqW6SBm+SkvmBjSNAe5OyxRn Gj6woJVDdv5tBaknj9yfhgXT4hVSJ68NVpebt3lI1WU/+b8BXWWS2Glsil5FmNXS U56koO1Nk93CBR7FlmXG6kBQ5k/8BzRzdDf1v3PyxCrCVyvZt99G9NI7TQIsS0hQ TvUIO61lsXLa30O808/qkez6gUoO0XvUOIuQp9rkadci0moI2iqiYMXBwpxlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUfTdQMtPM3y3mofywcwm7I3P90VMwHwYDVR0j BBgwFoAUQ6CJmhHVpRIC8TBDOGcq8ZsgGnQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NDAxYjJkMS0wMWNhLTQwZTgtYmY3Ny05ODYxNTk4NjdhMDQvMC80M0EwODk5QTEx RDVBNTEyMDJGMTMwNDMzODY3MkFGMTlCMjAxQTc0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDNBMDg5OUExMUQ1QTUxMjAyRjEzMDQzMzg2NzJBRjE5QjIw MUE3NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDQwMWIyZDEtMDFjYS00MGU4LWJm NzctOTg2MTU5ODY3YTA0LzAvNDNBMDg5OUExMUQ1QTUxMjAyRjEzMDQzMzg2NzJB RjE5QjIwMUE3NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGefo27LGJAcwnUL+8zcz8p+cE0/y0Jb7gZN aNmB0Q1nDRjJONodY+S27AsRuqsnEVmQ/6Wm5t66C6iDtzhq48FdQXolyeeEljEp /pkG2itMm1cGyn6yie71dLC3x/JqkxACE1rGnQL2JywQrahf2EzrnXfcPCuZ3bks ZJtq+y6GOXddveUJnBqpmTPi4aJ66lfA7zFoRdRQcWiCN+EGxUrvlVgrKilu78S1 s1Qgo35ROcgD0bS7mendf5iEwsqY+AW6+N5UuIiFoB4HwbmOFdqEme9Egd8R39VM aP5d22WOHRGHpQfzC+zmrx8iIZ5z4TLe/kWaQrHiZ7xIzpotRqc= -----END CERTIFICATE-----Generated at Sun May 11 11:26:45 2025 by rpki-client