$ rpki-client -vvf repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft File: 645C9D445B2796662EE98A03E50C124F3E962CAB.mft (raw, json) Hash identifier: KVT3P+NceTbKFrK7x8vS53P5W+TxnWB3nEBViuf++vw= Subject key identifier: 86:FC:E1:E3:9C:B3:CE:75:C8:D5:6A:EE:28:2F:07:AF:49:F3:C3:BB Authority key identifier: 64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB Certificate issuer: /CN=645C9D445B2796662EE98A03E50C124F3E962CAB Certificate serial: 463089F1458FB3AE24C8B5F4BF6539A8FC687AD9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft Manifest number: 0389 Signing time: Mon 30 Jun 2025 11:31:05 +0000 Manifest this update: Mon 30 Jun 2025 11:26:05 +0000 Manifest next update: Thu 03 Jul 2025 12:50:05 +0000 Files and hashes: 1: 645C9D445B2796662EE98A03E50C124F3E962CAB.crl (hash: vAYPGerfGKAng86acQ4qeNA+vwSc7Avp1cwYxtFiDG8=) 2: 3130332e3130302e3137342e302f32342d3234203d3e20313336383431.roa (hash: pfMM3/ygiEY34vdGoVOYeg8tWN4ZaCnJmX0NJOGEX00=) 3: 323430313a626534303a3a2f33322d3332203d3e20313336383431.roa (hash: fqov0BDCIixBi9VcnBXwyfgiMxOlqrXxcfdLtIYOthI=) 4: 3130332e3130302e3137332e302f32342d3234203d3e20313336383431.roa (hash: Yo/r10NdHpCyWdp4iTpRbnPv2TKKyCyVTnBiO8AmbDc=) 5: 3130332e3130302e3137322e302f32342d3234203d3e20313336383431.roa (hash: ehP408+CXUe13X4F5TvwPj6ddCoH7T+4InUUhWjVyGw=) 6: 3130332e3130302e3137352e302f32342d3234203d3e20313336383431.roa (hash: qbkH1qedbuL2nkb9oW2AlysgwJB8XaNgGrzurioAZP0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 12:50:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:30:89:f1:45:8f:b3:ae:24:c8:b5:f4:bf:65:39:a8:fc:68:7a:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=645C9D445B2796662EE98A03E50C124F3E962CAB Validity Not Before: Jun 30 11:26:05 2025 GMT Not After : Jul 3 12:50:05 2025 GMT Subject: CN=86FCE1E39CB3CE75C8D56AEE282F07AF49F3C3BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:23:6d:f4:cf:f9:f6:c5:53:56:6a:b5:d6:a7: 54:2a:b3:8a:4e:0f:91:f0:4b:06:17:64:c5:78:74: 7c:de:1e:3f:a9:cf:3e:11:fd:88:52:92:a5:fd:e7: aa:a9:b6:27:8b:38:d4:85:ba:f5:83:8c:c4:d9:c1: 29:5b:b7:22:90:07:f5:ad:7f:8e:33:54:d1:b4:d5: 09:cd:48:20:28:4d:f5:4d:1a:c3:03:a0:78:ce:9e: 70:bc:87:98:d6:6a:60:d6:10:4e:87:e6:77:eb:8b: 8f:72:df:1e:b8:cc:0d:67:9f:c6:13:21:af:75:e8: f4:47:e8:f2:91:75:a5:dd:ee:1c:61:a7:85:d6:6e: 49:54:ad:d1:ab:26:54:e2:d1:1a:59:6a:50:51:28: 55:80:98:01:cf:ad:29:e0:d6:90:bb:dd:2c:6e:a8: 15:6c:75:79:6e:6c:d7:da:50:53:73:1b:1c:93:5e: a8:65:4e:53:ec:17:67:7e:58:2c:84:74:35:28:e9: fc:16:c6:14:23:7b:00:0a:8f:3a:8c:02:d0:7c:5f: 9c:bc:90:27:70:ca:e1:46:6d:79:55:8a:32:78:b6: ab:f1:39:51:bf:cf:7b:48:4e:cb:78:36:75:cc:60: 82:43:90:75:13:51:5b:0e:9f:a2:c9:fd:27:60:c6: 38:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:FC:E1:E3:9C:B3:CE:75:C8:D5:6A:EE:28:2F:07:AF:49:F3:C3:BB X509v3 Authority Key Identifier: keyid:64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:b5:a4:0b:84:65:6c:83:09:53:60:c0:68:ef:79:7b:4a:ca: 51:fa:28:ec:c1:6f:5b:69:0c:78:a6:63:7f:9b:27:3d:12:eb: b0:b0:bf:9b:90:05:0c:88:8a:09:99:31:fe:37:6d:ab:54:96: cf:b4:22:7f:be:0d:0b:d3:01:f1:a5:2c:da:f5:ac:0b:b0:fc: 26:7e:5f:1e:78:05:7a:1e:dd:80:81:7a:e5:db:e8:92:85:9e: 63:e9:96:d7:e8:2f:b7:d7:1d:dd:d7:6a:a5:7f:c9:3e:7e:5f: 11:56:9d:c8:f6:dc:ec:b8:cc:6c:7c:73:8d:03:fe:56:4f:7c: 8a:5f:a6:9d:69:da:1a:3a:5f:e0:ce:c6:20:75:da:00:b2:8b: 9a:4d:15:10:47:37:b5:85:9a:03:f7:69:e2:d6:ff:b7:b9:b2: 03:6d:57:d1:72:21:be:a4:ee:6e:df:a4:47:46:e9:dc:dc:70: 7e:83:d2:d8:62:86:ad:6e:22:a5:36:1f:c7:47:5a:b2:7c:6f: ca:e5:30:b7:36:db:30:25:e2:c9:f6:30:2f:42:b6:14:86:58: 78:b3:d8:6a:c9:0b:66:e4:d3:38:9e:78:dc:ff:4e:02:e5:fd: 67:37:53:48:86:b5:11:92:24:8b:b6:6a:7f:d5:1f:c3:1b:db: 3e:d2:6a:ba -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURjCJ8UWPs64kyLX0v2U5qPxoetkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYz RTk2MkNBQjAeFw0yNTA2MzAxMTI2MDVaFw0yNTA3MDMxMjUwMDVaMDMxMTAvBgNV BAMTKDg2RkNFMUUzOUNCM0NFNzVDOEQ1NkFFRTI4MkYwN0FGNDlGM0MzQkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQI230z/n2xVNWarXWp1Qqs4pO D5HwSwYXZMV4dHzeHj+pzz4R/YhSkqX956qptieLONSFuvWDjMTZwSlbtyKQB/Wt f44zVNG01QnNSCAoTfVNGsMDoHjOnnC8h5jWamDWEE6H5nfri49y3x64zA1nn8YT Ia916PRH6PKRdaXd7hxhp4XWbklUrdGrJlTi0RpZalBRKFWAmAHPrSng1pC73Sxu qBVsdXlubNfaUFNzGxyTXqhlTlPsF2d+WCyEdDUo6fwWxhQjewAKjzqMAtB8X5y8 kCdwyuFGbXlVijJ4tqvxOVG/z3tITst4NnXMYIJDkHUTUVsOn6LJ/SdgxjiZAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhvzh45yzznXI1WruKC8Hr0nzw7swHwYDVR0j BBgwFoAUZFydRFsnlmYu6YoD5QwSTz6WLKswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NzMwNGI4My0zMGFhLTRiYmYtOWZkNy0yZmNlYWRiZjAwMzAvMC82NDVDOUQ0NDVC Mjc5NjY2MkVFOThBMDNFNTBDMTI0RjNFOTYyQ0FCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYzRTk2 MkNBQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDczMDRiODMtMzBhYS00YmJmLTlm ZDctMmZjZWFkYmYwMDMwLzAvNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEy NEYzRTk2MkNBQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGa1pAuEZWyDCVNgwGjveXtKylH6KOzBb1tp DHimY3+bJz0S67Cwv5uQBQyIigmZMf43batUls+0In++DQvTAfGlLNr1rAuw/CZ+ Xx54BXoe3YCBeuXb6JKFnmPpltfoL7fXHd3XaqV/yT5+XxFWncj23Oy4zGx8c40D /lZPfIpfpp1p2ho6X+DOxiB12gCyi5pNFRBHN7WFmgP3aeLW/7e5sgNtV9FyIb6k 7m7fpEdG6dzccH6D0thihq1uIqU2H8dHWrJ8b8rlMLc22zAl4sn2MC9CthSGWHiz 2GrJC2bk0zieeNz/TgLl/Wc3U0iGtRGSJIu2an/VH8Mb2z7Saro= -----END CERTIFICATE-----Generated at Mon Jun 30 20:29:59 2025 by rpki-client