$ rpki-client -vvf repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft File: 645C9D445B2796662EE98A03E50C124F3E962CAB.mft (raw, json) Hash identifier: KwC2W/V6AJ/80Oma8iJs5RtxHbXG9KoJWNP5B4QHNM8= Subject key identifier: 56:E6:AF:BB:81:11:6B:DB:70:C7:B5:42:A5:82:8A:B4:B7:D9:63:E0 Authority key identifier: 64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB Certificate issuer: /CN=645C9D445B2796662EE98A03E50C124F3E962CAB Certificate serial: 42E85180F60D388E4C53F1E3FB9C469586BBFE02 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft Manifest number: 03A0 Signing time: Thu 21 Aug 2025 21:41:06 +0000 Manifest this update: Thu 21 Aug 2025 21:36:06 +0000 Manifest next update: Mon 25 Aug 2025 08:03:06 +0000 Files and hashes: 1: 645C9D445B2796662EE98A03E50C124F3E962CAB.crl (hash: 31mxlsdR7woMtuWrml7ruzMieqtrDgtmCA1iEBbv2vA=) 2: 3130332e3130302e3137322e302f32342d3234203d3e20313336383431.roa (hash: ehP408+CXUe13X4F5TvwPj6ddCoH7T+4InUUhWjVyGw=) 3: 3130332e3130302e3137332e302f32342d3234203d3e20313336383431.roa (hash: Yo/r10NdHpCyWdp4iTpRbnPv2TKKyCyVTnBiO8AmbDc=) 4: 323430313a626534303a3a2f33322d3332203d3e20313336383431.roa (hash: fqov0BDCIixBi9VcnBXwyfgiMxOlqrXxcfdLtIYOthI=) 5: 3130332e3130302e3137352e302f32342d3234203d3e20313336383431.roa (hash: qbkH1qedbuL2nkb9oW2AlysgwJB8XaNgGrzurioAZP0=) 6: 3130332e3130302e3137342e302f32342d3234203d3e20313336383431.roa (hash: pfMM3/ygiEY34vdGoVOYeg8tWN4ZaCnJmX0NJOGEX00=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 08:03:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:e8:51:80:f6:0d:38:8e:4c:53:f1:e3:fb:9c:46:95:86:bb:fe:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=645C9D445B2796662EE98A03E50C124F3E962CAB Validity Not Before: Aug 21 21:36:06 2025 GMT Not After : Aug 25 08:03:06 2025 GMT Subject: CN=56E6AFBB81116BDB70C7B542A5828AB4B7D963E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ce:59:9a:b5:77:c0:77:44:1b:a1:58:01:52: 02:c9:28:eb:ef:46:b8:d6:9f:b5:0c:05:28:4d:6d: 1c:0b:77:70:a1:36:a4:c0:47:69:60:87:c9:d8:b7: 1b:19:be:db:2e:c9:22:9f:68:b9:b4:8a:32:0f:96: b5:b8:1e:e2:ae:1d:cb:11:17:b5:ce:75:c3:e7:bc: 8b:25:7f:20:81:26:d6:57:90:9d:d3:ac:74:6a:05: 3e:36:ff:a2:3c:3b:eb:1e:f6:ab:4a:57:65:dd:6b: f8:b2:c5:d3:79:e7:30:75:74:48:02:1f:dc:3f:23: c7:0a:84:cd:9c:2a:1a:65:d6:a9:4c:ff:c6:f3:ae: f8:68:c7:d2:0f:63:9c:32:50:38:2e:14:87:17:07: 0d:47:9e:e1:33:e2:1e:1c:dd:7f:e2:d4:f5:42:cf: 83:57:a0:1a:d5:7c:85:2a:21:5a:d9:e7:0d:03:8b: be:26:6c:39:9a:9d:6a:30:fe:ac:8f:d1:28:9a:ce: 27:45:1a:61:f9:e8:d1:ac:9b:83:35:6b:86:c4:49: c2:50:83:8c:9e:bc:eb:56:c0:5f:87:ac:7b:8d:6a: 5c:78:43:9e:e6:a7:e2:ad:87:68:62:bf:91:a6:22: e6:c3:be:71:9d:8d:3b:bb:b5:1a:f5:0f:0c:1a:5c: 50:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:E6:AF:BB:81:11:6B:DB:70:C7:B5:42:A5:82:8A:B4:B7:D9:63:E0 X509v3 Authority Key Identifier: keyid:64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:29:a2:8b:46:24:5f:f8:7b:9e:39:50:a6:0c:23:26:e3:58: a3:30:41:5a:4a:89:7a:24:a4:f9:3c:c9:b6:a6:bb:57:d8:c6: 75:00:70:b7:97:63:1b:87:1d:e2:c0:2b:f7:95:cd:11:1b:33: 4d:f8:54:1d:a0:68:2a:dc:4e:f0:c0:d7:ca:37:2b:95:b1:e8: 00:60:a3:94:ed:a6:05:aa:a1:40:0f:87:07:c8:72:fb:8d:e0: ba:b0:4a:75:cf:e9:ef:51:e9:3f:81:6e:07:f3:10:cf:35:21: a5:56:20:63:5c:b7:e4:ef:6c:ec:97:6e:c9:0c:07:3b:c3:df: 32:26:85:b5:41:d8:f2:e2:5e:2e:99:d2:2c:11:e1:a5:67:46: 50:fd:e8:45:e2:1c:84:c5:38:42:c3:8d:72:cd:89:10:1e:7d: 9b:89:2e:4e:99:08:ed:22:61:a2:4c:29:ac:5c:8b:13:68:f7: 02:ff:46:7d:21:f2:63:44:85:13:d8:06:c6:a2:51:a2:64:fd: ab:a6:42:07:8f:6d:6c:01:20:35:8c:e9:6f:8d:93:76:df:f5: da:74:0f:32:98:93:ac:df:89:14:81:59:fd:57:49:3d:b5:30: 30:d5:8f:0c:c5:e3:24:16:6a:01:66:80:4d:ce:c0:05:cd:78: 2e:58:05:ff -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQuhRgPYNOI5MU/Hj+5xGlYa7/gIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYz RTk2MkNBQjAeFw0yNTA4MjEyMTM2MDZaFw0yNTA4MjUwODAzMDZaMDMxMTAvBgNV BAMTKDU2RTZBRkJCODExMTZCREI3MEM3QjU0MkE1ODI4QUI0QjdEOTYzRTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQzlmatXfAd0QboVgBUgLJKOvv RrjWn7UMBShNbRwLd3ChNqTAR2lgh8nYtxsZvtsuySKfaLm0ijIPlrW4HuKuHcsR F7XOdcPnvIslfyCBJtZXkJ3TrHRqBT42/6I8O+se9qtKV2Xda/iyxdN55zB1dEgC H9w/I8cKhM2cKhpl1qlM/8bzrvhox9IPY5wyUDguFIcXBw1HnuEz4h4c3X/i1PVC z4NXoBrVfIUqIVrZ5w0Di74mbDmanWow/qyP0SiazidFGmH56NGsm4M1a4bEScJQ g4yevOtWwF+HrHuNalx4Q57mp+Kth2hiv5GmIubDvnGdjTu7tRr1DwwaXFCvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUVuavu4ERa9twx7VCpYKKtLfZY+AwHwYDVR0j BBgwFoAUZFydRFsnlmYu6YoD5QwSTz6WLKswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NzMwNGI4My0zMGFhLTRiYmYtOWZkNy0yZmNlYWRiZjAwMzAvMC82NDVDOUQ0NDVC Mjc5NjY2MkVFOThBMDNFNTBDMTI0RjNFOTYyQ0FCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYzRTk2 MkNBQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDczMDRiODMtMzBhYS00YmJmLTlm ZDctMmZjZWFkYmYwMDMwLzAvNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEy NEYzRTk2MkNBQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKEpootGJF/4e545UKYMIybjWKMwQVpKiXok pPk8ybamu1fYxnUAcLeXYxuHHeLAK/eVzREbM034VB2gaCrcTvDA18o3K5Wx6ABg o5TtpgWqoUAPhwfIcvuN4LqwSnXP6e9R6T+BbgfzEM81IaVWIGNct+TvbOyXbskM BzvD3zImhbVB2PLiXi6Z0iwR4aVnRlD96EXiHITFOELDjXLNiRAefZuJLk6ZCO0i YaJMKaxcixNo9wL/Rn0h8mNEhRPYBsaiUaJk/aumQgePbWwBIDWM6W+Nk3bf9dp0 DzKYk6zfiRSBWf1XST21MDDVjwzF4yQWagFmgE3OwAXNeC5YBf8= -----END CERTIFICATE-----Generated at Sun Aug 24 06:08:39 2025 by rpki-client