$ rpki-client -vvf repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.mft File: 1697127AE288F4C03503ED0ED8F09BD7A10A1E20.mft (raw, json) Hash identifier: xgOZzKAElAUXe9lTymQw/M46ka9vLGg1lZVqHvHTAqc= Subject key identifier: 39:9D:3E:F8:A8:8F:CA:5F:0B:37:DB:1A:99:C6:5E:87:C8:73:DC:A3 Authority key identifier: 16:97:12:7A:E2:88:F4:C0:35:03:ED:0E:D8:F0:9B:D7:A1:0A:1E:20 Certificate issuer: /CN=1697127AE288F4C03503ED0ED8F09BD7A10A1E20 Certificate serial: 0559861FC56F0A98603A7FE10049672C88B9C22F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.mft Manifest number: 0235 Signing time: Sat 23 Aug 2025 02:11:48 +0000 Manifest this update: Sat 23 Aug 2025 02:06:48 +0000 Manifest next update: Tue 26 Aug 2025 02:15:48 +0000 Files and hashes: 1: 1697127AE288F4C03503ED0ED8F09BD7A10A1E20.crl (hash: h8IMtGtCQ2LJYVEjK7avS6LfAXMF/18o8zxZFGMhq8I=) 2: 3130332e3138302e3235302e302f32342d3234203d3e20313439333733.roa (hash: 132Kizc+R6ps/hT6AogJkCilm9HX7+ORPphZ8hVhLQ8=) 3: 3130332e3138302e3235312e302f32342d3234203d3e20313439333733.roa (hash: omQCe9i6UAQabn658NY546AFhSlSDQxwejMwWzEAolo=) 4: 3130332e3138302e3235302e302f32332d3234203d3e20313439333733.roa (hash: 6+aOTOrAxzWsWipZ2VbdRwlhEyJYsC/PS67oMR2JaEk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.crl rsync://repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 02:15:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:59:86:1f:c5:6f:0a:98:60:3a:7f:e1:00:49:67:2c:88:b9:c2:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1697127AE288F4C03503ED0ED8F09BD7A10A1E20 Validity Not Before: Aug 23 02:06:48 2025 GMT Not After : Aug 26 02:15:48 2025 GMT Subject: CN=399D3EF8A88FCA5F0B37DB1A99C65E87C873DCA3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e0:93:5f:76:a8:f7:5c:cb:ab:26:2c:1e:e4: 0b:99:31:aa:f9:d3:fb:f8:87:a1:3e:5c:be:8b:32: 0b:71:09:ad:fe:76:65:74:91:61:29:99:7a:59:b4: e2:40:58:c0:ae:b7:54:f3:af:96:7a:2d:b2:5d:63: 1f:ed:e3:ad:fc:8d:ad:49:fc:d9:09:e5:59:ea:84: 78:8a:46:cd:34:c0:15:00:a2:d6:b7:8e:ba:4c:8b: a0:d7:f3:52:be:95:06:fb:8d:27:ce:19:e7:d4:67: c3:59:77:42:d0:e9:f7:32:dc:0d:30:42:9a:f6:7e: 01:e1:1b:1b:61:97:5b:82:a1:b0:15:52:25:7d:aa: 05:07:40:c3:45:cc:27:5d:ee:65:d0:61:ea:6a:8a: 26:ee:fb:e3:f5:9b:00:7c:a7:fd:4b:b4:91:e9:95: c9:18:86:67:e7:93:c9:91:9f:b3:d5:37:6f:05:da: bc:a2:57:99:7d:c5:64:ab:28:0e:7f:6b:0c:92:0b: 3b:04:ad:cb:27:ed:81:fd:1e:c1:9d:b2:24:b2:60: 02:57:82:80:11:23:d1:74:57:92:07:9e:30:cb:53: f6:72:1e:97:ff:1b:96:2e:25:45:85:ed:60:b1:72: 21:51:08:b9:50:35:74:3b:8c:5f:11:2a:34:1b:2d: 3e:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:9D:3E:F8:A8:8F:CA:5F:0B:37:DB:1A:99:C6:5E:87:C8:73:DC:A3 X509v3 Authority Key Identifier: keyid:16:97:12:7A:E2:88:F4:C0:35:03:ED:0E:D8:F0:9B:D7:A1:0A:1E:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:be:e0:8d:28:98:6b:be:85:14:76:31:1b:d6:5c:4f:17:bc: 35:f9:d9:e2:9b:5d:78:ac:bb:b4:66:7d:f3:92:9c:0b:41:50: c8:55:d1:40:f2:2f:77:7b:f9:2d:a7:47:18:c9:c4:bc:50:55: c1:5d:fc:ba:dc:99:ab:b0:09:e8:44:33:8f:ab:1f:1e:09:a9: 60:0f:c0:fc:1f:9f:2a:78:2f:3e:8c:65:e3:0e:95:84:e4:f7: 5a:77:1e:c6:78:28:36:ae:99:17:35:43:3e:34:fd:e2:47:ac: 46:bc:c7:47:00:56:0c:b8:08:73:59:32:27:81:71:3a:66:a1: d2:c0:88:01:18:71:f6:96:33:37:3a:f3:c8:03:e2:22:1d:ea: 7e:d4:0d:2c:57:4d:e7:ba:05:4a:2c:2e:5d:9c:22:93:f4:19: cd:67:27:53:a7:9f:65:8d:38:a5:18:50:20:ef:79:6d:89:dc: ef:dc:62:ba:c0:e1:9a:30:fa:16:25:1f:1e:de:a8:8e:74:9d: 0f:c1:7f:5c:bf:5c:d4:b6:63:a4:15:62:2c:df:41:79:68:d3: 7a:52:cf:74:ef:71:45:03:ff:4d:6a:51:48:00:54:8e:79:63: ec:17:10:d3:07:58:2b:4b:92:11:d9:35:6c:c4:74:ac:c1:76: 9b:f9:b0:a0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBVmGH8VvCphgOn/hAElnLIi5wi8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTY5NzEyN0FFMjg4RjRDMDM1MDNFRDBFRDhGMDlCRDdB MTBBMUUyMDAeFw0yNTA4MjMwMjA2NDhaFw0yNTA4MjYwMjE1NDhaMDMxMTAvBgNV BAMTKDM5OUQzRUY4QTg4RkNBNUYwQjM3REIxQTk5QzY1RTg3Qzg3M0RDQTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD4JNfdqj3XMurJiwe5AuZMar5 0/v4h6E+XL6LMgtxCa3+dmV0kWEpmXpZtOJAWMCut1Tzr5Z6LbJdYx/t4638ja1J /NkJ5VnqhHiKRs00wBUAota3jrpMi6DX81K+lQb7jSfOGefUZ8NZd0LQ6fcy3A0w Qpr2fgHhGxthl1uCobAVUiV9qgUHQMNFzCdd7mXQYepqiibu++P1mwB8p/1LtJHp lckYhmfnk8mRn7PVN28F2ryiV5l9xWSrKA5/awySCzsErcsn7YH9HsGdsiSyYAJX goARI9F0V5IHnjDLU/ZyHpf/G5YuJUWF7WCxciFRCLlQNXQ7jF8RKjQbLT7PAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUOZ0++KiPyl8LN9samcZeh8hz3KMwHwYDVR0j BBgwFoAUFpcSeuKI9MA1A+0O2PCb16EKHiAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x MjQ5ZDM4Ny03MGNmLTQwZTktODc1OS05Yjg2ZTBjNjUxMjgvMC8xNjk3MTI3QUUy ODhGNEMwMzUwM0VEMEVEOEYwOUJEN0ExMEExRTIwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTY5NzEyN0FFMjg4RjRDMDM1MDNFRDBFRDhGMDlCRDdBMTBB MUUyMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTI0OWQzODctNzBjZi00MGU5LTg3 NTktOWI4NmUwYzY1MTI4LzAvMTY5NzEyN0FFMjg4RjRDMDM1MDNFRDBFRDhGMDlC RDdBMTBBMUUyMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFi+4I0omGu+hRR2MRvWXE8XvDX52eKbXXis u7RmffOSnAtBUMhV0UDyL3d7+S2nRxjJxLxQVcFd/LrcmauwCehEM4+rHx4JqWAP wPwfnyp4Lz6MZeMOlYTk91p3HsZ4KDaumRc1Qz40/eJHrEa8x0cAVgy4CHNZMieB cTpmodLAiAEYcfaWMzc688gD4iId6n7UDSxXTee6BUosLl2cIpP0Gc1nJ1Onn2WN OKUYUCDveW2J3O/cYrrA4Zow+hYlHx7eqI50nQ/Bf1y/XNS2Y6QVYizfQXlo03pS z3TvcUUD/01qUUgAVI55Y+wXENMHWCtLkhHZNWzEdKzBdpv5sKA= -----END CERTIFICATE-----Generated at Sat Aug 23 18:24:56 2025 by rpki-client