$ rpki-client -vvf repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft File: B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft (raw, json) Hash identifier: 46nmMGIaN4LEx6Y6P0GfrNkq5pOsD5G42op4mu6YCVg= Subject key identifier: FD:D0:C3:6A:B9:30:05:0E:1D:3F:ED:B6:88:85:B3:78:8A:0C:29:1A Authority key identifier: B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1 Certificate issuer: /CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1 Certificate serial: 3F81A7584AFCC273CFC30B26586C0E9289B91CF2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft Manifest number: 0279 Signing time: Sat 28 Jun 2025 01:11:51 +0000 Manifest this update: Sat 28 Jun 2025 01:06:51 +0000 Manifest next update: Tue 01 Jul 2025 09:35:51 +0000 Files and hashes: 1: 3130332e33302e3232302e302f32322d3233203d3e203338313438.roa (hash: d/qApoJ7mr0vuB+K0fvN+XpOWjHSmWf3V1Wp1hQdcro=) 2: 3130332e33302e3232312e302f32342d3234203d3e203338313438.roa (hash: w9cZPX/3pDPz2+LwzvjA2m3xBMWMxQj8fam9ODXwU7Y=) 3: 3130332e33302e3232302e302f32342d3234203d3e203338313438.roa (hash: 5MfpBewFDSPuWTooHE8O1IkKqC/swjstgMNE2K+S+q4=) 4: 323430313a396230303a3a2f33322d3438203d3e203338313438.roa (hash: hc6ECrtKO1f8LRbUaOngruzuLZGjjKMcrVpSYHLGH+4=) 5: B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl (hash: WwuFL6LxmHpasgoeENs/QwfVkLhYxq2cj5JDgKhZJag=) 6: 3130332e33302e3232322e302f32342d3234203d3e203338313438.roa (hash: ZPi+JZqMM8ZilEO1UdhpjL1kpie3JMIqiKeJGeN+nJU=) 7: 3130332e33302e3232332e302f32342d3234203d3e203338313438.roa (hash: 8BH7HUPp+qT0dOPwFMHWiAT720E6kg8wn1sWk04/fIM=) 8: 3132322e3230302e3134342e302f32312d3234203d3e203338313438.roa (hash: Q0JPOTRHz7S3KCYgxrzfh7sPXe85gqUb+g55+vjlzmE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 09:35:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:81:a7:58:4a:fc:c2:73:cf:c3:0b:26:58:6c:0e:92:89:b9:1c:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B921DAABB84949DDC2500D4F0A6D93FA0EB384E1 Validity Not Before: Jun 28 01:06:51 2025 GMT Not After : Jul 1 09:35:51 2025 GMT Subject: CN=FDD0C36AB930050E1D3FEDB68885B3788A0C291A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:92:fb:08:65:dc:25:8e:41:1e:ed:89:2e:c2: 8b:88:f6:dd:88:3c:b7:bf:6c:60:7f:8d:3a:35:87: f0:5a:ff:ba:03:6e:46:42:1e:81:4f:7e:b7:08:31: 39:c2:ca:ca:62:c6:2e:29:7d:ae:98:17:d9:dc:36: 5d:a5:50:04:f7:36:cb:c1:2b:9c:44:57:39:19:7a: 30:fa:83:ec:53:d1:c3:30:58:aa:73:ae:86:e2:fc: b8:1c:68:12:23:a4:08:93:37:2e:8e:49:f6:2c:79: c6:a8:57:f7:ef:5c:78:17:78:b8:e3:f3:0e:77:9b: fc:00:a3:6c:a0:a0:02:cc:7c:e7:0d:a7:d3:c4:59: 58:e7:f3:25:ae:e8:d5:d0:71:3c:3b:0e:46:2d:02: 70:5c:26:e8:11:04:4a:a3:3a:1e:2b:db:60:42:c3: 4b:89:95:a9:c1:70:4a:b6:08:75:d8:fd:a4:16:55: 14:3c:3f:95:17:9c:b0:2a:54:da:04:fd:80:e1:75: d3:ba:66:dc:a2:9f:ff:07:ea:68:65:5c:d1:f7:ce: 47:86:e1:cb:b1:bc:98:fc:89:02:5d:88:d7:18:21: 2f:3a:d9:16:7b:2b:13:9c:64:25:2b:35:40:91:93: e9:9b:05:f0:d8:a6:b0:f2:cf:15:cd:16:11:8c:53: e4:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:D0:C3:6A:B9:30:05:0E:1D:3F:ED:B6:88:85:B3:78:8A:0C:29:1A X509v3 Authority Key Identifier: keyid:B9:21:DA:AB:B8:49:49:DD:C2:50:0D:4F:0A:6D:93:FA:0E:B3:84:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1592c274-11db-4127-babb-aeae99284b00/0/B921DAABB84949DDC2500D4F0A6D93FA0EB384E1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:2a:a3:8c:b3:d3:5e:60:ad:a3:f3:ef:9f:f6:69:35:70:86: f9:a5:2f:fb:2c:85:87:41:f3:1e:2c:7f:47:a1:92:10:55:ca: 83:85:a7:fe:fc:c5:20:7a:3e:4d:ae:c7:0e:61:ab:96:f7:33: ff:a5:73:30:27:56:42:f0:a0:5b:1b:68:60:fc:54:2e:2a:43: 6b:bc:f3:7b:10:e0:0f:3c:64:24:2a:c3:68:8a:ca:a6:37:57: 47:d8:15:81:fc:92:59:ac:a1:20:c9:1a:31:11:21:75:da:b1: b1:c6:04:0d:88:7e:61:91:db:34:d5:d7:30:60:49:8b:14:d3: 42:26:20:b7:55:e3:1a:88:17:2f:4a:85:5b:f6:8e:71:23:9b: 5a:7d:ef:fc:01:d2:93:04:78:08:73:3f:86:a5:a2:20:ce:7b: d9:b0:0e:a2:12:ed:8b:51:7a:77:d3:9c:05:58:63:ff:6b:96: e4:c5:e3:ac:9f:ca:fd:ae:cf:c7:ea:54:eb:bf:c1:78:36:08: 67:55:77:01:4b:45:d8:9a:aa:28:ff:04:9a:d8:47:71:4d:b8: 99:e3:ec:e4:ee:90:71:61:8e:f8:fa:ea:9c:97:27:40:c4:ec: e1:8b:bf:52:59:25:63:ac:ab:f4:d5:db:f5:e3:55:7c:7d:5a: 62:f0:25:ca -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUP4GnWEr8wnPPwwsmWGwOkom5HPIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEw RUIzODRFMTAeFw0yNTA2MjgwMTA2NTFaFw0yNTA3MDEwOTM1NTFaMDMxMTAvBgNV BAMTKEZERDBDMzZBQjkzMDA1MEUxRDNGRURCNjg4ODVCMzc4OEEwQzI5MUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDokvsIZdwljkEe7YkuwouI9t2I PLe/bGB/jTo1h/Ba/7oDbkZCHoFPfrcIMTnCyspixi4pfa6YF9ncNl2lUAT3NsvB K5xEVzkZejD6g+xT0cMwWKpzrobi/LgcaBIjpAiTNy6OSfYsecaoV/fvXHgXeLjj 8w53m/wAo2ygoALMfOcNp9PEWVjn8yWu6NXQcTw7DkYtAnBcJugRBEqjOh4r22BC w0uJlanBcEq2CHXY/aQWVRQ8P5UXnLAqVNoE/YDhddO6Ztyin/8H6mhlXNH3zkeG 4cuxvJj8iQJdiNcYIS862RZ7KxOcZCUrNUCRk+mbBfDYprDyzxXNFhGMU+SRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU/dDDarkwBQ4dP+22iIWzeIoMKRowHwYDVR0j BBgwFoAUuSHaq7hJSd3CUA1PCm2T+g6zhOEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x NTkyYzI3NC0xMWRiLTQxMjctYmFiYi1hZWFlOTkyODRiMDAvMC9COTIxREFBQkI4 NDk0OUREQzI1MDBENEYwQTZEOTNGQTBFQjM4NEUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkzRkEwRUIz ODRFMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTU5MmMyNzQtMTFkYi00MTI3LWJh YmItYWVhZTk5Mjg0YjAwLzAvQjkyMURBQUJCODQ5NDlEREMyNTAwRDRGMEE2RDkz RkEwRUIzODRFMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABQqo4yz015graPz75/2aTVwhvmlL/sshYdB 8x4sf0ehkhBVyoOFp/78xSB6Pk2uxw5hq5b3M/+lczAnVkLwoFsbaGD8VC4qQ2u8 83sQ4A88ZCQqw2iKyqY3V0fYFYH8klmsoSDJGjERIXXasbHGBA2IfmGR2zTV1zBg SYsU00ImILdV4xqIFy9KhVv2jnEjm1p97/wB0pMEeAhzP4aloiDOe9mwDqIS7YtR enfTnAVYY/9rluTF46yfyv2uz8fqVOu/wXg2CGdVdwFLRdiaqij/BJrYR3FNuJnj 7OTukHFhjvj66pyXJ0DE7OGLv1JZJWOsq/TV2/XjVXx9WmLwJco= -----END CERTIFICATE-----Generated at Mon Jun 30 10:36:08 2025 by rpki-client