$ rpki-client -vvf repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft File: CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft (raw, json) Hash identifier: 00JU1j9MOCnW2k88zdFWmCM0r/8Mtedo+ipkn4BrAI4= Subject key identifier: 3F:1B:C9:97:60:E8:39:A1:BC:7C:D2:C2:53:0B:84:79:65:F9:C9:B6 Authority key identifier: CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F Certificate issuer: /CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F Certificate serial: 094538525739D44275F14FA43F362E65B1ADF332 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft Manifest number: 0509 Signing time: Sun 29 Jun 2025 08:41:46 +0000 Manifest this update: Sun 29 Jun 2025 08:36:46 +0000 Manifest next update: Wed 02 Jul 2025 17:31:46 +0000 Files and hashes: 1: 3230322e36352e3132332e302f32342d3234203d3e203233393531.roa (hash: 9FaMWUxx6cNM5vz7M9YrzpMwj5RS9BmzIfAf19UCzPI=) 2: 3230322e3135322e3132382e302f31392d3234203d3e203233393531.roa (hash: ozMMj1PLYt9P59zXxht5YENq9xxiksZRJWyynQGPWwo=) 3: 3130332e3130312e3133382e302f32332d3234203d3e203233393531.roa (hash: vhMXT0X2yZyfjqh1If/jDIC06hgxnPfiOfL606K6iKk=) 4: 3230322e36352e3132302e302f32332d3234203d3e203233393531.roa (hash: +7ThYpBxJ7cY58NoufQvfB+mtjUp0Rdkq8BnlAc4bZ4=) 5: 3230322e36352e3131322e302f32342d3234203d3e203233393531.roa (hash: G3BDF4TZ5GKx7Jq6M6FOl3lpCmK1xcIVdoD+jUyf4vU=) 6: 3230322e36352e3131322e302f32312d3234203d3e203233393531.roa (hash: nun7wr5qUW6SSsLL/8m4wIYLtJbVijMvNYm3I5L5gwY=) 7: 3130332e3130312e3133362e302f32322d3232203d3e203233393531.roa (hash: 4xDh+QQ3DjVG3ZsJTKYXeue+iML5/d6SNSBZf74CI44=) 8: 3230322e36352e3132302e302f32342d3234203d3e203233393531.roa (hash: HAoFxdygcRJ4Y8uy9Ks9W9Gj/PwyoONosucd1x3NYoo=) 9: 3130332e3130312e3133372e302f32342d3234203d3e203538353030.roa (hash: dASDC6A8QkcoKOTRQ/CvgSqJWSyAkaKqOmqilKOQ97g=) 10: 3131372e32302e34382e302f32302d3234203d3e203233393531.roa (hash: twCP3bQtXm7fHopGhk9qw+BKzDavhDYNdBsRfz7JGKg=) 11: 3230322e36352e3132322e302f32332d3233203d3e203233393531.roa (hash: LqxreuPQRi/RPY9pSW+yNL/verqLyl3p0dMRTLmH8hk=) 12: CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl (hash: lpeWR6mlNU8xTvQDXNoXN6r+OSHskLq5RARFK3FBhH4=) 13: 3230322e36352e3131322e302f32312d3231203d3e203233393531.roa (hash: YMkK1MNXH2D6eByawSLr2fAy1YjJp/Nm5M4Ucze1b40=) 14: 323430313a656530303a3a2f33322d3438203d3e203233393531.roa (hash: plFUYvoZx+Zhhi7/vKanQppp3zTRIZoJyKujyLUaQfM=) 15: 3230322e36352e3132302e302f32322d3233203d3e203233393531.roa (hash: mwYMKgumoG9KUXW9CmbB5xkKPC0iVTbXFYBRWL88eZY=) 16: 3130332e3130312e3133362e302f32342d3234203d3e203538353030.roa (hash: bWRExWZZIgQwRxIP86bPE6hDOmLbrhGh8hJvUz7o6EE=) 17: 3230322e36352e3131322e302f32302d3231203d3e203233393531.roa (hash: jHen1vZLG/DOZwqIeHYY98aBHq6SMyx6T3vs559h5rI=) 18: 3230322e36352e3132342e302f32322d3234203d3e203436303531.roa (hash: fYkaRaqMdzeCnlFj0QC4k70wJ41vV5h8EX1emupb1Ew=) 19: 3230322e36352e3132312e302f32342d3234203d3e203233393531.roa (hash: unueG7P54wUmQZvOUKrhpSAH4gB/UymG78WRnuwkjpw=) 20: 3230322e36352e3132322e302f32342d3234203d3e203233393531.roa (hash: So5G4uHqVHWD5JnkptSS1bHWAe/cdyDOQettCO6GGiU=) 21: 3130332e3130312e3133362e302f32332d3233203d3e203538353030.roa (hash: hplPEY83KbXLKF8mvbTVWHeph6nkNRI9I2QkUrjdTPg=) 22: 3130332e3130312e3133362e302f32332d3233203d3e203233393531.roa (hash: 9SIW/5w9M/SmmmzkXzv4Bp8jIuxjcuDE9nLrxJeaY/8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 17:31:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:45:38:52:57:39:d4:42:75:f1:4f:a4:3f:36:2e:65:b1:ad:f3:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F Validity Not Before: Jun 29 08:36:46 2025 GMT Not After : Jul 2 17:31:46 2025 GMT Subject: CN=3F1BC99760E839A1BC7CD2C2530B847965F9C9B6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:ac:bf:40:ad:39:5b:9d:c6:12:c3:b2:a4:8c: 9b:26:13:7c:1b:2e:c5:35:bb:d0:93:1c:d0:9d:49: d5:16:ee:f3:b0:b4:b5:10:9f:82:3d:06:71:1d:66: b8:da:0f:33:ad:72:c7:29:3f:32:fb:c3:43:ad:0c: 20:f6:97:70:c3:d8:19:42:cf:f2:ef:e8:67:fc:d7: f9:a2:2e:30:49:f4:a8:a3:64:c3:b4:77:75:f2:25: e0:d4:55:8f:88:6c:6d:94:d5:7b:75:03:01:34:10: 89:2e:af:3c:05:1d:49:82:46:1f:32:51:8a:a0:9d: f1:ba:b5:1e:77:24:21:b6:b7:45:c0:6f:56:de:4b: de:b1:55:86:0f:0f:9f:7a:cf:8f:95:f1:2e:a0:dc: 29:d2:66:9f:7a:b5:39:a9:2f:94:ef:4d:4f:72:6b: ba:ea:82:19:00:e8:78:75:10:ac:ed:b2:14:50:a9: e9:7b:01:be:10:62:c5:c6:83:87:39:47:45:72:38: ef:81:d1:3f:58:61:a8:4e:84:72:e3:3f:7f:51:23: 97:34:bf:e1:86:3c:c3:b4:e4:ce:18:f0:1c:93:62: 33:b3:35:69:32:15:ad:2e:5b:79:54:6b:8a:21:e6: 06:c8:8e:fd:a2:e4:4f:31:cd:99:13:c0:aa:de:0f: f5:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:1B:C9:97:60:E8:39:A1:BC:7C:D2:C2:53:0B:84:79:65:F9:C9:B6 X509v3 Authority Key Identifier: keyid:CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:69:e5:a1:2d:dd:a6:ba:94:b2:20:9e:39:25:b3:e4:28:34: 5f:e3:b6:2a:c2:e3:99:db:e1:7c:ef:3f:a7:a6:54:01:77:a1: e2:04:3f:d3:7c:14:fd:80:78:4b:da:93:cf:e4:f7:00:66:70: 43:76:d1:fd:73:fa:56:02:ab:f3:63:04:ba:fc:74:06:8b:f5: 25:8d:cc:2e:c0:33:ba:70:67:2f:36:25:f9:1f:ef:c0:22:52: 6b:7f:23:26:82:3c:29:d0:20:47:27:47:cd:4f:b8:a3:46:5e: 34:60:b9:45:55:df:a6:b4:35:90:ed:2d:8f:e2:fd:66:af:5f: 64:2f:e4:42:7c:41:46:f8:b9:63:ed:ce:c1:d2:54:66:3f:07: 34:58:33:5b:77:76:2b:ad:70:e0:d3:47:10:0f:b9:57:45:4f: d7:dd:91:a8:c7:79:d7:9c:43:96:94:ce:d0:bc:ce:c2:30:07: 07:4a:1d:cc:22:03:8d:4c:51:5b:ca:97:17:81:17:1f:fb:97: 7e:6c:f7:da:9a:82:8f:e8:a2:f4:76:22:c3:5f:e9:4e:9d:ae: e4:59:d7:9b:96:e8:29:43:d8:24:a3:bb:e1:03:28:70:04:33: cc:19:bc:86:6d:40:9c:01:64:1d:bb:a6:e1:5f:27:a2:b4:81: 5d:90:17:2f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCUU4Ulc51EJ18U+kPzYuZbGt8zIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUx NDNDOEU4RjAeFw0yNTA2MjkwODM2NDZaFw0yNTA3MDIxNzMxNDZaMDMxMTAvBgNV BAMTKDNGMUJDOTk3NjBFODM5QTFCQzdDRDJDMjUzMEI4NDc5NjVGOUM5QjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2rL9ArTlbncYSw7KkjJsmE3wb LsU1u9CTHNCdSdUW7vOwtLUQn4I9BnEdZrjaDzOtcscpPzL7w0OtDCD2l3DD2BlC z/Lv6Gf81/miLjBJ9KijZMO0d3XyJeDUVY+IbG2U1Xt1AwE0EIkurzwFHUmCRh8y UYqgnfG6tR53JCG2t0XAb1beS96xVYYPD596z4+V8S6g3CnSZp96tTmpL5TvTU9y a7rqghkA6Hh1EKztshRQqel7Ab4QYsXGg4c5R0VyOO+B0T9YYahOhHLjP39RI5c0 v+GGPMO05M4Y8ByTYjOzNWkyFa0uW3lUa4oh5gbIjv2i5E8xzZkTwKreD/W5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUPxvJl2DoOaG8fNLCUwuEeWX5ybYwHwYDVR0j BBgwFoAUyjW6x6QF3x7Z7WLwnS9PLhQ8jo8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ZTZhN2U0Ni1iNmFkLTRhN2QtYjkzMC0xYWIwYmYwMmRkNWQvMC9DQTM1QkFDN0E0 MDVERjFFRDlFRDYyRjA5RDJGNEYyRTE0M0M4RThGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUxNDND OEU4Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWU2YTdlNDYtYjZhZC00YTdkLWI5 MzAtMWFiMGJmMDJkZDVkLzAvQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRG MkUxNDNDOEU4Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADhp5aEt3aa6lLIgnjkls+QoNF/jtirC45nb 4XzvP6emVAF3oeIEP9N8FP2AeEvak8/k9wBmcEN20f1z+lYCq/NjBLr8dAaL9SWN zC7AM7pwZy82Jfkf78AiUmt/IyaCPCnQIEcnR81PuKNGXjRguUVV36a0NZDtLY/i /WavX2Qv5EJ8QUb4uWPtzsHSVGY/BzRYM1t3diutcODTRxAPuVdFT9fdkajHedec Q5aUztC8zsIwBwdKHcwiA41MUVvKlxeBFx/7l35s99qago/oovR2IsNf6U6druRZ 15uW6ClD2CSju+EDKHAEM8wZvIZtQJwBZB27puFfJ6K0gV2QFy8= -----END CERTIFICATE-----Generated at Mon Jun 30 07:35:03 2025 by rpki-client