$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: VkHOg7u9YdeMu2x04HDMhAADd8oZo9Jqf0ixxHTqU8g= Subject key identifier: 7E:EC:84:A8:02:51:CA:E3:F1:59:52:C9:02:AA:58:8B:C8:1D:BB:A5 Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 6AAADF96F6ED2F14A430775135AC75E948AD81BF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: 7C Signing time: Sat 28 Jun 2025 22:22:18 +0000 Manifest this update: Sat 28 Jun 2025 22:17:18 +0000 Manifest next update: Wed 02 Jul 2025 05:11:18 +0000 Files and hashes: 1: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: LDJv6wYx3HsP5pbUhXvKMJKGJv2fMd2X2nhqPoeeYwE=) 2: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: /2C+KlC3X2GwehK5COcnDNrtR9Ap8LXP0gB+e2v14p4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 05:11:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:aa:df:96:f6:ed:2f:14:a4:30:77:51:35:ac:75:e9:48:ad:81:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Jun 28 22:17:18 2025 GMT Not After : Jul 2 05:11:18 2025 GMT Subject: CN=7EEC84A80251CAE3F15952C902AA588BC81DBBA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:38:f2:39:74:20:e2:13:5f:29:60:6f:61:c1: 4a:3d:bb:c8:2a:fd:f6:7b:8c:5d:47:48:1b:ca:c2: 19:7a:88:51:36:8d:3d:bd:44:97:d4:d7:30:32:62: 3e:7e:40:60:ae:d5:e9:94:3f:f4:7f:f3:fd:f3:fa: 75:7f:0e:6f:dc:35:f2:3c:1b:f7:a8:1b:b7:da:43: 87:8b:9a:ab:8e:8c:29:05:39:5b:70:f0:f4:c1:35: 82:6d:7e:cd:95:4d:78:5a:69:d6:a8:ff:a1:3e:85: 17:12:ec:65:e1:48:97:84:5f:f4:3e:e3:34:e3:b3: 20:f0:d1:28:f3:15:6f:c9:ad:60:67:f2:2a:4c:e5: 45:0a:83:02:31:d0:70:da:e2:67:a9:67:79:eb:26: 68:91:0f:3a:51:e8:46:ab:1a:70:f4:6d:23:0c:86: f3:ca:dd:7e:49:c9:97:3b:a7:9a:01:d9:08:0d:fd: e9:e8:ec:2e:8d:5b:56:1c:3b:38:3d:da:38:25:09: 11:da:04:24:0b:cc:25:cf:71:27:38:70:66:b5:01: db:16:70:e8:d2:51:18:f1:6b:52:30:06:e6:f5:a5: 32:77:ef:b3:40:60:f1:17:f6:9b:21:92:95:ca:cc: f4:ae:fa:94:07:18:18:ab:6b:6e:70:90:ab:38:55: db:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:EC:84:A8:02:51:CA:E3:F1:59:52:C9:02:AA:58:8B:C8:1D:BB:A5 X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8e:e8:ea:4d:75:94:2f:ca:61:79:c2:bb:71:1f:a3:5b:25:68: 67:72:a6:a3:6b:7a:26:6a:99:71:0b:c2:d0:14:a3:30:43:a4: 02:17:c8:79:24:0b:d5:0a:b1:85:db:f3:7b:6c:fb:62:0a:54: 7c:d1:88:e9:b8:9a:51:13:c9:62:23:f8:b4:c8:33:80:d7:ae: b5:1d:4d:d5:c7:40:82:fd:d3:48:00:98:b4:d9:10:fb:79:91: f7:8c:c6:f8:81:b8:c7:5f:4f:75:b6:7c:fd:5e:ca:e4:88:0d: 36:60:f1:24:1f:3f:66:44:6d:b9:f6:79:2c:ca:3e:a3:1f:8a: ba:c7:23:98:bb:f2:e8:8c:37:46:6c:b9:97:0e:0f:f3:fc:7a: 60:2e:d2:e7:54:ce:f9:f5:67:ac:27:22:6d:13:f2:23:60:76: 6f:d0:86:be:f2:ba:20:39:82:a1:2d:b4:34:8e:4f:5b:57:75: 1a:23:38:0c:f8:1d:46:98:29:1c:48:c1:85:f8:5d:4f:1c:8a: 64:5b:ae:6b:2b:00:fd:e8:60:a5:e6:c9:97:c2:23:84:e6:ea: da:ff:24:8f:08:6c:a2:48:41:4d:0b:6d:96:50:17:a4:1b:8f: c5:47:d7:0d:ee:dd:18:2e:d9:ea:fa:3b:03:bd:57:75:3c:30: 42:9e:78:f0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaqrflvbtLxSkMHdRNax16Uitgb8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNTA2MjgyMjE3MThaFw0yNTA3MDIwNTExMThaMDMxMTAvBgNV BAMTKDdFRUM4NEE4MDI1MUNBRTNGMTU5NTJDOTAyQUE1ODhCQzgxREJCQTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZOPI5dCDiE18pYG9hwUo9u8gq /fZ7jF1HSBvKwhl6iFE2jT29RJfU1zAyYj5+QGCu1emUP/R/8/3z+nV/Dm/cNfI8 G/eoG7faQ4eLmquOjCkFOVtw8PTBNYJtfs2VTXhaadao/6E+hRcS7GXhSJeEX/Q+ 4zTjsyDw0SjzFW/JrWBn8ipM5UUKgwIx0HDa4mepZ3nrJmiRDzpR6EarGnD0bSMM hvPK3X5JyZc7p5oB2QgN/eno7C6NW1YcOzg92jglCRHaBCQLzCXPcSc4cGa1AdsW cOjSURjxa1IwBub1pTJ377NAYPEX9pshkpXKzPSu+pQHGBira25wkKs4Vdu5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUfuyEqAJRyuPxWVLJAqpYi8gdu6UwHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAI7o6k11lC/KYXnCu3Efo1slaGdypqNreiZq mXELwtAUozBDpAIXyHkkC9UKsYXb83ts+2IKVHzRiOm4mlETyWIj+LTIM4DXrrUd TdXHQIL900gAmLTZEPt5kfeMxviBuMdfT3W2fP1eyuSIDTZg8SQfP2ZEbbn2eSzK PqMfirrHI5i78uiMN0ZsuZcOD/P8emAu0udUzvn1Z6wnIm0T8iNgdm/Qhr7yuiA5 gqEttDSOT1tXdRojOAz4HUaYKRxIwYX4XU8cimRbrmsrAP3oYKXmyZfCI4Tm6tr/ JI8IbKJIQU0LbZZQF6Qbj8VH1w3u3Rgu2er6OwO9V3U8MEKeePA= -----END CERTIFICATE-----Generated at Mon Jun 30 13:34:23 2025 by rpki-client