$ rpki-client -vvf repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.mft File: 2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.mft (raw, json) Hash identifier: uMjUH5ra8Ti7VWR6WruCF/jPkNgqg6iO8RtTHgtugns= Subject key identifier: D2:BA:0B:E7:1E:C5:58:A5:0C:37:CB:6A:8E:88:8A:CD:26:A3:28:38 Authority key identifier: 2A:DD:D4:03:51:73:FA:C3:BB:39:49:CB:36:CC:EF:25:53:79:8B:FC Certificate issuer: /CN=2ADDD4035173FAC3BB3949CB36CCEF2553798BFC Certificate serial: 3CBE497C8438109BBD06F55156C356D5B29F1522 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.mft Manifest number: B8 Signing time: Sat 28 Jun 2025 09:30:38 +0000 Manifest this update: Sat 28 Jun 2025 09:25:38 +0000 Manifest next update: Tue 01 Jul 2025 11:48:38 +0000 Files and hashes: 1: 3135372e32302e3234342e302f32342d3234203d3e20313338303839.roa (hash: teoM6MXntxfZebuRvj4HuDCmBJE7bmAYK9p8NliSwzQ=) 2: 2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.crl (hash: uZrtmCUh4uWYcdtOUEijj2HMo0IUOeGaqfICoHgkjbM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.crl rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 11:48:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:be:49:7c:84:38:10:9b:bd:06:f5:51:56:c3:56:d5:b2:9f:15:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ADDD4035173FAC3BB3949CB36CCEF2553798BFC Validity Not Before: Jun 28 09:25:38 2025 GMT Not After : Jul 1 11:48:38 2025 GMT Subject: CN=D2BA0BE71EC558A50C37CB6A8E888ACD26A32838 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:0d:b2:46:cc:b6:6d:f1:0a:ae:83:82:d6:44: 8b:a9:b3:ae:b2:75:40:5f:3a:e3:6e:c6:9f:b0:87: bc:f8:db:c0:20:8a:48:fa:d1:a6:f9:54:3f:eb:47: 59:c3:e4:72:1a:ba:b8:c1:25:ba:0b:b2:07:de:2f: 35:e6:18:0b:f3:90:58:5f:53:7c:7d:11:71:c0:a8: a4:e7:25:eb:17:a7:16:83:60:e6:28:3e:85:76:ae: f2:90:74:4e:06:d0:e0:08:1a:e5:31:31:ba:e7:4b: d5:a6:a2:1d:8c:bd:58:b1:b3:33:1d:46:55:3c:e2: a3:ee:1f:60:c6:59:bd:1f:7b:dd:83:fb:66:8c:e8: 2e:86:e7:f3:26:fb:cc:17:52:9a:55:49:51:42:d9: bb:5b:df:b3:91:16:b2:a2:d7:f8:66:ae:bf:7a:84: 3f:ad:7b:a6:24:09:17:f1:5f:93:e6:bd:06:46:47: 46:f0:a4:2e:88:4b:48:b6:da:ef:d1:19:bb:2c:d2: 1d:cb:d4:9d:1d:bb:e3:1c:9c:9c:f4:8b:e5:52:c0: ff:4a:cb:ec:56:33:96:b3:38:5d:b9:c1:61:e7:af: 80:36:39:d6:57:ca:03:1f:91:a6:36:29:c0:af:2e: cf:6a:66:bc:3c:5c:48:a3:e2:a0:b0:21:46:9d:31: ff:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:BA:0B:E7:1E:C5:58:A5:0C:37:CB:6A:8E:88:8A:CD:26:A3:28:38 X509v3 Authority Key Identifier: keyid:2A:DD:D4:03:51:73:FA:C3:BB:39:49:CB:36:CC:EF:25:53:79:8B:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:18:f7:b3:47:0e:65:2f:2f:f6:54:56:94:a3:64:a1:34:46: d0:3e:2d:68:27:b1:61:0b:a1:2c:2a:41:42:58:f9:22:c4:ad: b2:bd:7e:a4:55:f4:24:9a:e6:8f:e2:b9:df:73:ae:0a:37:14: 20:da:3c:bd:9f:72:1f:60:ab:e0:dd:3d:48:0e:46:b6:4b:0a: 5c:69:ef:ab:5e:40:03:ad:15:38:15:0c:12:b6:dc:36:2d:e5: 92:cc:cf:b3:7d:de:c6:de:de:db:dd:49:b8:95:1d:0f:b8:e2: 25:60:6c:e4:86:44:76:46:83:70:8a:b4:c3:86:9a:ba:f5:ea: 65:0d:17:6c:e2:fb:f5:24:98:6f:33:d0:a0:03:97:f0:fa:d7: 6c:42:d4:22:5d:0a:dc:a1:b4:04:c2:e3:21:f1:30:13:03:5b: 79:9a:09:d3:fe:e4:35:40:24:ac:be:ec:00:d5:a2:59:eb:cd: df:1f:fa:6e:be:22:22:02:28:6a:0f:14:95:49:31:92:24:0a: 04:5c:4a:8a:87:05:be:66:cf:ad:74:4e:b7:e8:ae:24:56:03: 77:6e:21:f0:8d:1f:d5:fd:7e:2c:1e:6c:5e:f9:ef:10:30:e7: 75:aa:53:08:ed:8e:3d:21:f2:e1:91:6f:e9:ad:1d:e1:8f:58: 7b:ce:fd:1c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPL5JfIQ4EJu9BvVRVsNW1bKfFSIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkFEREQ0MDM1MTczRkFDM0JCMzk0OUNCMzZDQ0VGMjU1 Mzc5OEJGQzAeFw0yNTA2MjgwOTI1MzhaFw0yNTA3MDExMTQ4MzhaMDMxMTAvBgNV BAMTKEQyQkEwQkU3MUVDNTU4QTUwQzM3Q0I2QThFODg4QUNEMjZBMzI4MzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJDbJGzLZt8Qqug4LWRIups66y dUBfOuNuxp+wh7z428Agikj60ab5VD/rR1nD5HIaurjBJboLsgfeLzXmGAvzkFhf U3x9EXHAqKTnJesXpxaDYOYoPoV2rvKQdE4G0OAIGuUxMbrnS9Wmoh2MvVixszMd RlU84qPuH2DGWb0fe92D+2aM6C6G5/Mm+8wXUppVSVFC2btb37ORFrKi1/hmrr96 hD+te6YkCRfxX5PmvQZGR0bwpC6IS0i22u/RGbss0h3L1J0du+McnJz0i+VSwP9K y+xWM5azOF25wWHnr4A2OdZXygMfkaY2KcCvLs9qZrw8XEij4qCwIUadMf+tAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU0roL5x7FWKUMN8tqjoiKzSajKDgwHwYDVR0j BBgwFoAUKt3UA1Fz+sO7OUnLNszvJVN5i/wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ODY3YTJlZS1kNDExLTRmZjgtOWY1Yy0zNWQwMzQxMjNmODQvMC8yQURERDQwMzUx NzNGQUMzQkIzOTQ5Q0IzNkNDRUYyNTUzNzk4QkZDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMkFEREQ0MDM1MTczRkFDM0JCMzk0OUNCMzZDQ0VGMjU1Mzc5 OEJGQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjg2N2EyZWUtZDQxMS00ZmY4LTlm NWMtMzVkMDM0MTIzZjg0LzAvMkFEREQ0MDM1MTczRkFDM0JCMzk0OUNCMzZDQ0VG MjU1Mzc5OEJGQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAA0Y97NHDmUvL/ZUVpSjZKE0RtA+LWgnsWEL oSwqQUJY+SLErbK9fqRV9CSa5o/iud9zrgo3FCDaPL2fch9gq+DdPUgORrZLClxp 76teQAOtFTgVDBK23DYt5ZLMz7N93sbe3tvdSbiVHQ+44iVgbOSGRHZGg3CKtMOG mrr16mUNF2zi+/UkmG8z0KADl/D612xC1CJdCtyhtATC4yHxMBMDW3maCdP+5DVA JKy+7ADVolnrzd8f+m6+IiICKGoPFJVJMZIkCgRcSoqHBb5mz610TrforiRWA3du IfCNH9X9fiwebF757xAw53WqUwjtjj0h8uGRb+mtHeGPWHvO/Rw= -----END CERTIFICATE-----Generated at Mon Jun 30 07:19:07 2025 by rpki-client