$ rpki-client -vvf repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft File: 4AA76DED689FD4420809D0962087A03BCF018FEA.mft (raw, json) Hash identifier: wly7K3P0oKz8b+exrBKZH1KvhTVZ9UulUo2lG+PhE1c= Subject key identifier: 20:88:40:68:70:37:94:F7:10:B8:CD:5E:D7:F6:7C:F0:8E:D6:75:60 Authority key identifier: 4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA Certificate issuer: /CN=4AA76DED689FD4420809D0962087A03BCF018FEA Certificate serial: 619502B76598C737D2D3B01C35C731E03173FFDE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft Manifest number: BC Signing time: Fri 22 Aug 2025 20:11:44 +0000 Manifest this update: Fri 22 Aug 2025 20:06:44 +0000 Manifest next update: Mon 25 Aug 2025 21:06:44 +0000 Files and hashes: 1: 323030313a6466343a3763303a3a2f34382d3438203d3e20313531353735.roa (hash: khEVLFQtH+a45cc9yGf67pi2XkwhJ0LBpc+mc2azWiQ=) 2: 3130332e39392e3133362e302f32332d3233203d3e20313531353735.roa (hash: bYo0zSG/Y+l/kRQWqzhvCy7R5Romzqih1iDCz89t3mk=) 3: 3130332e39392e3133372e302f32342d3234203d3e20313531353735.roa (hash: qGUv354O5bgjhTMZ45JMcvyFGWQg1EdVxERPegJoKCQ=) 4: 3130332e39392e3133362e302f32342d3234203d3e20313531353735.roa (hash: 2CpAucK+rvU21eAZmyDV5IqqR6dCAIafzExn8g2LOMw=) 5: 4AA76DED689FD4420809D0962087A03BCF018FEA.crl (hash: Tz1WfuivlX5o8RJftOiWLcznfOUpnu6nlj0YvKVJp1c=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 21:06:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:95:02:b7:65:98:c7:37:d2:d3:b0:1c:35:c7:31:e0:31:73:ff:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4AA76DED689FD4420809D0962087A03BCF018FEA Validity Not Before: Aug 22 20:06:44 2025 GMT Not After : Aug 25 21:06:44 2025 GMT Subject: CN=20884068703794F710B8CD5ED7F67CF08ED67560 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:0e:ff:6c:61:a7:19:cf:0f:e2:0e:57:7d:96: 9c:ec:f5:a4:64:2c:ba:85:4e:de:30:a3:8e:14:34: ca:6b:c4:60:2e:81:71:e1:06:fe:a5:34:64:81:89: d6:76:ba:ee:62:ae:f8:65:20:77:e4:85:10:23:a2: 97:6a:cc:e9:f9:a5:29:0f:2d:9b:bb:cb:04:f0:e6: ea:82:40:19:75:37:82:ac:9f:f4:35:9a:c3:eb:3f: ff:42:71:d1:b1:07:ac:4a:a6:de:ab:7f:2c:6b:0a: 7e:20:c1:2e:9a:2d:de:83:b8:18:9f:d5:4e:ae:cc: 08:f3:bb:8d:f7:49:8a:1d:45:d5:7c:fd:42:e3:4b: f9:2a:de:f1:e2:15:e7:b6:ec:de:f5:77:7c:d1:6a: f8:fb:fd:f9:05:a6:51:2c:0d:0a:13:6c:a5:ba:d2: 81:cf:20:b5:d6:39:32:c8:e0:f0:82:2f:20:0e:64: 7c:e4:96:18:41:ee:6f:f7:2b:22:6e:24:dc:d0:de: 13:39:19:c3:ae:12:b3:2d:19:fb:70:72:33:35:85: df:cf:ff:3a:2f:11:0e:9f:92:21:19:77:ed:4b:e8: 14:fa:30:fa:b6:2e:5b:91:a0:96:df:0a:e9:08:bd: d5:a8:11:4c:a6:2f:a5:61:b4:41:00:b9:71:c5:0e: 6c:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:88:40:68:70:37:94:F7:10:B8:CD:5E:D7:F6:7C:F0:8E:D6:75:60 X509v3 Authority Key Identifier: keyid:4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d7:ea:a5:e1:c9:14:02:73:e7:5c:cf:4a:47:92:fb:fe:40:36: d7:90:e3:39:13:f7:5d:56:8a:82:c6:ea:3c:8d:79:20:83:ac: a9:ee:22:9c:95:d2:d5:dc:b6:81:c6:13:d0:aa:17:03:8a:4e: 67:07:76:dc:12:e7:d1:72:ad:1d:8a:f2:13:52:02:1f:c4:90: ea:47:a6:27:ca:47:1d:1d:1c:fb:5e:35:bc:c2:5f:ea:66:06: d6:64:fd:e1:4f:e6:1a:d7:39:9e:fc:67:d1:8b:a3:26:00:fe: 60:e5:a4:9b:f9:d7:39:58:52:46:d6:80:e5:70:4b:df:dc:60: fb:d9:64:5b:89:0b:11:d5:1d:f3:d8:15:48:d4:aa:91:04:7e: cc:30:70:b9:a6:a0:f3:e1:9c:a5:75:68:2b:d0:fb:80:8b:86: 7a:01:e1:0d:a5:11:f9:81:ed:61:6d:70:ed:89:db:15:9e:5a: ae:ad:9b:ad:8c:36:be:8e:a7:47:8e:68:91:58:af:05:34:cd: 23:da:40:b6:32:9b:c5:5e:9a:c0:cc:42:ec:4e:0b:44:13:b0: c9:4a:f8:43:4d:4d:35:a7:b0:e4:44:fa:07:45:b2:c4:8f:a3: 4c:4b:64:94:20:d3:90:76:93:0d:8c:24:8b:fb:91:b6:a2:5c: e5:60:53:41 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYZUCt2WYxzfS07AcNccx4DFz/94wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JD RjAxOEZFQTAeFw0yNTA4MjIyMDA2NDRaFw0yNTA4MjUyMTA2NDRaMDMxMTAvBgNV BAMTKDIwODg0MDY4NzAzNzk0RjcxMEI4Q0Q1RUQ3RjY3Q0YwOEVENjc1NjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8Dv9sYacZzw/iDld9lpzs9aRk LLqFTt4wo44UNMprxGAugXHhBv6lNGSBidZ2uu5irvhlIHfkhRAjopdqzOn5pSkP LZu7ywTw5uqCQBl1N4Ksn/Q1msPrP/9CcdGxB6xKpt6rfyxrCn4gwS6aLd6DuBif 1U6uzAjzu433SYodRdV8/ULjS/kq3vHiFee27N71d3zRavj7/fkFplEsDQoTbKW6 0oHPILXWOTLI4PCCLyAOZHzklhhB7m/3KyJuJNzQ3hM5GcOuErMtGftwcjM1hd/P /zovEQ6fkiEZd+1L6BT6MPq2LluRoJbfCukIvdWoEUymL6VhtEEAuXHFDmw9AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIIhAaHA3lPcQuM1e1/Z88I7WdWAwHwYDVR0j BBgwFoAUSqdt7Wif1EIICdCWIIegO88Bj+owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YzI4MGFmMy1hYTFkLTQyNzEtOGMwNi1hM2ZhMjg4OTg0MjYvMC80QUE3NkRFRDY4 OUZENDQyMDgwOUQwOTYyMDg3QTAzQkNGMDE4RkVBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JDRjAx OEZFQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmMyODBhZjMtYWExZC00MjcxLThj MDYtYTNmYTI4ODk4NDI2LzAvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0Ew M0JDRjAxOEZFQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBANfqpeHJFAJz51zPSkeS+/5ANteQ4zkT911W ioLG6jyNeSCDrKnuIpyV0tXctoHGE9CqFwOKTmcHdtwS59FyrR2K8hNSAh/EkOpH pifKRx0dHPteNbzCX+pmBtZk/eFP5hrXOZ78Z9GLoyYA/mDlpJv51zlYUkbWgOVw S9/cYPvZZFuJCxHVHfPYFUjUqpEEfswwcLmmoPPhnKV1aCvQ+4CLhnoB4Q2lEfmB 7WFtcO2J2xWeWq6tm62MNr6Op0eOaJFYrwU0zSPaQLYym8VemsDMQuxOC0QTsMlK +ENNTTWnsORE+gdFssSPo0xLZJQg05B2kw2MJIv7kbaiXOVgU0E= -----END CERTIFICATE-----Generated at Sat Aug 23 15:24:44 2025 by rpki-client