$ rpki-client -vvf repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft File: 4AA76DED689FD4420809D0962087A03BCF018FEA.mft (raw, json) Hash identifier: aAnz7yPMqm3bTzvdrJxNlzhP4yIzSv6tiAaHtIS7OaE= Subject key identifier: 90:94:50:8F:11:E1:21:3F:68:E4:5E:C9:F6:4C:C7:FF:90:ED:DA:1C Authority key identifier: 4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA Certificate issuer: /CN=4AA76DED689FD4420809D0962087A03BCF018FEA Certificate serial: 3D7C81C41347513A0EFD56B92FE192AFFBE7534E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft Manifest number: A3 Signing time: Sat 28 Jun 2025 08:21:38 +0000 Manifest this update: Sat 28 Jun 2025 08:16:38 +0000 Manifest next update: Tue 01 Jul 2025 10:10:38 +0000 Files and hashes: 1: 3130332e39392e3133372e302f32342d3234203d3e20313531353735.roa (hash: qGUv354O5bgjhTMZ45JMcvyFGWQg1EdVxERPegJoKCQ=) 2: 323030313a6466343a3763303a3a2f34382d3438203d3e20313531353735.roa (hash: khEVLFQtH+a45cc9yGf67pi2XkwhJ0LBpc+mc2azWiQ=) 3: 3130332e39392e3133362e302f32332d3233203d3e20313531353735.roa (hash: bYo0zSG/Y+l/kRQWqzhvCy7R5Romzqih1iDCz89t3mk=) 4: 4AA76DED689FD4420809D0962087A03BCF018FEA.crl (hash: tYtxipWpFjmVliPVobiTRFG9LqGiVuuETy3PzTys/hI=) 5: 3130332e39392e3133362e302f32342d3234203d3e20313531353735.roa (hash: 2CpAucK+rvU21eAZmyDV5IqqR6dCAIafzExn8g2LOMw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 10:10:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:7c:81:c4:13:47:51:3a:0e:fd:56:b9:2f:e1:92:af:fb:e7:53:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4AA76DED689FD4420809D0962087A03BCF018FEA Validity Not Before: Jun 28 08:16:38 2025 GMT Not After : Jul 1 10:10:38 2025 GMT Subject: CN=9094508F11E1213F68E45EC9F64CC7FF90EDDA1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:7f:e2:8d:20:61:1e:1e:ec:f5:97:bc:c7:f8: 13:bf:04:bd:1f:5c:0b:e9:d3:a4:b2:18:3e:2a:c3: 9c:4e:dd:10:ed:15:08:30:ac:87:ce:66:7a:3b:19: 9f:35:a8:5d:90:4d:61:fd:a9:93:82:d8:aa:62:c3: e2:38:9b:85:f7:2c:d3:59:e5:e4:e9:48:ad:95:5a: 5a:a0:21:d5:fe:3f:72:6e:8b:82:ad:7b:85:60:a8: 05:81:06:ba:fc:c4:00:78:66:85:cc:a6:a6:a2:31: 50:10:22:22:75:fd:a9:db:ef:a7:57:ef:5c:48:20: 17:59:8a:08:b4:f4:b3:ef:6e:1f:37:e1:99:85:a3: a7:cd:b0:f9:62:51:88:0f:b5:66:6b:f2:72:2e:6a: d1:db:b2:02:c7:f0:55:c3:a1:f0:72:42:74:76:12: d9:b4:52:37:2f:3f:2d:6d:eb:fb:6c:77:ef:4b:b3: 4f:32:ee:22:6d:2c:7c:4f:43:54:35:47:19:3c:86: 08:1d:96:d8:11:80:ce:f5:03:37:33:a7:7b:15:4e: 9a:e5:a0:2a:54:7c:5f:74:be:9e:5e:43:51:14:09: a4:00:39:34:bc:b6:05:8d:25:3d:e9:b3:c1:c9:3e: b7:6a:2e:c3:a8:5a:44:09:20:8c:34:78:0e:29:4b: aa:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:94:50:8F:11:E1:21:3F:68:E4:5E:C9:F6:4C:C7:FF:90:ED:DA:1C X509v3 Authority Key Identifier: keyid:4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c5:dc:e0:52:78:8f:dd:9e:57:e1:24:2d:a6:5e:77:28:c9:24: e8:dd:78:93:dd:fb:81:f2:d1:07:4d:38:34:ed:25:8b:91:05: f2:67:15:67:a6:e7:c7:5e:a6:a4:ea:45:8b:fe:87:b6:6b:ae: 72:53:56:02:d4:0f:f9:be:07:be:a4:e9:e0:af:0a:9b:0d:22: 9f:25:44:1c:b7:2e:dd:18:08:60:56:1b:5f:ca:c2:25:4e:eb: 2d:28:b9:41:97:12:80:e0:5f:8a:94:1b:4f:f6:90:1a:91:71: 1a:45:ab:fe:dd:30:b6:53:63:80:7f:6f:cf:c8:72:13:4f:60: 5e:c2:ce:97:51:fa:2a:40:8f:c1:48:25:32:fa:19:ee:c5:4a: 51:06:12:3d:e3:49:f8:06:43:96:49:15:e6:17:be:73:a9:b1: 94:17:8c:4f:92:89:5e:00:a5:e8:a4:8f:43:d3:37:db:1d:e1: 69:ff:f8:dd:a2:94:54:7d:89:9c:a8:ae:e1:97:18:4e:69:f1: 4e:d1:0b:61:2e:82:55:64:9b:31:f3:04:d3:39:eb:09:78:53: 5d:30:5a:4d:7f:d8:37:2c:b4:b8:c8:49:70:63:06:41:ed:2b: 32:b3:44:18:34:b5:0b:f2:9b:75:49:71:76:ff:a9:9d:97:07: 63:e2:b5:47 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPXyBxBNHUToO/Va5L+GSr/vnU04wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JD RjAxOEZFQTAeFw0yNTA2MjgwODE2MzhaFw0yNTA3MDExMDEwMzhaMDMxMTAvBgNV BAMTKDkwOTQ1MDhGMTFFMTIxM0Y2OEU0NUVDOUY2NENDN0ZGOTBFRERBMUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvf+KNIGEeHuz1l7zH+BO/BL0f XAvp06SyGD4qw5xO3RDtFQgwrIfOZno7GZ81qF2QTWH9qZOC2Kpiw+I4m4X3LNNZ 5eTpSK2VWlqgIdX+P3Jui4Kte4VgqAWBBrr8xAB4ZoXMpqaiMVAQIiJ1/anb76dX 71xIIBdZigi09LPvbh834ZmFo6fNsPliUYgPtWZr8nIuatHbsgLH8FXDofByQnR2 Etm0UjcvPy1t6/tsd+9Ls08y7iJtLHxPQ1Q1Rxk8hggdltgRgM71Azczp3sVTprl oCpUfF90vp5eQ1EUCaQAOTS8tgWNJT3ps8HJPrdqLsOoWkQJIIw0eA4pS6p3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUkJRQjxHhIT9o5F7J9kzH/5Dt2hwwHwYDVR0j BBgwFoAUSqdt7Wif1EIICdCWIIegO88Bj+owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YzI4MGFmMy1hYTFkLTQyNzEtOGMwNi1hM2ZhMjg4OTg0MjYvMC80QUE3NkRFRDY4 OUZENDQyMDgwOUQwOTYyMDg3QTAzQkNGMDE4RkVBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JDRjAx OEZFQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmMyODBhZjMtYWExZC00MjcxLThj MDYtYTNmYTI4ODk4NDI2LzAvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0Ew M0JDRjAxOEZFQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMXc4FJ4j92eV+EkLaZedyjJJOjdeJPd+4Hy 0QdNODTtJYuRBfJnFWem58depqTqRYv+h7ZrrnJTVgLUD/m+B76k6eCvCpsNIp8l RBy3Lt0YCGBWG1/KwiVO6y0ouUGXEoDgX4qUG0/2kBqRcRpFq/7dMLZTY4B/b8/I chNPYF7CzpdR+ipAj8FIJTL6Ge7FSlEGEj3jSfgGQ5ZJFeYXvnOpsZQXjE+SiV4A peikj0PTN9sd4Wn/+N2ilFR9iZyoruGXGE5p8U7RC2EuglVkmzHzBNM56wl4U10w Wk1/2DcstLjISXBjBkHtKzKzRBg0tQvym3VJcXb/qZ2XB2PitUc= -----END CERTIFICATE-----Generated at Sun Jun 29 18:13:18 2025 by rpki-client