$ rpki-client -vvf repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft File: D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft (raw, json) Hash identifier: yl+YSfcpRh2brlprEKe0wgKFYHPaGXyaksJ96+B0Jvg= Subject key identifier: 48:A3:E7:B2:14:44:F8:D2:01:CE:E9:A9:A2:E4:D7:C0:42:AC:78:A8 Authority key identifier: D5:8B:CD:47:A6:26:3C:C3:A1:2A:BD:E6:E3:A2:AD:28:AF:8B:DE:D7 Certificate issuer: /CN=D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7 Certificate serial: 354C36A410B05DAAB024F92D46160B696E063757 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft Manifest number: 02CA Signing time: Sat 28 Jun 2025 06:12:08 +0000 Manifest this update: Sat 28 Jun 2025 06:07:08 +0000 Manifest next update: Tue 01 Jul 2025 13:43:08 +0000 Files and hashes: 1: 3130332e3136392e34302e302f32332d3233203d3e20313432333332.roa (hash: mzHcsRUTUCBbpQh0PF3/13tfxFdR6gl4I3cFgd8Tuk8=) 2: 3130332e3136392e34312e302f32342d3234203d3e20313432333332.roa (hash: CfGKDTwzaK9/cDjPw8NSmCs5voaTVZ8iBlLH2WBXSno=) 3: D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl (hash: piw/6zJOKi8Eg8V2pqa0Qizzc2MTXml/ZlkO96FHM84=) 4: 3130332e3136392e34302e302f32342d3234203d3e20313432333332.roa (hash: nx/juUy7/tZki2r/tMlastEiMjYSJvx7cPICFmmbvLQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 13:43:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:4c:36:a4:10:b0:5d:aa:b0:24:f9:2d:46:16:0b:69:6e:06:37:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7 Validity Not Before: Jun 28 06:07:08 2025 GMT Not After : Jul 1 13:43:08 2025 GMT Subject: CN=48A3E7B21444F8D201CEE9A9A2E4D7C042AC78A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:d1:a2:13:29:72:d4:02:82:a0:46:d4:21:33: b5:8b:4b:12:22:de:2c:f9:08:da:39:80:5f:97:d6: 3a:70:5a:0c:1f:f7:6d:67:5f:8b:6c:e7:db:3f:3d: 2a:82:ff:4d:71:01:b2:3d:b4:bb:d9:37:a5:2f:5c: 6f:cc:c3:85:af:7a:33:3b:14:33:63:ed:22:41:98: 07:30:d0:55:3f:5d:1b:a5:29:a6:cf:8c:b9:82:cc: 30:10:d9:c3:11:b2:0f:33:40:3f:02:f8:f5:85:cb: 53:06:cf:01:8f:63:97:13:07:52:ed:3f:c3:38:54: 45:fd:1e:86:c9:30:1e:90:79:9a:d6:68:a5:c6:55: 66:c9:7f:d1:3f:05:68:96:be:ed:6e:2a:7c:5b:0e: 83:6c:c9:0d:c6:b9:96:85:61:68:87:16:62:aa:7e: 18:b4:be:7e:be:ec:e6:8f:90:4c:68:d8:d4:75:7f: 7f:0d:22:52:7a:a8:d5:e1:fa:94:78:1e:23:80:5c: b9:dd:a9:c1:d8:e4:fc:2a:e1:7a:d5:bb:d0:17:71: 2f:a5:dc:48:28:d2:2c:59:c0:5b:35:17:e1:17:4d: b7:6e:7a:69:ce:6a:67:41:a0:95:16:94:4e:22:65: 09:46:93:b0:a2:3a:31:8c:d3:5b:25:f9:04:44:b4: 6c:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:A3:E7:B2:14:44:F8:D2:01:CE:E9:A9:A2:E4:D7:C0:42:AC:78:A8 X509v3 Authority Key Identifier: keyid:D5:8B:CD:47:A6:26:3C:C3:A1:2A:BD:E6:E3:A2:AD:28:AF:8B:DE:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:e7:1f:e9:05:f4:ad:67:99:91:57:2a:ac:05:59:a1:03:62: 52:26:75:6e:c8:24:b9:1b:7a:d2:dc:ad:3e:d7:1b:ef:97:65: 90:0a:b3:f9:ad:6d:42:4e:4a:99:6c:50:05:7e:f4:96:f7:b2: d4:3f:1d:e0:33:d6:60:85:1c:e5:78:e0:e7:ca:0a:f9:9b:39: 63:ae:7c:7f:ec:fb:65:89:24:d9:cf:34:e3:0a:1e:cb:d0:f5: c7:2a:a0:f8:1b:7c:25:30:5f:76:b0:44:af:4f:3d:d4:7a:9c: b6:ea:e9:41:cc:f2:f8:9d:84:98:82:3a:26:1d:76:8a:d9:3d: a8:2a:0b:db:d0:ea:cc:f6:8c:a2:69:2f:9c:4d:2d:0e:62:a0: c2:a2:ac:ac:27:e6:14:5c:56:fe:22:25:b4:1e:5e:1a:c6:62: 05:ea:d8:69:4c:6d:ff:1b:89:c9:25:2b:d6:76:01:be:db:a8: 60:d3:cd:6e:e6:52:00:66:58:6f:87:84:5a:94:a1:fe:6f:27: 76:14:8b:fb:0c:15:37:5f:0a:4c:6b:47:f0:aa:06:fb:83:80: bc:c5:c9:a2:a2:f1:63:53:04:16:c3:4a:74:10:a8:9f:45:cd: cc:3b:b1:eb:11:2d:d2:e8:16:69:fb:90:ba:f6:40:72:80:17: ce:3e:e4:13 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNUw2pBCwXaqwJPktRhYLaW4GN1cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFEMjhB RjhCREVENzAeFw0yNTA2MjgwNjA3MDhaFw0yNTA3MDExMzQzMDhaMDMxMTAvBgNV BAMTKDQ4QTNFN0IyMTQ0NEY4RDIwMUNFRTlBOUEyRTREN0MwNDJBQzc4QTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn0aITKXLUAoKgRtQhM7WLSxIi 3iz5CNo5gF+X1jpwWgwf921nX4ts59s/PSqC/01xAbI9tLvZN6UvXG/Mw4WvejM7 FDNj7SJBmAcw0FU/XRulKabPjLmCzDAQ2cMRsg8zQD8C+PWFy1MGzwGPY5cTB1Lt P8M4VEX9HobJMB6QeZrWaKXGVWbJf9E/BWiWvu1uKnxbDoNsyQ3GuZaFYWiHFmKq fhi0vn6+7OaPkExo2NR1f38NIlJ6qNXh+pR4HiOAXLndqcHY5Pwq4XrVu9AXcS+l 3Ego0ixZwFs1F+EXTbduemnOamdBoJUWlE4iZQlGk7CiOjGM01sl+QREtGzvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUSKPnshRE+NIBzumpouTXwEKseKgwHwYDVR0j BBgwFoAU1YvNR6YmPMOhKr3m46KtKK+L3tcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y Y2I1MjYxOS0zNzlkLTQzMGEtYjE5Yi0xZjBlYzUzYWU5MDkvMC9ENThCQ0Q0N0E2 MjYzQ0MzQTEyQUJERTZFM0EyQUQyOEFGOEJERUQ3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFEMjhBRjhC REVENy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmNiNTI2MTktMzc5ZC00MzBhLWIx OWItMWYwZWM1M2FlOTA5LzAvRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFE MjhBRjhCREVENy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEbnH+kF9K1nmZFXKqwFWaEDYlImdW7IJLkb etLcrT7XG++XZZAKs/mtbUJOSplsUAV+9Jb3stQ/HeAz1mCFHOV44OfKCvmbOWOu fH/s+2WJJNnPNOMKHsvQ9ccqoPgbfCUwX3awRK9PPdR6nLbq6UHM8vidhJiCOiYd dorZPagqC9vQ6sz2jKJpL5xNLQ5ioMKirKwn5hRcVv4iJbQeXhrGYgXq2GlMbf8b icklK9Z2Ab7bqGDTzW7mUgBmWG+HhFqUof5vJ3YUi/sMFTdfCkxrR/CqBvuDgLzF yaKi8WNTBBbDSnQQqJ9Fzcw7sesRLdLoFmn7kLr2QHKAF84+5BM= -----END CERTIFICATE-----Generated at Sun Jun 29 18:51:39 2025 by rpki-client