$ rpki-client -vvf repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft File: 3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft (raw, json) Hash identifier: y0zeY3PU2eGBlXxjx92pNmneKwkCOLjjVR3lw8xXL9k= Subject key identifier: E6:FA:EE:EB:C8:2D:C9:56:31:B7:13:9D:4D:51:AF:A9:37:2C:52:F1 Authority key identifier: 31:57:B9:BE:6F:36:9A:1C:A3:87:38:FF:D6:4D:61:13:C7:5C:0E:2D Certificate issuer: /CN=3157B9BE6F369A1CA38738FFD64D6113C75C0E2D Certificate serial: 66D9AE7DCA5FC2BF7B787B96CED649BEE6FC3071 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer Subject info access: rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft Manifest number: 7B Signing time: Sat 28 Jun 2025 15:01:51 +0000 Manifest this update: Sat 28 Jun 2025 14:56:51 +0000 Manifest next update: Tue 01 Jul 2025 15:34:51 +0000 Files and hashes: 1: 3136302e32322e3132382e302f32332d3233203d3e20313532383138.roa (hash: yVwxFDu5QrQ2T1+WLHNp8JACowsZOzdgNvDquhZexvY=) 2: 3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl (hash: C6V//jGUeSeou3Vku5uRqQdYANDmCAUojPToeaeTG0s=) 3: 3136302e32322e3132382e302f32342d3234203d3e20313532383138.roa (hash: yI21TQhgzhyCtoyvgeWwpQGfBfqGzJmTftAUrnTEbC8=) 4: 3136302e32322e3132392e302f32342d3234203d3e20313532383138.roa (hash: 8c6wILZx8DuCL6PHpfE6A2+8YPuPEhrlv7dD3qJR3mQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 15:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:d9:ae:7d:ca:5f:c2:bf:7b:78:7b:96:ce:d6:49:be:e6:fc:30:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3157B9BE6F369A1CA38738FFD64D6113C75C0E2D Validity Not Before: Jun 28 14:56:51 2025 GMT Not After : Jul 1 15:34:51 2025 GMT Subject: CN=E6FAEEEBC82DC95631B7139D4D51AFA9372C52F1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:19:5a:f3:7c:bb:cd:8d:43:d8:7b:e9:11:3a: a3:f1:4a:35:b3:4c:2f:05:8c:6f:89:17:a6:9a:93: 5c:a9:a5:29:82:d5:23:65:06:cf:85:90:fe:34:94: a4:aa:ec:fd:b2:7f:9d:85:16:eb:07:78:e3:a6:e0: f1:ef:0c:22:4a:45:8b:69:2b:c3:86:76:c7:9d:de: f4:9b:62:31:06:e6:66:ab:35:d3:15:78:62:5d:70: ae:92:54:3e:f2:37:5b:eb:1a:f4:e9:6f:6c:06:ce: 30:89:5b:ae:02:9d:18:ac:62:03:8b:38:f0:09:4e: 2e:94:cf:de:18:cd:d1:a8:af:53:99:26:5e:1e:60: a8:b8:2c:f1:50:cf:dc:8b:01:fb:ae:03:7c:7c:2a: 44:bd:8c:0c:d0:b3:0e:f5:d8:d4:41:2f:f8:2a:f1: 83:1d:85:c7:c9:f7:a4:02:b6:48:6b:ca:d9:fe:48: e3:a0:d1:be:be:36:ab:94:47:ea:f7:d1:b3:c5:79: 13:57:bd:d7:08:8f:7d:22:ee:31:a8:4a:11:b3:36: 02:df:3e:25:cf:9a:b7:5e:65:75:fe:23:fa:24:95: f2:d5:d5:aa:a4:7e:c8:51:b9:31:bc:3e:df:f2:3a: a9:a4:1e:56:5d:f1:b6:e8:82:46:f2:69:cb:e4:c6: 12:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:FA:EE:EB:C8:2D:C9:56:31:B7:13:9D:4D:51:AF:A9:37:2C:52:F1 X509v3 Authority Key Identifier: keyid:31:57:B9:BE:6F:36:9A:1C:A3:87:38:FF:D6:4D:61:13:C7:5C:0E:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:96:c4:f9:03:49:75:2e:d3:1e:34:e6:98:41:0c:19:b9:3b: 91:e0:69:a2:8b:8d:1e:c9:31:b6:d8:5d:0c:f1:e3:c7:0f:70: 76:5a:0d:8b:35:7d:e4:02:c3:4b:16:68:10:2f:0d:53:9b:2c: 2a:2a:49:1c:73:89:69:cf:52:65:0e:ea:05:ec:26:dc:42:d6: 9a:2f:6c:13:a6:68:57:1c:d5:d9:30:58:b5:80:2f:ca:1a:50: 4e:9f:98:4d:ae:7b:3b:4a:ff:28:ea:64:07:ab:54:0e:36:bc: 1d:6f:34:18:bc:8e:f4:6b:ea:10:68:30:ba:c0:8b:dc:9c:6e: 92:4d:09:b7:dd:49:6e:62:c0:1a:21:ea:c9:ee:eb:93:59:f6: f6:7d:9e:05:9f:fc:77:81:0a:c3:57:68:b7:47:a4:bb:35:6b: e2:e5:c2:2f:83:f9:64:49:d9:95:78:e1:21:72:58:0a:30:88: 90:e1:9b:7d:37:c3:d6:9c:8c:1a:3e:38:48:f7:c8:22:8a:28: 63:77:ee:86:e8:d0:59:1d:65:81:85:74:95:08:44:ff:af:80: a9:18:0e:63:35:68:83:b0:c2:99:3a:97:88:d0:e3:72:81:9a: 76:cc:31:04:e0:ba:f9:05:04:c7:0b:16:d1:c3:af:40:35:df: 7f:36:2e:14 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZtmufcpfwr97eHuWztZJvub8MHEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYxMTND NzVDMEUyRDAeFw0yNTA2MjgxNDU2NTFaFw0yNTA3MDExNTM0NTFaMDMxMTAvBgNV BAMTKEU2RkFFRUVCQzgyREM5NTYzMUI3MTM5RDRENTFBRkE5MzcyQzUyRjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnGVrzfLvNjUPYe+kROqPxSjWz TC8FjG+JF6aak1yppSmC1SNlBs+FkP40lKSq7P2yf52FFusHeOOm4PHvDCJKRYtp K8OGdsed3vSbYjEG5marNdMVeGJdcK6SVD7yN1vrGvTpb2wGzjCJW64CnRisYgOL OPAJTi6Uz94YzdGor1OZJl4eYKi4LPFQz9yLAfuuA3x8KkS9jAzQsw712NRBL/gq 8YMdhcfJ96QCtkhrytn+SOOg0b6+NquUR+r30bPFeRNXvdcIj30i7jGoShGzNgLf PiXPmrdeZXX+I/oklfLV1aqkfshRuTG8Pt/yOqmkHlZd8bbogkbyacvkxhIFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU5vru68gtyVYxtxOdTVGvqTcsUvEwHwYDVR0j BBgwFoAUMVe5vm82mhyjhzj/1k1hE8dcDi0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MGZiNzhhOS1jZDY4LTQ0ZmQtODVhYS02YzZiMDhjYjIzNDYvMC8zMTU3QjlCRTZG MzY5QTFDQTM4NzM4RkZENjRENjExM0M3NUMwRTJELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYxMTNDNzVD MEUyRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzBmYjc4YTktY2Q2OC00NGZkLTg1 YWEtNmM2YjA4Y2IyMzQ2LzAvMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYx MTNDNzVDMEUyRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAICWxPkDSXUu0x405phBDBm5O5HgaaKLjR7J MbbYXQzx48cPcHZaDYs1feQCw0sWaBAvDVObLCoqSRxziWnPUmUO6gXsJtxC1pov bBOmaFcc1dkwWLWAL8oaUE6fmE2ueztK/yjqZAerVA42vB1vNBi8jvRr6hBoMLrA i9ycbpJNCbfdSW5iwBoh6snu65NZ9vZ9ngWf/HeBCsNXaLdHpLs1a+Llwi+D+WRJ 2ZV44SFyWAowiJDhm303w9acjBo+OEj3yCKKKGN37obo0FkdZYGFdJUIRP+vgKkY DmM1aIOwwpk6l4jQ43KBmnbMMQTguvkFBMcLFtHDr0A13382LhQ= -----END CERTIFICATE-----Generated at Mon Jun 30 10:37:37 2025 by rpki-client