$ rpki-client -vvf repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft File: 3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft (raw, json) Hash identifier: 7YIpk4wsMpHDEzzDG+3f/eCqbw2CWqtAJKVGqqz3+R0= Subject key identifier: B2:D8:5E:1D:D6:FE:F6:89:BB:EF:A1:41:D2:11:7D:0B:97:99:BD:7A Authority key identifier: 31:57:B9:BE:6F:36:9A:1C:A3:87:38:FF:D6:4D:61:13:C7:5C:0E:2D Certificate issuer: /CN=3157B9BE6F369A1CA38738FFD64D6113C75C0E2D Certificate serial: 573B16E4537C60698CCC8F0B87F6D0C5A67A13CD Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer Subject info access: rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft Manifest number: 65 Signing time: Fri 09 May 2025 05:51:50 +0000 Manifest this update: Fri 09 May 2025 05:46:50 +0000 Manifest next update: Mon 12 May 2025 13:17:50 +0000 Files and hashes: 1: 3136302e32322e3132382e302f32342d3234203d3e20313532383138.roa (hash: yI21TQhgzhyCtoyvgeWwpQGfBfqGzJmTftAUrnTEbC8=) 2: 3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl (hash: ZzykFZ+0Ij4SC4ubSVdM/v84crgd99SJAXsZs/Za+SA=) 3: 3136302e32322e3132382e302f32332d3233203d3e20313532383138.roa (hash: yVwxFDu5QrQ2T1+WLHNp8JACowsZOzdgNvDquhZexvY=) 4: 3136302e32322e3132392e302f32342d3234203d3e20313532383138.roa (hash: 8c6wILZx8DuCL6PHpfE6A2+8YPuPEhrlv7dD3qJR3mQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 May 2025 11:26:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:3b:16:e4:53:7c:60:69:8c:cc:8f:0b:87:f6:d0:c5:a6:7a:13:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3157B9BE6F369A1CA38738FFD64D6113C75C0E2D Validity Not Before: May 9 05:46:50 2025 GMT Not After : May 12 13:17:50 2025 GMT Subject: CN=B2D85E1DD6FEF689BBEFA141D2117D0B9799BD7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:c2:b2:7e:c3:be:1f:59:8b:d2:80:45:7f:89: 39:ba:f0:7c:18:a9:a5:14:7e:75:c0:d0:f2:b3:7b: eb:07:7e:ac:32:40:b0:bd:29:fe:8d:01:25:c6:24: 4c:08:ef:85:87:70:9a:ee:06:56:dd:28:35:18:c6: 3e:6b:e9:ea:e1:e9:0a:5f:3c:41:fa:2c:e3:6f:a1: dc:37:44:f5:4b:93:95:be:33:64:20:97:f5:18:07: d8:d6:a0:f7:82:e5:dc:3d:90:3e:e3:40:76:e5:38: dd:59:85:4e:56:d0:91:40:a4:92:42:ad:b3:2e:c3: 58:49:10:a1:8e:c3:ca:7c:a5:7d:67:26:c6:7e:59: c5:9e:8c:ed:f5:28:11:d7:5d:07:1b:a1:72:c1:1a: 88:0b:22:b2:28:bf:01:9d:78:c8:6a:60:23:2e:d6: e2:91:a8:4c:7b:ce:35:3a:4e:61:2c:31:9c:e9:18: 06:e4:cb:9d:8c:51:7e:4a:62:37:1e:12:fd:80:81: 00:70:a6:e3:3a:36:88:1d:43:b5:59:ab:d0:b9:f9: 7e:75:a6:ed:08:06:4f:3c:cf:f4:87:14:b5:71:63: 31:4d:b5:24:4f:05:ec:b9:1a:10:2c:8e:ef:3f:3f: 51:0c:9a:ad:68:5d:7e:79:a4:5e:b0:a6:20:f4:16: 5b:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:D8:5E:1D:D6:FE:F6:89:BB:EF:A1:41:D2:11:7D:0B:97:99:BD:7A X509v3 Authority Key Identifier: keyid:31:57:B9:BE:6F:36:9A:1C:A3:87:38:FF:D6:4D:61:13:C7:5C:0E:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:4b:42:87:c2:d1:d2:7e:e9:ee:4d:6e:1f:e3:3c:87:80:64: 0c:91:e9:12:c9:1e:f6:c8:f4:eb:ef:6f:fe:3b:0d:ba:ff:e1: ae:b6:b9:eb:f4:82:42:af:41:ae:44:4e:a9:a7:8a:27:ad:49: 3d:19:b2:58:ac:69:9b:af:81:e8:38:b3:89:54:34:8b:c5:ce: 4b:51:b2:f4:fe:d8:f8:9e:14:1b:b5:0e:83:77:4b:ad:75:a2: ad:c7:77:0b:1a:11:02:5d:af:89:02:21:35:7b:42:d3:16:e2: e8:4b:70:f8:89:52:eb:43:14:1a:e3:7b:9e:a3:74:a4:c8:04: c8:1d:38:6d:03:da:ef:25:86:f2:61:6c:80:4d:eb:ac:97:4f: dd:91:c0:93:37:e1:aa:46:c9:8e:67:9c:d7:46:a2:ee:36:20: 92:ae:e9:8b:33:7e:3e:6e:43:45:e7:bf:25:17:9f:48:2d:3d: 9e:82:4c:b4:8c:60:9b:b1:f3:86:f6:6c:f2:c7:be:88:5e:a8: b6:99:0b:2c:5d:9f:7c:ec:ff:1b:3f:f4:af:a6:cb:be:2b:cc: 8d:b3:aa:8f:4a:7a:f3:78:68:e6:af:58:b0:7e:59:52:fb:be: 75:7e:e3:ed:42:75:6d:35:90:04:0a:c3:fd:92:9a:6e:9e:09: e6:78:8f:9c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUVzsW5FN8YGmMzI8Lh/bQxaZ6E80wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYxMTND NzVDMEUyRDAeFw0yNTA1MDkwNTQ2NTBaFw0yNTA1MTIxMzE3NTBaMDMxMTAvBgNV BAMTKEIyRDg1RTFERDZGRUY2ODlCQkVGQTE0MUQyMTE3RDBCOTc5OUJEN0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7wrJ+w74fWYvSgEV/iTm68HwY qaUUfnXA0PKze+sHfqwyQLC9Kf6NASXGJEwI74WHcJruBlbdKDUYxj5r6erh6Qpf PEH6LONvodw3RPVLk5W+M2Qgl/UYB9jWoPeC5dw9kD7jQHblON1ZhU5W0JFApJJC rbMuw1hJEKGOw8p8pX1nJsZ+WcWejO31KBHXXQcboXLBGogLIrIovwGdeMhqYCMu 1uKRqEx7zjU6TmEsMZzpGAbky52MUX5KYjceEv2AgQBwpuM6NogdQ7VZq9C5+X51 pu0IBk88z/SHFLVxYzFNtSRPBey5GhAsju8/P1EMmq1oXX55pF6wpiD0Flv1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUstheHdb+9om776FB0hF9C5eZvXowHwYDVR0j BBgwFoAUMVe5vm82mhyjhzj/1k1hE8dcDi0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MGZiNzhhOS1jZDY4LTQ0ZmQtODVhYS02YzZiMDhjYjIzNDYvMC8zMTU3QjlCRTZG MzY5QTFDQTM4NzM4RkZENjRENjExM0M3NUMwRTJELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYxMTNDNzVD MEUyRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzBmYjc4YTktY2Q2OC00NGZkLTg1 YWEtNmM2YjA4Y2IyMzQ2LzAvMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYx MTNDNzVDMEUyRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHBLQofC0dJ+6e5Nbh/jPIeAZAyR6RLJHvbI 9Ovvb/47Dbr/4a62uev0gkKvQa5ETqmniietST0ZslisaZuvgeg4s4lUNIvFzktR svT+2PieFBu1DoN3S611oq3HdwsaEQJdr4kCITV7QtMW4uhLcPiJUutDFBrje56j dKTIBMgdOG0D2u8lhvJhbIBN66yXT92RwJM34apGyY5nnNdGou42IJKu6Yszfj5u Q0XnvyUXn0gtPZ6CTLSMYJux84b2bPLHvoheqLaZCyxdn3zs/xs/9K+my74rzI2z qo9KevN4aOavWLB+WVL7vnV+4+1CdW01kAQKw/2Smm6eCeZ4j5w= -----END CERTIFICATE-----Generated at Sat May 10 11:34:27 2025 by rpki-client