$ rpki-client -vvf repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft File: 338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft (raw, json) Hash identifier: fvDyghIbMJ4/wiATm6YXMidjlv5GZRczSFQTbtms1l8= Subject key identifier: 70:72:1A:0F:EF:44:8F:85:7A:7E:4A:39:7B:A0:C5:37:6A:7A:BA:62 Authority key identifier: 33:8D:EB:8D:70:51:C6:3F:C6:CC:D7:B1:A5:DD:8C:9E:3C:93:B9:6B Certificate issuer: /CN=338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B Certificate serial: 6E41A139B0844015F4A2875C093E439F34EE2794 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft Manifest number: 049D Signing time: Sat 10 May 2025 11:11:59 +0000 Manifest this update: Sat 10 May 2025 11:06:59 +0000 Manifest next update: Tue 13 May 2025 13:47:59 +0000 Files and hashes: 1: 338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl (hash: lFcL6PkvLSC/rhWzoiNffbZ3/gn2asLeaafUt5MdYLQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 13:47:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:41:a1:39:b0:84:40:15:f4:a2:87:5c:09:3e:43:9f:34:ee:27:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B Validity Not Before: May 10 11:06:59 2025 GMT Not After : May 13 13:47:59 2025 GMT Subject: CN=70721A0FEF448F857A7E4A397BA0C5376A7ABA62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:69:af:f4:02:39:07:c4:f6:cd:cb:a9:7f:28: 04:dd:14:95:21:73:07:12:27:14:2e:dc:9d:4e:7b: 03:f2:69:c3:84:85:aa:c4:5b:dc:77:04:b6:87:59: ef:07:5a:36:d2:f3:4f:88:4d:6e:b5:a2:0a:40:93: 03:3b:6d:2b:65:24:16:1a:99:f9:17:dc:36:b7:69: dd:14:b9:22:9e:9f:ad:93:18:30:bc:4d:15:b1:bb: 09:21:bd:b7:78:81:39:63:ea:42:88:bb:73:43:eb: 50:9e:bb:9f:41:0d:b1:9e:86:8b:8d:ec:2c:f3:51: 9f:9c:04:58:ac:6b:a4:d2:01:65:27:0c:87:c1:10: 2e:39:1f:ce:4c:30:60:4a:70:7b:1a:75:61:f7:c4: 56:b1:0e:08:bc:95:59:de:60:3f:71:0d:f6:5c:4d: 44:da:34:cb:9f:b1:3c:71:f5:21:32:18:fd:e3:53: 67:d3:5b:ff:53:de:99:ff:47:78:97:5f:2f:3d:ce: a6:9b:5b:4e:49:99:23:bf:c9:07:8f:02:75:0f:d5: 11:8a:07:b6:0c:f6:3b:bc:a8:d2:bb:59:6e:f8:13: 11:84:b5:d2:9b:6a:1b:0c:6d:87:b7:7e:99:40:cd: 60:85:4b:19:81:d8:3b:1c:03:21:ba:85:22:8c:68: d6:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:72:1A:0F:EF:44:8F:85:7A:7E:4A:39:7B:A0:C5:37:6A:7A:BA:62 X509v3 Authority Key Identifier: keyid:33:8D:EB:8D:70:51:C6:3F:C6:CC:D7:B1:A5:DD:8C:9E:3C:93:B9:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:c3:3e:87:d6:eb:e1:5a:02:54:0b:ee:7f:92:26:d6:dd:aa: 64:bd:c5:df:7b:65:f8:e6:a5:78:e8:69:9c:07:21:93:ba:c2: 57:8f:89:b1:ae:3d:23:42:93:20:a3:a8:eb:26:e6:0e:7f:df: 85:f5:90:08:ed:8c:aa:de:88:f5:f7:a6:77:be:0a:12:ee:70: 92:1c:1b:87:df:d1:94:86:52:23:0a:c8:71:42:a4:1c:38:b5: 98:a6:76:b5:aa:22:f4:43:57:9a:d6:69:62:3d:43:62:b8:cb: 32:6e:60:f4:1c:5b:0c:85:1f:b3:8e:34:a2:79:2e:f4:f9:29: 8d:d7:f3:0c:c9:84:3e:c6:ab:da:99:db:5e:6c:d2:08:5c:f5: 70:59:fb:be:63:82:55:11:f9:8d:aa:64:3f:eb:41:86:3f:d8: 5c:5d:1e:1d:18:86:a3:ed:83:14:43:2c:8d:cb:38:cc:a7:7b: cc:6c:93:45:36:b2:a6:b7:9c:5a:c8:78:9b:f6:7e:12:6d:eb: c2:60:bf:58:32:4c:06:f9:94:e6:44:d0:ba:3d:6f:3f:23:83: f3:83:9a:2e:ff:f2:e1:4f:6a:8f:ad:71:e9:db:da:94:9a:13: 2d:8f:d1:de:5f:e1:e4:26:c4:08:3d:8d:3f:8e:70:67:78:21: 01:72:39:eb -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUbkGhObCEQBX0oodcCT5DnzTuJ5QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhDOUUz QzkzQjk2QjAeFw0yNTA1MTAxMTA2NTlaFw0yNTA1MTMxMzQ3NTlaMDMxMTAvBgNV BAMTKDcwNzIxQTBGRUY0NDhGODU3QTdFNEEzOTdCQTBDNTM3NkE3QUJBNjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzaa/0AjkHxPbNy6l/KATdFJUh cwcSJxQu3J1OewPyacOEharEW9x3BLaHWe8HWjbS80+ITW61ogpAkwM7bStlJBYa mfkX3Da3ad0UuSKen62TGDC8TRWxuwkhvbd4gTlj6kKIu3ND61Ceu59BDbGehouN 7CzzUZ+cBFisa6TSAWUnDIfBEC45H85MMGBKcHsadWH3xFaxDgi8lVneYD9xDfZc TUTaNMufsTxx9SEyGP3jU2fTW/9T3pn/R3iXXy89zqabW05JmSO/yQePAnUP1RGK B7YM9ju8qNK7WW74ExGEtdKbahsMbYe3fplAzWCFSxmB2DscAyG6hSKMaNapAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUcHIaD+9Ej4V6fko5e6DFN2p6umIwHwYDVR0j BBgwFoAUM43rjXBRxj/GzNexpd2MnjyTuWswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MjRhNjVmNC00ZjRiLTQ0YjYtYTJlYi01OTk1N2JjNmE0ZDMvMC8zMzhERUI4RDcw NTFDNjNGQzZDQ0Q3QjFBNUREOEM5RTNDOTNCOTZCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhDOUUzQzkz Qjk2Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzI0YTY1ZjQtNGY0Yi00NGI2LWEy ZWItNTk5NTdiYzZhNGQzLzAvMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhD OUUzQzkzQjk2Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAH7DPofW6+FaAlQL7n+SJtbdqmS9xd97Zfjm pXjoaZwHIZO6wlePibGuPSNCkyCjqOsm5g5/34X1kAjtjKreiPX3pne+ChLucJIc G4ff0ZSGUiMKyHFCpBw4tZimdrWqIvRDV5rWaWI9Q2K4yzJuYPQcWwyFH7OONKJ5 LvT5KY3X8wzJhD7Gq9qZ215s0ghc9XBZ+75jglUR+Y2qZD/rQYY/2FxdHh0YhqPt gxRDLI3LOMyne8xsk0U2sqa3nFrIeJv2fhJt68Jgv1gyTAb5lOZE0Lo9bz8jg/OD mi7/8uFPao+tcenb2pSaEy2P0d5f4eQmxAg9jT+OcGd4IQFyOes= -----END CERTIFICATE-----Generated at Mon May 12 02:07:38 2025 by rpki-client