$ rpki-client -vvf repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft File: 338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft (raw, json) Hash identifier: YbM9lGcbENlhiI88F9sR9SdtwOWWrVdnFcJUraWPWeo= Subject key identifier: E8:68:FF:BA:82:EF:71:13:D4:F2:C4:44:1C:E2:54:17:F2:58:B3:7B Authority key identifier: 33:8D:EB:8D:70:51:C6:3F:C6:CC:D7:B1:A5:DD:8C:9E:3C:93:B9:6B Certificate issuer: /CN=338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B Certificate serial: 69539394CF198827B94679A5778C88B338FBDE63 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft Manifest number: 04CB Signing time: Sat 23 Aug 2025 04:32:02 +0000 Manifest this update: Sat 23 Aug 2025 04:27:02 +0000 Manifest next update: Tue 26 Aug 2025 06:06:02 +0000 Files and hashes: 1: 338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl (hash: 1V78LM/3gPvg+kMBGp/pLQESxnJfqON3CuEuK0KXlVA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 06:06:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:53:93:94:cf:19:88:27:b9:46:79:a5:77:8c:88:b3:38:fb:de:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B Validity Not Before: Aug 23 04:27:02 2025 GMT Not After : Aug 26 06:06:02 2025 GMT Subject: CN=E868FFBA82EF7113D4F2C4441CE25417F258B37B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:6a:56:c4:9e:37:c0:79:06:81:cb:89:22:5e: 17:a1:fd:d0:b7:65:40:b1:41:bb:48:9e:bc:6a:2d: 29:54:12:b9:e1:5d:6e:3a:dc:cb:87:78:e9:83:14: 82:7e:19:6b:d8:54:53:32:1e:47:28:58:4c:8f:7e: 3c:5c:0e:f6:73:9d:e2:44:4b:f3:15:10:0b:64:f6: 13:56:9b:a3:01:fe:d2:0f:12:bb:2a:7e:e1:79:f6: 79:bd:35:95:02:d7:0e:81:42:90:f3:a9:23:a7:d8: 2e:ee:03:29:25:dd:6e:b7:22:84:75:fd:e1:1f:47: 55:30:5e:ca:2c:dd:5e:a5:99:24:ae:b0:20:fd:6f: 1f:d1:e3:83:cc:bd:f4:96:c9:f6:9f:f2:74:a4:0a: e1:c0:a0:e9:01:85:50:3c:c2:0c:6f:26:05:64:2a: b2:fa:95:ef:13:ae:3d:eb:17:49:05:b9:ae:90:9b: e7:99:0c:b0:8e:f1:6a:8a:39:ec:53:29:87:b8:85: 84:13:df:7d:5a:d6:8d:72:69:0c:ac:d6:b3:de:c7: 4a:a5:a0:87:85:18:fb:26:95:dc:7b:48:c9:df:d7: 2d:fb:bb:b4:8f:c5:1b:1d:0b:13:70:19:8b:3d:93: 09:48:da:3b:14:b7:8a:a9:fa:19:2d:bd:9a:27:66: 13:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:68:FF:BA:82:EF:71:13:D4:F2:C4:44:1C:E2:54:17:F2:58:B3:7B X509v3 Authority Key Identifier: keyid:33:8D:EB:8D:70:51:C6:3F:C6:CC:D7:B1:A5:DD:8C:9E:3C:93:B9:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:fb:be:a8:5e:eb:75:bf:20:2a:c2:2d:6b:b8:ef:12:65:56: 61:aa:ff:74:cf:2e:c8:fd:20:f5:ff:b1:02:2e:c0:db:b0:48: 9e:1f:9a:4c:e2:88:73:ee:fc:1a:23:70:af:26:c1:0f:c2:da: a1:70:0d:ac:1e:88:7a:38:dd:0c:16:6f:67:5b:9a:58:8f:b6: 82:10:a2:d8:61:aa:1b:98:d2:c3:45:5e:bf:5c:c9:9e:79:a1: c4:a9:6a:28:3b:da:32:bf:c1:37:bf:1f:00:89:39:23:48:99: 8e:ca:af:ff:33:46:ec:4b:ec:aa:b7:ed:85:b5:22:24:c3:21: aa:2f:87:91:28:a7:a8:bd:dd:c6:78:f2:1e:f4:b5:b8:31:ed: 74:98:25:66:bb:aa:1e:63:9c:55:a5:43:73:13:3b:d9:29:e2: ad:55:91:6a:33:38:1c:2d:bf:a7:57:05:0c:3e:84:ad:07:d9: 92:9d:00:be:b0:b9:fa:b7:9d:73:cd:a4:b1:00:b7:d0:20:80: be:8f:00:10:89:05:44:81:04:d5:8c:90:3e:f9:63:a3:62:79: ba:15:1d:8b:fb:11:fb:47:0a:7f:3d:2a:f5:f7:11:74:94:ab: 99:fb:a6:a5:f0:8c:07:2e:79:0d:85:a0:67:2f:fa:fe:36:5d: 56:97:47:af -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaVOTlM8ZiCe5Rnmld4yIszj73mMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhDOUUz QzkzQjk2QjAeFw0yNTA4MjMwNDI3MDJaFw0yNTA4MjYwNjA2MDJaMDMxMTAvBgNV BAMTKEU4NjhGRkJBODJFRjcxMTNENEYyQzQ0NDFDRTI1NDE3RjI1OEIzN0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFalbEnjfAeQaBy4kiXheh/dC3 ZUCxQbtInrxqLSlUErnhXW463MuHeOmDFIJ+GWvYVFMyHkcoWEyPfjxcDvZzneJE S/MVEAtk9hNWm6MB/tIPErsqfuF59nm9NZUC1w6BQpDzqSOn2C7uAykl3W63IoR1 /eEfR1UwXsos3V6lmSSusCD9bx/R44PMvfSWyfaf8nSkCuHAoOkBhVA8wgxvJgVk KrL6le8Trj3rF0kFua6Qm+eZDLCO8WqKOexTKYe4hYQT331a1o1yaQys1rPex0ql oIeFGPsmldx7SMnf1y37u7SPxRsdCxNwGYs9kwlI2jsUt4qp+hktvZonZhPpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU6Gj/uoLvcRPU8sREHOJUF/JYs3swHwYDVR0j BBgwFoAUM43rjXBRxj/GzNexpd2MnjyTuWswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MjRhNjVmNC00ZjRiLTQ0YjYtYTJlYi01OTk1N2JjNmE0ZDMvMC8zMzhERUI4RDcw NTFDNjNGQzZDQ0Q3QjFBNUREOEM5RTNDOTNCOTZCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhDOUUzQzkz Qjk2Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzI0YTY1ZjQtNGY0Yi00NGI2LWEy ZWItNTk5NTdiYzZhNGQzLzAvMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhD OUUzQzkzQjk2Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACz7vqhe63W/ICrCLWu47xJlVmGq/3TPLsj9 IPX/sQIuwNuwSJ4fmkziiHPu/BojcK8mwQ/C2qFwDaweiHo43QwWb2dbmliPtoIQ othhqhuY0sNFXr9cyZ55ocSpaig72jK/wTe/HwCJOSNImY7Kr/8zRuxL7Kq37YW1 IiTDIaovh5Eop6i93cZ48h70tbgx7XSYJWa7qh5jnFWlQ3MTO9kp4q1VkWozOBwt v6dXBQw+hK0H2ZKdAL6wufq3nXPNpLEAt9AggL6PABCJBUSBBNWMkD75Y6NieboV HYv7EftHCn89KvX3EXSUq5n7pqXwjAcueQ2FoGcv+v42XVaXR68= -----END CERTIFICATE-----Generated at Sat Aug 23 12:14:01 2025 by rpki-client