$ rpki-client -vvf repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft File: 338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft (raw, json) Hash identifier: p+CPmwcfttATjxTuV+plUQWmZdiliqWoy3Lk4xS2qdo= Subject key identifier: 96:01:38:4A:49:73:1A:59:1F:52:5B:BB:D9:2B:07:D4:42:44:3A:35 Authority key identifier: 33:8D:EB:8D:70:51:C6:3F:C6:CC:D7:B1:A5:DD:8C:9E:3C:93:B9:6B Certificate issuer: /CN=338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B Certificate serial: 0ED9F4306230C1F2CAC609AC76ABBABAFDA5A62F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft Manifest number: 04B3 Signing time: Sun 29 Jun 2025 06:11:58 +0000 Manifest this update: Sun 29 Jun 2025 06:06:58 +0000 Manifest next update: Wed 02 Jul 2025 06:11:58 +0000 Files and hashes: 1: 338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl (hash: zE/o2F35WzBJiqDd0R/NtOP/T/zhiv9dN5GVX+AeRe4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 06:11:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:d9:f4:30:62:30:c1:f2:ca:c6:09:ac:76:ab:ba:ba:fd:a5:a6:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B Validity Not Before: Jun 29 06:06:58 2025 GMT Not After : Jul 2 06:11:58 2025 GMT Subject: CN=9601384A49731A591F525BBBD92B07D442443A35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:44:57:bb:3c:e6:81:95:d2:19:15:18:1d:67: ce:20:b0:8f:06:3b:ce:f9:d9:bf:10:92:ff:29:47: e0:88:0e:43:60:77:19:42:1c:d2:c0:af:9d:a8:1e: ef:5b:8f:76:95:98:3c:eb:2a:23:d5:f9:6a:1a:47: 67:4d:d9:63:cb:c1:22:39:5d:ea:10:7f:c4:09:14: 91:df:13:33:0a:6a:a9:30:4c:73:66:87:a7:b9:ff: b4:81:5a:e9:16:a7:91:16:58:c5:55:57:c5:a4:ae: ff:30:4f:74:34:b9:2c:7a:b3:04:41:dd:c2:62:a9: 35:8f:c5:71:a9:0b:01:a8:0c:d5:64:83:cf:7c:4e: 9f:db:98:cd:4c:b5:b8:b3:bc:a1:ba:4d:54:53:e2: a4:51:ba:24:9c:86:aa:90:f1:80:e0:76:c7:51:78: 52:35:d3:7a:26:36:a8:20:76:02:68:dd:ba:c3:cb: ed:ff:bb:9a:a4:81:d4:91:99:27:0e:ea:7c:74:3c: 98:bd:cb:b2:bd:fc:60:a1:d6:5a:77:49:f4:d6:72: f2:95:37:f4:1c:d5:d3:aa:87:b8:5a:c3:2f:dc:a0: 79:7c:f4:07:7d:b0:21:e7:88:92:21:ad:62:b3:ec: ca:a5:e9:03:65:ff:f5:7c:fa:eb:42:91:21:18:b1: e2:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:01:38:4A:49:73:1A:59:1F:52:5B:BB:D9:2B:07:D4:42:44:3A:35 X509v3 Authority Key Identifier: keyid:33:8D:EB:8D:70:51:C6:3F:C6:CC:D7:B1:A5:DD:8C:9E:3C:93:B9:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:f9:0f:26:98:38:e6:dc:2c:29:7d:9a:1f:39:16:db:00:fc: e7:5f:9e:e7:1e:f1:bc:d6:da:c0:ec:b4:1b:da:8e:19:1f:c4: 01:fe:1c:b3:22:0a:35:cf:40:95:82:c2:ad:92:ab:fd:16:81: ee:ab:be:73:2b:e7:98:d3:84:21:d8:0a:31:2f:dd:36:db:95: 0f:05:da:ee:a5:32:36:f3:2e:9b:e1:3e:e7:f3:22:09:0a:e3: d2:62:b8:dd:8c:1e:76:c8:e6:29:ea:d6:75:86:5e:e8:1f:97: 6b:f9:b1:34:f0:bc:b6:ec:a5:49:e4:00:c2:95:14:db:b6:4b: 02:6e:a4:17:69:b5:a0:49:81:42:bd:f5:b7:3c:65:1e:07:ce: bc:5f:da:85:2a:7b:88:5c:69:5c:88:b4:ae:22:a2:dd:86:e1: a5:73:1e:51:3f:7b:dd:ae:b4:cf:cc:53:97:ec:7a:ba:45:e0: b8:98:0d:ab:4a:ed:60:71:96:4b:6e:7f:13:e4:08:01:4e:ae: 68:9d:ec:8a:84:21:e3:ed:b3:28:8b:56:a9:29:74:c9:77:65: 2b:d6:a9:0e:ac:61:e9:de:c6:72:87:50:48:d4:34:6b:e0:cd: 7d:4c:52:77:f3:cb:86:0f:b1:03:76:df:fc:87:5b:09:90:c7: ca:27:63:f4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUDtn0MGIwwfLKxgmsdqu6uv2lpi8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhDOUUz QzkzQjk2QjAeFw0yNTA2MjkwNjA2NThaFw0yNTA3MDIwNjExNThaMDMxMTAvBgNV BAMTKDk2MDEzODRBNDk3MzFBNTkxRjUyNUJCQkQ5MkIwN0Q0NDI0NDNBMzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbRFe7POaBldIZFRgdZ84gsI8G O8752b8Qkv8pR+CIDkNgdxlCHNLAr52oHu9bj3aVmDzrKiPV+WoaR2dN2WPLwSI5 XeoQf8QJFJHfEzMKaqkwTHNmh6e5/7SBWukWp5EWWMVVV8Wkrv8wT3Q0uSx6swRB 3cJiqTWPxXGpCwGoDNVkg898Tp/bmM1MtbizvKG6TVRT4qRRuiSchqqQ8YDgdsdR eFI103omNqggdgJo3brDy+3/u5qkgdSRmScO6nx0PJi9y7K9/GCh1lp3SfTWcvKV N/Qc1dOqh7hawy/coHl89Ad9sCHniJIhrWKz7Mql6QNl//V8+utCkSEYseIBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUlgE4SklzGlkfUlu72SsH1EJEOjUwHwYDVR0j BBgwFoAUM43rjXBRxj/GzNexpd2MnjyTuWswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MjRhNjVmNC00ZjRiLTQ0YjYtYTJlYi01OTk1N2JjNmE0ZDMvMC8zMzhERUI4RDcw NTFDNjNGQzZDQ0Q3QjFBNUREOEM5RTNDOTNCOTZCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhDOUUzQzkz Qjk2Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzI0YTY1ZjQtNGY0Yi00NGI2LWEy ZWItNTk5NTdiYzZhNGQzLzAvMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhD OUUzQzkzQjk2Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABj5DyaYOObcLCl9mh85FtsA/Odfnuce8bzW 2sDstBvajhkfxAH+HLMiCjXPQJWCwq2Sq/0Wge6rvnMr55jThCHYCjEv3TbblQ8F 2u6lMjbzLpvhPufzIgkK49JiuN2MHnbI5inq1nWGXugfl2v5sTTwvLbspUnkAMKV FNu2SwJupBdptaBJgUK99bc8ZR4Hzrxf2oUqe4hcaVyItK4iot2G4aVzHlE/e92u tM/MU5fserpF4LiYDatK7WBxlktufxPkCAFOrmid7IqEIePtsyiLVqkpdMl3ZSvW qQ6sYenexnKHUEjUNGvgzX1MUnfzy4YPsQN23/yHWwmQx8onY/Q= -----END CERTIFICATE-----Generated at Tue Jul 1 02:04:36 2025 by rpki-client