$ rpki-client -vvf repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft File: 2D18956397FA6055A44153CABF07303FD6E55E44.mft (raw, json) Hash identifier: jpKXbCfzZDTp+2B2fXDewk9zY+VV+K6lvTXd+Xu24CU= Subject key identifier: DA:33:EE:67:76:2B:5F:7C:70:12:44:3D:4B:F6:87:1F:A0:D2:86:AF Authority key identifier: 2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 Certificate issuer: /CN=2D18956397FA6055A44153CABF07303FD6E55E44 Certificate serial: 1E196B404F3F935710AD1EF2DFAA118B3F700B84 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft Manifest number: 04D8 Signing time: Sun 04 May 2025 08:02:00 +0000 Manifest this update: Sun 04 May 2025 07:57:00 +0000 Manifest next update: Wed 07 May 2025 13:26:00 +0000 Files and hashes: 1: 3130332e3135352e3230302e302f32332d3234203d3e20313431303733.roa (hash: LMlg0YtMMAZTGP6EzKXImD6a6ZjUtLMQ+VabkB5A5lc=) 2: 2D18956397FA6055A44153CABF07303FD6E55E44.crl (hash: gPtibYtK43lzLK5xu2aa6VTfzyhS+JcYt1rh8UxT5Kw=) 3: 323430363a373734303a3a2f33322d3438203d3e20313431303733.roa (hash: 9pt7JLtOWMCBsJXp8H1J28V9N/OUvx5VflNai/uQZgc=) 4: 323430363a373734303a3a2f33322d3332203d3e20313431303733.roa (hash: HyMWadhCrBlbrvw7eV4dA67xhQ9znG8zfhfFTeZs2rs=) 5: 3130332e3135352e3230302e302f32332d3233203d3e20313431303733.roa (hash: 1cZaLW2bYSVuCFR3p6/QnCg+KIF2tEt9ZDlyjUYN2tI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 07 May 2025 13:26:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:19:6b:40:4f:3f:93:57:10:ad:1e:f2:df:aa:11:8b:3f:70:0b:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D18956397FA6055A44153CABF07303FD6E55E44 Validity Not Before: May 4 07:57:00 2025 GMT Not After : May 7 13:26:00 2025 GMT Subject: CN=DA33EE67762B5F7C7012443D4BF6871FA0D286AF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:fc:d6:68:9a:5b:da:05:57:14:c4:fe:70:8f: cd:89:9c:bf:a7:c0:99:a8:25:ac:7c:33:74:b2:3e: 78:70:5e:89:23:7c:be:9f:26:52:f3:46:cc:2f:94: a9:55:db:77:2c:6f:67:0a:00:37:82:37:3b:e5:89: c0:03:92:d9:f7:07:99:0c:3b:45:8d:56:37:c5:d6: ad:25:50:b6:47:ad:10:08:80:4e:2b:f2:87:25:35: de:22:fb:5b:72:ec:e3:e2:b2:9a:19:58:69:39:a3: 76:6c:fd:80:0d:39:23:e0:ff:8c:08:6c:1f:07:86: d9:59:25:53:29:ea:57:76:92:02:83:bb:b3:70:0d: 23:13:44:f9:83:3b:6b:2a:d6:f7:ce:63:8e:2e:86: 42:ce:4e:7d:11:19:5d:64:93:93:01:e4:7d:d1:9a: 00:0a:33:c1:8c:d8:e4:f8:9a:5f:7a:e4:e7:62:dc: 0e:72:78:dd:ae:e5:c8:bc:8a:8f:eb:f3:67:16:ee: b8:80:8c:9e:80:b9:cb:73:dd:70:62:d0:0d:96:c8: 6d:60:88:39:42:ab:bc:31:28:9e:b5:5d:da:ff:54: 7c:49:51:58:5b:6a:54:5f:7c:65:81:db:82:2c:15: 2d:0d:0a:fc:eb:4f:3f:31:b6:f1:91:86:3f:71:2d: 0b:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:33:EE:67:76:2B:5F:7C:70:12:44:3D:4B:F6:87:1F:A0:D2:86:AF X509v3 Authority Key Identifier: keyid:2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:56:48:ad:cb:32:b1:3f:58:dd:00:35:e8:74:a5:7d:ff:73: 43:f7:ae:b8:7a:1f:e3:13:05:af:b5:61:37:c2:fc:2d:74:58: 1b:20:d0:ea:ee:72:88:2a:7a:c7:06:99:c3:64:29:72:6c:15: 8c:21:4f:cd:d2:0c:bf:77:fa:e6:6f:e2:b4:9a:0c:bb:7d:b2: b3:5c:72:2c:43:2c:cd:c3:16:21:88:1e:ac:ca:34:5f:7f:bb: 2a:cb:d7:68:c6:b3:e9:7a:6a:31:c0:8f:d3:92:ea:9b:be:87: 83:8a:4b:b2:b2:5d:15:db:34:f9:a5:a7:18:82:6c:25:15:a3: ae:ea:a3:99:66:6e:e3:05:5b:df:17:6d:84:81:a8:e3:f7:94: 0e:35:76:f1:46:da:c1:9d:54:e1:6f:fa:de:04:9c:fb:24:b0: 7a:80:33:8c:c6:69:6c:07:75:ba:0d:c6:61:8d:26:6e:6b:8b: 47:5a:80:45:ed:65:99:ee:1c:4a:8b:f4:bf:04:2c:51:0b:72: 96:bc:38:24:9b:0d:94:48:74:89:8f:43:86:e4:ef:bb:d6:d5: d0:4f:cd:96:18:34:15:62:d7:22:ae:7d:bb:b0:38:f2:26:bb: 0f:23:36:eb:b4:5e:ae:f3:01:f4:bf:f0:53:36:6e:31:20:c8: ad:14:0d:00 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUHhlrQE8/k1cQrR7y36oRiz9wC4QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZE NkU1NUU0NDAeFw0yNTA1MDQwNzU3MDBaFw0yNTA1MDcxMzI2MDBaMDMxMTAvBgNV BAMTKERBMzNFRTY3NzYyQjVGN0M3MDEyNDQzRDRCRjY4NzFGQTBEMjg2QUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8/NZomlvaBVcUxP5wj82JnL+n wJmoJax8M3SyPnhwXokjfL6fJlLzRswvlKlV23csb2cKADeCNzvlicADktn3B5kM O0WNVjfF1q0lULZHrRAIgE4r8oclNd4i+1ty7OPispoZWGk5o3Zs/YANOSPg/4wI bB8HhtlZJVMp6ld2kgKDu7NwDSMTRPmDO2sq1vfOY44uhkLOTn0RGV1kk5MB5H3R mgAKM8GM2OT4ml965Odi3A5yeN2u5ci8io/r82cW7riAjJ6Auctz3XBi0A2WyG1g iDlCq7wxKJ61Xdr/VHxJUVhbalRffGWB24IsFS0NCvzrTz8xtvGRhj9xLQtNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU2jPuZ3YrX3xwEkQ9S/aHH6DShq8wHwYDVR0j BBgwFoAULRiVY5f6YFWkQVPKvwcwP9blXkQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ODU4Zjg1Yy1hNDU4LTRhNTgtYmJkZS00YmZiMzQzZGM0YjAvMC8yRDE4OTU2Mzk3 RkE2MDU1QTQ0MTUzQ0FCRjA3MzAzRkQ2RTU1RTQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZENkU1 NUU0NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDg1OGY4NWMtYTQ1OC00YTU4LWJi ZGUtNGJmYjM0M2RjNGIwLzAvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMw M0ZENkU1NUU0NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABpWSK3LMrE/WN0ANeh0pX3/c0P3rrh6H+MT Ba+1YTfC/C10WBsg0OrucogqescGmcNkKXJsFYwhT83SDL93+uZv4rSaDLt9srNc cixDLM3DFiGIHqzKNF9/uyrL12jGs+l6ajHAj9OS6pu+h4OKS7KyXRXbNPmlpxiC bCUVo67qo5lmbuMFW98XbYSBqOP3lA41dvFG2sGdVOFv+t4EnPsksHqAM4zGaWwH dboNxmGNJm5ri0dagEXtZZnuHEqL9L8ELFELcpa8OCSbDZRIdImPQ4bk77vW1dBP zZYYNBVi1yKufbuwOPImuw8jNuu0Xq7zAfS/8FM2bjEgyK0UDQA= -----END CERTIFICATE-----Generated at Wed May 7 12:46:52 2025 by rpki-client