$ rpki-client -vvf repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft File: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft (raw, json) Hash identifier: 0EOlFI8k/9HXltlOgSy7nL9M7drKW+guZIEjMZLcnHI= Subject key identifier: E3:B9:F9:4E:C5:5B:AF:1A:BB:FF:DD:15:C4:55:78:97:73:4D:1A:3C Authority key identifier: 3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F Certificate issuer: /CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Certificate serial: 5B5D2D44433658CAC20A9DC6F3D48089451B417B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft Manifest number: 01AD Signing time: Thu 08 May 2025 02:20:53 +0000 Manifest this update: Thu 08 May 2025 02:15:53 +0000 Manifest next update: Sun 11 May 2025 07:26:53 +0000 Files and hashes: 1: 3130332e36352e39362e302f32332d3234203d3e203536323539.roa (hash: CZ4K7GFD9Go5aD48WSkhSXI8wxpmYnTQCrXJMjgAzo4=) 2: 3130332e32382e3136332e302f32342d3234203d3e203536323539.roa (hash: wNXvnBOlqkuZ+mDM8d8H+wRf148WwJ/aSIjk47cajS4=) 3: 3130332e31302e3235332e302f32342d3234203d3e203536323539.roa (hash: Y9UwdeMAqthoV4BdpHdzHHfHrHSy2NpCx4uk4sbXYrk=) 4: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl (hash: spU6KxEn+gfQP4+KvMP28V3YmLA3q+t8PtgUVdP0J0Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 07:26:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:5d:2d:44:43:36:58:ca:c2:0a:9d:c6:f3:d4:80:89:45:1b:41:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Validity Not Before: May 8 02:15:53 2025 GMT Not After : May 11 07:26:53 2025 GMT Subject: CN=E3B9F94EC55BAF1ABBFFDD15C4557897734D1A3C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:9e:77:d1:b2:85:b1:6d:fc:d2:73:a7:9e:0f: 75:14:81:ed:1f:0d:59:21:2d:65:80:b4:c8:c1:41: 27:f9:22:07:ed:2c:ab:45:8a:bf:2f:6c:4a:e0:80: d9:0f:39:e4:9c:e0:43:3e:ea:f0:fd:d1:19:40:e6: 9a:ae:27:5f:3e:90:07:e9:8e:a6:0e:f8:03:27:21: b3:de:bb:fd:1d:5e:56:cb:13:7d:e9:34:ce:ad:ce: 2f:fa:c5:d7:12:87:57:b5:69:b7:d0:d8:c7:60:48: cb:29:26:9b:73:f1:99:0f:58:80:f0:e1:47:c6:e5: 86:77:b5:23:ca:29:ae:5d:1d:db:43:b5:4f:f4:08: f5:ac:03:3a:59:30:21:3f:5c:4b:e6:2f:7f:bc:81: 5c:72:60:4d:a6:a1:5b:5a:de:49:fa:05:7c:84:a2: 9c:58:52:b7:61:15:71:c4:56:ad:71:7e:e3:94:10: a4:19:84:a3:41:f5:84:c2:c9:71:48:76:da:0e:08: 62:96:e6:ab:af:fb:c4:6d:91:67:f8:db:a9:b0:6e: 18:9d:8f:d8:ec:10:0a:71:5b:29:7a:41:4b:47:e2: 55:50:70:3b:77:df:dd:9d:9d:d8:71:40:db:f0:a0: bf:cb:68:47:28:5f:89:3d:73:81:df:d2:91:aa:3f: d3:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:B9:F9:4E:C5:5B:AF:1A:BB:FF:DD:15:C4:55:78:97:73:4D:1A:3C X509v3 Authority Key Identifier: keyid:3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:b2:6f:14:6c:a9:6a:cf:d0:3d:b0:36:4e:e6:d1:4a:28:4b: fb:2b:5c:b4:a0:5e:50:7f:96:cb:f0:c9:6c:e7:10:8b:1b:8a: 0f:3b:4e:81:18:25:36:8a:e5:10:f8:82:76:16:92:cd:eb:bd: be:62:ef:fb:73:c8:04:36:9d:23:be:5c:81:14:9a:bf:28:57: 70:06:e2:3b:7f:49:2f:15:32:9b:b5:bd:7d:c0:8b:79:59:8a: 65:fc:8d:54:35:10:2b:55:59:7a:6e:f7:3a:25:d0:0e:bc:6e: df:43:b0:a8:88:3c:72:ac:cc:94:0e:32:25:48:04:65:de:6e: d2:99:b1:32:33:cf:80:69:e1:bc:03:16:95:73:d5:f0:4c:6a: 5f:39:66:cc:e1:90:18:82:91:7f:81:20:cf:bf:51:ef:c7:08: 2c:db:ee:89:78:9f:94:e2:1f:cc:bc:ea:0f:f3:65:3d:10:3d: 09:ae:76:ba:32:5d:44:cf:2d:9c:66:da:8f:e2:50:9d:a5:da: d3:1e:26:f2:2e:32:08:01:c0:c4:9d:09:f4:c2:44:55:a6:3d: 50:2c:13:13:f8:73:2e:78:ab:19:a0:d9:f0:fb:2c:16:63:7d: 0e:5e:48:88:57:cb:c8:d2:c9:f1:b5:5a:77:50:ab:6c:69:c1: 50:00:88:97 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUW10tREM2WMrCCp3G89SAiUUbQXswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4 NUMzNUU0RjAeFw0yNTA1MDgwMjE1NTNaFw0yNTA1MTEwNzI2NTNaMDMxMTAvBgNV BAMTKEUzQjlGOTRFQzU1QkFGMUFCQkZGREQxNUM0NTU3ODk3NzM0RDFBM0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdnnfRsoWxbfzSc6eeD3UUge0f DVkhLWWAtMjBQSf5IgftLKtFir8vbErggNkPOeSc4EM+6vD90RlA5pquJ18+kAfp jqYO+AMnIbPeu/0dXlbLE33pNM6tzi/6xdcSh1e1abfQ2MdgSMspJptz8ZkPWIDw 4UfG5YZ3tSPKKa5dHdtDtU/0CPWsAzpZMCE/XEvmL3+8gVxyYE2moVta3kn6BXyE opxYUrdhFXHEVq1xfuOUEKQZhKNB9YTCyXFIdtoOCGKW5quv+8RtkWf426mwbhid j9jsEApxWyl6QUtH4lVQcDt3392dndhxQNvwoL/LaEcoX4k9c4Hf0pGqP9O1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU47n5TsVbrxq7/90VxFV4l3NNGjwwHwYDVR0j BBgwFoAUPXifr19+vmk4xMcj3NLu14XDXk8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZDk3MDAzMi0wOGVhLTQ4OTAtYmRiYS02MzA5YTQ5NzkxN2QvMC8zRDc4OUZBRjVG N0VCRTY5MzhDNEM3MjNEQ0QyRUVENzg1QzM1RTRGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4NUMz NUU0Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGQ5NzAwMzItMDhlYS00ODkwLWJk YmEtNjMwOWE0OTc5MTdkLzAvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVF RDc4NUMzNUU0Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADGybxRsqWrP0D2wNk7m0UooS/srXLSgXlB/ lsvwyWznEIsbig87ToEYJTaK5RD4gnYWks3rvb5i7/tzyAQ2nSO+XIEUmr8oV3AG 4jt/SS8VMpu1vX3Ai3lZimX8jVQ1ECtVWXpu9zol0A68bt9DsKiIPHKszJQOMiVI BGXebtKZsTIzz4Bp4bwDFpVz1fBMal85ZszhkBiCkX+BIM+/Ue/HCCzb7ol4n5Ti H8y86g/zZT0QPQmudroyXUTPLZxm2o/iUJ2l2tMeJvIuMggBwMSdCfTCRFWmPVAs ExP4cy54qxmg2fD7LBZjfQ5eSIhXy8jSyfG1WndQq2xpwVAAiJc= -----END CERTIFICATE-----Generated at Sat May 10 06:16:21 2025 by rpki-client