$ rpki-client -vvf repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft File: 3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft (raw, json) Hash identifier: RGH1+KHinHFpLzniFdJBE+H24N2t7KGPDo/vHVp8xR8= Subject key identifier: 0A:32:12:08:65:1D:06:27:26:FE:2C:3C:46:1F:12:D9:C6:9A:14:0E Authority key identifier: 3E:0B:95:7B:58:2D:8A:EF:99:A4:9C:64:48:F9:99:3C:72:37:8B:F3 Certificate issuer: /CN=3E0B957B582D8AEF99A49C6448F9993C72378BF3 Certificate serial: 7CD2E3D9C6182EC7642EE9C449202537D62EFC40 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E0B957B582D8AEF99A49C6448F9993C72378BF3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft Manifest number: 0108 Signing time: Fri 22 Aug 2025 06:11:18 +0000 Manifest this update: Fri 22 Aug 2025 06:06:18 +0000 Manifest next update: Mon 25 Aug 2025 06:56:18 +0000 Files and hashes: 1: 3130332e3133322e3233302e302f32332d3234203d3e20313338313237.roa (hash: NjJcmD+G+kiFwmmP8zS7heQcwBVqq18Sis+HXMvM+ZY=) 2: 3130332e3133322e3233312e302f32342d3234203d3e20313338313237.roa (hash: YbG5Gw9xgbijBTbp7E/AZR+gn02wD0TeW2SCv/sSqKI=) 3: 3E0B957B582D8AEF99A49C6448F9993C72378BF3.crl (hash: JfVkHXDuoaKltvm70x22Q0MqCSFGduA9P7jJQg1kpK4=) 4: 3130332e3133322e3233302e302f32342d3234203d3e20313338313237.roa (hash: SdfVlvgb41TvQfFCAAr6Hvu/iM3n38wFz7a+3vMqJi4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.crl rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E0B957B582D8AEF99A49C6448F9993C72378BF3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 06:56:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:d2:e3:d9:c6:18:2e:c7:64:2e:e9:c4:49:20:25:37:d6:2e:fc:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E0B957B582D8AEF99A49C6448F9993C72378BF3 Validity Not Before: Aug 22 06:06:18 2025 GMT Not After : Aug 25 06:56:18 2025 GMT Subject: CN=0A321208651D062726FE2C3C461F12D9C69A140E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d1:c5:ec:ba:86:a7:0e:f0:f4:5c:b2:02:bc: 0b:c8:35:23:2e:09:17:e5:36:a7:04:5c:f7:31:dc: d1:32:7f:41:35:0d:b5:0a:99:79:63:64:f2:16:25: a9:19:8a:fe:e8:2c:0a:86:45:f7:90:8c:81:2c:03: 71:36:38:00:1c:34:38:f8:b3:a9:be:48:71:de:16: 32:69:e9:1f:da:d0:cb:72:31:65:a1:c1:00:c5:dd: 4c:f5:78:24:99:d3:be:a5:fe:6b:53:fe:81:c3:27: 46:ca:5c:6b:29:ee:fd:cf:54:3c:da:b4:75:13:c0: ab:80:cd:2f:79:90:ee:ea:50:52:4b:05:31:75:1d: a2:f8:05:a5:2f:74:00:63:e5:57:39:87:5f:94:8b: 22:03:02:13:03:9f:82:0f:62:30:30:a2:f8:9f:29: c9:eb:00:ef:51:1b:53:eb:58:8c:39:be:0d:c2:d2: d2:8f:31:fe:43:7c:bf:75:51:b4:7c:3c:64:20:c5: ee:98:5a:82:db:d0:60:45:0b:9c:2f:35:2c:8c:7f: 86:a4:af:4f:46:ef:67:f8:0f:ef:4a:39:14:7a:1f: fc:84:ae:b4:cd:8a:30:df:9d:0d:9d:e7:13:0f:9a: 59:62:8c:7a:17:40:a7:71:8c:66:81:0a:20:1b:40: 50:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:32:12:08:65:1D:06:27:26:FE:2C:3C:46:1F:12:D9:C6:9A:14:0E X509v3 Authority Key Identifier: keyid:3E:0B:95:7B:58:2D:8A:EF:99:A4:9C:64:48:F9:99:3C:72:37:8B:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E0B957B582D8AEF99A49C6448F9993C72378BF3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:a1:d0:53:32:8e:a5:3e:68:9c:10:ca:e6:b7:da:0b:d3:fb: a4:e1:a0:35:64:84:f0:4d:5a:f5:b3:99:cc:9f:2d:a5:5e:1c: 5d:0b:e3:30:db:c1:45:78:79:b6:68:c2:dd:5a:a0:79:7c:ed: e1:cc:b5:97:82:5d:b9:aa:ef:14:06:8d:4c:a6:96:c5:c0:d4: 7e:51:e7:7c:d7:96:4e:b4:56:bc:e5:7e:d9:a9:46:a8:26:90: c5:3a:31:ad:b5:b2:07:df:77:c9:dc:3b:70:81:4b:46:8e:c7: 79:77:f9:78:fc:96:50:a0:bb:48:07:6e:c3:7c:6c:9b:7a:2e: 3c:26:67:93:3a:b7:7b:06:19:c0:38:ac:4f:7e:42:74:e6:f4: c8:8c:21:ca:af:f6:17:d7:b1:0c:38:2a:2b:8a:2d:d6:fe:38: 8b:b9:95:a2:43:04:65:65:dd:fc:62:a1:9e:3e:e8:99:1f:f6: b8:2d:9e:f4:8e:c6:02:cf:a0:1b:a7:f6:18:53:c2:f6:49:a7: 0e:39:7e:7e:5d:b1:a1:78:32:8e:96:cc:53:71:41:3c:3f:cb: 92:87:d2:ba:b0:f6:84:44:58:98:72:6c:04:1c:22:25:5f:f2: ca:bf:9d:0d:05:c2:de:a2:88:7f:79:16:34:84:f4:4f:6a:6d: 28:89:1b:e4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfNLj2cYYLsdkLunESSAlN9Yu/EAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0UwQjk1N0I1ODJEOEFFRjk5QTQ5QzY0NDhGOTk5M0M3 MjM3OEJGMzAeFw0yNTA4MjIwNjA2MThaFw0yNTA4MjUwNjU2MThaMDMxMTAvBgNV BAMTKDBBMzIxMjA4NjUxRDA2MjcyNkZFMkMzQzQ2MUYxMkQ5QzY5QTE0MEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC00cXsuoanDvD0XLICvAvINSMu CRflNqcEXPcx3NEyf0E1DbUKmXljZPIWJakZiv7oLAqGRfeQjIEsA3E2OAAcNDj4 s6m+SHHeFjJp6R/a0MtyMWWhwQDF3Uz1eCSZ076l/mtT/oHDJ0bKXGsp7v3PVDza tHUTwKuAzS95kO7qUFJLBTF1HaL4BaUvdABj5Vc5h1+UiyIDAhMDn4IPYjAwovif KcnrAO9RG1PrWIw5vg3C0tKPMf5DfL91UbR8PGQgxe6YWoLb0GBFC5wvNSyMf4ak r09G72f4D+9KORR6H/yErrTNijDfnQ2d5xMPmllijHoXQKdxjGaBCiAbQFC7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUCjISCGUdBicm/iw8Rh8S2caaFA4wHwYDVR0j BBgwFoAUPguVe1gtiu+ZpJxkSPmZPHI3i/MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZWRjOWU0Zi04MTgwLTQxZDYtYjA4ZC04ZWU1YThhNzBhMDUvMC8zRTBCOTU3QjU4 MkQ4QUVGOTlBNDlDNjQ0OEY5OTkzQzcyMzc4QkYzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0UwQjk1N0I1ODJEOEFFRjk5QTQ5QzY0NDhGOTk5M0M3MjM3 OEJGMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGVkYzllNGYtODE4MC00MWQ2LWIw OGQtOGVlNWE4YTcwYTA1LzAvM0UwQjk1N0I1ODJEOEFFRjk5QTQ5QzY0NDhGOTk5 M0M3MjM3OEJGMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAuh0FMyjqU+aJwQyua32gvT+6ThoDVkhPBN WvWzmcyfLaVeHF0L4zDbwUV4ebZowt1aoHl87eHMtZeCXbmq7xQGjUymlsXA1H5R 53zXlk60VrzlftmpRqgmkMU6Ma21sgffd8ncO3CBS0aOx3l3+Xj8llCgu0gHbsN8 bJt6LjwmZ5M6t3sGGcA4rE9+QnTm9MiMIcqv9hfXsQw4KiuKLdb+OIu5laJDBGVl 3fxioZ4+6Jkf9rgtnvSOxgLPoBun9hhTwvZJpw45fn5dsaF4Mo6WzFNxQTw/y5KH 0rqw9oREWJhybAQcIiVf8sq/nQ0Fwt6iiH95FjSE9E9qbSiJG+Q= -----END CERTIFICATE-----Generated at Sat Aug 23 14:40:48 2025 by rpki-client