$ rpki-client -vvf repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft File: 843FDF32A52D11795BBFB0918ABF926E0A210870.mft (raw, json) Hash identifier: 2QfL/+pulSijXd0Vh9MqTX/UrZnybn6yaoNi1JTT55o= Subject key identifier: C6:74:35:EC:05:DA:8D:A8:A3:21:3A:6D:E2:5B:17:F3:DF:34:76:2C Authority key identifier: 84:3F:DF:32:A5:2D:11:79:5B:BF:B0:91:8A:BF:92:6E:0A:21:08:70 Certificate issuer: /CN=843FDF32A52D11795BBFB0918ABF926E0A210870 Certificate serial: 4EBBED62F5E87E283C75861E9C86197FCC83160E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer Subject info access: rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft Manifest number: E1 Signing time: Thu 03 Jul 2025 00:32:07 +0000 Manifest this update: Thu 03 Jul 2025 00:27:07 +0000 Manifest next update: Sun 06 Jul 2025 03:10:07 +0000 Files and hashes: 1: 843FDF32A52D11795BBFB0918ABF926E0A210870.crl (hash: lYKyPvMgI2tM9+39esOEdvN8/E6PQsAvndEF7/LQd2M=) 2: 3231302e38372e3132342e302f32332d3234203d3e20313532303539.roa (hash: bZtCXaxnCo0kXFhv+UgtkdHVo3axHOoHwsSEN85b1Nc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.crl rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Jul 2025 03:10:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:bb:ed:62:f5:e8:7e:28:3c:75:86:1e:9c:86:19:7f:cc:83:16:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=843FDF32A52D11795BBFB0918ABF926E0A210870 Validity Not Before: Jul 3 00:27:07 2025 GMT Not After : Jul 6 03:10:07 2025 GMT Subject: CN=C67435EC05DA8DA8A3213A6DE25B17F3DF34762C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:be:4f:ec:7c:f7:1e:81:92:21:66:b5:1f:b7: e0:74:b9:28:58:51:0a:79:f6:0b:d7:ac:dd:49:a3: aa:30:66:4d:2b:6c:64:71:a3:73:06:e9:78:91:a4: 6c:60:d9:48:21:ac:75:2d:47:8e:ba:c3:c7:2f:9e: fd:e8:7a:a4:d5:17:ea:f1:93:b4:f2:57:f2:17:fb: 26:68:bf:e1:26:17:f0:6f:10:b3:d7:92:8b:2a:7a: a7:23:09:c8:48:21:1e:4b:cd:4e:e4:65:61:12:5e: c1:8a:c1:89:8f:43:72:83:57:75:cf:03:7c:f5:3e: 9b:74:db:29:c8:56:11:ee:d8:27:12:96:71:f3:53: 22:5f:b5:11:52:28:f0:53:46:16:70:4c:ad:36:c0: 6c:78:d9:5c:8e:13:65:b6:a7:37:df:97:ef:c1:ab: bb:44:67:c6:38:4f:ec:0d:aa:cd:95:70:3d:88:17: f4:f7:7f:14:6a:3c:eb:ac:eb:80:1f:47:c8:02:44: d3:af:38:ad:98:2b:ea:5f:26:76:8e:16:df:ac:78: c0:73:07:c4:d3:81:9e:aa:2a:f5:21:2d:ce:21:33: 1c:e0:84:3c:dc:df:46:85:32:aa:80:68:21:c6:a5: 7c:72:ac:03:95:ad:06:88:4e:85:57:56:ea:f8:1f: 77:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:74:35:EC:05:DA:8D:A8:A3:21:3A:6D:E2:5B:17:F3:DF:34:76:2C X509v3 Authority Key Identifier: keyid:84:3F:DF:32:A5:2D:11:79:5B:BF:B0:91:8A:BF:92:6E:0A:21:08:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:91:08:12:76:2b:0d:05:3c:3c:ec:0d:b1:98:34:7a:bf:12: 24:31:c5:b9:34:0c:c8:a7:82:b1:cd:9c:b3:0e:ba:65:4a:6e: 23:c4:d0:3a:d0:8d:bd:50:a0:16:7a:b0:ab:6b:f5:af:51:fc: b6:45:fa:86:ed:ca:84:59:03:53:e5:6b:be:cb:22:38:a5:b4: 07:dd:34:40:c6:14:55:a4:7c:de:1a:b7:fc:b1:35:8c:a1:c4: 82:ed:7a:16:31:e0:72:fd:82:32:6b:cf:b7:18:82:84:7e:f6: 93:d0:0e:3f:d1:f4:c0:74:c3:07:d7:0e:f5:eb:b2:1a:f6:0c: 59:2f:90:3b:39:24:87:18:0e:32:b5:e6:04:26:09:90:59:f5: 1b:b5:f2:d0:18:8b:04:79:40:ca:93:ee:48:34:74:b6:36:55: 07:32:07:94:2c:15:d5:45:9e:c4:bd:2a:17:16:2b:ac:49:e6: 81:2c:92:a2:ed:a5:d5:01:9e:ac:c8:de:37:e8:77:c1:02:84: d1:3a:4b:ad:9d:57:d2:27:92:20:5e:ca:dd:d4:eb:ca:40:60: 4d:60:c4:be:37:0a:3c:fd:5a:4f:3a:5f:c1:34:74:77:58:fd: f9:dc:1e:9b:34:a8:21:44:71:0f:e0:36:a1:03:1b:fe:b7:7e: 29:75:9f:fe -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUTrvtYvXofig8dYYenIYZf8yDFg4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjkyNkUw QTIxMDg3MDAeFw0yNTA3MDMwMDI3MDdaFw0yNTA3MDYwMzEwMDdaMDMxMTAvBgNV BAMTKEM2NzQzNUVDMDVEQThEQThBMzIxM0E2REUyNUIxN0YzREYzNDc2MkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0vk/sfPcegZIhZrUft+B0uShY UQp59gvXrN1Jo6owZk0rbGRxo3MG6XiRpGxg2UghrHUtR466w8cvnv3oeqTVF+rx k7TyV/IX+yZov+EmF/BvELPXkosqeqcjCchIIR5LzU7kZWESXsGKwYmPQ3KDV3XP A3z1Ppt02ynIVhHu2CcSlnHzUyJftRFSKPBTRhZwTK02wGx42VyOE2W2pzffl+/B q7tEZ8Y4T+wNqs2VcD2IF/T3fxRqPOus64AfR8gCRNOvOK2YK+pfJnaOFt+seMBz B8TTgZ6qKvUhLc4hMxzghDzc30aFMqqAaCHGpXxyrAOVrQaIToVXVur4H3dhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUxnQ17AXajaijITpt4lsX8980diwwHwYDVR0j BBgwFoAUhD/fMqUtEXlbv7CRir+SbgohCHAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 N2JlOGI3Yy0yMzJmLTQ3ZTgtOWNkZC04ODE3ZDM5YjcwZWEvMC84NDNGREYzMkE1 MkQxMTc5NUJCRkIwOTE4QUJGOTI2RTBBMjEwODcwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjkyNkUwQTIx MDg3MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTdiZThiN2MtMjMyZi00N2U4LTlj ZGQtODgxN2QzOWI3MGVhLzAvODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjky NkUwQTIxMDg3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJCRCBJ2Kw0FPDzsDbGYNHq/EiQxxbk0DMin grHNnLMOumVKbiPE0DrQjb1QoBZ6sKtr9a9R/LZF+obtyoRZA1Pla77LIjiltAfd NEDGFFWkfN4at/yxNYyhxILtehYx4HL9gjJrz7cYgoR+9pPQDj/R9MB0wwfXDvXr shr2DFkvkDs5JIcYDjK15gQmCZBZ9Ru18tAYiwR5QMqT7kg0dLY2VQcyB5QsFdVF nsS9KhcWK6xJ5oEskqLtpdUBnqzI3jfod8EChNE6S62dV9InkiBeyt3U68pAYE1g xL43Cjz9Wk86X8E0dHdY/fncHps0qCFEcQ/gNqEDG/63fil1n/4= -----END CERTIFICATE-----Generated at Thu Jul 3 09:59:35 2025 by rpki-client