$ rpki-client -vvf repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.mft File: 428173DF58B0C16D8FB92F81F342D6017FB0CECA.mft (raw, json) Hash identifier: wOaSg/yLaFaCrtt6tTndywAWQIIXLDkysUirG2wZzBU= Subject key identifier: 13:A1:D0:40:11:69:91:57:BB:40:5A:C7:CE:E6:4E:3C:14:FA:83:54 Authority key identifier: 42:81:73:DF:58:B0:C1:6D:8F:B9:2F:81:F3:42:D6:01:7F:B0:CE:CA Certificate issuer: /CN=428173DF58B0C16D8FB92F81F342D6017FB0CECA Certificate serial: 2D3C80C1FC9C8CE03E21B8EBF7D1FA4B60A13A01 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428173DF58B0C16D8FB92F81F342D6017FB0CECA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.mft Manifest number: 01BC Signing time: Tue 01 Jul 2025 07:01:19 +0000 Manifest this update: Tue 01 Jul 2025 06:56:19 +0000 Manifest next update: Fri 04 Jul 2025 10:54:19 +0000 Files and hashes: 1: 428173DF58B0C16D8FB92F81F342D6017FB0CECA.crl (hash: N9GGZ9ZosHelhjmm/W1zk5Cr+p2MSa54jvlWl9yYBso=) 2: 3130332e3139312e33392e302f32342d3234203d3e20313439393233.roa (hash: yfirY/IdmmUBXQP+agxLPC5R2mzKmb/7B1nbgYo1Od4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.crl rsync://repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428173DF58B0C16D8FB92F81F342D6017FB0CECA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 10:54:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:3c:80:c1:fc:9c:8c:e0:3e:21:b8:eb:f7:d1:fa:4b:60:a1:3a:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428173DF58B0C16D8FB92F81F342D6017FB0CECA Validity Not Before: Jul 1 06:56:19 2025 GMT Not After : Jul 4 10:54:19 2025 GMT Subject: CN=13A1D04011699157BB405AC7CEE64E3C14FA8354 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:bb:7f:88:55:f0:a0:41:32:31:e1:f9:84:eb: 90:f6:bc:68:a0:82:10:ea:fb:49:22:1c:be:11:f8: c0:13:fd:29:d6:6d:f1:16:72:72:95:a9:ea:31:0b: 0b:da:01:02:56:b7:83:74:89:e8:24:ce:39:bd:e4: 69:47:3b:2d:b8:52:ed:e3:1c:da:e3:20:44:b5:b4: 53:7d:af:48:d6:96:3a:db:7a:81:b7:e1:88:9f:cb: 6a:3d:b3:b6:9d:48:9a:c9:de:d7:0a:99:c7:ab:8d: e5:bf:5b:fc:38:66:dd:b2:79:d3:d0:e6:58:bb:79: 0e:68:59:bf:29:94:e0:52:3d:94:e2:40:1e:4e:0c: ac:62:37:94:3a:be:17:77:e0:49:3c:fa:ed:bf:04: ca:58:ba:11:c0:0e:d0:0b:3f:6d:bd:4c:ec:ed:50: a8:3c:d2:c4:68:ea:e4:71:56:3d:b0:16:31:f3:30: 7d:1a:3c:f3:83:9b:82:c7:44:7f:3f:de:fc:98:65: 68:7c:20:65:02:fd:7b:cd:cb:f7:c5:87:02:cd:f5: 39:4f:b9:51:03:29:d8:b8:e2:88:05:0a:21:9a:ab: 78:18:05:9f:89:56:86:b4:95:b4:a6:d0:57:d3:da: de:d3:f8:fc:b1:d7:1a:63:5f:21:e6:0a:c0:4c:20: 9c:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:A1:D0:40:11:69:91:57:BB:40:5A:C7:CE:E6:4E:3C:14:FA:83:54 X509v3 Authority Key Identifier: keyid:42:81:73:DF:58:B0:C1:6D:8F:B9:2F:81:F3:42:D6:01:7F:B0:CE:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428173DF58B0C16D8FB92F81F342D6017FB0CECA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:b5:38:f8:15:13:f8:45:25:c7:21:9d:c8:5f:68:d8:73:87: aa:72:d0:79:54:e0:d6:64:95:1c:02:63:92:67:8a:79:e0:6c: a1:1f:2c:d9:2a:ad:9c:48:2d:8f:3b:16:3c:f7:70:b1:9f:38: 37:de:56:65:d9:85:48:ca:35:69:40:77:e7:af:98:e5:52:0a: 4a:7e:9c:c2:d8:09:a1:b0:b4:6f:0c:3d:a0:0d:b5:4d:12:cc: 83:24:67:79:93:36:30:b5:33:f0:17:2b:9b:e1:b5:08:12:4c: 49:29:82:36:05:06:6d:55:d8:2d:6c:97:8d:01:3e:9d:38:81: 07:25:c9:ea:44:13:e4:12:2a:08:5b:8d:0d:b0:49:8b:b4:96: 8b:40:ea:2a:3b:ff:c2:ed:ce:bd:8f:49:b3:69:fc:6a:68:30: 73:db:ac:c8:18:9f:37:dc:cd:09:3e:9e:b0:b9:b7:0a:27:2d: 59:6e:93:dd:da:9a:f6:a9:82:c5:36:77:e8:e4:67:0a:68:fa: e7:3b:7e:15:99:14:e0:b9:7d:90:c2:32:6d:82:92:b6:c3:cf: fb:4f:74:81:09:fa:d7:95:f0:8c:68:d2:27:f4:78:fd:6a:a6: bc:09:f9:4e:a1:3c:eb:98:10:86:e5:0a:d8:2e:aa:21:a5:9b: 3f:6c:be:c0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULTyAwfycjOA+Ibjr99H6S2ChOgEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4MTczREY1OEIwQzE2RDhGQjkyRjgxRjM0MkQ2MDE3 RkIwQ0VDQTAeFw0yNTA3MDEwNjU2MTlaFw0yNTA3MDQxMDU0MTlaMDMxMTAvBgNV BAMTKDEzQTFEMDQwMTE2OTkxNTdCQjQwNUFDN0NFRTY0RTNDMTRGQTgzNTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIu3+IVfCgQTIx4fmE65D2vGig ghDq+0kiHL4R+MAT/SnWbfEWcnKVqeoxCwvaAQJWt4N0iegkzjm95GlHOy24Uu3j HNrjIES1tFN9r0jWljrbeoG34Yify2o9s7adSJrJ3tcKmcerjeW/W/w4Zt2yedPQ 5li7eQ5oWb8plOBSPZTiQB5ODKxiN5Q6vhd34Ek8+u2/BMpYuhHADtALP229TOzt UKg80sRo6uRxVj2wFjHzMH0aPPODm4LHRH8/3vyYZWh8IGUC/XvNy/fFhwLN9TlP uVEDKdi44ogFCiGaq3gYBZ+JVoa0lbSm0FfT2t7T+Pyx1xpjXyHmCsBMIJxPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUE6HQQBFpkVe7QFrHzuZOPBT6g1QwHwYDVR0j BBgwFoAUQoFz31iwwW2PuS+B80LWAX+wzsowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 NWY4NDI3OC1lMDZkLTQxMTktYmE0NC01YzMyOTY4YThiYmQvMC80MjgxNzNERjU4 QjBDMTZEOEZCOTJGODFGMzQyRDYwMTdGQjBDRUNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4MTczREY1OEIwQzE2RDhGQjkyRjgxRjM0MkQ2MDE3RkIw Q0VDQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNjVmODQyNzgtZTA2ZC00MTE5LWJh NDQtNWMzMjk2OGE4YmJkLzAvNDI4MTczREY1OEIwQzE2RDhGQjkyRjgxRjM0MkQ2 MDE3RkIwQ0VDQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFu1OPgVE/hFJcchnchfaNhzh6py0HlU4NZk lRwCY5JninngbKEfLNkqrZxILY87Fjz3cLGfODfeVmXZhUjKNWlAd+evmOVSCkp+ nMLYCaGwtG8MPaANtU0SzIMkZ3mTNjC1M/AXK5vhtQgSTEkpgjYFBm1V2C1sl40B Pp04gQclyepEE+QSKghbjQ2wSYu0lotA6io7/8Ltzr2PSbNp/GpoMHPbrMgYnzfc zQk+nrC5twonLVluk93amvapgsU2d+jkZwpo+uc7fhWZFOC5fZDCMm2CkrbDz/tP dIEJ+teV8Ixo0if0eP1qprwJ+U6hPOuYEIblCtguqiGlmz9svsA= -----END CERTIFICATE-----Generated at Wed Jul 2 19:59:58 2025 by rpki-client