$ rpki-client -vvf repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft File: D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft (raw, json) Hash identifier: +baUW58eDDAXbxsTPzsnbjf6rvSLcGrpZlFNnQsaxI4= Subject key identifier: 53:25:4F:C8:03:2D:08:0F:10:3D:04:27:E4:E7:5E:9D:E6:69:19:CC Authority key identifier: D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 Certificate issuer: /CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Certificate serial: 04E58E0054189EF2FC9783E92B5EBBE5631F3108 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft Manifest number: 68 Signing time: Mon 30 Jun 2025 10:20:02 +0000 Manifest this update: Mon 30 Jun 2025 10:15:02 +0000 Manifest next update: Thu 03 Jul 2025 21:36:02 +0000 Files and hashes: 1: 3136302e32322e3138372e302f32342d3234203d3e20313532383233.roa (hash: cvyj6LKtTOVBTWTHZighgw+CFWQteArr8dC6m6wOVeI=) 2: D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl (hash: tsrqwtlV36iF5LLO6PXUXfgQjcI7uAYg0rgy4hHMYLs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 21:36:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:e5:8e:00:54:18:9e:f2:fc:97:83:e9:2b:5e:bb:e5:63:1f:31:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Validity Not Before: Jun 30 10:15:02 2025 GMT Not After : Jul 3 21:36:02 2025 GMT Subject: CN=53254FC8032D080F103D0427E4E75E9DE66919CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:d2:ef:ed:47:de:cf:ff:fc:54:9b:e7:f3:dd: 24:97:de:d2:38:2f:da:f2:78:6e:52:30:4b:a0:cc: 3b:5b:c5:42:15:ab:f0:5e:a0:75:41:e4:60:5b:cd: 58:da:1a:bc:e3:92:c8:17:0c:aa:92:77:7a:8c:ad: 78:cc:ba:8a:c2:9e:83:e7:97:42:7a:61:4b:83:44: 37:1c:0d:86:05:5a:bb:d1:d1:19:8d:fe:14:86:dc: dc:6e:32:7d:70:fc:bb:7b:40:08:1d:4c:93:69:da: 00:ad:b6:b2:9e:a8:50:31:8a:36:5d:f8:b0:63:5f: 28:01:dc:5e:77:d5:35:e5:4e:cb:f0:71:6c:c0:a7: 58:61:1b:b3:da:04:58:4d:dc:01:7b:07:dc:23:7a: ec:8f:5c:36:16:aa:c8:36:3c:f9:cd:93:ac:c7:fa: db:a0:9d:68:c4:22:15:17:1c:26:da:4f:09:75:1f: 1d:c0:99:ce:4c:46:7b:50:a1:a2:8a:1f:b0:ef:66: a8:24:94:71:88:89:80:ba:35:15:df:a0:70:55:90: 1b:49:6e:19:8e:32:88:9f:49:3b:01:b7:ab:6d:4d: b7:bf:cd:a6:a6:73:44:3d:db:d5:e2:4e:44:ce:ef: 68:f0:96:54:d3:4f:78:d6:9c:fd:0c:65:f8:17:0e: de:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:25:4F:C8:03:2D:08:0F:10:3D:04:27:E4:E7:5E:9D:E6:69:19:CC X509v3 Authority Key Identifier: keyid:D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:4b:69:9a:69:dd:1b:27:75:ea:8c:ba:58:c0:93:c5:86:5a: 9f:77:5e:38:5b:db:b7:f6:20:1d:b9:32:bf:5e:3d:d5:aa:73: 72:ab:94:83:93:f7:e2:0a:c7:1f:2b:25:a4:fe:c6:9d:58:1d: 76:c7:f4:f6:9f:c3:6f:cd:38:6e:3f:08:90:2b:fc:b7:3e:71: 5e:ed:3d:64:90:14:8c:0b:ce:8e:1f:3c:c4:48:53:d6:09:93: b3:85:10:b0:0e:c6:24:ed:4e:fc:c7:cb:e6:13:54:32:18:1d: fc:2d:08:69:47:a5:43:a7:20:31:1b:53:75:6d:45:a6:8f:68: 29:3a:dd:cf:b8:5c:e1:38:a6:19:c1:e4:c8:70:11:bc:99:6e: 0a:55:9c:7d:ed:2f:49:fc:84:0f:25:7c:ad:f5:67:8b:82:4e: ad:0d:63:21:13:7f:1e:5b:62:c0:9b:91:4e:b1:36:13:bd:ad: c1:09:b3:19:ba:b9:87:93:75:68:e4:13:7f:e0:c8:0d:d1:3f: 4c:9b:77:f6:a2:05:36:71:55:bd:47:d0:ed:51:04:ba:e1:80: bd:28:19:01:d4:90:92:e6:b4:a5:63:1b:6c:e4:6d:d5:fb:64: aa:18:36:44:93:a3:43:3f:e8:60:1a:a7:ad:09:dc:1a:e6:79: 6a:38:a5:5c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBOWOAFQYnvL8l4PpK1675WMfMQgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZDMzJC NEZBMjhGMDAeFw0yNTA2MzAxMDE1MDJaFw0yNTA3MDMyMTM2MDJaMDMxMTAvBgNV BAMTKDUzMjU0RkM4MDMyRDA4MEYxMDNEMDQyN0U0RTc1RTlERTY2OTE5Q0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD70u/tR97P//xUm+fz3SSX3tI4 L9ryeG5SMEugzDtbxUIVq/BeoHVB5GBbzVjaGrzjksgXDKqSd3qMrXjMuorCnoPn l0J6YUuDRDccDYYFWrvR0RmN/hSG3NxuMn1w/Lt7QAgdTJNp2gCttrKeqFAxijZd +LBjXygB3F531TXlTsvwcWzAp1hhG7PaBFhN3AF7B9wjeuyPXDYWqsg2PPnNk6zH +tugnWjEIhUXHCbaTwl1Hx3Amc5MRntQoaKKH7DvZqgklHGIiYC6NRXfoHBVkBtJ bhmOMoifSTsBt6ttTbe/zaamc0Q929XiTkTO72jwllTTT3jWnP0MZfgXDt7nAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUUyVPyAMtCA8QPQQn5OdeneZpGcwwHwYDVR0j BBgwFoAU07Ddu44H/NmKOZyQxbP8MrT6KPAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 ZDlmOThmMy03MmYwLTQwMDYtYmU5OS1iOWE5ZThkOWQyYmYvMC9EM0IwRERCQjhF MDdGQ0Q5OEEzOTlDOTBDNUIzRkMzMkI0RkEyOEYwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZDMzJCNEZB MjhGMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vN2Q5Zjk4ZjMtNzJmMC00MDA2LWJl OTktYjlhOWU4ZDlkMmJmLzAvRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZD MzJCNEZBMjhGMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAF1LaZpp3RsndeqMuljAk8WGWp93Xjhb27f2 IB25Mr9ePdWqc3KrlIOT9+IKxx8rJaT+xp1YHXbH9Pafw2/NOG4/CJAr/Lc+cV7t PWSQFIwLzo4fPMRIU9YJk7OFELAOxiTtTvzHy+YTVDIYHfwtCGlHpUOnIDEbU3Vt RaaPaCk63c+4XOE4phnB5MhwEbyZbgpVnH3tL0n8hA8lfK31Z4uCTq0NYyETfx5b YsCbkU6xNhO9rcEJsxm6uYeTdWjkE3/gyA3RP0ybd/aiBTZxVb1H0O1RBLrhgL0o GQHUkJLmtKVjG2zkbdX7ZKoYNkSTo0M/6GAap60J3BrmeWo4pVw= -----END CERTIFICATE-----Generated at Tue Jul 1 11:44:17 2025 by rpki-client