$ rpki-client -vvf repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft File: D4D0F3E6E684847D602FC73758893CE2BB05D399.mft (raw, json) Hash identifier: ihB2xQTtb+Goyqu3fqZEizJMWDnijcqZluHkwkx9lqw= Subject key identifier: 6D:49:63:20:8E:62:CE:6E:8A:05:C0:A5:98:58:BE:F5:56:DB:46:44 Authority key identifier: D4:D0:F3:E6:E6:84:84:7D:60:2F:C7:37:58:89:3C:E2:BB:05:D3:99 Certificate issuer: /CN=D4D0F3E6E684847D602FC73758893CE2BB05D399 Certificate serial: 69181F2E9FF23835B71FEDB7FE082BC9C88C9AB0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer Subject info access: rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft Manifest number: 0171 Signing time: Sun 04 May 2025 02:20:42 +0000 Manifest this update: Sun 04 May 2025 02:15:42 +0000 Manifest next update: Wed 07 May 2025 11:29:42 +0000 Files and hashes: 1: D4D0F3E6E684847D602FC73758893CE2BB05D399.crl (hash: PdeYKVzqN1Idf08BXsviCUp8nRL5VTIzpBT+lrmoIWY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.crl rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 07 May 2025 11:29:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:18:1f:2e:9f:f2:38:35:b7:1f:ed:b7:fe:08:2b:c9:c8:8c:9a:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4D0F3E6E684847D602FC73758893CE2BB05D399 Validity Not Before: May 4 02:15:42 2025 GMT Not After : May 7 11:29:42 2025 GMT Subject: CN=6D4963208E62CE6E8A05C0A59858BEF556DB4644 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:26:2d:bf:9b:a8:ea:e4:1e:03:ac:20:f5:95: f2:a9:b9:5e:0a:f5:dc:29:44:ff:d0:ee:8b:c0:27: 82:1a:6c:ff:3c:7a:b4:27:40:61:f2:49:af:68:ce: 2e:92:27:75:c2:8b:7b:e2:ae:15:91:a1:f3:70:05: 89:4d:de:ee:59:c1:91:96:e9:87:2f:a0:ce:ab:13: a1:2d:9a:e1:a6:07:40:03:9c:2d:9d:18:b3:7f:a8: e2:aa:f2:f6:7e:3d:e4:cf:03:ca:d1:c2:84:8b:6f: 7a:1f:ef:8b:58:15:31:fb:62:5e:8b:b7:89:6b:77: 46:40:ec:05:4d:1c:f3:8b:b5:ed:7a:3f:71:33:73: 6e:75:95:b0:7c:d1:76:3f:11:04:e8:73:c5:36:62: 01:d6:38:e6:90:29:be:4b:6e:07:93:22:d6:4d:78: da:03:dc:d5:d3:61:ad:a4:7f:9b:b6:9b:cd:cb:83: ab:b2:63:17:db:d9:57:d3:a9:68:11:54:4c:22:90: cb:02:11:b3:3e:53:fe:51:72:03:cd:13:7c:87:32: 80:3f:d1:b9:6e:c6:bd:d5:89:9c:66:63:41:57:71: b9:f7:17:38:ef:02:9c:d6:f1:38:e8:e3:87:ed:49: 06:41:ce:14:66:ae:b9:0d:d8:f1:cc:88:13:fd:73: de:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:49:63:20:8E:62:CE:6E:8A:05:C0:A5:98:58:BE:F5:56:DB:46:44 X509v3 Authority Key Identifier: keyid:D4:D0:F3:E6:E6:84:84:7D:60:2F:C7:37:58:89:3C:E2:BB:05:D3:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:d6:5b:2e:c3:f6:c1:92:07:36:5b:7e:83:5a:e7:67:a7:5e: e0:bb:61:0c:d0:62:cf:24:b3:70:b3:c2:e4:c7:f2:bf:06:1e: 77:f4:29:99:ee:73:22:8b:a7:42:6c:e0:b5:26:28:82:e7:61: 83:7a:20:e3:54:ef:e1:98:85:5f:13:6b:dc:34:45:03:80:be: 17:d2:6b:9d:46:16:ab:ee:3b:87:24:be:ad:d7:67:23:33:a5: 7b:74:37:25:8f:6a:a0:80:bc:5b:72:5c:d5:ca:9c:b8:cc:38: 9a:7e:af:aa:c6:23:09:7d:71:8f:4d:05:b4:4e:28:75:34:9c: 61:1d:3e:8a:48:82:6f:35:da:7b:bc:cf:e1:d6:cd:d4:d5:cc: b4:82:6f:0e:6c:3a:99:ac:ac:2e:f4:84:9a:06:64:26:bc:29: d9:d3:70:1c:9b:df:36:24:42:83:bf:b5:f3:8b:2d:e1:b6:59: 8a:c3:28:9f:24:b6:ba:25:00:12:37:60:6b:57:f1:cd:e3:0d: f7:ba:95:3a:00:9b:ce:d8:e3:b8:53:d4:80:e1:d4:28:a8:a2: 26:49:e7:83:c2:19:3f:16:5a:d1:f8:15:16:f6:f3:7b:45:f2: e1:c8:3b:f7:9a:72:e2:4a:2b:76:c6:08:de:24:24:a2:e7:27: 10:22:99:5f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaRgfLp/yODW3H+23/ggryciMmrAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTNDRTJC QjA1RDM5OTAeFw0yNTA1MDQwMjE1NDJaFw0yNTA1MDcxMTI5NDJaMDMxMTAvBgNV BAMTKDZENDk2MzIwOEU2MkNFNkU4QTA1QzBBNTk4NThCRUY1NTZEQjQ2NDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkJi2/m6jq5B4DrCD1lfKpuV4K 9dwpRP/Q7ovAJ4IabP88erQnQGHySa9ozi6SJ3XCi3virhWRofNwBYlN3u5ZwZGW 6YcvoM6rE6EtmuGmB0ADnC2dGLN/qOKq8vZ+PeTPA8rRwoSLb3of74tYFTH7Yl6L t4lrd0ZA7AVNHPOLte16P3Ezc251lbB80XY/EQToc8U2YgHWOOaQKb5LbgeTItZN eNoD3NXTYa2kf5u2m83Lg6uyYxfb2VfTqWgRVEwikMsCEbM+U/5RcgPNE3yHMoA/ 0bluxr3ViZxmY0FXcbn3FzjvApzW8Tjo44ftSQZBzhRmrrkN2PHMiBP9c97xAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUbUljII5izm6KBcClmFi+9VbbRkQwHwYDVR0j BBgwFoAU1NDz5uaEhH1gL8c3WIk84rsF05kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 MjM1MzBlYy05OTBlLTQxZDctOWQ3OC1iNzdlMjBkNzZiY2QvMC9ENEQwRjNFNkU2 ODQ4NDdENjAyRkM3Mzc1ODg5M0NFMkJCMDVEMzk5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTNDRTJCQjA1 RDM5OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODIzNTMwZWMtOTkwZS00MWQ3LTlk NzgtYjc3ZTIwZDc2YmNkLzAvRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTND RTJCQjA1RDM5OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFzWWy7D9sGSBzZbfoNa52enXuC7YQzQYs8k s3CzwuTH8r8GHnf0KZnucyKLp0Js4LUmKILnYYN6IONU7+GYhV8Ta9w0RQOAvhfS a51GFqvuO4ckvq3XZyMzpXt0NyWPaqCAvFtyXNXKnLjMOJp+r6rGIwl9cY9NBbRO KHU0nGEdPopIgm812nu8z+HWzdTVzLSCbw5sOpmsrC70hJoGZCa8KdnTcByb3zYk QoO/tfOLLeG2WYrDKJ8ktrolABI3YGtX8c3jDfe6lToAm87Y47hT1IDh1CiooiZJ 54PCGT8WWtH4FRb283tF8uHIO/eacuJKK3bGCN4kJKLnJxAimV8= -----END CERTIFICATE-----Generated at Mon May 5 23:52:58 2025 by rpki-client