$ rpki-client -vvf repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft File: D4D0F3E6E684847D602FC73758893CE2BB05D399.mft (raw, json) Hash identifier: FKwbMGV7xGPVZYbiRbupKsQkdAq6Ki3q3PEeldXeNXU= Subject key identifier: 8A:CD:16:F5:2C:EF:57:D7:AF:04:FF:55:41:36:F2:A5:CB:1D:84:C5 Authority key identifier: D4:D0:F3:E6:E6:84:84:7D:60:2F:C7:37:58:89:3C:E2:BB:05:D3:99 Certificate issuer: /CN=D4D0F3E6E684847D602FC73758893CE2BB05D399 Certificate serial: 3952289BF10E5211465378F078634FF466203300 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer Subject info access: rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft Manifest number: 018A Signing time: Sat 28 Jun 2025 16:30:42 +0000 Manifest this update: Sat 28 Jun 2025 16:25:42 +0000 Manifest next update: Tue 01 Jul 2025 18:00:42 +0000 Files and hashes: 1: D4D0F3E6E684847D602FC73758893CE2BB05D399.crl (hash: JxSedSnbyVfLrVgcmQ1obg7hXqK3CjJd8E4aFzmNMGc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.crl rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 18:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:52:28:9b:f1:0e:52:11:46:53:78:f0:78:63:4f:f4:66:20:33:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4D0F3E6E684847D602FC73758893CE2BB05D399 Validity Not Before: Jun 28 16:25:42 2025 GMT Not After : Jul 1 18:00:42 2025 GMT Subject: CN=8ACD16F52CEF57D7AF04FF554136F2A5CB1D84C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:98:18:67:4b:52:c3:95:7b:38:bd:c3:a5:a3: d6:73:29:e4:09:ca:81:24:c8:ee:46:96:c0:da:80: 8a:b5:46:4c:64:d5:91:01:b9:e4:43:7c:44:cd:9d: 07:d7:31:b8:8c:50:a9:2d:d0:6e:81:a5:a4:60:ed: 92:a9:76:e8:91:11:05:36:6a:9b:2c:9d:d3:aa:5a: 07:90:bc:cf:0d:ea:0c:65:66:a5:a2:13:f2:6f:63: c0:aa:9b:7e:f6:8f:bf:75:c9:df:ee:af:fb:16:d1: f4:a7:4b:3a:52:81:de:19:c2:15:92:83:f3:e2:37: 0f:c6:6b:79:11:ce:ca:94:98:be:26:fd:00:15:49: 69:79:40:52:08:09:03:d4:95:11:5b:b0:2a:e6:d3: 3c:6a:ce:d4:cd:6b:91:c4:e3:f0:6f:d4:c5:91:98: 90:fb:e9:35:56:b9:50:60:41:00:05:a4:b4:04:39: a0:8a:a9:1f:11:75:e8:bf:21:41:46:5d:11:c7:db: 76:f6:b2:8f:57:61:83:89:82:c8:bd:b0:bd:03:74: dc:6b:35:1c:f2:ba:18:d7:69:e1:bc:15:4e:9f:da: 10:50:1b:6a:84:82:bf:f4:58:15:f1:57:d7:24:60: 60:af:42:be:57:8d:11:4d:f3:9f:4f:c1:e4:27:07: d2:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:CD:16:F5:2C:EF:57:D7:AF:04:FF:55:41:36:F2:A5:CB:1D:84:C5 X509v3 Authority Key Identifier: keyid:D4:D0:F3:E6:E6:84:84:7D:60:2F:C7:37:58:89:3C:E2:BB:05:D3:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:44:56:fb:05:68:b3:42:a1:a0:77:7c:06:2e:9b:d5:2a:af: 1d:c0:bd:0f:eb:e6:f3:e7:99:0b:9f:7f:c1:06:66:4c:ea:e3: 27:67:7e:82:91:1d:39:50:16:0e:1c:4d:3f:1e:3a:9f:4d:44: d1:44:89:48:af:4f:b0:69:17:bb:19:54:5f:d7:73:5f:06:7a: 03:2e:61:09:b4:d2:35:46:bd:1a:27:1b:f8:73:7b:97:7a:45: 42:30:74:66:ae:4c:95:75:1c:8b:62:42:13:e9:30:93:d1:79: b4:c5:62:7b:9f:51:8c:bb:d9:80:b8:71:68:52:5c:3e:fc:c9: 8d:2d:67:29:dc:24:0d:ba:87:2e:14:e2:c9:ec:2f:09:c7:40: 61:8e:03:d1:89:f8:c0:3e:70:52:c8:9d:b4:3e:27:40:8e:a4: 29:be:d9:78:ac:c5:24:90:77:f3:15:52:cd:19:6b:8f:cb:42: 14:c2:7b:11:24:0f:3c:ac:e3:ed:0b:62:94:81:f3:18:35:4e: a7:64:a3:c4:77:d3:ea:d5:57:e4:0f:ad:d6:e1:1f:8d:bb:1e: d4:7b:f9:f2:bd:cc:d2:9a:df:8f:33:e3:94:aa:ba:ec:f9:e6: df:39:03:61:ad:5b:82:ff:a9:bd:37:bc:a7:c7:2a:ff:a2:51: 83:f3:03:5a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOVIom/EOUhFGU3jweGNP9GYgMwAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTNDRTJC QjA1RDM5OTAeFw0yNTA2MjgxNjI1NDJaFw0yNTA3MDExODAwNDJaMDMxMTAvBgNV BAMTKDhBQ0QxNkY1MkNFRjU3RDdBRjA0RkY1NTQxMzZGMkE1Q0IxRDg0QzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4mBhnS1LDlXs4vcOlo9ZzKeQJ yoEkyO5GlsDagIq1Rkxk1ZEBueRDfETNnQfXMbiMUKkt0G6BpaRg7ZKpduiREQU2 apssndOqWgeQvM8N6gxlZqWiE/JvY8Cqm372j791yd/ur/sW0fSnSzpSgd4ZwhWS g/PiNw/Ga3kRzsqUmL4m/QAVSWl5QFIICQPUlRFbsCrm0zxqztTNa5HE4/Bv1MWR mJD76TVWuVBgQQAFpLQEOaCKqR8Rdei/IUFGXRHH23b2so9XYYOJgsi9sL0DdNxr NRzyuhjXaeG8FU6f2hBQG2qEgr/0WBXxV9ckYGCvQr5XjRFN859PweQnB9JnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUis0W9SzvV9evBP9VQTbypcsdhMUwHwYDVR0j BBgwFoAU1NDz5uaEhH1gL8c3WIk84rsF05kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 MjM1MzBlYy05OTBlLTQxZDctOWQ3OC1iNzdlMjBkNzZiY2QvMC9ENEQwRjNFNkU2 ODQ4NDdENjAyRkM3Mzc1ODg5M0NFMkJCMDVEMzk5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTNDRTJCQjA1 RDM5OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODIzNTMwZWMtOTkwZS00MWQ3LTlk NzgtYjc3ZTIwZDc2YmNkLzAvRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTND RTJCQjA1RDM5OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJFEVvsFaLNCoaB3fAYum9Uqrx3AvQ/r5vPn mQuff8EGZkzq4ydnfoKRHTlQFg4cTT8eOp9NRNFEiUivT7BpF7sZVF/Xc18GegMu YQm00jVGvRonG/hze5d6RUIwdGauTJV1HItiQhPpMJPRebTFYnufUYy72YC4cWhS XD78yY0tZyncJA26hy4U4snsLwnHQGGOA9GJ+MA+cFLInbQ+J0COpCm+2XisxSSQ d/MVUs0Za4/LQhTCexEkDzys4+0LYpSB8xg1Tqdko8R30+rVV+QPrdbhH427HtR7 +fK9zNKa348z45Squuz55t85A2GtW4L/qb03vKfHKv+iUYPzA1o= -----END CERTIFICATE-----Generated at Sun Jun 29 18:11:46 2025 by rpki-client