$ rpki-client -vvf repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft File: 861DE86D91E4C7508D388EDBC70834681B43B5CA.mft (raw, json) Hash identifier: HyFvgxAaAn0BI+gFVIvGkqvzA90kXKxnSiUyZGJWlSQ= Subject key identifier: AE:8D:EF:F0:D1:6B:1B:45:D0:C4:6E:0F:EC:8C:6C:D6:5B:47:5A:36 Authority key identifier: 86:1D:E8:6D:91:E4:C7:50:8D:38:8E:DB:C7:08:34:68:1B:43:B5:CA Certificate issuer: /CN=861DE86D91E4C7508D388EDBC70834681B43B5CA Certificate serial: 5D62C7C428395D4E1BBD5CB91E337A1769C005F9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft Manifest number: 049E Signing time: Tue 01 Jul 2025 09:41:31 +0000 Manifest this update: Tue 01 Jul 2025 09:36:31 +0000 Manifest next update: Fri 04 Jul 2025 14:24:31 +0000 Files and hashes: 1: 861DE86D91E4C7508D388EDBC70834681B43B5CA.crl (hash: 45HXdnz8uzOclwvyZimTZ2WnAyLT71ZFO4KnjhAv8g4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.crl rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 14:24:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:62:c7:c4:28:39:5d:4e:1b:bd:5c:b9:1e:33:7a:17:69:c0:05:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=861DE86D91E4C7508D388EDBC70834681B43B5CA Validity Not Before: Jul 1 09:36:31 2025 GMT Not After : Jul 4 14:24:31 2025 GMT Subject: CN=AE8DEFF0D16B1B45D0C46E0FEC8C6CD65B475A36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:cc:b7:e0:ed:80:c7:8a:d5:dd:87:4f:ff:8d: 45:70:85:d2:79:4a:ef:54:5d:4d:55:9a:00:3a:15: b9:f5:69:2f:75:b8:c4:0b:7e:2a:06:d9:ee:27:ad: 11:d3:43:f3:ee:5d:b4:45:6a:31:c1:71:98:8b:46: 99:8e:7c:70:f0:fc:61:62:ab:45:3c:ae:22:ea:69: 94:e7:eb:c8:f0:a9:10:74:89:43:06:1f:94:53:c6: 47:50:b4:89:31:34:fa:da:cb:78:48:3c:0f:8f:81: b3:cc:98:5c:7c:e1:82:76:43:6e:db:5c:a6:45:f3: 90:d6:03:10:b9:f8:51:2f:0c:3a:e6:58:75:60:de: f3:62:18:86:ca:44:1a:15:78:36:5a:8b:b8:f9:aa: 38:91:7d:45:66:ef:07:02:ea:a0:ff:e1:d4:a6:3b: 7e:4b:68:e2:7e:30:05:4b:7a:eb:a4:22:ad:45:6b: 10:76:dd:d7:c0:35:39:2c:66:16:4e:04:f6:e9:6b: e0:06:3d:fa:2e:d9:fe:da:a5:91:9e:59:99:24:9a: 33:44:1a:32:d1:80:91:cc:db:f3:dd:da:f3:e7:ca: b3:cd:4b:12:e1:2f:20:86:1f:6d:76:e5:f2:ad:5f: 4b:9a:d7:5a:1e:16:40:af:8e:50:a8:e6:7e:65:c9: 1e:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:8D:EF:F0:D1:6B:1B:45:D0:C4:6E:0F:EC:8C:6C:D6:5B:47:5A:36 X509v3 Authority Key Identifier: keyid:86:1D:E8:6D:91:E4:C7:50:8D:38:8E:DB:C7:08:34:68:1B:43:B5:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:67:a0:2f:24:5e:5c:e8:69:d2:a8:50:b0:d9:b6:cf:79:bc: 27:4e:2d:6f:41:31:5d:80:24:f7:db:1b:11:89:0f:18:91:36: 2f:9d:b5:fc:34:e0:d9:b7:03:33:88:6a:b1:3a:c6:54:01:ad: c7:aa:97:69:a4:ae:84:f4:53:53:47:bf:30:9a:2f:1b:d2:79: f9:fb:ad:5d:2f:fe:bc:c4:51:d4:04:d7:93:57:5e:e1:e0:5b: 20:dd:e7:07:dc:8a:76:13:39:4d:99:c5:17:76:13:e1:6c:15: 16:f2:c9:36:08:ce:da:d7:6e:01:dc:c1:36:b9:f0:d6:49:be: 91:b6:7f:43:f4:0d:db:da:3f:07:f1:29:41:dc:7f:fd:fb:81: d6:24:eb:56:91:1c:be:2e:4d:29:5c:43:8d:dd:b5:64:f0:07: 94:d1:41:f2:40:8e:91:b6:0c:89:b7:b0:49:7b:aa:61:ae:3d: eb:36:5c:0a:79:c7:98:97:0a:c7:95:f2:9b:94:80:4a:46:4f: 93:cd:ee:da:44:e7:5f:3b:25:6f:89:51:47:0a:4a:e4:67:e8: 48:b3:75:0b:c7:1e:81:96:79:84:60:e4:b6:92:84:d2:6a:f1: a9:a8:5c:9e:b4:fc:b7:ff:be:b2:b7:c9:b7:b7:ff:29:6e:1d: b2:25:29:40 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXWLHxCg5XU4bvVy5HjN6F2nABfkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0Njgx QjQzQjVDQTAeFw0yNTA3MDEwOTM2MzFaFw0yNTA3MDQxNDI0MzFaMDMxMTAvBgNV BAMTKEFFOERFRkYwRDE2QjFCNDVEMEM0NkUwRkVDOEM2Q0Q2NUI0NzVBMzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVzLfg7YDHitXdh0//jUVwhdJ5 Su9UXU1VmgA6Fbn1aS91uMQLfioG2e4nrRHTQ/PuXbRFajHBcZiLRpmOfHDw/GFi q0U8riLqaZTn68jwqRB0iUMGH5RTxkdQtIkxNPray3hIPA+PgbPMmFx84YJ2Q27b XKZF85DWAxC5+FEvDDrmWHVg3vNiGIbKRBoVeDZai7j5qjiRfUVm7wcC6qD/4dSm O35LaOJ+MAVLeuukIq1FaxB23dfANTksZhZOBPbpa+AGPfou2f7apZGeWZkkmjNE GjLRgJHM2/Pd2vPnyrPNSxLhLyCGH2125fKtX0ua11oeFkCvjlCo5n5lyR7vAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUro3v8NFrG0XQxG4P7Ixs1ltHWjYwHwYDVR0j BBgwFoAUhh3obZHkx1CNOI7bxwg0aBtDtcowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 NjlmMjk4OC1jYWIzLTQ1YWEtOTdlNS02Mzg1ZjA3ZmYxY2QvMC84NjFERTg2RDkx RTRDNzUwOEQzODhFREJDNzA4MzQ2ODFCNDNCNUNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0NjgxQjQz QjVDQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODY5ZjI5ODgtY2FiMy00NWFhLTk3 ZTUtNjM4NWYwN2ZmMWNkLzAvODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0 NjgxQjQzQjVDQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHtnoC8kXlzoadKoULDZts95vCdOLW9BMV2A JPfbGxGJDxiRNi+dtfw04Nm3AzOIarE6xlQBrceql2mkroT0U1NHvzCaLxvSefn7 rV0v/rzEUdQE15NXXuHgWyDd5wfcinYTOU2ZxRd2E+FsFRbyyTYIztrXbgHcwTa5 8NZJvpG2f0P0DdvaPwfxKUHcf/37gdYk61aRHL4uTSlcQ43dtWTwB5TRQfJAjpG2 DIm3sEl7qmGuPes2XAp5x5iXCseV8puUgEpGT5PN7tpE5187JW+JUUcKSuRn6Eiz dQvHHoGWeYRg5LaShNJq8amoXJ60/Lf/vrK3ybe3/yluHbIlKUA= -----END CERTIFICATE-----Generated at Wed Jul 2 04:18:12 2025 by rpki-client