$ rpki-client -vvf repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft File: 2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft (raw, json) Hash identifier: ODDqQDUqmhKnTXkj5pcLDwOua6uJKERTVfDfkVHsOEs= Subject key identifier: 9E:67:46:E0:DD:45:0B:E7:6D:84:9D:70:51:4D:49:AB:0B:07:7B:85 Authority key identifier: 26:64:CB:E1:0F:2B:9F:F1:BE:C5:0A:6A:85:DC:7A:A5:2B:9F:17:FA Certificate issuer: /CN=2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA Certificate serial: 4A70C79AD4F6F462F8F00882D2FE8107ADB36189 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft Manifest number: 0396 Signing time: Sun 29 Jun 2025 12:02:08 +0000 Manifest this update: Sun 29 Jun 2025 11:57:08 +0000 Manifest next update: Wed 02 Jul 2025 15:12:08 +0000 Files and hashes: 1: 2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl (hash: 652+UdZHvJ3nonz7QJKVKLiTRoBVZ6JKBnUjykXfRvI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 07:23:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:70:c7:9a:d4:f6:f4:62:f8:f0:08:82:d2:fe:81:07:ad:b3:61:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA Validity Not Before: Jun 29 11:57:08 2025 GMT Not After : Jul 2 15:12:08 2025 GMT Subject: CN=9E6746E0DD450BE76D849D70514D49AB0B077B85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f1:86:6d:30:48:e2:56:3b:25:30:82:35:a8: 4f:39:7a:63:05:66:52:57:a4:8a:b1:a6:82:a0:c2: c2:7c:43:a1:9b:71:d0:b7:0f:20:d8:8e:62:6c:61: 7e:f9:91:79:6b:3c:af:91:a8:d8:f3:f3:30:9c:51: 2d:1e:51:c2:6b:85:02:30:87:60:96:e4:3b:b9:70: f7:66:0c:fa:1a:b6:30:fc:c7:bc:34:38:a3:9b:cd: 86:d3:ba:24:8d:05:4d:ac:dc:24:a1:39:94:bf:85: b6:0f:bc:24:2d:eb:52:a1:d3:0a:e8:d0:6f:32:a0: 8d:ca:32:02:f1:06:63:bb:7d:94:a9:e7:e4:21:99: 61:d8:70:97:9f:c5:ca:e6:21:b2:0b:27:67:3c:df: 5b:58:88:7b:1a:33:0e:52:af:3b:1d:ae:ee:82:6c: 0d:65:a9:35:79:d4:14:3b:f2:c8:88:c5:f3:dc:1f: 55:44:65:77:f1:8e:b3:18:ce:ac:4e:47:91:4b:4e: e8:f4:29:8a:16:a0:b0:4a:5f:3f:16:64:70:9b:52: ad:ff:28:ab:34:71:84:1a:78:5e:fb:2b:49:6d:ba: 55:37:9b:4b:dd:2d:7f:41:3a:c8:26:b7:bd:21:e8: 35:eb:1c:29:e5:44:6f:2b:b5:dd:7a:d6:c8:3d:c0: 64:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:67:46:E0:DD:45:0B:E7:6D:84:9D:70:51:4D:49:AB:0B:07:7B:85 X509v3 Authority Key Identifier: keyid:26:64:CB:E1:0F:2B:9F:F1:BE:C5:0A:6A:85:DC:7A:A5:2B:9F:17:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5d:e5:4b:c4:f3:13:2c:44:63:44:5b:92:12:47:b1:dc:da:e1: 7e:87:52:de:9f:fe:26:82:fa:5a:3c:92:75:d1:30:42:a0:2a: 6d:70:64:97:8c:9b:62:00:81:73:e1:7e:68:aa:d0:68:a0:a4: 0d:b0:27:4e:b9:0f:2b:01:3a:b1:ff:2b:fd:9b:83:c8:d4:63: e1:9d:cc:d8:30:c7:19:31:92:5e:d9:83:8d:b7:54:6b:6a:f6: 97:2d:1a:d8:ab:7e:7e:b8:f3:8e:97:39:47:68:20:fb:b1:2a: 78:e0:f7:30:98:da:34:f1:4e:30:69:f8:e1:c6:08:0a:9a:95: a0:7a:b0:bf:aa:0a:38:6f:27:f5:84:3e:1e:a0:6f:66:b5:8a: 32:56:a9:c9:28:51:72:33:38:02:99:44:36:d0:43:61:86:86: 92:5e:3f:9a:34:bb:82:26:e0:90:9c:c6:d3:d5:01:ae:06:c8: 53:f4:4a:06:42:0d:91:4c:1b:5a:3f:b5:f7:18:34:f1:2f:c5: cf:ef:e7:b8:a7:f4:8b:cd:43:a2:8e:4c:42:f1:86:27:81:d7: e0:4b:66:16:ea:71:eb:f6:09:37:45:04:f6:63:e4:7c:30:9f: 44:c9:bf:45:f1:23:14:3d:ba:b2:87:d6:f9:57:b9:6c:67:4c: 30:2e:e3:c7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSnDHmtT29GL48AiC0v6BB62zYYkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdBQTUy QjlGMTdGQTAeFw0yNTA2MjkxMTU3MDhaFw0yNTA3MDIxNTEyMDhaMDMxMTAvBgNV BAMTKDlFNjc0NkUwREQ0NTBCRTc2RDg0OUQ3MDUxNEQ0OUFCMEIwNzdCODUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ8YZtMEjiVjslMII1qE85emMF ZlJXpIqxpoKgwsJ8Q6GbcdC3DyDYjmJsYX75kXlrPK+RqNjz8zCcUS0eUcJrhQIw h2CW5Du5cPdmDPoatjD8x7w0OKObzYbTuiSNBU2s3CShOZS/hbYPvCQt61Kh0wro 0G8yoI3KMgLxBmO7fZSp5+QhmWHYcJefxcrmIbILJ2c831tYiHsaMw5Srzsdru6C bA1lqTV51BQ78siIxfPcH1VEZXfxjrMYzqxOR5FLTuj0KYoWoLBKXz8WZHCbUq3/ KKs0cYQaeF77K0ltulU3m0vdLX9BOsgmt70h6DXrHCnlRG8rtd161sg9wGRzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUnmdG4N1FC+dthJ1wUU1JqwsHe4UwHwYDVR0j BBgwFoAUJmTL4Q8rn/G+xQpqhdx6pSufF/owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 Y2YzYzIxMS0wNjQ1LTQ4ODItYTRmMS00NmJlODY3Yjc5ODMvMC8yNjY0Q0JFMTBG MkI5RkYxQkVDNTBBNkE4NURDN0FBNTJCOUYxN0ZBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdBQTUyQjlG MTdGQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGNmM2MyMTEtMDY0NS00ODgyLWE0 ZjEtNDZiZTg2N2I3OTgzLzAvMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdB QTUyQjlGMTdGQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAF3lS8TzEyxEY0RbkhJHsdza4X6HUt6f/iaC +lo8knXRMEKgKm1wZJeMm2IAgXPhfmiq0GigpA2wJ065DysBOrH/K/2bg8jUY+Gd zNgwxxkxkl7Zg423VGtq9pctGtirfn64846XOUdoIPuxKnjg9zCY2jTxTjBp+OHG CAqalaB6sL+qCjhvJ/WEPh6gb2a1ijJWqckoUXIzOAKZRDbQQ2GGhpJeP5o0u4Im 4JCcxtPVAa4GyFP0SgZCDZFMG1o/tfcYNPEvxc/v57in9IvNQ6KOTELxhieB1+BL Zhbqcev2CTdFBPZj5Hwwn0TJv0XxIxQ9urKH1vlXuWxnTDAu48c= -----END CERTIFICATE-----Generated at Mon Jun 30 01:32:11 2025 by rpki-client