$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: UXYq26PFF2n26EAPwNB2mKoLIT7/l+JGFhqsjH9ElQg= Subject key identifier: BB:87:31:4B:EB:BB:F5:64:F1:B0:31:92:84:D2:09:1A:9D:58:A5:DF Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 16E3039CAA07BD0DBDCBE863865F7C4C2AFBA650 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 04E7 Signing time: Mon 30 Jun 2025 05:01:58 +0000 Manifest this update: Mon 30 Jun 2025 04:56:58 +0000 Manifest next update: Thu 03 Jul 2025 13:21:58 +0000 Files and hashes: 1: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) 2: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) 3: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) 4: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: DnamOmgX+iUcrqU6g0+e9ptiacjot2nEpb2iFzj6ACs=) 5: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) 6: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: WP2a3mqmpHS88/eMPFKKdSw0yMT5X5wgEeVzGMtnjlw=) 7: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 8: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 13:21:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:e3:03:9c:aa:07:bd:0d:bd:cb:e8:63:86:5f:7c:4c:2a:fb:a6:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Jun 30 04:56:58 2025 GMT Not After : Jul 3 13:21:58 2025 GMT Subject: CN=BB87314BEBBBF564F1B0319284D2091A9D58A5DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b5:99:e9:17:b5:ae:b1:9b:89:23:ce:57:06: 7e:91:82:68:9a:60:2a:7c:45:cd:f2:01:dc:d7:67: c4:bc:6f:e0:68:58:66:0a:fc:69:cf:a1:6b:7d:cc: 32:3b:5b:d0:f0:9f:f4:79:3a:20:7d:f3:6b:34:82: 70:37:8a:51:9b:ae:75:2c:4e:be:0a:9a:04:af:21: 6a:74:9e:f7:0a:e2:3e:85:b3:fb:b3:87:57:c8:c2: 1c:ec:2d:4d:e0:79:a0:6f:48:5c:ed:9a:78:99:a4: 7a:65:aa:58:07:59:ea:16:d0:07:24:99:7b:81:a9: 2c:91:c8:3f:38:ef:95:55:13:62:6f:b7:79:0b:ba: f7:8f:a7:04:97:a5:0e:d0:ce:5b:41:b9:3b:dd:9d: 20:c6:88:52:a0:17:f1:85:70:1a:b3:96:77:ed:76: 1d:8a:96:a4:18:76:8e:2a:06:8c:80:1f:31:11:a9: 4c:00:d0:57:a4:26:2d:29:ed:76:e8:19:e3:c0:b1: 3d:12:99:c3:c4:fe:67:95:f0:00:dc:8a:50:42:49: 8d:ca:eb:c5:21:18:c6:a2:fb:93:8a:d5:ca:71:b8: 00:e9:31:96:dc:ce:f2:db:4b:0e:f7:b4:1c:21:3d: be:92:a8:66:06:58:9d:cd:8b:69:07:a0:f0:7b:4b: 1d:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:87:31:4B:EB:BB:F5:64:F1:B0:31:92:84:D2:09:1A:9D:58:A5:DF X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:77:b6:77:6b:21:7c:1a:e6:48:80:48:2f:9c:53:8f:91:cf: 22:b3:8f:76:e4:31:da:fd:f7:68:d2:9c:af:66:df:6c:7b:18: e4:41:dc:ad:da:0d:4f:f3:d5:22:8d:86:86:a2:cd:37:01:01: e8:22:0c:aa:16:da:b1:1c:4d:63:19:cc:e6:66:8a:38:ff:e2: 06:67:f8:6b:b1:4b:09:18:83:d6:7d:89:54:a4:f6:1d:28:51: c9:8f:54:65:59:17:eb:57:cb:80:69:4d:99:ef:92:82:7b:39: b8:c4:b7:d4:6f:48:46:32:f9:9b:01:69:fd:d1:b4:4f:1d:a9: 95:cc:51:ac:c6:dd:c0:85:a6:52:5e:6e:23:b5:9c:6d:52:c9: c3:22:3a:6b:cb:75:f8:18:47:52:39:34:3e:5a:69:bd:5c:60: c5:36:56:06:d9:62:19:41:a4:b5:49:2d:89:e6:6c:4b:d5:6f: a0:d3:dd:b7:07:1d:e4:72:67:eb:79:52:e5:c0:fd:13:03:c8: 41:a0:fc:5b:b2:b8:ea:02:df:7a:9f:df:20:07:3b:1e:05:3a: 38:fd:0f:63:4c:8a:cc:5a:6f:26:ac:44:35:f9:e5:b1:0a:da: d6:0a:b1:5f:26:95:df:c2:ae:c3:0c:fe:77:85:de:67:82:9b: 63:38:4d:79 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFuMDnKoHvQ29y+hjhl98TCr7plAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTA2MzAwNDU2NThaFw0yNTA3MDMxMzIxNThaMDMxMTAvBgNV BAMTKEJCODczMTRCRUJCQkY1NjRGMUIwMzE5Mjg0RDIwOTFBOUQ1OEE1REYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvtZnpF7WusZuJI85XBn6Rgmia YCp8Rc3yAdzXZ8S8b+BoWGYK/GnPoWt9zDI7W9Dwn/R5OiB982s0gnA3ilGbrnUs Tr4KmgSvIWp0nvcK4j6Fs/uzh1fIwhzsLU3geaBvSFztmniZpHplqlgHWeoW0Ack mXuBqSyRyD8475VVE2Jvt3kLuvePpwSXpQ7QzltBuTvdnSDGiFKgF/GFcBqzlnft dh2KlqQYdo4qBoyAHzERqUwA0FekJi0p7XboGePAsT0SmcPE/meV8ADcilBCSY3K 68UhGMai+5OK1cpxuADpMZbczvLbSw73tBwhPb6SqGYGWJ3Ni2kHoPB7Sx1lAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUu4cxS+u79WTxsDGShNIJGp1Ypd8wHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABt3tndrIXwa5kiASC+cU4+RzyKzj3bkMdr9 92jSnK9m32x7GORB3K3aDU/z1SKNhoaizTcBAegiDKoW2rEcTWMZzOZmijj/4gZn +GuxSwkYg9Z9iVSk9h0oUcmPVGVZF+tXy4BpTZnvkoJ7ObjEt9RvSEYy+ZsBaf3R tE8dqZXMUazG3cCFplJebiO1nG1SycMiOmvLdfgYR1I5ND5aab1cYMU2VgbZYhlB pLVJLYnmbEvVb6DT3bcHHeRyZ+t5UuXA/RMDyEGg/FuyuOoC33qf3yAHOx4FOjj9 D2NMisxabyasRDX55bEK2tYKsV8mld/CrsMM/neF3meCm2M4TXk= -----END CERTIFICATE-----Generated at Mon Jun 30 18:51:58 2025 by rpki-client