$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: b4Vk3Dt7cXd+Da1HtFKa3LRWh+y5u8KX//jMLdXgVvw= Subject key identifier: 0B:90:21:9F:8D:AC:E8:69:C7:B7:2F:21:E6:8F:9C:8D:57:5D:97:0F Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 604A07408C0BB6B27BF866B394325574025AB97C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 04D0 Signing time: Thu 08 May 2025 06:02:01 +0000 Manifest this update: Thu 08 May 2025 05:57:01 +0000 Manifest next update: Sun 11 May 2025 14:08:01 +0000 Files and hashes: 1: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: wEPYX74PJW0e23h+Erkt8/FRL+TupCEB/27FgHd4lV0=) 2: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: c8RxI909Anvx0BRzpA0Rb0YziahBzyNU99IlhCC5XuA=) 3: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: WP2a3mqmpHS88/eMPFKKdSw0yMT5X5wgEeVzGMtnjlw=) 4: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: Duv7had9qz23magj0/7Gknmw1o3t5P/2ZxbNo+6irPU=) 5: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: A6MeiC5iYEUgfCxOlrP4tgy4Dgl5PsOFZcNkusDqHVo=) 6: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: lTPGED6Euas+yMtjFiZeN4ZQaRI9ugutG6SYSfzJsJs=) 7: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: pLKnevs7TtmX1XAvpcvfGkHstxUNLZwMS/CoKJOptPk=) 8: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: Iun52nY6O3+qxGHYtLUd/o4wD4j6UUv+WuPemCxO82w=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 14:08:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:4a:07:40:8c:0b:b6:b2:7b:f8:66:b3:94:32:55:74:02:5a:b9:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: May 8 05:57:01 2025 GMT Not After : May 11 14:08:01 2025 GMT Subject: CN=0B90219F8DACE869C7B72F21E68F9C8D575D970F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:f4:5b:19:ff:bd:39:b4:76:91:6b:be:f9:47: f5:d4:4f:3f:46:be:b1:0c:74:13:2c:94:dc:e5:bf: b5:0e:35:a0:b8:f6:1c:62:ff:8a:93:14:f8:4c:65: 1d:e3:89:66:5a:8c:44:80:20:43:72:b3:a1:4d:99: bb:6e:25:de:07:cc:18:21:c7:13:9b:2c:13:eb:c3: 2f:b2:9b:1c:ab:eb:7b:1d:cd:39:70:82:34:97:3f: c3:c5:28:5c:55:97:cb:2b:61:e9:29:3a:4d:ea:d1: 92:4d:95:d6:d9:98:a0:e9:1e:dd:a6:fc:93:bc:6d: 80:ee:e7:8f:cd:e4:99:b8:27:43:db:58:92:90:bd: 2e:cb:55:40:de:97:34:e7:9a:40:ee:69:5f:76:62: da:a4:ce:84:64:4b:04:46:99:ce:80:46:9c:6d:d0: d5:46:b2:31:5f:89:82:ed:e7:30:6c:33:6b:59:25: 39:f3:a0:1d:97:16:72:ad:d4:fc:f8:57:da:ff:56: 8e:56:c9:a0:09:6f:d3:d9:97:74:f8:2f:57:55:94: fe:43:63:b6:59:84:87:4e:9a:b0:83:c9:30:06:6a: 5f:64:f1:f7:d8:cb:ed:35:5f:e6:65:4b:95:39:19: aa:21:76:02:9b:1e:6a:59:9c:04:c3:12:71:75:c4: 3c:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:90:21:9F:8D:AC:E8:69:C7:B7:2F:21:E6:8F:9C:8D:57:5D:97:0F X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:c1:09:19:19:e1:be:66:89:0c:8d:30:02:c7:67:b7:12:e8: f3:1f:53:ea:b5:65:30:2b:bf:f4:62:47:6f:60:bd:36:ca:ae: e8:70:e6:a0:93:58:ca:8f:57:88:22:ee:58:26:5a:22:bf:1e: c3:bd:e5:8e:62:60:43:ab:98:69:c8:66:25:14:b8:1b:f4:5a: 46:0f:91:11:d3:f5:4a:9c:57:4b:ed:b1:07:a3:63:4f:44:a5: c8:24:d4:42:2b:1d:2f:0d:54:ff:fc:6a:5b:6e:14:00:af:1f: 6d:3d:f1:72:02:30:2a:e5:5d:e5:68:c8:bb:48:4d:a7:ef:e9: f3:6a:0a:61:de:de:78:30:fe:5f:d1:b4:84:50:93:77:f5:00: 8d:9c:e8:8f:92:eb:a2:81:24:e9:8d:80:94:76:e7:44:6e:34: b3:03:60:e4:b0:0b:3f:c9:54:f3:af:20:86:44:5b:d5:a2:a4: 3f:33:37:74:45:06:14:50:33:82:24:7c:4b:ae:1c:0e:5a:ae: 56:f8:68:23:3e:54:b3:db:16:4a:fe:60:73:fd:33:66:7a:d4: ac:f8:6c:04:b7:a3:4e:0a:b5:c0:46:24:6d:a3:34:42:ab:44: fb:88:62:f5:8e:9c:bc:6c:ce:fa:29:a9:17:2c:9a:42:e2:50: 9b:c7:fa:22 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYEoHQIwLtrJ7+GazlDJVdAJauXwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTA1MDgwNTU3MDFaFw0yNTA1MTExNDA4MDFaMDMxMTAvBgNV BAMTKDBCOTAyMTlGOERBQ0U4NjlDN0I3MkYyMUU2OEY5QzhENTc1RDk3MEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb9FsZ/705tHaRa775R/XUTz9G vrEMdBMslNzlv7UONaC49hxi/4qTFPhMZR3jiWZajESAIENys6FNmbtuJd4HzBgh xxObLBPrwy+ymxyr63sdzTlwgjSXP8PFKFxVl8srYekpOk3q0ZJNldbZmKDpHt2m /JO8bYDu54/N5Jm4J0PbWJKQvS7LVUDelzTnmkDuaV92YtqkzoRkSwRGmc6ARpxt 0NVGsjFfiYLt5zBsM2tZJTnzoB2XFnKt1Pz4V9r/Vo5WyaAJb9PZl3T4L1dVlP5D Y7ZZhIdOmrCDyTAGal9k8ffYy+01X+ZlS5U5GaohdgKbHmpZnATDEnF1xDyRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUC5Ahn42s6GnHty8h5o+cjVddlw8wHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEXBCRkZ4b5miQyNMALHZ7cS6PMfU+q1ZTAr v/RiR29gvTbKruhw5qCTWMqPV4gi7lgmWiK/HsO95Y5iYEOrmGnIZiUUuBv0WkYP kRHT9UqcV0vtsQejY09Epcgk1EIrHS8NVP/8altuFACvH2098XICMCrlXeVoyLtI Tafv6fNqCmHe3ngw/l/RtIRQk3f1AI2c6I+S66KBJOmNgJR250RuNLMDYOSwCz/J VPOvIIZEW9WipD8zN3RFBhRQM4IkfEuuHA5arlb4aCM+VLPbFkr+YHP9M2Z61Kz4 bAS3o04KtcBGJG2jNEKrRPuIYvWOnLxszvopqRcsmkLiUJvH+iI= -----END CERTIFICATE-----Generated at Fri May 9 22:05:04 2025 by rpki-client