$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: 2lTD6R5JBb3jKyeuw9fVR7pHAfE6uDZcUkYgHtRXjO4= Subject key identifier: F7:17:55:BC:9F:7E:32:CF:AB:E7:EA:15:B3:08:EE:3D:BD:A7:77:CF Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 5E3E84BF17098522E6084C84B2A89AA7656F6344 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 04FF Signing time: Fri 22 Aug 2025 17:12:05 +0000 Manifest this update: Fri 22 Aug 2025 17:07:05 +0000 Manifest next update: Tue 26 Aug 2025 00:57:05 +0000 Files and hashes: 1: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) 2: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) 3: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: Pey1XHmJBux1cM7hi2FA/9Xyr8DDSaNQEmuoPus20vs=) 4: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) 5: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 6: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: WP2a3mqmpHS88/eMPFKKdSw0yMT5X5wgEeVzGMtnjlw=) 7: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) 8: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 00:57:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:3e:84:bf:17:09:85:22:e6:08:4c:84:b2:a8:9a:a7:65:6f:63:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Aug 22 17:07:05 2025 GMT Not After : Aug 26 00:57:05 2025 GMT Subject: CN=F71755BC9F7E32CFABE7EA15B308EE3DBDA777CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:3e:ac:f9:b5:53:08:0d:89:ea:cf:cd:fe:c1: 2a:fa:7b:c8:d8:61:95:2d:98:0f:04:26:51:98:a9: be:17:17:cd:18:53:f8:f9:9b:0c:a5:37:df:8c:0e: 7c:f5:15:98:85:54:fe:47:31:4c:15:7f:f4:52:1f: db:3d:3e:a4:88:c1:1c:71:b2:c9:c0:4d:9b:9b:44: db:82:f9:66:f8:e3:73:7a:f3:8a:27:a0:6f:b7:51: ca:59:c0:e9:46:29:4d:df:15:d8:e8:74:54:d8:1e: 66:01:65:33:e0:16:44:9f:a2:cd:af:d2:d6:73:1b: 62:a5:76:6e:10:17:66:fa:91:fa:a5:67:90:4d:fa: a4:28:19:c2:cd:22:21:fa:6c:ee:b5:99:7d:31:12: eb:8d:62:b1:98:c3:9b:97:c5:5a:dc:d6:47:d3:7b: 58:58:a6:e1:0e:65:e5:0e:54:c1:41:bf:b2:ac:09: f9:ed:b2:8d:35:bb:1c:24:35:12:d6:00:99:e4:e0: 0d:fc:d3:0c:37:11:08:5c:b0:ba:bd:d1:83:e1:95: f5:f6:7e:62:76:97:54:24:1d:12:eb:eb:a3:3e:2a: 81:7f:c0:27:84:47:e7:3f:0f:e8:5b:77:9b:72:aa: 35:30:d2:1e:3d:07:2c:27:4c:03:a4:12:3e:4c:ca: a0:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:17:55:BC:9F:7E:32:CF:AB:E7:EA:15:B3:08:EE:3D:BD:A7:77:CF X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:63:ce:96:23:9a:07:87:ba:e2:d3:b4:e4:16:88:82:d0:6b: 53:18:b9:dc:c3:de:3a:7c:8b:55:ee:06:bb:12:dd:9e:a9:43: 94:a6:8f:8a:e2:03:e4:1b:cb:84:dc:d7:b7:46:66:e3:81:d9: ed:98:c9:20:f5:6e:24:7f:70:de:c2:ad:ba:f8:9f:f3:1c:4c: bc:f1:31:0d:7d:3d:5a:3c:80:8b:30:a0:db:c7:dc:c1:3e:09: 7b:e6:e0:ac:47:eb:e2:09:50:e0:8d:33:0d:5c:f2:d9:5b:b1: 29:4c:89:fe:37:3c:99:6e:67:7e:00:21:0b:42:1c:b3:0f:ce: 52:93:d7:66:8b:97:ea:83:f5:37:99:c4:f9:98:40:5f:53:84: 06:a8:f6:fb:c0:35:d2:fe:36:20:2a:3a:d7:7e:c9:44:c7:31: 3b:e9:e6:67:c9:4c:69:ef:c9:ae:75:bb:48:e7:d4:02:3f:0e: 2a:f2:68:6e:8f:7d:bf:81:b6:f1:58:c7:9f:f3:3b:d4:8e:cb: 99:5d:45:f3:58:6b:b9:fd:8c:5f:27:00:1e:c9:6b:4f:67:43: 6f:82:2c:6a:4a:9c:bc:c3:e1:6e:44:8d:57:d2:3c:75:04:17: 0a:0e:3f:d2:6c:ec:7f:a7:04:b8:a8:4e:0a:5d:af:83:35:12: 84:d8:10:58 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXj6EvxcJhSLmCEyEsqiap2VvY0QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTA4MjIxNzA3MDVaFw0yNTA4MjYwMDU3MDVaMDMxMTAvBgNV BAMTKEY3MTc1NUJDOUY3RTMyQ0ZBQkU3RUExNUIzMDhFRTNEQkRBNzc3Q0YwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfPqz5tVMIDYnqz83+wSr6e8jY YZUtmA8EJlGYqb4XF80YU/j5mwylN9+MDnz1FZiFVP5HMUwVf/RSH9s9PqSIwRxx ssnATZubRNuC+Wb443N684onoG+3UcpZwOlGKU3fFdjodFTYHmYBZTPgFkSfos2v 0tZzG2Kldm4QF2b6kfqlZ5BN+qQoGcLNIiH6bO61mX0xEuuNYrGYw5uXxVrc1kfT e1hYpuEOZeUOVMFBv7KsCfntso01uxwkNRLWAJnk4A380ww3EQhcsLq90YPhlfX2 fmJ2l1QkHRLr66M+KoF/wCeER+c/D+hbd5tyqjUw0h49BywnTAOkEj5MyqA/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU9xdVvJ9+Ms+r5+oVswjuPb2nd88wHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAChjzpYjmgeHuuLTtOQWiILQa1MYudzD3jp8 i1XuBrsS3Z6pQ5Smj4riA+Qby4Tc17dGZuOB2e2YySD1biR/cN7Crbr4n/McTLzx MQ19PVo8gIswoNvH3ME+CXvm4KxH6+IJUOCNMw1c8tlbsSlMif43PJluZ34AIQtC HLMPzlKT12aLl+qD9TeZxPmYQF9ThAao9vvANdL+NiAqOtd+yUTHMTvp5mfJTGnv ya51u0jn1AI/DiryaG6Pfb+BtvFYx5/zO9SOy5ldRfNYa7n9jF8nAB7Ja09nQ2+C LGpKnLzD4W5EjVfSPHUEFwoOP9Js7H+nBLioTgpdr4M1EoTYEFg= -----END CERTIFICATE-----Generated at Sun Aug 24 04:13:00 2025 by rpki-client