$ rpki-client -vvf repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft File: 0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft (raw, json) Hash identifier: BnzAdrXdcS3yOyMv6t5sPpiwPMYA7RVLnQbGMfQfsCA= Subject key identifier: 9A:F7:AE:57:CD:11:77:08:5D:D9:8D:AC:12:CE:1C:53:8D:5F:36:36 Authority key identifier: 0A:FD:8F:6B:02:40:5F:4D:E9:A9:46:84:0C:C5:AE:2E:6A:C8:E4:0C Certificate issuer: /CN=0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C Certificate serial: 05D2EBFDBE7048C323AC688F0754F9B29A6ABBC6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft Manifest number: 042C Signing time: Sat 10 May 2025 15:00:02 +0000 Manifest this update: Sat 10 May 2025 14:55:02 +0000 Manifest next update: Tue 13 May 2025 15:32:02 +0000 Files and hashes: 1: 0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl (hash: Hcv8a5H4IAjr9Ptplftxgv92ugLfnwUBx9HQR8Fbvl0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 15:32:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:d2:eb:fd:be:70:48:c3:23:ac:68:8f:07:54:f9:b2:9a:6a:bb:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C Validity Not Before: May 10 14:55:02 2025 GMT Not After : May 13 15:32:02 2025 GMT Subject: CN=9AF7AE57CD1177085DD98DAC12CE1C538D5F3636 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:6b:26:b9:41:7b:62:ec:0c:a9:cd:8f:c8:c4: 85:ca:7f:26:1d:e8:d7:ad:2c:0a:a3:9b:11:c1:29: b8:bc:6e:6f:e6:be:d2:70:fc:02:43:ea:1e:f8:ea: 90:7f:04:f4:83:25:aa:dc:c6:85:18:ec:46:2e:35: 42:11:6e:95:d1:32:b4:f5:ab:89:bf:df:f9:6e:03: aa:16:a0:47:62:26:cb:9a:87:44:55:f8:4d:7a:5f: 1b:06:fc:bd:6e:f7:31:98:7e:15:db:58:7c:2f:93: ba:b4:52:98:7b:4e:f3:79:7a:67:8b:40:72:5f:40: e5:7a:79:a2:37:e4:cf:6f:1b:61:d2:e3:b8:3e:69: a8:50:93:20:53:05:14:57:a8:d5:32:c5:fb:c0:35: 65:a4:e5:c1:b3:80:8c:f4:08:f0:c5:a8:52:4a:8d: 5f:16:9a:a0:e1:51:41:ef:b3:a7:73:fe:2f:28:f9: 25:2b:97:6b:ce:65:3c:50:a5:b7:56:99:05:2b:1f: 5e:8c:19:1b:74:8b:a4:3c:97:02:14:3e:7a:8c:93: ad:30:36:9d:3a:33:21:b5:49:f5:99:c3:04:e4:ae: 2c:ee:ca:7b:ff:26:27:53:b0:4c:32:fb:a3:87:81: da:ba:73:2e:83:1b:e7:aa:e5:83:c9:e9:d6:5a:06: b8:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:F7:AE:57:CD:11:77:08:5D:D9:8D:AC:12:CE:1C:53:8D:5F:36:36 X509v3 Authority Key Identifier: keyid:0A:FD:8F:6B:02:40:5F:4D:E9:A9:46:84:0C:C5:AE:2E:6A:C8:E4:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:c1:ef:b7:ac:cb:1a:27:8d:1a:e5:75:27:8c:15:b5:83:97: 32:9f:03:db:9d:d4:cf:1e:76:78:a1:28:97:05:31:6d:e9:b7: 16:79:58:2f:f9:0b:f8:2f:2f:17:93:4f:6a:65:01:5a:7c:7a: 65:00:b3:99:43:b9:68:b8:a0:db:8c:e1:35:70:28:ae:0c:2d: 79:a3:1a:72:7a:bd:24:b8:67:93:48:5f:a2:23:d5:a6:1b:4b: 4a:47:bc:76:ad:ac:63:1b:b7:72:cd:75:44:c8:03:2e:3d:38: c0:e6:1e:36:b0:cc:1d:30:14:ba:72:08:65:41:82:0a:1b:bf: a4:e6:27:76:d3:01:20:c3:08:31:5f:52:a4:d2:54:cf:1e:e6: 26:01:d7:7f:f3:70:71:8c:e8:78:3b:c4:2a:6e:28:01:ab:37: a2:15:ba:8f:97:b9:1d:9f:7a:de:5e:5d:07:9e:68:ed:a3:33: b0:7a:65:d6:81:7d:b9:22:28:81:d2:10:98:0a:2b:3e:7d:18: d9:4e:29:58:58:01:6c:a0:7a:5d:09:b6:b2:e4:1c:1d:96:3d: 53:84:82:59:0f:29:2f:8e:7d:12:93:3d:74:6f:bc:39:ea:11: 64:d2:53:0b:2a:06:89:b7:97:c3:29:f7:3f:43:b8:9a:bc:7e: 7e:69:33:89 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBdLr/b5wSMMjrGiPB1T5sppqu8YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFFMkU2 QUM4RTQwQzAeFw0yNTA1MTAxNDU1MDJaFw0yNTA1MTMxNTMyMDJaMDMxMTAvBgNV BAMTKDlBRjdBRTU3Q0QxMTc3MDg1REQ5OERBQzEyQ0UxQzUzOEQ1RjM2MzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOaya5QXti7AypzY/IxIXKfyYd 6NetLAqjmxHBKbi8bm/mvtJw/AJD6h746pB/BPSDJarcxoUY7EYuNUIRbpXRMrT1 q4m/3/luA6oWoEdiJsuah0RV+E16XxsG/L1u9zGYfhXbWHwvk7q0Uph7TvN5emeL QHJfQOV6eaI35M9vG2HS47g+aahQkyBTBRRXqNUyxfvANWWk5cGzgIz0CPDFqFJK jV8WmqDhUUHvs6dz/i8o+SUrl2vOZTxQpbdWmQUrH16MGRt0i6Q8lwIUPnqMk60w Np06MyG1SfWZwwTkrizuynv/JidTsEwy+6OHgdq6cy6DG+eq5YPJ6dZaBritAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUmveuV80Rdwhd2Y2sEs4cU41fNjYwHwYDVR0j BBgwFoAUCv2PawJAX03pqUaEDMWuLmrI5AwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDdjNmVjYi0wYmFlLTQ1YzMtYWFkYS00M2E2YTE3MWMwNDYvMC8wQUZEOEY2QjAy NDA1RjRERTlBOTQ2ODQwQ0M1QUUyRTZBQzhFNDBDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFFMkU2QUM4 RTQwQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQ3YzZlY2ItMGJhZS00NWMzLWFh ZGEtNDNhNmExNzFjMDQ2LzAvMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFF MkU2QUM4RTQwQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFjB77esyxonjRrldSeMFbWDlzKfA9ud1M8e dnihKJcFMW3ptxZ5WC/5C/gvLxeTT2plAVp8emUAs5lDuWi4oNuM4TVwKK4MLXmj GnJ6vSS4Z5NIX6Ij1aYbS0pHvHatrGMbt3LNdUTIAy49OMDmHjawzB0wFLpyCGVB ggobv6TmJ3bTASDDCDFfUqTSVM8e5iYB13/zcHGM6Hg7xCpuKAGrN6IVuo+XuR2f et5eXQeeaO2jM7B6ZdaBfbkiKIHSEJgKKz59GNlOKVhYAWygel0JtrLkHB2WPVOE glkPKS+OfRKTPXRvvDnqEWTSUwsqBom3l8Mp9z9DuJq8fn5pM4k= -----END CERTIFICATE-----Generated at Mon May 12 08:02:51 2025 by rpki-client