$ rpki-client -vvf repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft File: 0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft (raw, json) Hash identifier: UV0Ei0sjverdJT3G4Rhy6oGyF7fafLlKTWnC7l+tqbU= Subject key identifier: FE:87:BA:03:38:CB:CB:F2:EC:42:4C:53:E5:88:93:5A:9B:D6:E8:8D Authority key identifier: 0A:FD:8F:6B:02:40:5F:4D:E9:A9:46:84:0C:C5:AE:2E:6A:C8:E4:0C Certificate issuer: /CN=0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C Certificate serial: 0842C410E1B6D33284600C031E298A3E3C49A05D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft Manifest number: 0443 Signing time: Tue 01 Jul 2025 13:50:02 +0000 Manifest this update: Tue 01 Jul 2025 13:45:02 +0000 Manifest next update: Fri 04 Jul 2025 18:24:02 +0000 Files and hashes: 1: 0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl (hash: H/GwLgYcfjnXmsUnE9JgRU7app1kJayDhTihh2AyPn8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 18:24:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:42:c4:10:e1:b6:d3:32:84:60:0c:03:1e:29:8a:3e:3c:49:a0:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C Validity Not Before: Jul 1 13:45:02 2025 GMT Not After : Jul 4 18:24:02 2025 GMT Subject: CN=FE87BA0338CBCBF2EC424C53E588935A9BD6E88D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:b0:a8:dd:b7:7b:58:e4:47:1b:cb:b7:78:27: db:d0:b8:0f:a3:69:ce:54:b7:d6:34:44:79:48:7e: c4:5a:74:c9:34:3d:96:4e:dc:51:3d:5f:5a:cf:06: fe:1f:f3:05:14:6a:6a:83:1c:76:9a:ec:5a:5e:35: 3d:5c:d5:70:f5:31:7d:6e:a0:5d:b7:db:d8:bf:56: d9:a6:9f:d2:39:02:b2:09:f0:a0:0d:e5:39:70:58: 23:eb:67:14:b6:c7:7f:33:fc:b1:9c:ff:a2:73:44: 3d:42:a3:f0:17:f7:fc:dc:a3:79:e9:47:12:f8:e9: 1d:2e:62:53:02:ea:66:4a:63:55:4a:49:50:0f:61: c9:2d:65:bf:b5:4b:65:9f:9a:66:9f:0a:5f:f3:b8: 26:e4:99:f1:07:1f:70:88:8b:59:aa:d5:2f:ce:ef: f7:47:ec:a2:c2:f0:73:1b:93:29:82:c2:b3:28:a9: 5a:8b:e9:0c:12:03:a9:ba:c0:84:34:e8:bc:e8:b1: 40:7c:28:ec:38:6a:63:89:93:52:cd:f3:5a:43:66: 18:11:9e:2e:a1:98:5f:72:a3:9d:cb:d0:a5:31:34: e6:99:09:49:ee:b7:c2:36:4d:3e:2b:51:b1:8a:c9: 1c:0d:f0:5e:f0:54:dc:7c:b7:79:8a:63:72:b7:bf: bd:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:87:BA:03:38:CB:CB:F2:EC:42:4C:53:E5:88:93:5A:9B:D6:E8:8D X509v3 Authority Key Identifier: keyid:0A:FD:8F:6B:02:40:5F:4D:E9:A9:46:84:0C:C5:AE:2E:6A:C8:E4:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c0:d0:4a:4d:29:fb:a8:62:3a:e7:0e:09:d0:d7:e0:f7:30:b1: 88:e5:a1:b4:a8:73:63:cc:63:f1:86:1a:0f:fb:dd:a9:2b:67: 4b:bc:12:c2:79:4b:54:5d:93:13:c2:66:23:34:b4:de:72:c7: be:4d:8f:44:c8:f0:39:6c:ac:e8:42:42:4a:8f:b6:48:60:85: e6:20:64:a7:11:ee:d9:46:23:32:3a:1b:2b:47:e7:fc:a5:12: 2b:ce:a5:1f:5e:64:6f:69:8f:87:29:f4:38:d4:c9:3b:36:f8: 3f:ff:6c:5a:a5:d8:d8:8c:d3:6b:33:7a:28:d1:e0:f7:d9:85: 9e:0b:10:b1:3b:ea:5a:a9:13:8c:9b:50:56:a9:b8:d4:90:d5: da:46:10:57:1d:20:24:82:dc:fa:4e:6d:f7:ac:c9:87:f0:b0: eb:f1:b1:5b:8e:08:c9:d2:77:6c:42:82:40:d2:e5:5b:3e:2d: b6:50:e9:53:31:c5:a7:4d:d6:b6:ef:ef:c5:b6:e5:10:47:b0: ff:be:fc:2d:f9:84:ed:f2:45:de:e8:35:b4:16:ff:f8:bd:31: 2a:ea:88:ea:f2:3b:4b:66:06:07:a5:ed:c6:cd:a3:4c:03:a7: e9:52:bf:79:51:dd:00:9c:75:3d:b6:d7:3b:ec:cb:75:60:a1: 2c:43:e6:88 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCELEEOG20zKEYAwDHimKPjxJoF0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFFMkU2 QUM4RTQwQzAeFw0yNTA3MDExMzQ1MDJaFw0yNTA3MDQxODI0MDJaMDMxMTAvBgNV BAMTKEZFODdCQTAzMzhDQkNCRjJFQzQyNEM1M0U1ODg5MzVBOUJENkU4OEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbsKjdt3tY5Ecby7d4J9vQuA+j ac5Ut9Y0RHlIfsRadMk0PZZO3FE9X1rPBv4f8wUUamqDHHaa7FpeNT1c1XD1MX1u oF2329i/Vtmmn9I5ArIJ8KAN5TlwWCPrZxS2x38z/LGc/6JzRD1Co/AX9/zco3np RxL46R0uYlMC6mZKY1VKSVAPYcktZb+1S2WfmmafCl/zuCbkmfEHH3CIi1mq1S/O 7/dH7KLC8HMbkymCwrMoqVqL6QwSA6m6wIQ06LzosUB8KOw4amOJk1LN81pDZhgR ni6hmF9yo53L0KUxNOaZCUnut8I2TT4rUbGKyRwN8F7wVNx8t3mKY3K3v711AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU/oe6AzjLy/LsQkxT5YiTWpvW6I0wHwYDVR0j BBgwFoAUCv2PawJAX03pqUaEDMWuLmrI5AwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDdjNmVjYi0wYmFlLTQ1YzMtYWFkYS00M2E2YTE3MWMwNDYvMC8wQUZEOEY2QjAy NDA1RjRERTlBOTQ2ODQwQ0M1QUUyRTZBQzhFNDBDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFFMkU2QUM4 RTQwQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQ3YzZlY2ItMGJhZS00NWMzLWFh ZGEtNDNhNmExNzFjMDQ2LzAvMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFF MkU2QUM4RTQwQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMDQSk0p+6hiOucOCdDX4PcwsYjlobSoc2PM Y/GGGg/73akrZ0u8EsJ5S1RdkxPCZiM0tN5yx75Nj0TI8DlsrOhCQkqPtkhgheYg ZKcR7tlGIzI6GytH5/ylEivOpR9eZG9pj4cp9DjUyTs2+D//bFql2NiM02szeijR 4PfZhZ4LELE76lqpE4ybUFapuNSQ1dpGEFcdICSC3PpObfesyYfwsOvxsVuOCMnS d2xCgkDS5Vs+LbZQ6VMxxadN1rbv78W25RBHsP++/C35hO3yRd7oNbQW//i9MSrq iOryO0tmBgel7cbNo0wDp+lSv3lR3QCcdT221zvsy3VgoSxD5og= -----END CERTIFICATE-----Generated at Wed Jul 2 04:13:25 2025 by rpki-client