$ rpki-client -vvf repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft File: 0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft (raw, json) Hash identifier: +IcSQB5VJs2OVwAI5uPkP11OvWIUldvfBjTNyQmkUiU= Subject key identifier: 66:0B:E6:96:5A:56:60:B6:41:2F:C6:95:55:AE:6E:E7:6F:1D:24:4C Authority key identifier: 0A:FD:8F:6B:02:40:5F:4D:E9:A9:46:84:0C:C5:AE:2E:6A:C8:E4:0C Certificate issuer: /CN=0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C Certificate serial: 58E30C9488512A1671C294C3D85C862F573CD767 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft Manifest number: 045A Signing time: Fri 22 Aug 2025 12:50:02 +0000 Manifest this update: Fri 22 Aug 2025 12:45:02 +0000 Manifest next update: Mon 25 Aug 2025 20:09:02 +0000 Files and hashes: 1: 0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl (hash: zXy0kyernqFqdIritovgA5A0QJASGDYMZTyzj4dXwgA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 20:09:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:e3:0c:94:88:51:2a:16:71:c2:94:c3:d8:5c:86:2f:57:3c:d7:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C Validity Not Before: Aug 22 12:45:02 2025 GMT Not After : Aug 25 20:09:02 2025 GMT Subject: CN=660BE6965A5660B6412FC69555AE6EE76F1D244C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ea:cd:33:0c:bf:ee:7b:12:ca:65:2f:4c:c2: bc:75:90:36:e7:98:91:b3:a6:c3:78:52:ef:93:bb: 42:da:f2:fb:49:4e:fd:02:1b:f5:67:25:71:c9:4f: b3:d3:dd:ad:e3:46:51:94:83:12:22:c3:69:5a:a0: 3b:3c:51:c3:ce:65:29:04:2a:5d:fb:86:e8:5d:12: 47:af:97:25:0e:bd:80:47:1b:41:2f:8b:d0:c3:34: 49:29:55:39:30:9c:84:b3:88:ea:54:45:c9:5a:f5: 71:e8:e9:50:e3:93:e5:97:24:d0:0f:29:48:fe:63: 80:01:88:dc:77:b0:1c:06:14:43:48:c0:66:fd:43: a8:34:17:66:7b:76:53:84:ce:86:d3:c3:e1:b4:0a: ec:6b:36:0f:16:2d:41:35:4e:a0:ae:35:92:7c:cf: 06:68:34:3b:05:91:7f:90:4f:43:62:81:04:ee:96: 14:71:f9:d7:3f:3b:13:4e:b7:5e:24:e3:cd:7b:aa: 91:30:91:c1:61:3e:2c:55:0a:13:65:f0:6d:48:7a: c8:90:e9:e4:de:07:15:a9:83:e1:4a:6a:bf:8c:b8: a5:d9:5c:3a:96:80:bc:0b:4b:51:59:55:2b:51:5e: c2:4a:50:4d:de:a0:58:c5:df:0d:b2:0f:c3:92:7b: ea:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:0B:E6:96:5A:56:60:B6:41:2F:C6:95:55:AE:6E:E7:6F:1D:24:4C X509v3 Authority Key Identifier: keyid:0A:FD:8F:6B:02:40:5F:4D:E9:A9:46:84:0C:C5:AE:2E:6A:C8:E4:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:2f:6a:ce:29:21:84:d3:8d:ee:e2:e9:03:fb:13:cf:48:fe: 25:de:19:b7:a3:92:e5:1b:e5:50:ba:24:00:27:6b:3b:90:20: 22:0a:c9:69:13:59:9d:5d:bc:c9:b1:3c:8a:37:2a:c7:7a:1b: f2:51:14:c3:16:76:9f:54:e3:80:4e:d4:e1:f5:36:f4:ef:27: 48:b5:29:b4:81:68:ba:ad:b0:dd:15:0a:3f:7d:7e:70:fd:dd: d2:75:f1:f6:15:12:12:93:53:9c:42:fa:b7:fd:28:fa:49:72: c1:88:4e:3b:5a:16:8f:43:fe:96:49:fe:e9:29:fe:5e:41:e0: 58:f9:3f:75:cd:8b:cf:d8:c5:bf:37:80:97:2c:9a:80:a4:fc: cb:c0:7e:d4:b9:b4:1c:e3:17:71:cb:a6:b4:f0:f8:06:80:cd: b0:6d:35:6f:1d:2e:2d:2f:7d:18:ae:55:e6:46:11:2a:23:49: 92:ff:cd:88:86:be:1e:42:4c:5e:1d:73:ca:b9:25:73:bb:77: 31:f5:af:a7:f1:28:d5:94:6b:15:8e:5f:13:30:28:f2:1c:a3: 2d:1e:5e:b4:cc:73:ca:24:82:37:cd:6f:a9:ef:2d:48:6f:30: c4:88:ed:7f:58:c7:a0:19:cc:ca:ba:73:55:e1:ea:00:03:33: 7f:0f:dc:6c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWOMMlIhRKhZxwpTD2FyGL1c812cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFFMkU2 QUM4RTQwQzAeFw0yNTA4MjIxMjQ1MDJaFw0yNTA4MjUyMDA5MDJaMDMxMTAvBgNV BAMTKDY2MEJFNjk2NUE1NjYwQjY0MTJGQzY5NTU1QUU2RUU3NkYxRDI0NEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG6s0zDL/uexLKZS9Mwrx1kDbn mJGzpsN4Uu+Tu0La8vtJTv0CG/VnJXHJT7PT3a3jRlGUgxIiw2laoDs8UcPOZSkE Kl37huhdEkevlyUOvYBHG0Evi9DDNEkpVTkwnISziOpURcla9XHo6VDjk+WXJNAP KUj+Y4ABiNx3sBwGFENIwGb9Q6g0F2Z7dlOEzobTw+G0CuxrNg8WLUE1TqCuNZJ8 zwZoNDsFkX+QT0NigQTulhRx+dc/OxNOt14k4817qpEwkcFhPixVChNl8G1IesiQ 6eTeBxWpg+FKar+MuKXZXDqWgLwLS1FZVStRXsJKUE3eoFjF3w2yD8OSe+p5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZgvmllpWYLZBL8aVVa5u528dJEwwHwYDVR0j BBgwFoAUCv2PawJAX03pqUaEDMWuLmrI5AwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDdjNmVjYi0wYmFlLTQ1YzMtYWFkYS00M2E2YTE3MWMwNDYvMC8wQUZEOEY2QjAy NDA1RjRERTlBOTQ2ODQwQ0M1QUUyRTZBQzhFNDBDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFFMkU2QUM4 RTQwQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQ3YzZlY2ItMGJhZS00NWMzLWFh ZGEtNDNhNmExNzFjMDQ2LzAvMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFF MkU2QUM4RTQwQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEYvas4pIYTTje7i6QP7E89I/iXeGbejkuUb 5VC6JAAnazuQICIKyWkTWZ1dvMmxPIo3Ksd6G/JRFMMWdp9U44BO1OH1NvTvJ0i1 KbSBaLqtsN0VCj99fnD93dJ18fYVEhKTU5xC+rf9KPpJcsGITjtaFo9D/pZJ/ukp /l5B4Fj5P3XNi8/Yxb83gJcsmoCk/MvAftS5tBzjF3HLprTw+AaAzbBtNW8dLi0v fRiuVeZGESojSZL/zYiGvh5CTF4dc8q5JXO7dzH1r6fxKNWUaxWOXxMwKPIcoy0e XrTMc8okgjfNb6nvLUhvMMSI7X9Yx6AZzMq6c1Xh6gADM38P3Gw= -----END CERTIFICATE-----Generated at Sat Aug 23 13:59:04 2025 by rpki-client