$ rpki-client -vvf repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft File: AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft (raw, json) Hash identifier: 7OzcIzq4d2plcRtbhkMv6cSEXhxbYScoXaEkeTyZXVo= Subject key identifier: 68:7D:FB:F5:51:25:9B:F4:F7:9A:03:1C:3A:FE:38:7B:2B:2A:9B:D5 Authority key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Certificate issuer: /CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Certificate serial: 3E21A745D8FA904A5FF8257DCDF4F57EA88C09B4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject info access: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft Manifest number: 78 Signing time: Tue 06 May 2025 13:31:39 +0000 Manifest this update: Tue 06 May 2025 13:26:39 +0000 Manifest next update: Fri 09 May 2025 18:15:39 +0000 Files and hashes: 1: AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl (hash: 2nTMsIRFbVOhLS1mu52tGpNpmXXSjYBtVPM0YKigQ9M=) 2: 3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa (hash: cxXcs5+F77Lg7/Ojwbw2WUqjYrzsnoyA2M5AF3WeU8k=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 18:15:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:21:a7:45:d8:fa:90:4a:5f:f8:25:7d:cd:f4:f5:7e:a8:8c:09:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Validity Not Before: May 6 13:26:39 2025 GMT Not After : May 9 18:15:39 2025 GMT Subject: CN=687DFBF551259BF4F79A031C3AFE387B2B2A9BD5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:78:8f:0d:7b:45:27:d7:10:00:ab:78:dd:69: 86:a5:db:83:00:83:ef:b6:77:a8:1e:35:90:ca:8e: c3:20:83:e2:14:28:26:a1:1c:38:ec:f2:75:a7:7b: e7:34:17:c6:d8:cf:7e:2d:94:47:fe:8f:f6:83:8c: 25:1e:77:c3:da:5b:ac:70:a2:e5:fa:54:aa:9e:9f: 01:ea:68:39:ad:4c:3d:b4:f2:af:60:be:dd:db:45: d4:14:e6:83:8f:2b:2e:5f:96:6c:7c:57:5d:97:d3: 67:4b:53:1a:6c:59:ff:08:a8:c1:50:16:a4:5f:75: c1:9f:53:11:dd:da:a9:94:49:ea:c6:f0:ec:c1:a6: 4a:68:76:16:c8:dd:89:9d:9d:43:1d:79:30:bb:68: bc:35:7b:dd:5d:45:dc:61:71:b1:e8:6d:fe:57:75: e2:f2:eb:80:a9:ad:10:34:d3:09:30:be:30:cf:f6: 30:c5:a5:82:8f:cc:28:ab:54:74:31:7e:14:ea:1b: 8f:f2:99:e0:27:9b:88:06:87:c4:db:f6:35:51:be: c2:c0:a9:d4:cf:d0:c0:5f:df:20:84:27:5e:21:54: 3f:28:cc:5d:f7:2b:63:2d:39:16:4f:c6:b2:d6:ac: db:d1:71:0b:da:29:b8:2a:9a:80:ee:94:a6:fe:ba: c2:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:7D:FB:F5:51:25:9B:F4:F7:9A:03:1C:3A:FE:38:7B:2B:2A:9B:D5 X509v3 Authority Key Identifier: keyid:AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5c:20:a6:fe:35:b9:ea:3d:cd:b5:78:db:bf:4d:60:61:b8:8b: d8:98:14:5b:29:c7:f1:b2:0b:1a:f9:c9:8c:9a:43:42:f2:c4: f8:53:c5:38:60:f5:36:79:c4:80:fa:ab:82:7d:80:c7:aa:ca: 35:eb:36:4a:bf:cd:b4:dc:b1:3e:66:f8:6d:57:7d:52:53:d4: 52:f8:24:ff:47:74:36:4c:94:20:21:72:32:4a:1b:ff:98:fd: 6c:e3:cc:ec:1a:fa:d7:95:f0:82:07:e4:a0:5a:2c:9d:41:f8: 91:1a:a0:a1:06:68:99:36:5d:4c:6a:66:8d:2e:b3:70:76:10: aa:59:e4:ff:ad:1b:7d:09:e5:75:1f:4d:bb:54:28:2e:b0:63: 46:72:b9:4f:18:72:43:38:0e:ed:e7:70:bb:79:29:df:2b:c1: ae:60:d4:9f:60:d3:b3:2a:f2:b5:b8:18:e0:b2:e2:76:e6:af: 2c:39:9a:70:29:af:48:ae:6d:1f:e1:b5:f9:3d:7c:14:31:30: 3e:6e:cc:50:f9:3b:2f:c9:27:5a:4c:76:c8:18:b0:88:69:af: a8:29:50:29:9c:03:e1:9d:84:d9:ba:e4:c4:98:63:7d:fe:c2: aa:e8:49:bf:96:d0:ee:d6:5b:dd:aa:be:57:44:67:75:3c:f3: 5d:1a:37:03 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPiGnRdj6kEpf+CV9zfT1fqiMCbQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQw MkQ2QUYyMTAeFw0yNTA1MDYxMzI2MzlaFw0yNTA1MDkxODE1MzlaMDMxMTAvBgNV BAMTKDY4N0RGQkY1NTEyNTlCRjRGNzlBMDMxQzNBRkUzODdCMkIyQTlCRDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxeI8Ne0Un1xAAq3jdaYal24MA g++2d6geNZDKjsMgg+IUKCahHDjs8nWne+c0F8bYz34tlEf+j/aDjCUed8PaW6xw ouX6VKqenwHqaDmtTD208q9gvt3bRdQU5oOPKy5flmx8V12X02dLUxpsWf8IqMFQ FqRfdcGfUxHd2qmUSerG8OzBpkpodhbI3YmdnUMdeTC7aLw1e91dRdxhcbHobf5X deLy64CprRA00wkwvjDP9jDFpYKPzCirVHQxfhTqG4/ymeAnm4gGh8Tb9jVRvsLA qdTP0MBf3yCEJ14hVD8ozF33K2MtORZPxrLWrNvRcQvaKbgqmoDulKb+usIPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUaH379VElm/T3mgMcOv44eysqm9UwHwYDVR0j BBgwFoAUqj1/UDyZwKtjDVTFKDg8NALWryEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMC9BQTNEN0Y1MDND OTlDMEFCNjMwRDU0QzUyODM4M0MzNDAyRDZBRjIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQwMkQ2 QUYyMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTZjZDAzMjUtMzFhZi00ZmZlLThi ZWItZTc3OTk3ZTZjM2UxLzAvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODND MzQwMkQ2QUYyMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFwgpv41ueo9zbV4279NYGG4i9iYFFspx/Gy Cxr5yYyaQ0LyxPhTxThg9TZ5xID6q4J9gMeqyjXrNkq/zbTcsT5m+G1XfVJT1FL4 JP9HdDZMlCAhcjJKG/+Y/WzjzOwa+teV8IIH5KBaLJ1B+JEaoKEGaJk2XUxqZo0u s3B2EKpZ5P+tG30J5XUfTbtUKC6wY0ZyuU8YckM4Du3ncLt5Kd8rwa5g1J9g07Mq 8rW4GOCy4nbmryw5mnApr0iubR/htfk9fBQxMD5uzFD5Oy/JJ1pMdsgYsIhpr6gp UCmcA+GdhNm65MSYY33+wqroSb+W0O7WW92qvldEZ3U8810aNwM= -----END CERTIFICATE-----Generated at Thu May 8 06:07:11 2025 by rpki-client