$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: w+3zstsQIRs70jOjlBh1Yyhj8kXKKl4Rvfd2lVvknpA= Subject key identifier: F0:3B:22:74:64:C2:74:64:89:36:1A:59:69:55:46:F2:0F:4F:EC:BE Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 25FD0B1CDF346873E5017594AF3147B2E8EB2C09 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 01E4 Signing time: Fri 22 Aug 2025 21:11:54 +0000 Manifest this update: Fri 22 Aug 2025 21:06:54 +0000 Manifest next update: Tue 26 Aug 2025 07:25:54 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: YkMquMkJXOcygxcou7YqljFHPR4snsIE4jxYT2o++3s=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 07:25:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:fd:0b:1c:df:34:68:73:e5:01:75:94:af:31:47:b2:e8:eb:2c:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Aug 22 21:06:54 2025 GMT Not After : Aug 26 07:25:54 2025 GMT Subject: CN=F03B227464C2746489361A59695546F20F4FECBE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:39:9c:35:97:a3:34:f1:be:90:8a:b6:75:b2: 82:ac:c3:f4:83:46:8c:91:52:3a:e2:9e:73:4c:6c: 6e:b5:f4:0a:cd:41:d6:a9:56:1f:be:34:f1:81:43: 12:99:a7:b4:8f:1d:95:e3:25:e8:01:dc:3a:3b:74: 4d:af:d7:93:70:c5:02:4d:c1:e7:a2:74:61:db:3f: cb:b1:b9:48:dc:77:30:27:f1:03:6c:ff:37:72:ec: 1f:1a:80:81:32:89:e6:ae:31:1a:29:45:36:b8:1b: 85:a4:6c:c3:e6:ac:09:19:cc:0e:01:04:b8:b6:d6: 29:45:25:f9:b4:f4:c9:1b:f9:da:3e:98:3b:d9:a4: a6:5b:15:43:70:0e:d7:10:eb:fc:75:a7:82:6a:7a: b6:51:26:4a:08:7c:20:59:64:5f:e3:4a:ca:6c:e2: 19:94:1a:8e:7c:dd:54:87:9a:2f:a7:b3:14:4a:82: 1c:9f:17:0a:1a:54:da:92:42:81:24:1d:34:d1:b1: 1c:c6:6c:56:4d:69:fd:32:0f:5d:cd:6d:f8:0c:4c: b6:28:cd:87:02:15:d9:e3:91:33:d1:47:af:6e:f5: fb:bb:04:88:35:09:10:e8:e1:89:98:25:25:80:74: 94:1c:b7:96:13:6f:ac:29:44:a2:9c:89:4b:d2:e8: 0b:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:3B:22:74:64:C2:74:64:89:36:1A:59:69:55:46:F2:0F:4F:EC:BE X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:43:d8:32:a0:58:35:89:ea:c8:dc:12:ad:e1:a4:da:24:36: a9:91:31:2a:f5:2b:a0:fb:da:b0:ae:f1:c5:61:5a:6b:10:19: 23:74:7d:d7:ee:fe:85:f5:53:b4:6a:1b:04:61:1a:a8:fb:82: 30:ad:4e:a1:f1:66:36:87:1d:75:fa:de:bc:6e:13:e0:15:a7: b8:0c:92:fd:d7:64:f1:32:95:ce:cd:9c:ae:7b:16:82:98:8d: 8b:79:96:fd:4c:7f:f2:2a:0c:89:e5:65:a3:5a:fc:dd:99:ca: b2:bf:c5:3c:1f:b2:0f:47:87:c7:6a:9f:2d:5c:00:2d:1f:51: ba:d5:2a:be:e6:82:88:52:44:15:e6:a2:3b:59:7d:0f:60:2a: 96:ad:87:1d:83:cd:a1:e8:de:e7:65:89:3f:f0:e6:0d:1d:5a: 7b:ed:9d:ff:55:bb:9f:1e:92:19:97:8b:11:32:2a:f8:62:8f: cd:67:ab:49:c0:64:7a:a8:1a:8b:68:61:27:59:ca:1e:42:56: 63:2b:13:57:10:20:70:44:1b:92:6c:74:6d:fc:2c:cb:24:e2: b5:ae:30:92:0f:ce:a0:2b:0b:68:cc:2f:5d:c0:c9:ff:aa:2b: 4e:97:b1:45:6f:ff:1a:06:da:9e:32:6d:b3:f4:6e:b6:93:3c: 9f:7a:c3:aa -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJf0LHN80aHPlAXWUrzFHsujrLAkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTA4MjIyMTA2NTRaFw0yNTA4MjYwNzI1NTRaMDMxMTAvBgNV BAMTKEYwM0IyMjc0NjRDMjc0NjQ4OTM2MUE1OTY5NTU0NkYyMEY0RkVDQkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDROZw1l6M08b6QirZ1soKsw/SD RoyRUjrinnNMbG619ArNQdapVh++NPGBQxKZp7SPHZXjJegB3Do7dE2v15NwxQJN weeidGHbP8uxuUjcdzAn8QNs/zdy7B8agIEyieauMRopRTa4G4WkbMPmrAkZzA4B BLi21ilFJfm09Mkb+do+mDvZpKZbFUNwDtcQ6/x1p4JqerZRJkoIfCBZZF/jSsps 4hmUGo583VSHmi+nsxRKghyfFwoaVNqSQoEkHTTRsRzGbFZNaf0yD13NbfgMTLYo zYcCFdnjkTPRR69u9fu7BIg1CRDo4YmYJSWAdJQct5YTb6wpRKKciUvS6AvLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU8DsidGTCdGSJNhpZaVVG8g9P7L4wHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEFD2DKgWDWJ6sjcEq3hpNokNqmRMSr1K6D7 2rCu8cVhWmsQGSN0fdfu/oX1U7RqGwRhGqj7gjCtTqHxZjaHHXX63rxuE+AVp7gM kv3XZPEylc7NnK57FoKYjYt5lv1Mf/IqDInlZaNa/N2ZyrK/xTwfsg9Hh8dqny1c AC0fUbrVKr7mgohSRBXmojtZfQ9gKpathx2DzaHo3udliT/w5g0dWnvtnf9Vu58e khmXixEyKvhij81nq0nAZHqoGotoYSdZyh5CVmMrE1cQIHBEG5JsdG38LMsk4rWu MJIPzqArC2jML13Ayf+qK06XsUVv/xoG2p4ybbP0braTPJ96w6o= -----END CERTIFICATE-----Generated at Sat Aug 23 12:18:28 2025 by rpki-client