$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: B7iuPqhKPRjQbc7wQMrN++25ePPwTpTEsnG6J0g8KKw= Subject key identifier: 62:E3:49:08:05:06:0F:D0:1F:6C:7E:3C:DD:FA:AE:F1:8D:FB:29:F5 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 599AE98AC3B347A67D5B42BFA2D816A11C56D428 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 01B5 Signing time: Thu 08 May 2025 06:11:47 +0000 Manifest this update: Thu 08 May 2025 06:06:47 +0000 Manifest next update: Sun 11 May 2025 08:07:47 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: CgM1Bgsu0G6Zf7K/q6Gul+464RhFgjj8HkAlHUkEfPo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 08:07:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:9a:e9:8a:c3:b3:47:a6:7d:5b:42:bf:a2:d8:16:a1:1c:56:d4:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: May 8 06:06:47 2025 GMT Not After : May 11 08:07:47 2025 GMT Subject: CN=62E3490805060FD01F6C7E3CDDFAAEF18DFB29F5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:03:00:f7:b8:86:e7:3e:62:2f:11:7b:76:d1: 65:55:8a:ef:6c:9e:1a:34:09:78:bd:00:de:e5:f8: 09:c4:7b:60:5b:94:2c:9d:b9:99:5c:68:aa:14:68: e7:aa:66:cf:87:15:91:ca:fb:e0:64:95:5d:11:b3: c9:eb:0e:c5:30:59:48:61:33:2b:53:85:8d:15:5d: dc:3e:60:55:5f:f8:40:27:44:7e:99:b4:3a:7f:3f: a5:d9:01:9a:11:4e:a9:5b:96:e6:5b:49:33:e8:23: f0:17:a2:1b:37:b5:40:99:d9:ad:f9:58:3d:e0:5f: f8:30:02:5d:8e:28:ff:82:21:4d:36:d8:53:7b:b1: 7d:72:e8:67:da:c6:c2:b5:07:44:a0:04:98:2a:42: 54:7a:48:c5:9d:f7:58:dd:ac:17:c7:1a:4b:8d:18: 2d:2a:33:b8:db:5c:e8:f4:8a:ae:9b:30:35:c8:e3: 84:80:da:75:fe:f0:2f:d0:f8:7d:9c:35:6a:f9:90: 05:be:34:f9:f6:2b:1a:2a:40:bf:a2:1b:2b:f7:a4: 28:11:d8:c1:42:da:9a:7f:b3:32:d8:29:96:57:8a: f0:5b:a3:51:84:8b:c6:f7:fb:d4:0d:1c:0d:11:a2: 8d:a2:6f:d3:d5:df:6c:69:00:63:23:e7:22:d1:19: 0b:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:E3:49:08:05:06:0F:D0:1F:6C:7E:3C:DD:FA:AE:F1:8D:FB:29:F5 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c5:1d:3a:c5:99:b3:41:81:0f:57:80:15:48:fb:48:4f:d3:21: 3b:7b:fb:bd:19:aa:f6:f7:7f:b0:b4:f6:e9:71:1a:00:73:ab: c6:3e:9d:80:ad:05:01:4c:ae:b1:6c:07:eb:af:e8:ed:db:41: 0e:3c:57:37:90:d5:f1:fe:c7:f1:69:77:f9:b0:ac:72:18:c7: ba:71:5c:08:eb:c9:41:6a:32:0a:6d:92:94:b4:fa:45:c0:e7: ac:a3:09:5c:16:02:42:47:24:2d:e1:28:17:8d:0b:c8:1c:c5: 06:4c:33:cc:01:c1:e4:71:99:8c:b5:43:80:b8:04:4b:4f:ad: 0b:5b:5a:d0:53:78:1b:42:42:3a:cf:cf:5d:c2:16:02:54:fc: 6d:1d:06:19:6a:75:1f:82:f9:d9:39:85:aa:42:3b:7d:37:fa: 37:bb:cc:f3:ae:bd:60:4b:81:30:f3:fd:d6:34:9f:2b:ce:62: b9:86:14:23:31:03:de:b2:b9:05:ab:9c:13:86:90:fb:d9:58: 14:4b:9a:ea:32:57:17:6a:5f:58:ce:34:c1:e9:9b:53:4b:a6: c0:b6:9d:3f:f4:e7:60:06:e0:db:73:fb:fc:da:d7:46:88:5d: ef:08:a8:e6:62:ad:60:ed:52:db:eb:06:9c:6c:92:06:6d:a4: 13:d8:ac:d0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWZrpisOzR6Z9W0K/otgWoRxW1CgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTA1MDgwNjA2NDdaFw0yNTA1MTEwODA3NDdaMDMxMTAvBgNV BAMTKDYyRTM0OTA4MDUwNjBGRDAxRjZDN0UzQ0RERkFBRUYxOERGQjI5RjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdAwD3uIbnPmIvEXt20WVViu9s nho0CXi9AN7l+AnEe2BblCyduZlcaKoUaOeqZs+HFZHK++BklV0Rs8nrDsUwWUhh MytThY0VXdw+YFVf+EAnRH6ZtDp/P6XZAZoRTqlbluZbSTPoI/AXohs3tUCZ2a35 WD3gX/gwAl2OKP+CIU022FN7sX1y6GfaxsK1B0SgBJgqQlR6SMWd91jdrBfHGkuN GC0qM7jbXOj0iq6bMDXI44SA2nX+8C/Q+H2cNWr5kAW+NPn2KxoqQL+iGyv3pCgR 2MFC2pp/szLYKZZXivBbo1GEi8b3+9QNHA0Roo2ib9PV32xpAGMj5yLRGQuTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUYuNJCAUGD9AfbH483fqu8Y37KfUwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMUdOsWZs0GBD1eAFUj7SE/TITt7+70Zqvb3 f7C09ulxGgBzq8Y+nYCtBQFMrrFsB+uv6O3bQQ48VzeQ1fH+x/Fpd/mwrHIYx7px XAjryUFqMgptkpS0+kXA56yjCVwWAkJHJC3hKBeNC8gcxQZMM8wBweRxmYy1Q4C4 BEtPrQtbWtBTeBtCQjrPz13CFgJU/G0dBhlqdR+C+dk5hapCO303+je7zPOuvWBL gTDz/dY0nyvOYrmGFCMxA96yuQWrnBOGkPvZWBRLmuoyVxdqX1jONMHpm1NLpsC2 nT/052AG4Ntz+/za10aIXe8IqOZirWDtUtvrBpxskgZtpBPYrNA= -----END CERTIFICATE-----Generated at Fri May 9 04:15:12 2025 by rpki-client