$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: FxwCo1bYOCwnqBDnYBnQ6Q57zhWx+2ao+vIYM7sIR34= Subject key identifier: 87:83:48:55:34:32:14:71:F3:14:80:32:1B:74:E2:CE:ED:85:B8:80 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 4163280F38B77E4E978B7465B20987925DC977F8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 01CC Signing time: Sun 29 Jun 2025 05:21:49 +0000 Manifest this update: Sun 29 Jun 2025 05:16:49 +0000 Manifest next update: Wed 02 Jul 2025 13:38:49 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: mVz+xFxKB7NGVQVtyIFPTFRcDHj5GS0JpLETICDa6Os=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 07:23:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:63:28:0f:38:b7:7e:4e:97:8b:74:65:b2:09:87:92:5d:c9:77:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Jun 29 05:16:49 2025 GMT Not After : Jul 2 13:38:49 2025 GMT Subject: CN=8783485534321471F31480321B74E2CEED85B880 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:2a:1e:66:4c:7d:cb:ab:3b:59:3d:70:29:ac: 2c:a5:5f:42:7f:66:7a:ca:35:2f:d2:9e:a3:bd:21: df:8c:29:cf:e0:38:f8:1a:52:4c:78:00:7f:99:8b: 89:ef:ae:f1:a1:c1:d6:9e:10:3b:0f:37:0a:e2:54: ef:67:1b:78:0f:f1:7d:02:b1:84:fb:2c:89:54:56: e9:4d:b5:b9:ec:57:b0:4b:4e:e2:f5:cd:ec:8c:98: 9e:bc:6a:ad:95:77:02:82:92:43:f7:97:38:c1:74: cb:75:80:a0:af:b9:1e:26:44:8e:e3:a7:08:fe:7b: 88:1b:20:9c:eb:a5:2f:e4:ea:d8:18:d5:1b:3c:6e: 3b:ab:19:cc:bb:34:29:14:c3:34:1b:d8:fa:27:3a: ad:68:26:b1:df:f2:4d:1a:6b:74:39:00:f1:f5:b2: e6:90:a7:b1:36:86:d5:71:2d:5e:9c:c4:b1:66:57: f3:3a:93:2b:91:71:37:bf:63:85:9f:3e:54:32:15: 09:ed:57:13:a4:47:30:90:48:88:d3:6c:35:71:63: db:44:79:f5:d9:08:74:55:5a:99:a1:3e:07:8a:ab: 85:14:1f:1b:08:3b:85:0e:f2:0f:c9:b5:6a:9e:d2: 69:36:c1:48:ba:d9:be:ac:ac:34:53:3c:7f:bd:d9: 5a:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:83:48:55:34:32:14:71:F3:14:80:32:1B:74:E2:CE:ED:85:B8:80 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:a1:fd:7a:f8:61:ba:f8:de:d5:ae:31:9e:2c:a9:9f:f0:90: d9:32:fc:85:48:5e:7e:1b:16:01:d6:5f:c8:55:be:ce:34:f0: bd:fd:a3:28:ce:23:d0:2a:7d:fa:66:2c:cc:d6:25:6a:68:3e: e0:39:a7:4b:4b:e4:93:24:7c:55:69:6d:b1:b9:18:dc:5b:be: 3e:65:69:a8:6f:28:5a:5a:8e:8a:62:64:4a:16:7b:cb:b8:ea: 4d:98:07:63:32:94:02:ab:55:7b:11:0f:bf:1a:32:e1:c4:b9: 2a:e4:70:6d:03:e2:be:1e:02:9d:b8:79:00:25:e1:20:d1:86: c6:11:e5:75:e6:63:01:bf:70:e8:b5:3c:f7:6e:10:19:7e:60: ac:23:e4:b8:ee:3e:20:af:e4:71:df:5d:6f:07:b3:8c:0b:4b: a8:0c:7c:08:bd:56:2b:4e:11:8c:ba:15:55:dc:ce:e9:ea:4a: 48:57:32:03:f5:07:ec:43:8f:08:7c:dc:53:36:d3:5f:be:eb: 6b:8a:02:59:3e:af:96:47:1b:e1:5a:0b:fb:1d:ba:bb:3c:46: b5:92:c0:a2:36:76:10:a2:e8:55:87:cd:62:89:ae:d1:87:2c: c8:05:17:2b:43:53:66:7a:d9:04:28:49:51:f3:8c:a6:f4:18: bc:70:f9:0a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQWMoDzi3fk6Xi3RlsgmHkl3Jd/gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTA2MjkwNTE2NDlaFw0yNTA3MDIxMzM4NDlaMDMxMTAvBgNV BAMTKDg3ODM0ODU1MzQzMjE0NzFGMzE0ODAzMjFCNzRFMkNFRUQ4NUI4ODAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9Kh5mTH3LqztZPXAprCylX0J/ ZnrKNS/SnqO9Id+MKc/gOPgaUkx4AH+Zi4nvrvGhwdaeEDsPNwriVO9nG3gP8X0C sYT7LIlUVulNtbnsV7BLTuL1zeyMmJ68aq2VdwKCkkP3lzjBdMt1gKCvuR4mRI7j pwj+e4gbIJzrpS/k6tgY1Rs8bjurGcy7NCkUwzQb2PonOq1oJrHf8k0aa3Q5APH1 suaQp7E2htVxLV6cxLFmV/M6kyuRcTe/Y4WfPlQyFQntVxOkRzCQSIjTbDVxY9tE efXZCHRVWpmhPgeKq4UUHxsIO4UO8g/JtWqe0mk2wUi62b6srDRTPH+92VovAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUh4NIVTQyFHHzFIAyG3Tizu2FuIAwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAC+h/Xr4Ybr43tWuMZ4sqZ/wkNky/IVIXn4b FgHWX8hVvs408L39oyjOI9AqffpmLMzWJWpoPuA5p0tL5JMkfFVpbbG5GNxbvj5l aahvKFpajopiZEoWe8u46k2YB2MylAKrVXsRD78aMuHEuSrkcG0D4r4eAp24eQAl 4SDRhsYR5XXmYwG/cOi1PPduEBl+YKwj5LjuPiCv5HHfXW8Hs4wLS6gMfAi9VitO EYy6FVXczunqSkhXMgP1B+xDjwh83FM201++62uKAlk+r5ZHG+FaC/sdurs8RrWS wKI2dhCi6FWHzWKJrtGHLMgFFytDU2Z62QQoSVHzjKb0GLxw+Qo= -----END CERTIFICATE-----Generated at Sun Jun 29 19:50:05 2025 by rpki-client