$ rpki-client -vvf repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft File: 2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft (raw, json) Hash identifier: HgK5wZ6TCvFyaIoxjK3E8GvAtJL9lsYjCv98QAeN5T0= Subject key identifier: 82:E6:E6:36:36:A8:5A:7A:C4:FF:8D:C8:1D:50:60:78:8A:D2:BF:96 Authority key identifier: 25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 Certificate issuer: /CN=2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2 Certificate serial: 6946D03C076414D689A3F7F0FFC0A3D182B318C9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft Manifest number: A1 Signing time: Tue 06 May 2025 01:31:31 +0000 Manifest this update: Tue 06 May 2025 01:26:31 +0000 Manifest next update: Fri 09 May 2025 04:41:31 +0000 Files and hashes: 1: 3136302e31392e38342e302f32342d3234203d3e20313532373534.roa (hash: THBM8LqDnCB9g6mrX4v3sCaW9RltHiaa0G5I3swxXAw=) 2: 3136302e31392e38342e302f32332d3233203d3e20313532373534.roa (hash: 5HetFGZszR8N+jVJsMmxP9KoRUdy7YyfVMX9PkmHTvY=) 3: 2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl (hash: snXkYTcOlwtpkYW4L1QoPUnabg9PuCIJZ7JHsylMTF4=) 4: 3136302e31392e38352e302f32342d3234203d3e20313532373534.roa (hash: 93YYxDDq8+f/Khx/2GnLN/kmjkNijzZ2VSNum/bWLqg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 May 2025 04:41:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:46:d0:3c:07:64:14:d6:89:a3:f7:f0:ff:c0:a3:d1:82:b3:18:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2 Validity Not Before: May 6 01:26:31 2025 GMT Not After : May 9 04:41:31 2025 GMT Subject: CN=82E6E63636A85A7AC4FF8DC81D5060788AD2BF96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:97:3b:63:86:96:e5:b7:69:8d:db:ac:97:2d: 1e:4d:4e:a8:e2:1f:2a:09:0c:d2:08:98:66:c5:cf: 0e:08:32:31:bd:8c:56:c1:61:03:16:36:33:d2:f3: d4:b3:d7:a3:a1:32:8b:84:a9:07:f7:9d:3c:ff:71: 1f:ce:f2:f6:1c:37:e4:1c:d4:c7:5c:af:ce:f1:08: 90:5f:86:e3:6b:6a:37:a4:76:c9:10:a3:c8:81:e6: 02:8a:54:b2:83:12:61:04:22:88:14:8e:35:75:08: 16:1c:79:e6:98:12:6b:12:34:b2:80:d5:fe:78:f6: d8:c7:f6:1e:f3:d5:65:fc:d9:b9:02:8c:26:27:60: cc:19:b2:f1:91:31:e9:ef:cc:ce:be:fe:bf:81:52: d8:8c:65:a0:fb:44:13:71:81:5e:a6:7b:07:52:c4: a9:03:31:1a:92:fc:3e:ae:33:83:ca:51:e9:76:fb: 2d:12:de:3f:77:db:74:09:27:7e:b1:b0:0a:51:d2: 6d:c4:88:ef:8c:a3:ef:9b:2c:a3:05:f3:c3:1d:f6: ca:1d:b8:ac:d2:a3:30:4f:81:ae:ab:d9:6f:64:8f: 30:b7:13:dc:e2:bf:9e:06:a0:8f:0e:f6:45:06:7e: ad:c8:1f:26:f8:54:72:94:76:74:56:d3:85:fb:ab: 3a:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:E6:E6:36:36:A8:5A:7A:C4:FF:8D:C8:1D:50:60:78:8A:D2:BF:96 X509v3 Authority Key Identifier: keyid:25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:9a:5f:b5:72:83:02:9b:24:53:7b:8a:b6:4b:d2:b6:14:90: cf:6e:ef:06:5e:de:29:2d:73:27:41:dc:6b:3e:e6:4c:25:4c: 26:24:d0:96:aa:4b:16:11:b5:6c:e9:51:41:85:94:d6:b0:cf: e8:7d:19:4f:9e:2d:c1:17:41:f6:21:28:71:8a:3d:e5:ac:ed: d5:be:7f:4a:a9:a1:1e:1b:d7:52:50:36:c4:47:a6:01:e6:35: 95:f5:45:33:ca:8c:c3:b2:af:77:2a:cf:20:80:f1:e8:ce:b4: f8:20:7f:3e:5e:4a:9d:6e:33:1a:f9:19:81:63:e8:51:b1:4c: 47:79:a8:2e:0f:b9:c7:df:e3:a0:7c:5b:10:d8:a3:0d:d1:aa: 56:f7:3b:da:fd:43:44:fa:65:30:e3:f2:d7:4f:ab:4a:60:b9: 97:31:df:b7:86:44:7d:a2:c4:c0:e2:29:fe:fa:47:40:db:49: 6b:b4:04:34:bd:14:35:3b:03:92:31:c9:69:31:8c:f1:fa:96: 68:67:73:83:1e:3b:4b:76:8f:fc:29:75:39:87:2a:49:f5:6c: 95:f4:7c:20:f3:4e:c1:e9:fb:3c:7f:f7:3d:d1:6d:08:c4:09: ca:68:7e:73:9d:d8:40:f2:9d:5d:17:f1:65:23:3b:84:f1:58: 04:38:56:65 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaUbQPAdkFNaJo/fw/8Cj0YKzGMkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZGMTdE Q0Q2RkRDMjAeFw0yNTA1MDYwMTI2MzFaFw0yNTA1MDkwNDQxMzFaMDMxMTAvBgNV BAMTKDgyRTZFNjM2MzZBODVBN0FDNEZGOERDODFENTA2MDc4OEFEMkJGOTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDglztjhpblt2mN26yXLR5NTqji HyoJDNIImGbFzw4IMjG9jFbBYQMWNjPS89Sz16OhMouEqQf3nTz/cR/O8vYcN+Qc 1Mdcr87xCJBfhuNrajekdskQo8iB5gKKVLKDEmEEIogUjjV1CBYceeaYEmsSNLKA 1f549tjH9h7z1WX82bkCjCYnYMwZsvGRMenvzM6+/r+BUtiMZaD7RBNxgV6mewdS xKkDMRqS/D6uM4PKUel2+y0S3j9323QJJ36xsApR0m3EiO+Mo++bLKMF88Md9sod uKzSozBPga6r2W9kjzC3E9ziv54GoI8O9kUGfq3IHyb4VHKUdnRW04X7qzpbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUgubmNjaoWnrE/43IHVBgeIrSv5YwHwYDVR0j BBgwFoAUJRXUv573quWuvCL1LBf/F9zW/cIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i YTA5OGYwMC1hMGEwLTRiNWMtOWU4My02MDY3MzcxMjhjYjEvMC8yNTE1RDRCRjlF RjdBQUU1QUVCQzIyRjUyQzE3RkYxN0RDRDZGREMyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZGMTdEQ0Q2 RkRDMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmEwOThmMDAtYTBhMC00YjVjLTll ODMtNjA2NzM3MTI4Y2IxLzAvMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZG MTdEQ0Q2RkRDMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFqaX7VygwKbJFN7irZL0rYUkM9u7wZe3ikt cydB3Gs+5kwlTCYk0JaqSxYRtWzpUUGFlNawz+h9GU+eLcEXQfYhKHGKPeWs7dW+ f0qpoR4b11JQNsRHpgHmNZX1RTPKjMOyr3cqzyCA8ejOtPggfz5eSp1uMxr5GYFj 6FGxTEd5qC4Pucff46B8WxDYow3Rqlb3O9r9Q0T6ZTDj8tdPq0pguZcx37eGRH2i xMDiKf76R0DbSWu0BDS9FDU7A5IxyWkxjPH6lmhnc4MeO0t2j/wpdTmHKkn1bJX0 fCDzTsHp+zx/9z3RbQjECcpofnOd2EDynV0X8WUjO4TxWAQ4VmU= -----END CERTIFICATE-----Generated at Wed May 7 22:53:25 2025 by rpki-client