$ rpki-client -vvf repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft File: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft (raw, json) Hash identifier: QsjFeb5MbJGOhxH2k0yMxqZZEUn2jpKx4YbkPn6LB8c= Subject key identifier: 85:99:B9:C5:6A:5A:78:17:D4:6E:90:9A:B3:55:12:DE:5F:70:FA:21 Authority key identifier: 3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 Certificate issuer: /CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Certificate serial: 2D4E53C38D3B25446B4BCB6E9C21950A9D80F063 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft Manifest number: 0459 Signing time: Thu 08 May 2025 06:52:16 +0000 Manifest this update: Thu 08 May 2025 06:47:16 +0000 Manifest next update: Sun 11 May 2025 15:03:16 +0000 Files and hashes: 1: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl (hash: wN8HlUaOrXXqthWywsfn94T28ZAMJxJM3HMc9onSrfQ=) 2: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: bPWP0OQUIp2Y9GGXuX0UNuWcLsy7WT1L06MXLwlNCSg=) 3: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: 0GSE1PDB0X1nNRLhLL+YFIj25TLvzXb3P+1q7y2DYeY=) 4: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: WgrIRzdaFJ0g4e27LMgAxhh+yicucERWndK+pSX36cg=) 5: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: yg0Ga2BI5N+zhlTssMp6B5+VROj1HXmBfDxoTWvqgpA=) 6: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: qMdSXe2z67bVJOmODSeb4BQMQ40LX9lF9FYmIAv+p7A=) 7: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: Y2PTe5fMMDYclXsLhLsiwjVncBgzuq5ROa1U1eOC/Wc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 15:03:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:4e:53:c3:8d:3b:25:44:6b:4b:cb:6e:9c:21:95:0a:9d:80:f0:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Validity Not Before: May 8 06:47:16 2025 GMT Not After : May 11 15:03:16 2025 GMT Subject: CN=8599B9C56A5A7817D46E909AB35512DE5F70FA21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:15:6b:ef:42:7d:18:b8:3a:0b:c4:47:5b:eb: 39:10:3a:84:ba:2b:5e:d7:7a:b2:ed:63:76:04:11: 1b:55:80:bb:0b:9b:3a:3d:04:5f:31:9b:88:eb:1a: 83:d8:0d:bf:71:c8:92:f4:d4:d8:ed:fd:f5:3e:7f: 53:7e:e3:eb:a3:3e:d7:f4:c9:a1:6c:f7:f1:33:bf: 00:92:61:c4:90:30:f3:d3:81:12:1d:fd:39:ab:96: e2:a2:45:40:aa:03:1b:27:0f:a1:64:e0:a8:15:a8: b5:78:44:9d:e7:7e:6d:16:5e:91:86:b2:03:ea:73: 12:6f:4e:bd:a1:da:33:c5:63:35:a1:f0:be:e6:ea: 7c:65:7d:a7:0b:66:e4:f0:3e:90:1e:4d:a0:78:72: e7:47:08:76:94:c1:bd:62:82:4a:87:ff:12:f1:f9: 63:6e:3a:b6:80:72:3c:71:9b:cc:11:99:bb:98:a7: 95:da:e6:5f:b3:99:24:30:43:f6:e9:c4:43:29:b5: cd:75:98:78:26:25:25:f4:e0:b4:73:2c:ea:f8:73: 6a:ba:88:7a:db:08:29:fa:c8:94:d1:6b:51:02:a8: 54:dd:df:e6:c7:67:fd:18:62:5d:af:e0:10:82:31: 24:cc:44:d1:7d:a5:f1:d7:77:1f:f6:fb:f6:ba:02: e4:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:99:B9:C5:6A:5A:78:17:D4:6E:90:9A:B3:55:12:DE:5F:70:FA:21 X509v3 Authority Key Identifier: keyid:3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:b2:17:9f:68:3d:fc:a8:af:8c:29:62:e7:50:33:6b:12:f1: 29:d4:ab:8a:d8:6d:47:99:f1:f8:8a:9b:81:9c:3b:0f:fe:c9: cf:47:29:45:3a:56:ec:bd:31:37:ae:98:53:a3:5a:dc:e0:28: ef:63:f2:4e:53:cd:d7:dd:fb:80:73:4c:79:26:ff:f9:c6:f7: ca:a2:70:b0:b2:63:bd:e7:28:d9:ab:06:f7:58:7c:68:d7:48: 97:ae:4f:8a:25:0d:91:87:04:a4:3b:e3:29:80:f1:81:38:29: f6:ef:74:73:37:cf:ba:f2:20:43:fe:49:54:0a:1a:d8:f6:bd: f6:91:93:67:c6:a1:05:62:86:f1:7a:e7:2b:da:9c:0c:fb:3a: f6:19:56:b8:9d:b5:3c:e3:a3:27:59:60:9f:76:d7:1e:b1:c1: dc:08:50:7e:4b:4f:d7:34:ba:c4:eb:75:72:32:21:2b:b9:9d: 88:5e:8d:96:5f:44:59:41:fb:10:32:4d:19:14:e8:cd:7d:2d: ba:d0:13:ce:42:44:14:7b:2f:29:27:0d:06:71:11:b2:fa:13: 6c:2d:ec:54:85:f1:98:77:b5:59:34:3f:18:9b:3b:74:2c:3a: b8:c9:b8:52:4f:48:09:b2:fc:03:d4:89:6e:5d:48:4c:2c:4d: 49:d3:83:29 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULU5Tw407JURrS8tunCGVCp2A8GMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFE QzlBMTI2OTAeFw0yNTA1MDgwNjQ3MTZaFw0yNTA1MTExNTAzMTZaMDMxMTAvBgNV BAMTKDg1OTlCOUM1NkE1QTc4MTdENDZFOTA5QUIzNTUxMkRFNUY3MEZBMjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNFWvvQn0YuDoLxEdb6zkQOoS6 K17XerLtY3YEERtVgLsLmzo9BF8xm4jrGoPYDb9xyJL01Njt/fU+f1N+4+ujPtf0 yaFs9/EzvwCSYcSQMPPTgRId/TmrluKiRUCqAxsnD6Fk4KgVqLV4RJ3nfm0WXpGG sgPqcxJvTr2h2jPFYzWh8L7m6nxlfacLZuTwPpAeTaB4cudHCHaUwb1igkqH/xLx +WNuOraAcjxxm8wRmbuYp5Xa5l+zmSQwQ/bpxEMptc11mHgmJSX04LRzLOr4c2q6 iHrbCCn6yJTRa1ECqFTd3+bHZ/0YYl2v4BCCMSTMRNF9pfHXdx/2+/a6AuTLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhZm5xWpaeBfUbpCas1US3l9w+iEwHwYDVR0j BBgwFoAUPRPG+52yLOE0cGMlNXwg4dyaEmkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZDFlZTVlMi0zMzhjLTRkMjAtODA3ZS1lNTBiNzU1ODNkYjgvMC8zRDEzQzZGQjlE QjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURDOUExMjY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFEQzlB MTI2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmQxZWU1ZTItMzM4Yy00ZDIwLTgw N2UtZTUwYjc1NTgzZGI4LzAvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIw RTFEQzlBMTI2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAE2yF59oPfyor4wpYudQM2sS8SnUq4rYbUeZ 8fiKm4GcOw/+yc9HKUU6Vuy9MTeumFOjWtzgKO9j8k5Tzdfd+4BzTHkm//nG98qi cLCyY73nKNmrBvdYfGjXSJeuT4olDZGHBKQ74ymA8YE4KfbvdHM3z7ryIEP+SVQK Gtj2vfaRk2fGoQVihvF65yvanAz7OvYZVridtTzjoydZYJ921x6xwdwIUH5LT9c0 usTrdXIyISu5nYhejZZfRFlB+xAyTRkU6M19LbrQE85CRBR7LyknDQZxEbL6E2wt 7FSF8Zh3tVk0PxibO3QsOrjJuFJPSAmy/APUiW5dSEwsTUnTgyk= -----END CERTIFICATE-----Generated at Fri May 9 22:38:27 2025 by rpki-client