$ rpki-client -vvf repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft File: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft (raw, json) Hash identifier: 7kmFJsuUGosDbGjgm3/tfEdcZclT/lEiTsRTiu6XM00= Subject key identifier: 99:78:90:3D:2D:22:2D:7E:5C:61:05:82:2D:61:AA:CB:D6:0D:EE:1F Authority key identifier: 3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 Certificate issuer: /CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Certificate serial: 2E74966D497406A00BDDC14C716F53C044ED6A74 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft Manifest number: 0471 Signing time: Wed 02 Jul 2025 06:02:13 +0000 Manifest this update: Wed 02 Jul 2025 05:57:13 +0000 Manifest next update: Sat 05 Jul 2025 12:50:13 +0000 Files and hashes: 1: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl (hash: yyYruDyu1d3yyB0w5GJYPCf7BvwdLXtTrGeBgejSttc=) 2: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: yg0Ga2BI5N+zhlTssMp6B5+VROj1HXmBfDxoTWvqgpA=) 3: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: bPWP0OQUIp2Y9GGXuX0UNuWcLsy7WT1L06MXLwlNCSg=) 4: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: WgrIRzdaFJ0g4e27LMgAxhh+yicucERWndK+pSX36cg=) 5: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: 0GSE1PDB0X1nNRLhLL+YFIj25TLvzXb3P+1q7y2DYeY=) 6: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: Y2PTe5fMMDYclXsLhLsiwjVncBgzuq5ROa1U1eOC/Wc=) 7: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: qMdSXe2z67bVJOmODSeb4BQMQ40LX9lF9FYmIAv+p7A=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 12:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:74:96:6d:49:74:06:a0:0b:dd:c1:4c:71:6f:53:c0:44:ed:6a:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Validity Not Before: Jul 2 05:57:13 2025 GMT Not After : Jul 5 12:50:13 2025 GMT Subject: CN=9978903D2D222D7E5C6105822D61AACBD60DEE1F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:3e:87:c7:02:47:c2:5b:11:b5:f3:a3:a0:a1: 2a:b3:85:c7:8a:79:c8:24:65:d0:8c:4b:4c:10:22: d7:15:18:5f:fe:df:b6:48:3a:ef:ba:c2:a4:89:30: 8b:bc:76:ba:74:48:6b:89:53:04:ef:77:e3:ff:24: 43:22:24:0f:1a:bc:e3:5c:fc:68:64:a9:69:81:b0: 2b:07:37:87:8f:bf:a8:7c:b7:ec:64:e2:9d:cc:55: 1a:6a:6e:f7:f9:b6:a3:b5:fc:3b:a0:05:ed:9e:de: cb:09:68:56:9d:75:1e:fb:31:f2:a0:ab:6d:34:b2: e9:75:46:ce:6b:d7:5c:ed:4d:05:02:d0:0d:96:99: 7e:ed:b8:ca:f0:f0:52:37:64:7c:a4:5e:73:56:26: 4d:6b:e6:a3:5d:28:98:cb:10:c9:41:a2:80:ab:56: 16:01:3e:c8:05:bd:d8:94:11:ee:d0:47:91:3c:f5: 22:44:f4:a4:8e:1b:9a:0b:f1:07:72:86:f5:ba:71: 25:c5:6d:00:f3:7e:72:1c:13:0f:08:6c:66:b6:cf: a4:bc:d5:ad:98:86:b9:9e:e4:73:dc:c6:6c:73:92: 82:83:22:73:96:46:8c:1f:e8:98:6b:48:4c:8e:87: 9c:f9:42:f8:9e:43:1c:fa:7d:ff:d0:7b:e0:a8:45: be:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:78:90:3D:2D:22:2D:7E:5C:61:05:82:2D:61:AA:CB:D6:0D:EE:1F X509v3 Authority Key Identifier: keyid:3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:45:36:8b:0b:35:41:f8:ce:c4:37:55:45:ab:39:90:1c:5a: 9d:93:93:52:2e:41:24:b2:2e:77:ad:d6:69:16:38:74:66:9e: 82:5d:3e:c0:e1:32:64:60:81:63:d4:4d:5f:ba:fb:55:b3:5f: ae:66:0a:ba:8f:07:da:e6:d7:a4:3f:c3:c4:00:4e:5d:be:fe: 5b:83:7a:13:d5:cf:20:65:60:56:ad:b9:30:34:5c:75:b4:3c: de:09:fd:3f:d5:5a:7b:ec:62:e0:3a:ef:04:30:8d:e0:da:86: ee:a3:fb:10:67:ca:07:c4:0b:7f:53:21:4b:72:3b:38:0e:cb: 29:8c:95:60:53:e8:6a:71:a5:4a:2f:39:71:44:70:25:e4:33: b9:02:85:99:7b:c2:d1:9e:ca:79:61:e7:a8:28:68:f6:76:f4: 93:e2:05:7e:c6:46:a8:02:c0:b5:4a:a0:81:bc:c3:75:6e:bd: 46:47:cb:0b:4e:fd:ec:9e:25:ae:69:0e:92:7a:b0:8c:80:19: 3f:0d:e5:74:0e:2a:77:dc:fa:6c:8e:cc:e8:cf:33:e4:b8:a5: 4c:06:70:f4:23:a0:c4:56:b9:3b:51:f5:db:95:d4:5e:44:2b: 86:6b:46:ea:e3:8d:0c:32:76:4e:e9:ec:a9:e1:2a:ef:f9:2a: 33:3f:ae:f6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULnSWbUl0BqAL3cFMcW9TwETtanQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFE QzlBMTI2OTAeFw0yNTA3MDIwNTU3MTNaFw0yNTA3MDUxMjUwMTNaMDMxMTAvBgNV BAMTKDk5Nzg5MDNEMkQyMjJEN0U1QzYxMDU4MjJENjFBQUNCRDYwREVFMUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPPofHAkfCWxG186OgoSqzhceK ecgkZdCMS0wQItcVGF/+37ZIOu+6wqSJMIu8drp0SGuJUwTvd+P/JEMiJA8avONc /GhkqWmBsCsHN4ePv6h8t+xk4p3MVRpqbvf5tqO1/DugBe2e3ssJaFaddR77MfKg q200sul1Rs5r11ztTQUC0A2WmX7tuMrw8FI3ZHykXnNWJk1r5qNdKJjLEMlBooCr VhYBPsgFvdiUEe7QR5E89SJE9KSOG5oL8QdyhvW6cSXFbQDzfnIcEw8IbGa2z6S8 1a2Yhrme5HPcxmxzkoKDInOWRowf6JhrSEyOh5z5QvieQxz6ff/Qe+CoRb4jAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUmXiQPS0iLX5cYQWCLWGqy9YN7h8wHwYDVR0j BBgwFoAUPRPG+52yLOE0cGMlNXwg4dyaEmkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZDFlZTVlMi0zMzhjLTRkMjAtODA3ZS1lNTBiNzU1ODNkYjgvMC8zRDEzQzZGQjlE QjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURDOUExMjY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFEQzlB MTI2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmQxZWU1ZTItMzM4Yy00ZDIwLTgw N2UtZTUwYjc1NTgzZGI4LzAvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIw RTFEQzlBMTI2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADNFNosLNUH4zsQ3VUWrOZAcWp2Tk1IuQSSy Lnet1mkWOHRmnoJdPsDhMmRggWPUTV+6+1WzX65mCrqPB9rm16Q/w8QATl2+/luD ehPVzyBlYFatuTA0XHW0PN4J/T/VWnvsYuA67wQwjeDahu6j+xBnygfEC39TIUty OzgOyymMlWBT6GpxpUovOXFEcCXkM7kChZl7wtGeynlh56goaPZ29JPiBX7GRqgC wLVKoIG8w3VuvUZHywtO/eyeJa5pDpJ6sIyAGT8N5XQOKnfc+myOzOjPM+S4pUwG cPQjoMRWuTtR9duV1F5EK4ZrRurjjQwydk7p7KnhKu/5KjM/rvY= -----END CERTIFICATE-----Generated at Wed Jul 2 14:25:02 2025 by rpki-client