$ rpki-client -vvf repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft File: CA978B7ACEF55A251B74721E04A034CA3601A88B.mft (raw, json) Hash identifier: t4Fyce52FrdhvFHr91YHqXEqosGv5s5WdJUS/rCgs94= Subject key identifier: 8E:F0:D9:EC:22:93:6A:E1:FA:57:B9:55:29:0D:0E:6D:E4:FC:30:4E Authority key identifier: CA:97:8B:7A:CE:F5:5A:25:1B:74:72:1E:04:A0:34:CA:36:01:A8:8B Certificate issuer: /CN=CA978B7ACEF55A251B74721E04A034CA3601A88B Certificate serial: 367DAAD4CF218CEF942DA14D835B7A3A84E5DB6D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA978B7ACEF55A251B74721E04A034CA3601A88B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft Manifest number: ED Signing time: Mon 12 May 2025 04:41:25 +0000 Manifest this update: Mon 12 May 2025 04:36:25 +0000 Manifest next update: Thu 15 May 2025 16:22:25 +0000 Files and hashes: 1: 3130332e38332e3233372e302f32342d3234203d3e20313530353430.roa (hash: qSzxrfqd29Pg9HOqmUjPO7crmnWP/zs2luJUdYRC76s=) 2: 3130332e38332e3233362e302f32342d3234203d3e20313530353430.roa (hash: IHqcErbm/jh+8G9ITpkeHubYhwRm77oQuURliUYMdFs=) 3: CA978B7ACEF55A251B74721E04A034CA3601A88B.crl (hash: s2AmOZL6K2/wFwZw9N1QWmHsx5FWmcYhe4cCisFy7Sg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.crl rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA978B7ACEF55A251B74721E04A034CA3601A88B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 15 May 2025 10:15:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:7d:aa:d4:cf:21:8c:ef:94:2d:a1:4d:83:5b:7a:3a:84:e5:db:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA978B7ACEF55A251B74721E04A034CA3601A88B Validity Not Before: May 12 04:36:25 2025 GMT Not After : May 15 16:22:25 2025 GMT Subject: CN=8EF0D9EC22936AE1FA57B955290D0E6DE4FC304E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:23:f5:7f:13:dd:4d:da:c4:de:3e:fd:75:4c: 2d:c7:c9:b7:72:c9:12:6f:e8:eb:03:1b:36:6c:56: 6b:37:45:06:4d:49:28:f1:ff:90:8a:df:0b:dd:c9: 54:d8:02:25:fe:c7:d5:40:7d:d7:4a:54:84:f2:89: c0:79:8a:7a:77:59:5d:4b:34:43:99:a3:2d:6c:b2: 87:6e:e5:1f:44:b0:b7:ca:40:f7:a5:6e:2e:db:34: 82:79:a5:a3:75:a2:2a:ee:c6:64:36:64:60:84:fd: 3d:31:69:9b:25:1d:30:ef:a9:da:bb:73:f0:44:ad: 6c:71:f0:82:6c:f7:dd:3a:ac:7f:a2:a0:59:58:8c: 7b:57:39:7f:16:52:e4:79:0c:9a:18:4a:82:bd:8c: 52:08:8f:40:15:8a:16:3b:90:01:fb:33:e8:cb:b6: 53:34:25:3e:43:2c:28:5c:43:8f:71:92:d6:09:a0: a8:51:cd:77:5f:0b:72:22:0f:26:e7:bf:53:57:4b: 1d:67:81:62:b6:dd:8f:49:fc:03:58:56:a7:74:bf: 17:1d:27:20:9f:71:8f:0e:ed:70:0c:1a:a9:04:ab: b6:32:3f:46:66:72:5f:92:4d:63:98:01:dc:48:ea: 27:44:f3:67:4d:5f:6d:70:c8:d4:6d:69:c0:92:97: 71:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:F0:D9:EC:22:93:6A:E1:FA:57:B9:55:29:0D:0E:6D:E4:FC:30:4E X509v3 Authority Key Identifier: keyid:CA:97:8B:7A:CE:F5:5A:25:1B:74:72:1E:04:A0:34:CA:36:01:A8:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA978B7ACEF55A251B74721E04A034CA3601A88B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:94:54:30:d5:bc:d8:3b:be:1d:06:9f:1e:db:f5:b8:36:ea: 60:c3:a1:25:f8:4a:4a:ee:8e:04:f5:5c:4d:5e:8d:b2:6a:db: a2:9e:21:5e:e1:d5:81:1a:d7:58:f6:10:34:e9:0a:59:a7:26: e7:74:b0:7e:2b:fe:6d:9e:16:06:6a:ab:98:e6:b5:8b:65:1a: 6b:3a:4f:72:05:c2:5f:b9:b2:62:bb:63:9d:41:3f:b9:82:d6: 3e:2f:e9:4f:db:fb:a9:4f:f1:ae:59:f5:56:51:1e:9e:be:b2: 2d:ed:d5:cb:3b:b0:38:94:ae:15:c0:a0:20:7e:d1:64:43:4b: bb:44:c8:d5:a0:27:e5:21:b9:cd:f4:02:4f:b8:96:8b:2f:ca: bd:ca:ae:9d:52:82:49:57:08:95:60:84:c7:aa:cb:3b:19:7e: f3:bb:06:f0:64:8f:d1:9c:c8:b7:06:e1:6f:6c:01:06:84:33: 92:b1:47:69:a7:a1:d5:b8:18:04:87:92:bf:4e:06:e8:27:24: c3:59:32:5d:23:53:b7:fa:e0:a4:be:ac:e3:ad:b3:4a:32:7d: fa:d0:b6:fd:b3:10:98:f3:4b:ef:f5:af:0d:2f:56:bd:e1:bd: 76:47:cf:70:af:d0:2d:89:65:4d:a2:99:a4:f8:16:7b:a2:20: 21:ad:f0:c7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNn2q1M8hjO+ULaFNg1t6OoTl220wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0E5NzhCN0FDRUY1NUEyNTFCNzQ3MjFFMDRBMDM0Q0Ez NjAxQTg4QjAeFw0yNTA1MTIwNDM2MjVaFw0yNTA1MTUxNjIyMjVaMDMxMTAvBgNV BAMTKDhFRjBEOUVDMjI5MzZBRTFGQTU3Qjk1NTI5MEQwRTZERTRGQzMwNEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGI/V/E91N2sTePv11TC3Hybdy yRJv6OsDGzZsVms3RQZNSSjx/5CK3wvdyVTYAiX+x9VAfddKVITyicB5inp3WV1L NEOZoy1ssodu5R9EsLfKQPelbi7bNIJ5paN1oiruxmQ2ZGCE/T0xaZslHTDvqdq7 c/BErWxx8IJs9906rH+ioFlYjHtXOX8WUuR5DJoYSoK9jFIIj0AVihY7kAH7M+jL tlM0JT5DLChcQ49xktYJoKhRzXdfC3IiDybnv1NXSx1ngWK23Y9J/ANYVqd0vxcd JyCfcY8O7XAMGqkEq7YyP0Zmcl+STWOYAdxI6idE82dNX21wyNRtacCSl3GLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUjvDZ7CKTauH6V7lVKQ0ObeT8ME4wHwYDVR0j BBgwFoAUypeLes71WiUbdHIeBKA0yjYBqIswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZmEzY2ZmNy0yYWExLTQ0ZGYtOTE0Yy1mMTkxODRmNmYzYjEvMC9DQTk3OEI3QUNF RjU1QTI1MUI3NDcyMUUwNEEwMzRDQTM2MDFBODhCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0E5NzhCN0FDRUY1NUEyNTFCNzQ3MjFFMDRBMDM0Q0EzNjAx QTg4Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmZhM2NmZjctMmFhMS00NGRmLTkx NGMtZjE5MTg0ZjZmM2IxLzAvQ0E5NzhCN0FDRUY1NUEyNTFCNzQ3MjFFMDRBMDM0 Q0EzNjAxQTg4Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAF+UVDDVvNg7vh0Gnx7b9bg26mDDoSX4Skru jgT1XE1ejbJq26KeIV7h1YEa11j2EDTpClmnJud0sH4r/m2eFgZqq5jmtYtlGms6 T3IFwl+5smK7Y51BP7mC1j4v6U/b+6lP8a5Z9VZRHp6+si3t1cs7sDiUrhXAoCB+ 0WRDS7tEyNWgJ+Uhuc30Ak+4losvyr3Krp1SgklXCJVghMeqyzsZfvO7BvBkj9Gc yLcG4W9sAQaEM5KxR2mnodW4GASHkr9OBugnJMNZMl0jU7f64KS+rOOts0oyffrQ tv2zEJjzS+/1rw0vVr3hvXZHz3Cv0C2JZU2imaT4FnuiICGt8Mc= -----END CERTIFICATE-----Generated at Mon May 12 10:38:57 2025 by rpki-client