$ rpki-client -vvf repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft File: 401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft (raw, json) Hash identifier: dEfUsTXOMM5RRshXsFtW8ASUV8hMFMsw6FgO+wED4Ds= Subject key identifier: C9:EB:01:1A:67:A1:4D:42:16:E9:64:58:82:E6:81:AD:1B:75:E1:CB Authority key identifier: 40:1A:A5:6A:F5:99:CC:A2:CD:71:A6:84:FF:CF:53:FF:F9:DD:E3:DD Certificate issuer: /CN=401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD Certificate serial: 6E59F25F4041DF17A0878FF45EED069F0AD99541 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft Manifest number: 01CA Signing time: Sun 29 Jun 2025 01:11:49 +0000 Manifest this update: Sun 29 Jun 2025 01:06:49 +0000 Manifest next update: Wed 02 Jul 2025 09:30:49 +0000 Files and hashes: 1: 3130332e3136302e36392e302f32342d3234203d3e20313431363037.roa (hash: a7mgV41OX87LjUgmR9JI4fbD1k92EJK28gdqBsIBQfU=) 2: 3130332e3136302e36382e302f32342d3234203d3e203438343635.roa (hash: s3cZDsm3eCD/zirL0oonykymWlAaugzxDIFPlg5sAUQ=) 3: 401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.crl (hash: WJ9wW4hCngUE66pf4ZFiF6ZFFXJ2tflnXvqmvDx90EM=) 4: 3130332e3136302e36392e302f32342d3234203d3e203438343635.roa (hash: K+vQljm+ExeOXd+J7K26cCdQKnYakCROUmRDg3WOiF4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.crl rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 09:30:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:59:f2:5f:40:41:df:17:a0:87:8f:f4:5e:ed:06:9f:0a:d9:95:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD Validity Not Before: Jun 29 01:06:49 2025 GMT Not After : Jul 2 09:30:49 2025 GMT Subject: CN=C9EB011A67A14D4216E9645882E681AD1B75E1CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:9e:3d:41:9e:5b:bb:f8:56:33:8c:b1:f7:f5: 64:8c:3b:be:e2:81:af:52:ab:0e:0b:19:ac:f4:d0: a2:0b:8b:4a:bb:06:83:a2:c3:82:f6:e7:47:09:b7: 84:b5:55:ef:7d:9c:50:78:7e:e8:a4:63:b3:52:4f: 62:e9:66:91:65:89:3b:3a:12:5d:29:c3:7e:57:2c: 36:53:45:9d:cc:2e:62:e8:a2:5a:b8:fe:74:3b:64: c5:e9:94:8a:0e:99:69:e8:b1:ed:f1:2f:0e:f4:88: 30:a8:4b:41:85:29:aa:d2:57:2d:2e:85:e4:7b:4b: 10:71:47:89:0a:64:ab:95:94:bc:f0:64:f9:8e:3a: bd:a5:9b:02:09:a4:99:be:15:4c:46:13:70:8d:1f: c0:39:b0:2a:94:fb:c4:65:5c:da:25:4f:61:16:57: f3:a5:67:b1:9a:de:70:21:0c:84:91:06:06:5c:92: d6:02:b9:b9:2f:91:97:0f:19:03:44:df:49:de:22: 48:70:c8:b3:68:2b:63:55:da:99:fc:c5:78:7f:66: 86:54:80:e2:ce:f0:d1:49:af:56:08:35:3b:bc:66: 35:fb:e6:f8:1c:26:b4:b7:3e:81:c0:75:5c:53:f5: dc:11:83:be:94:b9:68:06:ee:50:39:b5:b8:f0:e1: 9d:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:EB:01:1A:67:A1:4D:42:16:E9:64:58:82:E6:81:AD:1B:75:E1:CB X509v3 Authority Key Identifier: keyid:40:1A:A5:6A:F5:99:CC:A2:CD:71:A6:84:FF:CF:53:FF:F9:DD:E3:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:92:5e:c1:2b:a8:1f:c7:b8:41:e3:fa:ac:93:78:8e:2b:19: 03:7e:67:20:39:aa:15:3b:d5:84:0e:0b:a5:71:b0:c7:76:76: f7:df:b2:05:a6:a6:00:a4:d9:a9:03:72:5b:69:ea:74:24:9c: 72:9f:f2:ee:f6:77:08:0d:7d:a5:0b:5a:5a:7f:4e:64:a6:2c: 2e:68:a4:f0:a1:1d:82:3b:84:4c:2a:e8:4f:cb:39:43:f5:20: 1d:ce:68:cd:53:98:da:35:ca:3d:83:1b:0e:02:da:09:6e:a7: b0:ad:b2:f8:bf:a6:4e:cf:1f:84:09:8a:a2:ec:61:9b:3e:4e: bc:1f:89:ff:0c:d5:4d:75:82:96:fd:9d:d2:76:7a:87:36:44: ba:53:f1:3d:60:b8:b8:31:10:e3:3b:7e:22:78:6b:d2:c1:69: d4:87:8e:dd:ec:fc:46:16:b4:8a:8b:71:d3:0c:ef:0b:cd:d5: 30:0c:e0:06:b0:c2:f9:a7:b7:e7:89:e6:3a:bd:13:64:aa:64: 0d:3d:b5:31:86:76:b8:c0:52:68:fd:88:c5:97:a3:d4:1c:98: 47:3e:d8:9f:10:9a:34:b0:b6:c4:c4:30:7d:03:0e:a2:b5:11: 64:cb:fd:6f:24:a9:d9:32:71:46:91:fc:3b:ce:1a:97:ad:d2: 7e:56:d0:95 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUblnyX0BB3xegh4/0Xu0GnwrZlUEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDAxQUE1NkFGNTk5Q0NBMkNENzFBNjg0RkZDRjUzRkZG OURERTNERDAeFw0yNTA2MjkwMTA2NDlaFw0yNTA3MDIwOTMwNDlaMDMxMTAvBgNV BAMTKEM5RUIwMTFBNjdBMTRENDIxNkU5NjQ1ODgyRTY4MUFEMUI3NUUxQ0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCknj1Bnlu7+FYzjLH39WSMO77i ga9Sqw4LGaz00KILi0q7BoOiw4L250cJt4S1Ve99nFB4fuikY7NST2LpZpFliTs6 El0pw35XLDZTRZ3MLmLoolq4/nQ7ZMXplIoOmWnose3xLw70iDCoS0GFKarSVy0u heR7SxBxR4kKZKuVlLzwZPmOOr2lmwIJpJm+FUxGE3CNH8A5sCqU+8RlXNolT2EW V/OlZ7Ga3nAhDISRBgZcktYCubkvkZcPGQNE30neIkhwyLNoK2NV2pn8xXh/ZoZU gOLO8NFJr1YINTu8ZjX75vgcJrS3PoHAdVxT9dwRg76UuWgG7lA5tbjw4Z3bAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUyesBGmehTUIW6WRYguaBrRt14cswHwYDVR0j BBgwFoAUQBqlavWZzKLNcaaE/89T//nd490wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k YWM3OWZiZS00NzkwLTQ2YmUtYjliMi0wMzU5YjFhMThlMzMvMC80MDFBQTU2QUY1 OTlDQ0EyQ0Q3MUE2ODRGRkNGNTNGRkY5RERFM0RELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDAxQUE1NkFGNTk5Q0NBMkNENzFBNjg0RkZDRjUzRkZGOURE RTNERC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGFjNzlmYmUtNDc5MC00NmJlLWI5 YjItMDM1OWIxYTE4ZTMzLzAvNDAxQUE1NkFGNTk5Q0NBMkNENzFBNjg0RkZDRjUz RkZGOURERTNERC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADOSXsErqB/HuEHj+qyTeI4rGQN+ZyA5qhU7 1YQOC6VxsMd2dvffsgWmpgCk2akDcltp6nQknHKf8u72dwgNfaULWlp/TmSmLC5o pPChHYI7hEwq6E/LOUP1IB3OaM1TmNo1yj2DGw4C2glup7Ctsvi/pk7PH4QJiqLs YZs+Trwfif8M1U11gpb9ndJ2eoc2RLpT8T1guLgxEOM7fiJ4a9LBadSHjt3s/EYW tIqLcdMM7wvN1TAM4Aawwvmnt+eJ5jq9E2SqZA09tTGGdrjAUmj9iMWXo9QcmEc+ 2J8QmjSwtsTEMH0DDqK1EWTL/W8kqdkycUaR/DvOGpet0n5W0JU= -----END CERTIFICATE-----Generated at Mon Jun 30 17:11:02 2025 by rpki-client