$ rpki-client -vvf repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft File: CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft (raw, json) Hash identifier: 3FaerOhfoJhi+o0zIs53+RmUeUZJn6mZqL8cK+jwF4U= Subject key identifier: 14:1D:43:96:7D:2D:B2:A2:E0:41:C1:F5:AF:D0:70:3C:04:52:6F:91 Authority key identifier: CB:96:62:73:31:53:C0:2E:4C:41:1B:7D:2F:2B:9E:22:D2:F0:EB:85 Certificate issuer: /CN=CB9662733153C02E4C411B7D2F2B9E22D2F0EB85 Certificate serial: 357C8595DCAA67190A07C3613A327DFB80E2A56D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft Manifest number: 014D Signing time: Sat 03 May 2025 19:21:03 +0000 Manifest this update: Sat 03 May 2025 19:16:03 +0000 Manifest next update: Tue 06 May 2025 19:30:03 +0000 Files and hashes: 1: 3130332e3133322e34302e302f32342d3234203d3e20313530393730.roa (hash: f48Cy1U7udxBY7J5ME0Gs+AuNWTYX+G7wDW6QnQhy6I=) 2: CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl (hash: DvslGDkN35LquqlOs95aJn8ns2u7NHFkhySbE2Nb5k0=) 3: 3130332e3133322e34312e302f32342d3234203d3e20313530393730.roa (hash: tzY1XNU5cVp0pp1q9NAQ2OMSeEZ2zfRfv6jNIeP9/Ac=) 4: 3130332e3133322e34302e302f32332d3234203d3e20313530393730.roa (hash: KLg+Fz2BzcIwd4SxZ1zeV5yC0o2hRKcPTvTH6A9r9sk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 06 May 2025 19:30:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:7c:85:95:dc:aa:67:19:0a:07:c3:61:3a:32:7d:fb:80:e2:a5:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB9662733153C02E4C411B7D2F2B9E22D2F0EB85 Validity Not Before: May 3 19:16:03 2025 GMT Not After : May 6 19:30:03 2025 GMT Subject: CN=141D43967D2DB2A2E041C1F5AFD0703C04526F91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:a9:4a:f0:fc:09:05:13:9c:92:df:5d:75:4c: 4f:68:60:05:49:23:35:6f:12:7b:0e:c5:a9:60:b2: 00:27:6a:7d:79:54:68:47:4e:07:cf:8b:4b:af:ac: 7b:b8:31:94:d9:67:b9:7c:d2:dd:b2:6a:a0:0a:70: 86:db:c1:da:25:06:0e:3d:cb:cc:71:bb:c9:71:6a: ed:92:6c:53:88:7c:a8:d9:d0:e7:ed:79:ed:e9:fc: 6d:68:7f:7d:4c:57:f3:50:c6:c0:aa:38:f5:dd:4a: bc:6b:08:a8:a7:74:ec:47:17:d4:d8:64:f6:9e:1d: 41:af:41:05:34:92:05:dd:8c:95:c5:b5:01:9d:d9: b8:2f:ab:20:58:71:39:f3:e4:6e:dc:75:24:7b:e2: 15:51:26:57:55:bf:e1:da:65:ae:5f:a4:f6:5d:1c: c9:26:f3:b5:81:fb:66:76:37:47:93:6f:4a:e0:34: 8b:48:24:52:3e:1f:85:ff:fc:9d:b0:2a:b5:62:68: c4:47:2f:cc:f8:81:e2:33:77:84:98:f3:2d:8a:a0: 66:e6:12:2f:a7:5b:91:13:25:c1:fd:70:11:25:10: 49:b8:b5:4d:be:e0:9d:07:df:bb:51:fc:e2:c0:9b: 12:04:88:0d:68:c9:7f:b3:bd:55:d6:3a:34:94:f3: ae:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:1D:43:96:7D:2D:B2:A2:E0:41:C1:F5:AF:D0:70:3C:04:52:6F:91 X509v3 Authority Key Identifier: keyid:CB:96:62:73:31:53:C0:2E:4C:41:1B:7D:2F:2B:9E:22:D2:F0:EB:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:91:a9:bc:25:d8:8a:54:8a:a3:a3:42:d3:1f:ef:0c:25:d0: af:a4:52:16:89:58:e5:23:c1:07:53:4a:db:19:d4:1d:4a:af: 23:5d:2a:2a:e0:05:02:55:51:96:91:90:83:dd:48:ad:31:f3: b5:08:93:28:7f:5e:42:7b:fb:2c:a9:f9:67:d1:f8:4f:f7:51: a1:f1:64:92:46:b8:4d:e0:b4:bd:2f:c6:c5:04:2f:f4:54:75: da:8a:97:ed:8a:cc:71:5a:97:cb:5d:96:1b:ef:30:15:5a:30: 2f:3e:5c:47:ce:35:75:dd:71:ec:d6:ab:87:9a:53:8a:77:3d: 88:6c:7d:c2:a4:04:5c:ea:fe:9a:dd:8a:3b:66:72:83:1e:f5: 0b:84:76:4d:fc:c4:51:08:e1:83:45:1f:9b:96:e0:dc:4b:8f: 08:d4:62:20:7e:ed:73:22:6b:7a:f9:b3:07:ce:96:c7:39:f5: 79:74:a1:c6:9d:4a:d2:2f:28:d2:6c:ea:3a:c0:d7:98:d7:50: 65:9d:f1:48:6a:c5:2d:19:cd:04:72:4b:4f:e9:30:b8:3b:4e: 37:8c:6e:f5:ab:80:45:eb:97:c6:92:fd:6e:f9:f2:7a:99:6e: 66:5f:e1:e0:2f:66:33:ba:53:0e:bf:a8:18:c9:04:e9:f0:3b: 24:4c:22:d1 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNXyFldyqZxkKB8NhOjJ9+4DipW0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlFMjJE MkYwRUI4NTAeFw0yNTA1MDMxOTE2MDNaFw0yNTA1MDYxOTMwMDNaMDMxMTAvBgNV BAMTKDE0MUQ0Mzk2N0QyREIyQTJFMDQxQzFGNUFGRDA3MDNDMDQ1MjZGOTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSqUrw/AkFE5yS3111TE9oYAVJ IzVvEnsOxalgsgAnan15VGhHTgfPi0uvrHu4MZTZZ7l80t2yaqAKcIbbwdolBg49 y8xxu8lxau2SbFOIfKjZ0Oftee3p/G1of31MV/NQxsCqOPXdSrxrCKindOxHF9TY ZPaeHUGvQQU0kgXdjJXFtQGd2bgvqyBYcTnz5G7cdSR74hVRJldVv+HaZa5fpPZd HMkm87WB+2Z2N0eTb0rgNItIJFI+H4X//J2wKrViaMRHL8z4geIzd4SY8y2KoGbm Ei+nW5ETJcH9cBElEEm4tU2+4J0H37tR/OLAmxIEiA1oyX+zvVXWOjSU867hAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUFB1Dln0tsqLgQcH1r9BwPARSb5EwHwYDVR0j BBgwFoAUy5ZiczFTwC5MQRt9LyueItLw64UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k ZGYyZmZkYS0wNWQxLTQwODUtYTEzNS0wMzk4N2EwN2YzOWUvMC9DQjk2NjI3MzMx NTNDMDJFNEM0MTFCN0QyRjJCOUUyMkQyRjBFQjg1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlFMjJEMkYw RUI4NS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGRmMmZmZGEtMDVkMS00MDg1LWEx MzUtMDM5ODdhMDdmMzllLzAvQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlF MjJEMkYwRUI4NS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGWRqbwl2IpUiqOjQtMf7wwl0K+kUhaJWOUj wQdTStsZ1B1KryNdKirgBQJVUZaRkIPdSK0x87UIkyh/XkJ7+yyp+WfR+E/3UaHx ZJJGuE3gtL0vxsUEL/RUddqKl+2KzHFal8tdlhvvMBVaMC8+XEfONXXdcezWq4ea U4p3PYhsfcKkBFzq/prdijtmcoMe9QuEdk38xFEI4YNFH5uW4NxLjwjUYiB+7XMi a3r5swfOlsc59Xl0ocadStIvKNJs6jrA15jXUGWd8UhqxS0ZzQRyS0/pMLg7TjeM bvWrgEXrl8aS/W758nqZbmZf4eAvZjO6Uw6/qBjJBOnwOyRMItE= -----END CERTIFICATE-----Generated at Tue May 6 12:12:12 2025 by rpki-client