$ rpki-client -vvf repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft File: CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft (raw, json) Hash identifier: +Z4r2SSawBCzavQE8ll7ZVm9d3TTybkkhpZkGz4MTKU= Subject key identifier: 2C:DF:42:65:02:21:A2:3F:3B:12:20:24:B9:65:FC:FE:21:44:62:E8 Authority key identifier: CB:96:62:73:31:53:C0:2E:4C:41:1B:7D:2F:2B:9E:22:D2:F0:EB:85 Certificate issuer: /CN=CB9662733153C02E4C411B7D2F2B9E22D2F0EB85 Certificate serial: 59814CD9D3E9A1344BF4BB07A659BB4616917D9E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft Manifest number: 0166 Signing time: Sat 28 Jun 2025 03:11:05 +0000 Manifest this update: Sat 28 Jun 2025 03:06:05 +0000 Manifest next update: Tue 01 Jul 2025 11:55:05 +0000 Files and hashes: 1: CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl (hash: KEbb2TeyMkrdGEMMdU3JEDrqIUOCAZkfkSaSELKuz4s=) 2: 3130332e3133322e34312e302f32342d3234203d3e20313530393730.roa (hash: tzY1XNU5cVp0pp1q9NAQ2OMSeEZ2zfRfv6jNIeP9/Ac=) 3: 3130332e3133322e34302e302f32342d3234203d3e20313530393730.roa (hash: zG4bUujzmzqdwkICkCb1gdMUqEbOsnXYVfCYSY0KH6c=) 4: 3130332e3133322e34302e302f32332d3234203d3e20313530393730.roa (hash: KLg+Fz2BzcIwd4SxZ1zeV5yC0o2hRKcPTvTH6A9r9sk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 11:55:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:81:4c:d9:d3:e9:a1:34:4b:f4:bb:07:a6:59:bb:46:16:91:7d:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB9662733153C02E4C411B7D2F2B9E22D2F0EB85 Validity Not Before: Jun 28 03:06:05 2025 GMT Not After : Jul 1 11:55:05 2025 GMT Subject: CN=2CDF42650221A23F3B122024B965FCFE214462E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:65:0c:63:9a:83:e1:01:c9:73:7f:c9:47:70: 9f:f3:51:98:7c:db:6f:83:5a:8a:45:20:5a:ee:c9: 17:2d:b2:a2:58:b5:ec:d6:01:9c:90:8b:86:18:97: c4:7d:4b:3d:2f:d3:c5:4b:8b:32:0c:d3:c5:cf:95: b8:45:f8:84:ac:c1:ef:c1:e7:da:5a:01:e2:0f:8f: eb:92:ff:ca:fe:23:91:0c:b0:7f:3b:d2:ad:52:31: 44:e8:b7:f1:25:7d:42:76:d8:aa:a7:b5:9d:ef:43: 89:8e:b8:2a:c4:ae:01:c1:6e:53:de:18:71:ec:de: 76:6f:ea:0d:60:53:f5:5c:b4:55:04:50:12:3b:d9: e5:4e:98:38:b0:1f:1d:cd:17:35:19:11:d6:7e:2c: d4:3b:92:49:77:22:ca:25:0d:50:7f:0e:4b:12:e9: 0d:a4:b5:80:4f:64:be:3e:95:cb:9c:80:cf:bc:b3: 97:61:ce:30:58:fb:1d:4e:d7:ab:f9:9f:75:59:bc: b2:d7:0f:b7:c5:03:2f:10:2b:69:58:57:fb:fd:de: da:2d:86:c8:e9:e6:87:db:a5:23:44:ff:2f:ff:91: 48:c8:ed:1e:ea:1d:b9:52:74:64:4e:d5:af:bf:80: 0d:55:0a:5c:ad:4c:9e:db:20:54:dc:d5:aa:19:f7: 71:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:DF:42:65:02:21:A2:3F:3B:12:20:24:B9:65:FC:FE:21:44:62:E8 X509v3 Authority Key Identifier: keyid:CB:96:62:73:31:53:C0:2E:4C:41:1B:7D:2F:2B:9E:22:D2:F0:EB:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:69:67:41:23:01:66:78:b2:03:b1:db:f9:92:4f:3c:40:74: e4:d2:02:08:b7:4f:2b:8e:8a:1e:3a:29:27:55:b5:dc:45:a5: 0d:b7:45:eb:28:49:b6:0c:78:aa:c1:bb:bd:ad:95:f9:92:e8: 5f:6b:f4:e9:48:fd:c0:42:2a:8b:ec:24:7a:f4:da:9a:4e:d1: 7f:a3:8d:95:73:88:8f:8d:7a:f4:32:11:ec:37:90:d9:f9:e9: 26:ce:59:3c:c9:82:4d:db:fa:63:77:7b:0b:ee:ec:90:0e:c4: c9:1e:da:eb:58:74:bd:0b:0a:ba:4c:97:d2:3a:2e:b1:90:23: 74:db:fa:97:f4:fd:b9:0a:65:10:dd:bc:bd:d4:ba:eb:be:db: 66:03:9c:c3:d3:22:10:c8:c7:8f:11:02:7a:1f:79:c6:d1:be: 21:ae:a5:b8:b6:f9:42:92:bc:5d:db:00:3c:c1:87:ab:d8:e7: 24:47:78:cd:4d:bf:51:b2:ac:4a:97:93:85:02:d6:c6:eb:de: d4:b7:4c:8b:e2:45:32:40:d8:ba:31:d5:0e:97:aa:69:ae:4e: 17:11:c0:97:66:08:3b:ee:4a:08:8e:f1:da:13:d2:eb:d1:7b: d7:3b:e5:85:ef:4b:a5:c9:81:8c:c2:3d:19:dd:5c:1a:bd:ab: e0:f0:e5:e0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWYFM2dPpoTRL9LsHplm7RhaRfZ4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlFMjJE MkYwRUI4NTAeFw0yNTA2MjgwMzA2MDVaFw0yNTA3MDExMTU1MDVaMDMxMTAvBgNV BAMTKDJDREY0MjY1MDIyMUEyM0YzQjEyMjAyNEI5NjVGQ0ZFMjE0NDYyRTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbZQxjmoPhAclzf8lHcJ/zUZh8 22+DWopFIFruyRctsqJYtezWAZyQi4YYl8R9Sz0v08VLizIM08XPlbhF+ISswe/B 59paAeIPj+uS/8r+I5EMsH870q1SMUTot/ElfUJ22KqntZ3vQ4mOuCrErgHBblPe GHHs3nZv6g1gU/VctFUEUBI72eVOmDiwHx3NFzUZEdZ+LNQ7kkl3IsolDVB/DksS 6Q2ktYBPZL4+lcucgM+8s5dhzjBY+x1O16v5n3VZvLLXD7fFAy8QK2lYV/v93tot hsjp5ofbpSNE/y//kUjI7R7qHblSdGRO1a+/gA1VClytTJ7bIFTc1aoZ93FlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQULN9CZQIhoj87EiAkuWX8/iFEYugwHwYDVR0j BBgwFoAUy5ZiczFTwC5MQRt9LyueItLw64UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k ZGYyZmZkYS0wNWQxLTQwODUtYTEzNS0wMzk4N2EwN2YzOWUvMC9DQjk2NjI3MzMx NTNDMDJFNEM0MTFCN0QyRjJCOUUyMkQyRjBFQjg1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlFMjJEMkYw RUI4NS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGRmMmZmZGEtMDVkMS00MDg1LWEx MzUtMDM5ODdhMDdmMzllLzAvQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlF MjJEMkYwRUI4NS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADxpZ0EjAWZ4sgOx2/mSTzxAdOTSAgi3TyuO ih46KSdVtdxFpQ23ResoSbYMeKrBu72tlfmS6F9r9OlI/cBCKovsJHr02ppO0X+j jZVziI+NevQyEew3kNn56SbOWTzJgk3b+mN3ewvu7JAOxMke2utYdL0LCrpMl9I6 LrGQI3Tb+pf0/bkKZRDdvL3Uuuu+22YDnMPTIhDIx48RAnofecbRviGupbi2+UKS vF3bADzBh6vY5yRHeM1Nv1GyrEqXk4UC1sbr3tS3TIviRTJA2Lox1Q6XqmmuThcR wJdmCDvuSgiO8doT0uvRe9c75YXvS6XJgYzCPRndXBq9q+Dw5eA= -----END CERTIFICATE-----Generated at Sun Jun 29 21:54:31 2025 by rpki-client