$ rpki-client -vvf repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft File: 2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft (raw, json) Hash identifier: 79OXFNJnOxZiGFznmf4x2W9146Fc//pSYp42EyswHWQ= Subject key identifier: AF:D4:F9:45:D1:C3:68:9E:F6:A2:3E:72:2B:C8:1B:AF:37:1E:32:5E Authority key identifier: 2D:EC:7D:B2:A5:C9:62:CF:A5:3D:57:8D:EA:7D:C8:43:83:A6:33:D4 Certificate issuer: /CN=2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4 Certificate serial: 2E54B1A317CFCC5DCF75CE67E965FB8C5225B5AE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft Manifest number: 04A5 Signing time: Mon 12 May 2025 07:41:21 +0000 Manifest this update: Mon 12 May 2025 07:36:21 +0000 Manifest next update: Thu 15 May 2025 19:24:21 +0000 Files and hashes: 1: 3130332e3133372e33382e302f32332d3234203d3e20313338383232.roa (hash: mA/rP0hr8/EieVP2HKsGbfcjdkP2Kd8or4Jc67/Y7I0=) 2: 323430343a613463303a3a2f33322d3438203d3e20313338383232.roa (hash: jd8RzIV4pb6xOSx8M2iJByCvMa7m6mddhFLRaUaFvoI=) 3: 2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.crl (hash: 5rWlfbNt1p1yu0aiMe1/xazE2an1+otCXUBkfvZ/klQ=) 4: 323430343a613463303a666163653a3a2f34382d3438203d3e20313338383232.roa (hash: 8BcFapwe+X3BcAcYyUi0aKlB+9OoLNEUNoO57IgvOug=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.crl rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 15 May 2025 19:24:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:54:b1:a3:17:cf:cc:5d:cf:75:ce:67:e9:65:fb:8c:52:25:b5:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4 Validity Not Before: May 12 07:36:21 2025 GMT Not After : May 15 19:24:21 2025 GMT Subject: CN=AFD4F945D1C3689EF6A23E722BC81BAF371E325E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d4:69:6f:47:0e:e3:7e:c1:9d:c3:b4:13:10: 94:9d:28:5f:ab:52:47:3b:5e:e9:aa:69:fa:0b:2b: 7f:2b:f4:0a:a9:d0:ca:a6:07:4d:96:4a:cd:ca:2b: 19:3b:c2:34:27:5b:11:34:76:a1:ae:c4:1f:64:fd: 02:34:17:53:78:c5:1b:46:48:e6:76:43:db:3a:40: a6:26:1b:83:e0:b4:84:97:a1:f4:59:33:1e:d3:8a: a3:7f:13:c6:91:b5:5f:14:85:ad:65:da:50:67:b9: f6:a8:df:8f:66:d9:7d:5e:dc:45:44:b2:76:a9:82: fb:3c:b4:cb:ee:fe:1f:e1:93:90:f2:7a:e3:c1:e1: eb:3e:61:de:dc:bc:fc:fd:19:15:5f:ae:59:4d:17: 37:23:28:9e:49:80:c2:08:75:7a:c0:d4:5b:12:ef: 03:3a:c0:ef:5c:4c:29:9e:9c:79:b4:3d:27:4b:ff: 07:1b:62:0f:d0:0e:fa:05:d4:3f:33:e8:52:1c:2e: 6c:12:b1:ed:f6:d0:b6:1a:98:a0:80:2c:5f:90:f6: df:3e:7e:16:53:b8:45:e3:0c:18:e6:b7:47:05:c6: 9f:b9:f2:a7:95:e2:ca:25:33:4a:e6:03:d0:ab:2b: e6:83:14:2c:b2:b0:5d:2e:d9:47:4f:30:99:67:f9: cf:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:D4:F9:45:D1:C3:68:9E:F6:A2:3E:72:2B:C8:1B:AF:37:1E:32:5E X509v3 Authority Key Identifier: keyid:2D:EC:7D:B2:A5:C9:62:CF:A5:3D:57:8D:EA:7D:C8:43:83:A6:33:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:fc:cb:c3:f0:69:48:32:64:b1:bb:fe:2b:54:d4:e0:d5:f9: 79:17:48:c9:b4:43:34:c7:e1:9d:10:04:02:76:93:4d:e8:41: 8b:05:41:b8:69:5c:cd:a8:80:22:ee:8a:06:11:e0:02:80:8b: 2e:34:67:45:05:0a:9f:c5:77:b9:c1:68:5a:eb:c1:cd:4b:74: 11:4d:32:09:92:23:18:45:29:b8:2f:57:97:4e:3a:59:02:61: b6:35:d5:8c:5e:3d:48:12:06:fb:0c:3f:7d:a8:34:98:ca:53: bd:6f:80:93:07:49:bf:96:3d:58:5a:ac:30:5d:59:dd:75:53: e9:30:e4:36:4d:45:3c:e5:a9:f8:43:e2:fa:01:e3:0c:0c:af: 8b:1e:9c:f5:71:46:6c:ed:ba:c4:e1:67:0a:93:5b:77:c7:41: 92:e2:87:56:4a:38:79:75:1f:75:21:65:95:df:b5:05:ae:ea: 5b:75:ac:9c:27:68:c5:cc:70:e9:fe:0d:32:24:a7:66:4d:ca: 8a:ea:27:1e:0f:2b:6d:25:85:ba:5e:02:9c:b2:59:d5:8b:5d: 91:d2:2a:7e:57:d4:4e:56:0e:34:62:7e:65:59:a0:59:57:d6: 4f:91:98:81:d3:e1:7d:34:47:11:e5:89:3c:4f:64:81:10:35: c1:a6:b6:59 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULlSxoxfPzF3Pdc5n6WX7jFIlta4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkRFQzdEQjJBNUM5NjJDRkE1M0Q1NzhERUE3REM4NDM4 M0E2MzNENDAeFw0yNTA1MTIwNzM2MjFaFw0yNTA1MTUxOTI0MjFaMDMxMTAvBgNV BAMTKEFGRDRGOTQ1RDFDMzY4OUVGNkEyM0U3MjJCQzgxQkFGMzcxRTMyNUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO1GlvRw7jfsGdw7QTEJSdKF+r Ukc7XumqafoLK38r9Aqp0MqmB02WSs3KKxk7wjQnWxE0dqGuxB9k/QI0F1N4xRtG SOZ2Q9s6QKYmG4PgtISXofRZMx7TiqN/E8aRtV8Uha1l2lBnufao349m2X1e3EVE snapgvs8tMvu/h/hk5DyeuPB4es+Yd7cvPz9GRVfrllNFzcjKJ5JgMIIdXrA1FsS 7wM6wO9cTCmenHm0PSdL/wcbYg/QDvoF1D8z6FIcLmwSse320LYamKCALF+Q9t8+ fhZTuEXjDBjmt0cFxp+58qeV4solM0rmA9CrK+aDFCyysF0u2UdPMJln+c/3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUr9T5RdHDaJ72oj5yK8gbrzceMl4wHwYDVR0j BBgwFoAULex9sqXJYs+lPVeN6n3IQ4OmM9QwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l M2JiZjFkYS1lMzE3LTQ4ZWYtYWQ2ZC1mZThhOGJmMDg0MDAvMC8yREVDN0RCMkE1 Qzk2MkNGQTUzRDU3OERFQTdEQzg0MzgzQTYzM0Q0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkRFQzdEQjJBNUM5NjJDRkE1M0Q1NzhERUE3REM4NDM4M0E2 MzNENC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZTNiYmYxZGEtZTMxNy00OGVmLWFk NmQtZmU4YThiZjA4NDAwLzAvMkRFQzdEQjJBNUM5NjJDRkE1M0Q1NzhERUE3REM4 NDM4M0E2MzNENC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFj8y8PwaUgyZLG7/itU1ODV+XkXSMm0QzTH 4Z0QBAJ2k03oQYsFQbhpXM2ogCLuigYR4AKAiy40Z0UFCp/Fd7nBaFrrwc1LdBFN MgmSIxhFKbgvV5dOOlkCYbY11YxePUgSBvsMP32oNJjKU71vgJMHSb+WPVharDBd Wd11U+kw5DZNRTzlqfhD4voB4wwMr4senPVxRmztusThZwqTW3fHQZLih1ZKOHl1 H3UhZZXftQWu6lt1rJwnaMXMcOn+DTIkp2ZNyorqJx4PK20lhbpeApyyWdWLXZHS Kn5X1E5WDjRifmVZoFlX1k+RmIHT4X00RxHliTxPZIEQNcGmtlk= -----END CERTIFICATE-----Generated at Wed May 14 00:22:28 2025 by rpki-client