$ rpki-client -vvf repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft File: AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft (raw, json) Hash identifier: VKUXGRfPDwtaiWGmWAe/ULJbKhob97TT6aKhnCdadjA= Subject key identifier: 9D:4D:2D:29:98:04:E5:DD:15:77:CD:21:DE:E8:6C:8A:42:8B:84:C7 Authority key identifier: AA:72:76:8F:DD:0C:61:5A:05:E4:A3:2A:06:F9:CC:B5:CA:7E:0D:93 Certificate issuer: /CN=AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93 Certificate serial: 3CB93AB43FAC417A72B15E022FFB835A2C7617C9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft Manifest number: B7 Signing time: Sat 23 Aug 2025 18:12:06 +0000 Manifest this update: Sat 23 Aug 2025 18:07:06 +0000 Manifest next update: Wed 27 Aug 2025 06:00:06 +0000 Files and hashes: 1: AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.crl (hash: UE4nZgp/D3747IAZlalfGOfBZbVw8vCtbgRh9+vHofQ=) 2: 3136302e32352e3137352e302f32342d3234203d3e20313533303733.roa (hash: Yq8Q6JYOVHESjvKiauFlSKUKL9dSlIZbiu5ayrjEea4=) 3: 3136302e32352e3137342e302f32342d3234203d3e20313533303733.roa (hash: UbbhlYQNDi6JszbpEsabaohj0lI6X/p1NOF16+0hgH0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.crl rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 10:24:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:b9:3a:b4:3f:ac:41:7a:72:b1:5e:02:2f:fb:83:5a:2c:76:17:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93 Validity Not Before: Aug 23 18:07:06 2025 GMT Not After : Aug 27 06:00:06 2025 GMT Subject: CN=9D4D2D299804E5DD1577CD21DEE86C8A428B84C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:20:9e:c6:f4:d8:9b:a5:b1:ad:b7:f3:9a:cc: f2:f5:7f:c2:bf:45:5f:38:2f:3d:16:16:ca:1f:8f: 93:e6:d9:c0:4d:e3:9b:7a:80:07:9c:9f:18:9c:44: d0:a0:df:0e:d1:a9:45:66:3e:75:e8:13:04:f5:a5: b6:08:f5:7c:42:5b:59:a4:1a:9b:96:01:7a:a1:34: 6a:88:aa:75:46:0f:1a:de:6b:78:2e:bf:21:f2:e9: a6:b2:e3:8a:b2:b7:98:0e:e9:7c:86:b9:80:1c:92: 76:86:e6:92:d7:e6:38:24:a5:09:3b:9f:fe:68:88: fb:3d:50:44:b2:d8:10:42:26:1f:a2:08:65:af:68: 34:3e:23:fb:dd:76:83:08:34:73:c9:ca:c4:4f:d9: 24:d1:dd:17:5b:08:ea:90:16:b0:ab:3e:d1:16:1e: 92:e7:fb:c5:26:39:fd:ca:64:a2:b8:c4:01:f6:c2: 42:2d:72:19:90:7c:32:6c:e9:14:77:0d:5b:e9:a7: 34:a5:fa:f6:f5:2f:ef:f1:47:4a:ae:c4:0c:5f:9e: f0:be:d4:2b:67:42:98:96:f4:98:b4:4b:13:01:25: 93:7b:87:59:57:c8:b2:17:6a:af:70:73:da:a5:e2: 4e:88:99:ca:b6:17:71:2a:06:95:05:f0:ef:b9:e1: cb:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:4D:2D:29:98:04:E5:DD:15:77:CD:21:DE:E8:6C:8A:42:8B:84:C7 X509v3 Authority Key Identifier: keyid:AA:72:76:8F:DD:0C:61:5A:05:E4:A3:2A:06:F9:CC:B5:CA:7E:0D:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:cf:6c:b7:f4:2c:00:8a:2a:d5:0f:8a:db:97:3c:bc:17:2c: 1b:05:6f:1f:4c:3c:34:ad:f1:4d:92:29:13:e6:98:de:6e:1a: 60:7a:8f:46:05:81:2d:a3:11:22:6c:63:2f:a5:e3:fb:e8:26: bc:7c:95:b6:49:17:e8:3a:1e:fe:fb:3c:25:49:06:a3:fb:b4: 53:06:19:a2:fc:2f:b5:82:84:11:e3:8c:2a:d1:c3:68:28:df: a9:19:f7:2e:7d:bc:6c:d9:57:a9:5a:74:54:e5:a3:70:11:92: e4:00:04:2c:be:11:ac:42:02:9e:80:b3:3d:5b:ad:39:35:46: 71:96:22:c5:3f:32:da:f6:ca:dc:9e:12:0a:40:5c:21:a8:04: 70:36:8a:e4:91:b0:ac:06:74:25:29:21:04:85:ca:42:14:4d: 33:15:9a:fc:2c:08:e0:dd:36:c9:98:a7:09:4c:4b:bf:81:8a: 0b:13:2c:7e:30:5b:4d:74:86:36:82:aa:be:a8:3e:f0:93:ba: b3:1e:9c:4b:b5:94:f4:ce:4d:14:de:fb:34:0d:2a:5e:e9:69: 45:67:7d:90:74:fe:3d:ae:81:3f:81:f1:fa:50:6c:c7:27:74: f4:f1:88:3b:ed:bd:69:73:1b:12:fe:53:fb:8a:87:54:1d:6e: 0c:91:1a:b8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPLk6tD+sQXpysV4CL/uDWix2F8kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUE3Mjc2OEZERDBDNjE1QTA1RTRBMzJBMDZGOUNDQjVD QTdFMEQ5MzAeFw0yNTA4MjMxODA3MDZaFw0yNTA4MjcwNjAwMDZaMDMxMTAvBgNV BAMTKDlENEQyRDI5OTgwNEU1REQxNTc3Q0QyMURFRTg2QzhBNDI4Qjg0QzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/IJ7G9NibpbGtt/OazPL1f8K/ RV84Lz0WFsofj5Pm2cBN45t6gAecnxicRNCg3w7RqUVmPnXoEwT1pbYI9XxCW1mk GpuWAXqhNGqIqnVGDxrea3guvyHy6aay44qyt5gO6XyGuYAcknaG5pLX5jgkpQk7 n/5oiPs9UESy2BBCJh+iCGWvaDQ+I/vddoMINHPJysRP2STR3RdbCOqQFrCrPtEW HpLn+8UmOf3KZKK4xAH2wkItchmQfDJs6RR3DVvppzSl+vb1L+/xR0quxAxfnvC+ 1CtnQpiW9Ji0SxMBJZN7h1lXyLIXaq9wc9ql4k6Imcq2F3EqBpUF8O+54cuxAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUnU0tKZgE5d0Vd80h3uhsikKLhMcwHwYDVR0j BBgwFoAUqnJ2j90MYVoF5KMqBvnMtcp+DZMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l YzcyZWUzYy1lMTgwLTQyOTYtOWRhZC05NTAwZWZkOTQ4OTAvMC9BQTcyNzY4RkRE MEM2MTVBMDVFNEEzMkEwNkY5Q0NCNUNBN0UwRDkzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUE3Mjc2OEZERDBDNjE1QTA1RTRBMzJBMDZGOUNDQjVDQTdF MEQ5My5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWM3MmVlM2MtZTE4MC00Mjk2LTlk YWQtOTUwMGVmZDk0ODkwLzAvQUE3Mjc2OEZERDBDNjE1QTA1RTRBMzJBMDZGOUND QjVDQTdFMEQ5My5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHXPbLf0LACKKtUPituXPLwXLBsFbx9MPDSt 8U2SKRPmmN5uGmB6j0YFgS2jESJsYy+l4/voJrx8lbZJF+g6Hv77PCVJBqP7tFMG GaL8L7WChBHjjCrRw2go36kZ9y59vGzZV6ladFTlo3ARkuQABCy+EaxCAp6Asz1b rTk1RnGWIsU/Mtr2ytyeEgpAXCGoBHA2iuSRsKwGdCUpIQSFykIUTTMVmvwsCODd NsmYpwlMS7+BigsTLH4wW010hjaCqr6oPvCTurMenEu1lPTOTRTe+zQNKl7paUVn fZB0/j2ugT+B8fpQbMcndPTxiDvtvWlzGxL+U/uKh1QdbgyRGrg= -----END CERTIFICATE-----Generated at Sat Aug 23 21:57:20 2025 by rpki-client