$ rpki-client -vvf repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft File: 821049BBD22C335A50850F16AB159C0C6BCC28E5.mft (raw, json) Hash identifier: otV7pSEeqz1GkTiePRgSnlsXUWzEt1y3XRT0U6T0n4w= Subject key identifier: 0E:72:9E:BC:0B:EB:D0:9B:8C:DB:2B:AE:E6:9B:E7:A7:7B:60:B6:5F Authority key identifier: 82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 Certificate issuer: /CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Certificate serial: 700C2A5D3B182E8FAB826D0D2491D940D961813B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft Manifest number: 021A Signing time: Sat 28 Jun 2025 00:31:39 +0000 Manifest this update: Sat 28 Jun 2025 00:26:39 +0000 Manifest next update: Tue 01 Jul 2025 11:57:39 +0000 Files and hashes: 1: 3130332e32312e39342e302f32342d3234203d3e20313331373338.roa (hash: YF6vJXMVtUVK6CmNTZeLfmthP1D0nB1ofgHbuXDKxvI=) 2: 3130332e32312e39322e302f32342d3234203d3e20313331373338.roa (hash: ncuNmuDMRCz7XEGjG+8p/qjKUpvp2YtlNc4JXvP3iGg=) 3: 3130332e32312e39352e302f32342d3234203d3e203435323935.roa (hash: O6mcNqFGUKoXPAXAaTNGJf2XpVfyBv0t3Gtn3V+6lKE=) 4: 821049BBD22C335A50850F16AB159C0C6BCC28E5.crl (hash: Zxaqu7ndFpTI3Qx0DbE5K2GDSnr2YXRuBaqEq6onLgk=) 5: 3130332e32312e39332e302f32342d3234203d3e20313331373338.roa (hash: gJZ1sW5BxaKi4OlH0Ko1+AD9dXMVkojyx6OKsnKZ2JU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 11:57:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:0c:2a:5d:3b:18:2e:8f:ab:82:6d:0d:24:91:d9:40:d9:61:81:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Validity Not Before: Jun 28 00:26:39 2025 GMT Not After : Jul 1 11:57:39 2025 GMT Subject: CN=0E729EBC0BEBD09B8CDB2BAEE69BE7A77B60B65F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:17:61:43:6e:e7:4b:ed:b6:86:e6:50:d9:4e: af:53:ae:73:f3:cd:bc:de:b0:bb:93:7c:df:aa:85: 83:a1:e8:a6:32:6e:bf:6e:9c:e3:3c:33:75:6f:c0: 62:48:56:c3:05:b0:03:d4:c0:e2:b4:b0:77:be:f2: fc:2f:ef:2a:43:c8:a9:e9:09:4d:72:f0:3a:f0:dc: 2f:28:a3:ba:7c:50:45:8e:1b:8f:cb:ac:f0:61:37: 45:22:a8:32:e7:53:df:65:0a:db:db:ff:44:13:83: 5d:41:72:9b:17:49:a6:40:57:d9:90:aa:58:93:50: 1c:9f:31:1f:43:25:7d:37:34:47:cb:08:23:12:b6: 39:53:3e:fc:61:f1:22:e5:cc:58:f7:99:dc:2b:32: 77:ce:8e:0a:d8:bb:cb:8b:14:29:00:41:c9:f3:6f: fb:8d:18:77:e5:03:91:49:ea:42:3f:bf:ae:ae:40: 80:d2:eb:8a:cf:37:92:74:64:cf:c0:45:40:7d:12: a9:7c:d3:25:f2:1e:e0:c9:bf:55:51:66:ed:96:7f: ce:e0:64:9d:35:cd:7d:9f:0f:2c:25:97:cf:59:54: 11:da:c0:72:49:8a:5c:84:ec:20:1c:39:b3:b3:ed: 13:2a:41:9b:87:7f:91:3d:b7:b7:a3:b2:a7:a7:07: a2:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:72:9E:BC:0B:EB:D0:9B:8C:DB:2B:AE:E6:9B:E7:A7:7B:60:B6:5F X509v3 Authority Key Identifier: keyid:82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:3d:7f:68:ad:e8:9f:99:20:e3:84:79:f4:f5:41:3c:2e:b2: af:6e:60:53:6b:02:63:b2:13:90:37:64:9c:50:56:31:21:3e: 10:d0:86:74:3c:ea:b2:04:23:9e:e7:77:ed:1c:df:33:3e:87: a6:75:b9:56:19:4b:ea:22:8e:e4:ab:01:6d:a9:65:8f:39:a7: 09:05:84:cd:af:72:2d:59:4f:df:92:de:1a:ef:6b:92:a3:c7: 9e:30:1d:4d:93:08:ca:7a:2b:87:19:58:bf:a5:9c:05:89:77: 53:06:64:29:cd:ec:ac:bc:9a:9e:0c:02:80:6a:94:30:8e:30: 92:bf:01:7b:cf:79:b2:51:06:eb:9b:4c:bf:dc:1e:b8:68:8c: b4:a0:7b:92:83:f5:e8:de:de:d5:ae:49:af:e8:c9:6f:8d:c9: d6:d1:fa:ce:05:e1:ae:68:05:0b:b6:cc:9b:d7:99:ca:2e:d4: 02:26:2f:9e:29:41:69:eb:19:ff:bb:ef:29:a3:9d:ae:78:f8: d4:83:e2:dd:4d:96:58:04:b0:93:5e:60:9f:9f:ca:4b:c0:41: ef:c8:08:3a:6c:c0:aa:97:4c:65:5e:88:6c:dd:f6:4d:31:b0: 04:fa:8d:51:9b:d5:56:9c:a6:f8:88:69:da:7a:f2:64:b4:b8: 28:ad:dd:77 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUcAwqXTsYLo+rgm0NJJHZQNlhgTswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2 QkNDMjhFNTAeFw0yNTA2MjgwMDI2MzlaFw0yNTA3MDExMTU3MzlaMDMxMTAvBgNV BAMTKDBFNzI5RUJDMEJFQkQwOUI4Q0RCMkJBRUU2OUJFN0E3N0I2MEI2NUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOF2FDbudL7baG5lDZTq9TrnPz zbzesLuTfN+qhYOh6KYybr9unOM8M3VvwGJIVsMFsAPUwOK0sHe+8vwv7ypDyKnp CU1y8Drw3C8oo7p8UEWOG4/LrPBhN0UiqDLnU99lCtvb/0QTg11BcpsXSaZAV9mQ qliTUByfMR9DJX03NEfLCCMStjlTPvxh8SLlzFj3mdwrMnfOjgrYu8uLFCkAQcnz b/uNGHflA5FJ6kI/v66uQIDS64rPN5J0ZM/ARUB9Eql80yXyHuDJv1VRZu2Wf87g ZJ01zX2fDywll89ZVBHawHJJilyE7CAcObOz7RMqQZuHf5E9t7ejsqenB6LNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUDnKevAvr0JuM2yuu5pvnp3tgtl8wHwYDVR0j BBgwFoAUghBJu9IsM1pQhQ8WqxWcDGvMKOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l ZGU4ZTE4ZC1hMDQ3LTQ1OTAtOWU1Ni00NjRhNzNlMjNjNmMvMC84MjEwNDlCQkQy MkMzMzVBNTA4NTBGMTZBQjE1OUMwQzZCQ0MyOEU1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2QkND MjhFNS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWRlOGUxOGQtYTA0Ny00NTkwLTll NTYtNDY0YTczZTIzYzZjLzAvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlD MEM2QkNDMjhFNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADQ9f2it6J+ZIOOEefT1QTwusq9uYFNrAmOy E5A3ZJxQVjEhPhDQhnQ86rIEI57nd+0c3zM+h6Z1uVYZS+oijuSrAW2pZY85pwkF hM2vci1ZT9+S3hrva5Kjx54wHU2TCMp6K4cZWL+lnAWJd1MGZCnN7Ky8mp4MAoBq lDCOMJK/AXvPebJRBuubTL/cHrhojLSge5KD9eje3tWuSa/oyW+NydbR+s4F4a5o BQu2zJvXmcou1AImL54pQWnrGf+77ymjna54+NSD4t1NllgEsJNeYJ+fykvAQe/I CDpswKqXTGVeiGzd9k0xsAT6jVGb1VacpviIadp68mS0uCit3Xc= -----END CERTIFICATE-----Generated at Mon Jun 30 08:55:52 2025 by rpki-client