$ rpki-client -vvf repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft File: 8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft (raw, json) Hash identifier: +1xZOuaWOV9V60dOGK18W7WH1CUM3jAQVN6eouAKPnU= Subject key identifier: FB:33:DF:F4:76:02:31:16:D6:2B:6E:A7:95:7A:C6:AB:2E:4E:BC:42 Authority key identifier: 8C:DF:71:6F:25:D6:4D:EB:3E:10:36:E6:A3:6D:B7:24:CD:E1:E5:D0 Certificate issuer: /CN=8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0 Certificate serial: 3D2DE050BE4436194DAFF9F67DA992A7A0C13339 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft Manifest number: 034C Signing time: Mon 05 May 2025 05:50:39 +0000 Manifest this update: Mon 05 May 2025 05:45:39 +0000 Manifest next update: Thu 08 May 2025 12:32:39 +0000 Files and hashes: 1: 8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.crl (hash: QiPGE+DYQECtD/K9zkWdqlLqfvaZ/mVY7CyeE4xEOA4=) 2: 3130332e3136322e3134362e302f32332d3234203d3e203137393935.roa (hash: 6CpN8aBw/RZzk7vZX82p71fUs1ZsrBjhdxlC+CO80+A=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.crl rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 May 2025 12:32:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:2d:e0:50:be:44:36:19:4d:af:f9:f6:7d:a9:92:a7:a0:c1:33:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0 Validity Not Before: May 5 05:45:39 2025 GMT Not After : May 8 12:32:39 2025 GMT Subject: CN=FB33DFF476023116D62B6EA7957AC6AB2E4EBC42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:6a:00:90:eb:f0:a2:8a:45:39:28:db:39:4c: 9e:9d:19:9a:3f:46:9f:5b:68:fc:b0:22:e7:70:cc: c0:62:0b:b3:4e:0b:af:68:80:47:27:34:a9:9e:45: 8c:3c:35:0d:11:10:59:e9:59:e6:b7:fc:d7:72:66: 74:cb:d4:51:af:05:c1:67:57:ed:87:c9:ec:b6:c6: 57:50:89:86:2e:2e:7b:04:02:27:72:75:f2:89:8e: 8f:08:93:f2:a1:c9:6a:da:5f:bb:62:27:ff:c9:a8: 34:86:0a:5f:56:96:a6:90:f3:4c:83:b3:8c:6c:95: 31:a1:e6:60:27:22:ff:3a:c8:65:35:5f:2d:29:0b: e8:f8:10:94:36:58:8a:7c:29:d3:86:f0:9a:34:9d: 02:6b:f8:4b:c3:54:a9:40:80:64:ff:37:45:de:5b: 2f:42:12:ff:e4:74:38:e2:5e:04:b6:d6:08:b7:62: 8c:77:57:04:b8:37:90:8a:64:c9:54:28:bc:60:eb: 3f:3d:8d:c9:43:72:cf:09:8d:0f:12:01:cd:23:78: a4:dc:e4:18:25:bd:2c:64:c1:04:3b:0d:22:93:82: a4:cb:b4:c4:2a:4c:2a:5d:86:cd:99:69:05:dc:73: b4:a1:0e:74:d0:73:57:73:7b:39:f3:1c:14:d1:5a: fb:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:33:DF:F4:76:02:31:16:D6:2B:6E:A7:95:7A:C6:AB:2E:4E:BC:42 X509v3 Authority Key Identifier: keyid:8C:DF:71:6F:25:D6:4D:EB:3E:10:36:E6:A3:6D:B7:24:CD:E1:E5:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:8b:1c:6e:99:3c:16:13:6a:43:48:e5:ed:ed:6a:d8:63:26: dd:d0:9f:1b:58:26:fc:44:5f:9e:08:76:7f:1d:c3:fe:7f:10: 7f:e1:df:98:56:a0:f6:63:67:94:4e:e7:54:69:b9:3c:6a:82: ce:0a:ec:5f:38:e8:94:58:4c:09:e8:50:a5:c9:a3:c3:19:38: c1:84:fc:fc:23:dd:59:56:5f:58:a6:98:a7:0e:a9:30:68:f3: 8d:7a:3a:27:db:ce:5c:e4:d3:11:5d:13:96:a1:fb:a8:f6:47: c9:f6:20:44:45:7d:38:91:d5:e3:45:0e:41:74:24:e5:3a:9d: c0:bd:b7:c2:ca:b9:07:32:56:f7:4e:ad:4c:4e:16:a4:5b:d4: 5d:3d:e0:5c:9e:d3:90:8e:cf:55:4f:41:94:e3:86:7d:71:ae: 37:2e:9b:62:b8:7e:8a:bd:76:51:0b:cb:ab:e4:cb:36:c0:54: 04:3e:7b:95:7e:d3:be:7d:23:97:29:89:a6:f3:12:bf:2a:01: 85:ab:38:09:62:5b:46:95:6c:27:5a:6d:64:c5:8e:04:2f:b0: b3:91:af:91:9e:b5:26:aa:ee:65:d4:d3:b5:74:4a:91:cd:8a: 8d:ff:ce:86:d0:ae:a8:a6:dd:68:fb:b7:95:86:2c:62:22:34: 4d:76:8a:86 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPS3gUL5ENhlNr/n2famSp6DBMzkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOENERjcxNkYyNUQ2NERFQjNFMTAzNkU2QTM2REI3MjRD REUxRTVEMDAeFw0yNTA1MDUwNTQ1MzlaFw0yNTA1MDgxMjMyMzlaMDMxMTAvBgNV BAMTKEZCMzNERkY0NzYwMjMxMTZENjJCNkVBNzk1N0FDNkFCMkU0RUJDNDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFagCQ6/CiikU5KNs5TJ6dGZo/ Rp9baPywIudwzMBiC7NOC69ogEcnNKmeRYw8NQ0REFnpWea3/NdyZnTL1FGvBcFn V+2Hyey2xldQiYYuLnsEAidydfKJjo8Ik/KhyWraX7tiJ//JqDSGCl9WlqaQ80yD s4xslTGh5mAnIv86yGU1Xy0pC+j4EJQ2WIp8KdOG8Jo0nQJr+EvDVKlAgGT/N0Xe Wy9CEv/kdDjiXgS21gi3Yox3VwS4N5CKZMlUKLxg6z89jclDcs8JjQ8SAc0jeKTc 5BglvSxkwQQ7DSKTgqTLtMQqTCpdhs2ZaQXcc7ShDnTQc1dzeznzHBTRWvvjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU+zPf9HYCMRbWK26nlXrGqy5OvEIwHwYDVR0j BBgwFoAUjN9xbyXWTes+EDbmo223JM3h5dAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m MDUyMGI1NC0zYmE3LTQ2MzEtYWYwYi01NTk4NGIwYmE3ZjIvMC84Q0RGNzE2RjI1 RDY0REVCM0UxMDM2RTZBMzZEQjcyNENERTFFNUQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOENERjcxNkYyNUQ2NERFQjNFMTAzNkU2QTM2REI3MjRDREUx RTVEMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZjA1MjBiNTQtM2JhNy00NjMxLWFm MGItNTU5ODRiMGJhN2YyLzAvOENERjcxNkYyNUQ2NERFQjNFMTAzNkU2QTM2REI3 MjRDREUxRTVEMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIqLHG6ZPBYTakNI5e3tathjJt3QnxtYJvxE X54Idn8dw/5/EH/h35hWoPZjZ5RO51RpuTxqgs4K7F846JRYTAnoUKXJo8MZOMGE /Pwj3VlWX1immKcOqTBo8416Oifbzlzk0xFdE5ah+6j2R8n2IERFfTiR1eNFDkF0 JOU6ncC9t8LKuQcyVvdOrUxOFqRb1F094Fye05COz1VPQZTjhn1xrjcum2K4foq9 dlELy6vkyzbAVAQ+e5V+0759I5cpiabzEr8qAYWrOAliW0aVbCdabWTFjgQvsLOR r5GetSaq7mXU07V0SpHNio3/zobQrqim3Wj7t5WGLGIiNE12ioY= -----END CERTIFICATE-----Generated at Wed May 7 02:14:01 2025 by rpki-client