$ rpki-client -vvf repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft File: D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft (raw, json) Hash identifier: yXxRjxCNklAOAxFf6Awvdk4k0CrWwOmljrnrRZGZDv4= Subject key identifier: F2:A0:4B:EA:D6:EA:77:13:B2:25:FB:93:70:9B:11:64:FF:C0:C3:C7 Authority key identifier: D2:24:8A:04:D9:94:A2:56:9A:8F:F6:45:D4:B0:25:A9:F7:CB:2F:E7 Certificate issuer: /CN=D2248A04D994A2569A8FF645D4B025A9F7CB2FE7 Certificate serial: 2801D09355D85D258BF74988CBAB5B2644040722 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft Manifest number: 0209 Signing time: Mon 28 Apr 2025 07:03:14 +0000 Manifest this update: Mon 28 Apr 2025 06:58:14 +0000 Manifest next update: Thu 01 May 2025 08:09:14 +0000 Files and hashes: 1: 3130332e3136392e302e302f32332d3234203d3e20313432333235.roa (hash: kS5BqB0fQsybN4YzA6LLybAUUgYhEkwegd5mZxZdL2I=) 2: D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.crl (hash: b8CvIRQeVHS/bT2ufAIVuxLd7gVx/4cLsY3SzRcCjqA=) 3: 3130332e3136392e312e302f32342d3234203d3e20313432333235.roa (hash: QVwXZiEUDkzJTFJTP2kak0B1PFcbgFpWZtYiCacvLzc=) 4: 3130332e3136392e302e302f32342d3234203d3e20313432333235.roa (hash: BHsnMPpdFZL0d9XOfOmW0tnCHE686u/F/UGOnWHulsY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.crl rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 08:09:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:01:d0:93:55:d8:5d:25:8b:f7:49:88:cb:ab:5b:26:44:04:07:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2248A04D994A2569A8FF645D4B025A9F7CB2FE7 Validity Not Before: Apr 28 06:58:14 2025 GMT Not After : May 1 08:09:14 2025 GMT Subject: CN=F2A04BEAD6EA7713B225FB93709B1164FFC0C3C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:13:a3:18:a2:58:6d:8a:c4:20:c5:4d:af:db: d2:1c:50:5e:63:78:01:65:ff:b2:db:09:8a:53:e7: 1e:f8:c7:4e:1f:cc:09:62:08:b9:15:6a:0e:59:c8: 68:24:1c:66:dc:7f:97:e6:14:17:29:6c:5d:18:5e: b2:5d:ef:8b:68:98:9d:b7:cb:81:d0:17:44:5a:75: 35:9f:ee:a3:8c:24:66:dd:69:9e:36:2b:d7:6e:57: 0e:e7:08:40:04:03:c7:a5:6e:01:77:6d:56:2c:7b: 9b:4c:ec:62:a2:93:a6:66:48:ee:ac:71:a3:54:8b: 4f:5a:0e:e5:c2:91:10:87:25:c1:ca:8c:4a:2c:5c: 12:77:e4:88:47:d1:0d:38:a5:08:36:b0:09:55:29: 74:14:0b:80:60:fe:74:5e:1f:8f:e4:34:da:dd:01: bf:1e:2d:cc:5e:fb:2c:a1:6d:5a:f7:a6:ee:f5:39: 0c:38:7f:23:7f:bb:e0:3e:18:18:15:34:e2:32:22: 0c:f8:e0:36:00:f7:6e:c9:04:46:55:14:9f:d6:41: aa:41:5f:02:38:0f:4f:3b:e0:72:d8:d1:7a:3e:08: 24:c7:1b:a1:61:df:7d:c7:e5:a8:cf:f1:67:42:36: 84:c3:38:1a:13:21:8a:c3:74:70:d8:fc:a3:24:19: af:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:A0:4B:EA:D6:EA:77:13:B2:25:FB:93:70:9B:11:64:FF:C0:C3:C7 X509v3 Authority Key Identifier: keyid:D2:24:8A:04:D9:94:A2:56:9A:8F:F6:45:D4:B0:25:A9:F7:CB:2F:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a3cc2c1-146c-48a9-b003-7bd83822084d/0/D2248A04D994A2569A8FF645D4B025A9F7CB2FE7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cf:33:93:52:67:2f:5b:4f:10:a6:8a:44:8a:83:b2:b6:70:af: 52:3f:57:89:0c:02:a2:2d:3d:9a:68:ec:c1:4d:be:1b:a4:72: af:75:4b:8d:f9:08:de:a2:a8:f7:35:69:ab:8f:7b:0b:40:46: 2a:c5:64:64:1d:34:69:75:0c:48:97:da:0b:d1:f4:05:3d:71: 25:5d:3e:21:db:0a:60:75:06:73:e6:3c:f0:23:15:62:89:01: 37:48:d7:2f:30:ff:33:7a:73:87:76:18:ce:9a:39:84:33:20: 53:2f:8f:5b:0a:94:f0:6d:7c:a7:88:d0:d9:d5:1b:29:8c:5c: e5:b0:35:f5:7d:cd:ff:26:92:88:91:90:b6:e5:e6:ab:77:4c: e8:3f:92:57:9a:02:81:b7:de:2e:1c:fa:b2:bb:6f:d0:5d:c2: 0f:0e:af:ed:bb:2a:62:ee:67:3c:88:56:3e:b4:1c:34:7f:f9: 66:d2:8c:48:cb:a7:ea:e0:00:59:5f:9d:54:c1:71:cc:e4:83: c7:09:f0:3e:7b:a1:0d:d5:38:0c:42:5e:2a:83:7e:b9:bb:66: ee:ed:53:bb:19:a5:1c:33:1d:00:23:c5:6c:c8:77:6e:b1:e2: 4a:a1:d6:4b:03:56:59:e3:99:ae:15:cc:57:9b:72:7a:8c:f0: 72:d7:f2:4a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKAHQk1XYXSWL90mIy6tbJkQEByIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIyNDhBMDREOTk0QTI1NjlBOEZGNjQ1RDRCMDI1QTlG N0NCMkZFNzAeFw0yNTA0MjgwNjU4MTRaFw0yNTA1MDEwODA5MTRaMDMxMTAvBgNV BAMTKEYyQTA0QkVBRDZFQTc3MTNCMjI1RkI5MzcwOUIxMTY0RkZDMEMzQzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCE6MYolhtisQgxU2v29IcUF5j eAFl/7LbCYpT5x74x04fzAliCLkVag5ZyGgkHGbcf5fmFBcpbF0YXrJd74tomJ23 y4HQF0RadTWf7qOMJGbdaZ42K9duVw7nCEAEA8elbgF3bVYse5tM7GKik6ZmSO6s caNUi09aDuXCkRCHJcHKjEosXBJ35IhH0Q04pQg2sAlVKXQUC4Bg/nReH4/kNNrd Ab8eLcxe+yyhbVr3pu71OQw4fyN/u+A+GBgVNOIyIgz44DYA927JBEZVFJ/WQapB XwI4D0874HLY0Xo+CCTHG6Fh333H5ajP8WdCNoTDOBoTIYrDdHDY/KMkGa+dAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU8qBL6tbqdxOyJfuTcJsRZP/Aw8cwHwYDVR0j BBgwFoAU0iSKBNmUolaaj/ZF1LAlqffLL+cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTNjYzJjMS0xNDZjLTQ4YTktYjAwMy03YmQ4MzgyMjA4NGQvMC9EMjI0OEEwNEQ5 OTRBMjU2OUE4RkY2NDVENEIwMjVBOUY3Q0IyRkU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIyNDhBMDREOTk0QTI1NjlBOEZGNjQ1RDRCMDI1QTlGN0NC MkZFNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWEzY2MyYzEtMTQ2Yy00OGE5LWIw MDMtN2JkODM4MjIwODRkLzAvRDIyNDhBMDREOTk0QTI1NjlBOEZGNjQ1RDRCMDI1 QTlGN0NCMkZFNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAM8zk1JnL1tPEKaKRIqDsrZwr1I/V4kMAqIt PZpo7MFNvhukcq91S435CN6iqPc1aauPewtARirFZGQdNGl1DEiX2gvR9AU9cSVd PiHbCmB1BnPmPPAjFWKJATdI1y8w/zN6c4d2GM6aOYQzIFMvj1sKlPBtfKeI0NnV GymMXOWwNfV9zf8mkoiRkLbl5qt3TOg/kleaAoG33i4c+rK7b9Bdwg8Or+27KmLu ZzyIVj60HDR/+WbSjEjLp+rgAFlfnVTBcczkg8cJ8D57oQ3VOAxCXiqDfrm7Zu7t U7sZpRwzHQAjxWzId26x4kqh1ksDVlnjma4VzFebcnqM8HLX8ko= -----END CERTIFICATE-----Generated at Wed Apr 30 08:15:40 2025 by rpki-client