$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: oBggsSu6AE3bkL/bYMeTKoLQho9P75ztyQMkIgN6PjQ= Subject key identifier: 9D:95:16:7F:64:6F:92:2E:E4:19:D6:96:2D:90:10:88:A9:51:8C:35 Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 4DE39948C7156CF66CC73C096886BF8D5BCC1F5A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 04CA Signing time: Tue 29 Apr 2025 22:40:56 +0000 Manifest this update: Tue 29 Apr 2025 22:35:56 +0000 Manifest next update: Sat 03 May 2025 10:30:56 +0000 Files and hashes: 1: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: UWqkjfovjwl/QKGqzpJlq4xcCareXuzDyb/5yleHEFU=) 2: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: QEq8jNx2qgo9wFvMjpQwwTDlq5Z+M7FLAg6t2ZLkWJY=) 3: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: cZVBXXGJKiJCT/zUIwExIpoODQYqK0TgIQSfYHzcYPg=) 4: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: hNKlibT30WHsWtlHoJ+LQFoHXHI1FSJtYkDJabOjjLE=) 5: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: S+MMrSxkm+20Gx180EdlH1YNBkEDPrj8PEBtJ4+Q9J4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 10:30:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:e3:99:48:c7:15:6c:f6:6c:c7:3c:09:68:86:bf:8d:5b:cc:1f:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Apr 29 22:35:56 2025 GMT Not After : May 3 10:30:56 2025 GMT Subject: CN=9D95167F646F922EE419D6962D901088A9518C35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:49:65:d0:66:39:ca:c5:2f:da:d0:e1:bc:c2: 25:6d:96:cc:86:5b:ab:7c:a4:71:de:df:e1:bf:89: 2e:f5:5d:f4:ab:a8:53:ee:10:c7:6b:77:ba:65:a2: 44:e1:79:c8:bc:40:ba:17:46:35:fe:4d:25:ff:6f: de:48:47:d7:43:ee:d8:7b:fc:de:7f:16:66:43:e5: ef:29:aa:cd:c7:5a:18:bd:99:c0:ec:65:c8:7e:1a: cc:1e:99:cc:6b:e4:fc:9d:76:19:5a:01:25:2e:ad: 9b:35:f7:3e:53:8e:d0:ab:f7:4e:66:ce:a9:48:df: 11:d8:3e:dc:c9:6d:a1:55:b5:db:7a:8f:bc:1c:0d: 68:16:12:21:c2:4a:aa:5a:a5:03:d2:98:cb:6a:9e: 26:c9:e6:87:ff:b9:02:d7:42:50:5a:f1:c3:9e:9c: 29:d5:9d:3d:26:a0:06:ff:d7:1c:36:b2:7a:b6:dc: 65:59:a2:40:5f:ff:9f:61:19:ea:17:f1:c5:0a:5e: 3f:6c:f1:8d:e8:7a:3c:cd:ea:15:99:30:28:70:87: 8a:80:ee:0b:46:6e:20:88:7f:7c:6e:1c:4e:d5:94: aa:3b:57:5a:01:7c:10:9b:53:e5:50:36:01:f0:25: 27:f4:a6:a2:e9:61:9b:fe:4b:6a:e5:5e:03:c2:6b: f5:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:95:16:7F:64:6F:92:2E:E4:19:D6:96:2D:90:10:88:A9:51:8C:35 X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:1f:ba:98:98:1b:dc:89:2b:af:81:7a:c9:e0:19:f7:4d:21: 04:65:7e:36:10:8d:00:40:a8:6a:57:af:35:25:ae:6f:93:a5: 1d:cc:38:71:02:a8:14:88:10:6d:5e:4a:ca:03:2c:9f:e3:9d: d3:42:2f:fe:11:82:47:e0:71:0d:b8:62:a0:61:5e:fa:1c:f6: 09:7e:c4:d1:7f:84:53:b2:27:7d:25:e7:10:8f:de:1c:65:59: 0d:a6:ba:6c:ac:74:01:84:7a:a0:67:14:81:1d:02:bd:4f:58: a5:83:fd:3d:84:3e:74:4e:f2:c7:cb:6c:57:da:d2:f3:4f:58: 03:ff:40:cc:de:b8:dc:4c:73:ba:28:b2:5f:fa:59:08:28:d2: 83:4f:76:a4:1b:10:c5:7e:a9:7d:69:e2:46:fe:15:86:23:7d: b8:2c:4e:67:6e:9b:14:c1:ea:6c:5e:9b:7c:a0:d5:8c:bb:fd: 56:2f:e3:0c:43:1f:d1:f6:f5:66:03:0d:c6:c3:ea:a0:4f:55: 08:8f:1c:fe:53:5d:61:78:da:55:af:e0:12:d0:0a:5d:2c:86: d2:e2:bc:81:e4:7d:2b:70:94:b9:e5:95:9f:2b:c8:0f:85:07: 8c:92:4a:a3:b8:a4:18:21:5f:0f:2b:23:c9:9d:7d:e4:77:c1: 60:ca:1e:84 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUTeOZSMcVbPZsxzwJaIa/jVvMH1owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTA0MjkyMjM1NTZaFw0yNTA1MDMxMDMwNTZaMDMxMTAvBgNV BAMTKDlEOTUxNjdGNjQ2RjkyMkVFNDE5RDY5NjJEOTAxMDg4QTk1MThDMzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoSWXQZjnKxS/a0OG8wiVtlsyG W6t8pHHe3+G/iS71XfSrqFPuEMdrd7plokTheci8QLoXRjX+TSX/b95IR9dD7th7 /N5/FmZD5e8pqs3HWhi9mcDsZch+Gswemcxr5PyddhlaASUurZs19z5TjtCr905m zqlI3xHYPtzJbaFVtdt6j7wcDWgWEiHCSqpapQPSmMtqnibJ5of/uQLXQlBa8cOe nCnVnT0moAb/1xw2snq23GVZokBf/59hGeoX8cUKXj9s8Y3oejzN6hWZMChwh4qA 7gtGbiCIf3xuHE7VlKo7V1oBfBCbU+VQNgHwJSf0pqLpYZv+S2rlXgPCa/VbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUnZUWf2Rvki7kGdaWLZAQiKlRjDUwHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJEfupiYG9yJK6+BesngGfdNIQRlfjYQjQBA qGpXrzUlrm+TpR3MOHECqBSIEG1eSsoDLJ/jndNCL/4RgkfgcQ24YqBhXvoc9gl+ xNF/hFOyJ30l5xCP3hxlWQ2mumysdAGEeqBnFIEdAr1PWKWD/T2EPnRO8sfLbFfa 0vNPWAP/QMzeuNxMc7oosl/6WQgo0oNPdqQbEMV+qX1p4kb+FYYjfbgsTmdumxTB 6mxem3yg1Yy7/VYv4wxDH9H29WYDDcbD6qBPVQiPHP5TXWF42lWv4BLQCl0shtLi vIHkfStwlLnllZ8ryA+FB4ySSqO4pBghXw8rI8mdfeR3wWDKHoQ= -----END CERTIFICATE-----Generated at Wed Apr 30 21:22:52 2025 by rpki-client