$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: J0bxPM0kEkF0QeCGhoyY9MWtsq4yDV0wNomk8In6Uc8= Subject key identifier: 70:41:A3:C8:C1:EC:12:18:61:CD:D2:96:3B:8E:38:F7:74:99:FB:BA Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 0FF77C823834E5A42342788E9A5295326D5F1889 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 04F7 Signing time: Wed 06 Aug 2025 23:40:56 +0000 Manifest this update: Wed 06 Aug 2025 23:35:56 +0000 Manifest next update: Sun 10 Aug 2025 03:58:56 +0000 Files and hashes: 1: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) 2: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: 43ScMK1xGJHkc43OYqRAxNw2Nmb59FaJi1G0FFtsD2M=) 3: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) 4: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: 27qvdgPm8uh/8uXOv1u9anUYqojmYWFGG1+xUxvDNSM=) 5: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 03:58:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:f7:7c:82:38:34:e5:a4:23:42:78:8e:9a:52:95:32:6d:5f:18:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Aug 6 23:35:56 2025 GMT Not After : Aug 10 03:58:56 2025 GMT Subject: CN=7041A3C8C1EC121861CDD2963B8E38F77499FBBA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c1:bb:a0:47:3e:0b:85:4a:54:c3:0e:1e:ca: d5:cd:b8:1e:a0:a1:fc:ed:fc:74:d7:2c:0a:12:f2: b1:11:db:a1:76:38:1c:a7:06:dd:95:66:88:2e:be: 22:b1:17:6a:d0:ae:e3:4d:c0:f0:6c:a3:07:76:c9: da:29:17:da:f2:0d:93:01:79:5e:ea:27:c2:e1:41: f6:e7:be:81:95:98:47:8a:74:dd:d2:33:f1:85:f8: 1e:92:73:0f:aa:50:6e:2b:c7:47:14:75:a1:ca:ff: 3b:8a:6d:c2:5a:7a:15:74:69:28:0f:5f:56:14:df: 2f:f0:32:8a:fa:31:30:19:cc:58:06:2b:9a:8d:b4: 39:cb:85:20:4a:45:f7:4b:ae:f5:7d:51:e4:cf:82: 0a:dd:69:bb:8e:25:ec:8d:13:78:f9:81:a2:77:cb: 1a:f6:ef:e2:8a:28:b3:0a:64:b4:e0:bf:d7:e2:d0: 66:a6:83:9c:2e:df:d7:58:0f:45:c6:61:e3:c4:44: 6e:26:c5:f8:d5:c8:f6:20:bc:f3:cd:b7:c3:35:35: 2a:a2:59:ff:6b:c7:3e:d1:60:19:08:39:09:47:2f: 38:42:05:a0:8f:4d:91:e6:d0:a5:80:81:68:e1:dc: c2:26:86:19:bb:a6:5f:b4:c7:01:35:01:41:34:08: e3:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:41:A3:C8:C1:EC:12:18:61:CD:D2:96:3B:8E:38:F7:74:99:FB:BA X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:58:09:10:9b:06:e0:a9:d4:9f:16:52:b0:b8:93:94:13:75: de:eb:b5:ce:01:fb:07:bb:b2:6b:a1:ba:6d:96:03:0b:bb:7b: 16:cd:6a:75:3a:d6:cc:fc:c5:ff:a7:bb:bd:33:15:1a:3f:e6: a4:f8:04:f5:20:92:9f:dd:24:e9:91:50:b5:18:4b:b9:0d:f5: 43:bd:ca:6b:96:3d:b6:f6:b9:81:fb:45:bb:6c:c1:bc:7e:0f: 01:82:ae:37:14:67:2a:ec:74:61:bf:f2:be:9d:c0:9f:20:25: 06:ad:91:81:f5:84:70:73:76:f0:63:bb:77:8b:ed:6e:c6:de: 8f:ee:a0:13:de:d7:51:10:1d:f7:e4:63:89:c0:57:4b:b7:d2: 33:ee:0c:c8:d4:90:f8:fe:d8:e8:76:87:17:54:84:18:e1:be: 28:c0:1f:db:4b:06:79:5a:75:c3:e8:2a:c2:67:f2:c7:4f:88: 3d:77:c1:3c:86:89:43:d7:e2:f4:cc:1f:aa:26:88:98:fc:4d: 68:eb:19:ca:fb:73:e6:3b:d3:7a:3a:bb:a6:f3:fa:4e:13:45: f1:e0:35:4d:3c:db:86:8d:2d:a6:bd:35:1e:37:dd:03:72:9f: 8a:9e:df:a9:37:f3:20:8b:4a:0a:2e:28:22:e9:f4:b8:67:a6: 2c:19:9d:e3 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUD/d8gjg05aQjQniOmlKVMm1fGIkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTA4MDYyMzM1NTZaFw0yNTA4MTAwMzU4NTZaMDMxMTAvBgNV BAMTKDcwNDFBM0M4QzFFQzEyMTg2MUNERDI5NjNCOEUzOEY3NzQ5OUZCQkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwwbugRz4LhUpUww4eytXNuB6g ofzt/HTXLAoS8rER26F2OBynBt2VZoguviKxF2rQruNNwPBsowd2ydopF9ryDZMB eV7qJ8LhQfbnvoGVmEeKdN3SM/GF+B6Scw+qUG4rx0cUdaHK/zuKbcJaehV0aSgP X1YU3y/wMor6MTAZzFgGK5qNtDnLhSBKRfdLrvV9UeTPggrdabuOJeyNE3j5gaJ3 yxr27+KKKLMKZLTgv9fi0Gamg5wu39dYD0XGYePERG4mxfjVyPYgvPPNt8M1NSqi Wf9rxz7RYBkIOQlHLzhCBaCPTZHm0KWAgWjh3MImhhm7pl+0xwE1AUE0COPRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUcEGjyMHsEhhhzdKWO44493SZ+7owHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABlYCRCbBuCp1J8WUrC4k5QTdd7rtc4B+we7 smuhum2WAwu7exbNanU61sz8xf+nu70zFRo/5qT4BPUgkp/dJOmRULUYS7kN9UO9 ymuWPbb2uYH7Rbtswbx+DwGCrjcUZyrsdGG/8r6dwJ8gJQatkYH1hHBzdvBju3eL 7W7G3o/uoBPe11EQHffkY4nAV0u30jPuDMjUkPj+2Oh2hxdUhBjhvijAH9tLBnla dcPoKsJn8sdPiD13wTyGiUPX4vTMH6omiJj8TWjrGcr7c+Y703o6u6bz+k4TRfHg NU0824aNLaa9NR433QNyn4qe36k38yCLSgouKCLp9LhnpiwZneM= -----END CERTIFICATE-----Generated at Thu Aug 7 03:15:41 2025 by rpki-client