$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: z+pZltr713PgP1Gze8MKBTgEtDqvEk559359mLXyGaA= Subject key identifier: 66:54:25:6F:2D:C6:2F:37:1A:A4:82:1F:AF:B1:EE:9C:AB:D5:09:09 Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 42BF8164A029B1D6143584D84AE0FD64619763AE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 04C9 Signing time: Sun 27 Apr 2025 13:40:55 +0000 Manifest this update: Sun 27 Apr 2025 13:35:55 +0000 Manifest next update: Wed 30 Apr 2025 22:39:55 +0000 Files and hashes: 1: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: S+MMrSxkm+20Gx180EdlH1YNBkEDPrj8PEBtJ4+Q9J4=) 2: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: QEq8jNx2qgo9wFvMjpQwwTDlq5Z+M7FLAg6t2ZLkWJY=) 3: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: Y1sHqaTyoslSz6LRyS8UVT6S68WLSfyib96sY/aF9oE=) 4: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: cZVBXXGJKiJCT/zUIwExIpoODQYqK0TgIQSfYHzcYPg=) 5: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: UWqkjfovjwl/QKGqzpJlq4xcCareXuzDyb/5yleHEFU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 22:39:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:bf:81:64:a0:29:b1:d6:14:35:84:d8:4a:e0:fd:64:61:97:63:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Apr 27 13:35:55 2025 GMT Not After : Apr 30 22:39:55 2025 GMT Subject: CN=6654256F2DC62F371AA4821FAFB1EE9CABD50909 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:da:81:85:6e:e6:94:7d:9c:d0:5f:6c:1f:f2: 7b:92:88:cf:8d:1e:63:42:f8:11:e2:94:14:2e:0e: 10:d6:2c:88:b2:f7:d8:69:7b:c2:9d:58:80:00:33: 4a:87:df:30:68:a7:5b:53:6e:a4:83:35:35:67:3c: 6e:bc:ad:63:34:fc:d9:f2:61:5b:bb:8b:c7:a3:42: f2:a9:f4:48:ba:d7:a1:c3:28:fd:3f:a3:d6:49:12: 22:82:40:54:48:4c:27:3f:26:b7:74:7d:f7:fd:c8: 91:17:2d:4b:6e:bf:b3:6a:70:2e:13:7a:06:e3:98: ab:bf:be:a5:f0:46:72:7f:fc:66:40:86:c4:9c:37: 56:d3:8b:74:98:c9:84:bd:ce:12:74:cc:a5:f6:03: 78:a7:17:6a:a4:75:c1:d3:4b:2d:40:e5:4e:a3:f4: 50:bd:76:a6:03:8c:33:e2:25:37:da:04:d8:86:15: 3f:9d:ab:c3:32:cd:a4:81:78:67:5a:02:40:11:de: aa:31:65:31:82:e5:dc:1b:f7:8e:e8:a2:e7:a2:8a: 5d:cc:2c:b0:ec:4e:a9:71:b7:32:a7:bc:12:85:de: 70:97:f7:be:65:d1:b0:ea:60:7d:ab:36:d6:1d:7f: 7b:97:e9:34:02:bf:cf:0d:d4:5a:2c:ab:a2:13:13: 02:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:54:25:6F:2D:C6:2F:37:1A:A4:82:1F:AF:B1:EE:9C:AB:D5:09:09 X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:03:72:63:35:4d:a3:78:52:37:72:13:bb:b5:7d:ef:87:1c: d8:f0:53:bf:37:77:0e:d5:8b:be:9a:d4:ed:29:2b:f8:0c:34: 60:8c:be:24:cd:aa:34:5b:b8:08:da:73:72:58:df:8d:30:e4: a4:e4:3e:70:cf:00:af:60:a6:07:7e:3b:e4:d1:67:45:53:9f: 55:6b:34:62:c9:0c:a4:21:26:71:4a:d4:c1:cc:a0:69:a8:82: 48:d5:ee:16:63:39:9b:6a:c1:60:b5:7d:c4:2a:15:49:d0:15: 4e:2e:7f:7f:eb:b0:80:ab:9f:eb:89:ee:0c:bb:b0:7d:9d:44: 8a:08:4c:df:b2:9a:d3:0f:3c:b4:1f:b5:53:ef:0f:ae:ed:fe: e7:bd:c4:fe:35:55:41:9b:7d:12:2f:74:53:91:47:12:b6:03: e2:64:66:ce:12:5c:08:d2:c3:0c:65:15:58:12:a1:43:30:29: 08:60:da:98:b1:aa:bc:f3:cf:09:d1:15:8c:e8:46:cd:2b:42: 62:74:00:21:9f:25:af:3f:4d:af:4f:ca:d1:5f:96:0b:66:5a: c6:b6:7a:60:4c:bb:f4:33:2d:0a:30:94:36:76:dc:c5:4f:38: 1e:d5:a7:2e:6e:d9:3a:a3:0a:8d:5b:42:59:6b:cf:be:0d:4f: 43:db:f2:f4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQr+BZKApsdYUNYTYSuD9ZGGXY64wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTA0MjcxMzM1NTVaFw0yNTA0MzAyMjM5NTVaMDMxMTAvBgNV BAMTKDY2NTQyNTZGMkRDNjJGMzcxQUE0ODIxRkFGQjFFRTlDQUJENTA5MDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf2oGFbuaUfZzQX2wf8nuSiM+N HmNC+BHilBQuDhDWLIiy99hpe8KdWIAAM0qH3zBop1tTbqSDNTVnPG68rWM0/Nny YVu7i8ejQvKp9Ei616HDKP0/o9ZJEiKCQFRITCc/Jrd0fff9yJEXLUtuv7NqcC4T egbjmKu/vqXwRnJ//GZAhsScN1bTi3SYyYS9zhJ0zKX2A3inF2qkdcHTSy1A5U6j 9FC9dqYDjDPiJTfaBNiGFT+dq8MyzaSBeGdaAkAR3qoxZTGC5dwb947ooueiil3M LLDsTqlxtzKnvBKF3nCX975l0bDqYH2rNtYdf3uX6TQCv88N1Fosq6ITEwJ/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZlQlby3GLzcapIIfr7HunKvVCQkwHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIIDcmM1TaN4UjdyE7u1fe+HHNjwU783dw7V i76a1O0pK/gMNGCMviTNqjRbuAjac3JY340w5KTkPnDPAK9gpgd+O+TRZ0VTn1Vr NGLJDKQhJnFK1MHMoGmogkjV7hZjOZtqwWC1fcQqFUnQFU4uf3/rsICrn+uJ7gy7 sH2dRIoITN+ymtMPPLQftVPvD67t/ue9xP41VUGbfRIvdFORRxK2A+JkZs4SXAjS wwxlFVgSoUMwKQhg2pixqrzzzwnRFYzoRs0rQmJ0ACGfJa8/Ta9PytFflgtmWsa2 emBMu/QzLQowlDZ23MVPOB7Vpy5u2TqjCo1bQllrz74NT0Pb8vQ= -----END CERTIFICATE-----Generated at Tue Apr 29 22:13:43 2025 by rpki-client