$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: WNwHRnICKxP+/V5oaVu9AMK3TPve0MiXqhd/QOwTBck= Subject key identifier: 57:31:84:23:F9:29:5A:4E:19:54:19:24:0C:41:A9:6B:79:1E:CD:52 Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 29BFADAD76FBFF08229EE73B46904DB5DF8B775F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 04DF Signing time: Sun 15 Jun 2025 11:50:55 +0000 Manifest this update: Sun 15 Jun 2025 11:45:55 +0000 Manifest next update: Wed 18 Jun 2025 23:15:55 +0000 Files and hashes: 1: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) 2: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: S+MMrSxkm+20Gx180EdlH1YNBkEDPrj8PEBtJ4+Q9J4=) 3: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) 4: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) 5: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: bTP0/SrjtCLoV1Unk2cUAoaHIB02x7asC5slc6SP+ac=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 11:39:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:bf:ad:ad:76:fb:ff:08:22:9e:e7:3b:46:90:4d:b5:df:8b:77:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Jun 15 11:45:55 2025 GMT Not After : Jun 18 23:15:55 2025 GMT Subject: CN=57318423F9295A4E195419240C41A96B791ECD52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e1:94:ec:de:6f:ad:2a:76:a0:ab:62:48:88: 04:17:fd:87:90:43:bb:aa:ed:c9:de:e6:4b:cb:82: e3:e4:4a:6e:ea:e8:4c:d9:b4:5e:5a:84:00:9b:47: 08:a2:7b:c8:69:93:7e:23:fa:69:76:75:76:a0:24: c1:50:53:60:6f:8c:e7:ab:ba:76:a6:f4:2e:73:a1: 3f:db:55:18:c8:62:e8:9e:14:63:b6:50:83:69:27: db:1b:9c:5b:b0:66:46:3a:b8:ae:10:f1:67:ad:f1: 5f:be:70:b8:17:58:7d:93:24:33:6d:35:1e:46:6f: 49:66:12:68:9d:f1:d3:a3:c8:cd:8f:d1:1c:50:a8: 34:3f:1e:76:d5:69:f9:1c:04:10:c6:77:37:c0:f4: a0:51:bb:82:f4:b1:52:7a:60:ca:56:76:72:9a:89: dc:48:0e:f5:63:ea:2b:83:39:19:e0:72:d9:3d:82: ef:50:ad:92:a2:6a:39:56:f5:e0:50:55:3b:26:64: 3e:e0:24:12:65:4b:fe:8d:c4:d3:ef:ba:36:26:6a: c7:25:11:d1:24:d8:58:9c:3c:bd:36:34:0b:50:1e: 94:c6:49:b5:0a:46:7d:6d:ce:98:c9:12:3c:b3:3d: 34:35:28:10:c6:00:88:cb:78:06:3b:01:f3:fe:33: f6:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:31:84:23:F9:29:5A:4E:19:54:19:24:0C:41:A9:6B:79:1E:CD:52 X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:7b:ca:12:13:b0:be:0c:22:02:90:a1:d4:77:5b:49:73:60: d1:5a:37:63:9f:80:e1:ad:d8:ee:97:75:69:4d:26:75:11:b1: 4e:29:c2:c2:b4:15:78:7d:6a:35:8d:7b:79:a0:ed:a8:4f:64: 32:43:e0:97:ad:59:75:f5:cd:91:23:a2:89:a3:81:af:2f:4a: 89:30:62:76:4d:30:35:72:11:31:18:38:14:98:0e:5b:dc:31: 18:4e:a2:2e:e2:cd:a6:6d:07:2b:dc:12:3c:87:3c:65:f0:56: f7:5e:14:00:61:a0:f7:27:59:a1:77:24:15:de:39:63:c4:da: 01:21:94:61:4c:3c:bb:68:65:02:dd:a0:d7:a5:9f:9e:8b:d6: 53:5e:a4:b6:2a:dc:32:cb:a9:00:fa:cb:ee:74:1a:0c:0b:5e: 6b:ea:aa:4a:e6:92:f1:fd:a8:66:b9:cb:98:b8:10:ef:1c:d4: 42:bc:e6:f1:cf:2c:9c:3b:d4:0d:38:43:8e:ff:c5:25:5c:14: ee:71:f2:37:87:34:5f:ab:3c:32:45:f6:83:e9:92:b0:e2:b5: c1:82:0c:00:ba:4f:86:24:df:af:eb:07:b8:18:f4:d1:26:f3: dd:c2:61:4b:1f:d6:71:11:11:b3:83:78:2f:8e:07:33:56:7c: fc:83:fd:3d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKb+trXb7/wginuc7RpBNtd+Ld18wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTA2MTUxMTQ1NTVaFw0yNTA2MTgyMzE1NTVaMDMxMTAvBgNV BAMTKDU3MzE4NDIzRjkyOTVBNEUxOTU0MTkyNDBDNDFBOTZCNzkxRUNENTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy4ZTs3m+tKnagq2JIiAQX/YeQ Q7uq7cne5kvLguPkSm7q6EzZtF5ahACbRwiie8hpk34j+ml2dXagJMFQU2BvjOer unam9C5zoT/bVRjIYuieFGO2UINpJ9sbnFuwZkY6uK4Q8Wet8V++cLgXWH2TJDNt NR5Gb0lmEmid8dOjyM2P0RxQqDQ/HnbVafkcBBDGdzfA9KBRu4L0sVJ6YMpWdnKa idxIDvVj6iuDORngctk9gu9QrZKiajlW9eBQVTsmZD7gJBJlS/6NxNPvujYmascl EdEk2FicPL02NAtQHpTGSbUKRn1tzpjJEjyzPTQ1KBDGAIjLeAY7AfP+M/ZlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUVzGEI/kpWk4ZVBkkDEGpa3kezVIwHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAG17yhITsL4MIgKQodR3W0lzYNFaN2OfgOGt 2O6XdWlNJnURsU4pwsK0FXh9ajWNe3mg7ahPZDJD4JetWXX1zZEjoomjga8vSokw YnZNMDVyETEYOBSYDlvcMRhOoi7izaZtByvcEjyHPGXwVvdeFABhoPcnWaF3JBXe OWPE2gEhlGFMPLtoZQLdoNeln56L1lNepLYq3DLLqQD6y+50GgwLXmvqqkrmkvH9 qGa5y5i4EO8c1EK85vHPLJw71A04Q47/xSVcFO5x8jeHNF+rPDJF9oPpkrDitcGC DAC6T4Yk36/rB7gY9NEm893CYUsf1nEREbODeC+OBzNWfPyD/T0= -----END CERTIFICATE-----Generated at Sun Jun 15 15:26:23 2025 by rpki-client