$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: e6SguFQYuNQbNp2sIqbwLv5tcCj6Fr3stPC10mYOlt0= Subject key identifier: 71:0C:92:0F:58:3A:54:58:4C:A5:9A:96:9D:F8:66:85:8F:39:76:3B Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 50A2C1DD0002D42DA81DE15C5B449272FE6A94C9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: 60 Signing time: Sat 26 Apr 2025 02:12:17 +0000 Manifest this update: Sat 26 Apr 2025 02:07:17 +0000 Manifest next update: Tue 29 Apr 2025 13:35:17 +0000 Files and hashes: 1: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: TGkt7mIGffzaSdL8zFHvIqbTrt+lUqZ7tFqXWcN/37M=) 2: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: LDJv6wYx3HsP5pbUhXvKMJKGJv2fMd2X2nhqPoeeYwE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Apr 2025 13:35:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:a2:c1:dd:00:02:d4:2d:a8:1d:e1:5c:5b:44:92:72:fe:6a:94:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Apr 26 02:07:17 2025 GMT Not After : Apr 29 13:35:17 2025 GMT Subject: CN=710C920F583A54584CA59A969DF866858F39763B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:7a:29:25:f7:88:6b:67:df:3a:46:6f:7d:35: 47:1b:9f:25:d2:cd:55:6a:3e:28:99:48:96:ed:fb: 09:91:4f:00:e3:11:a2:11:f0:fa:8a:66:83:69:db: 06:47:6a:cc:75:ab:9d:e0:ad:a5:17:fc:1e:47:14: 19:34:2a:81:d1:3c:85:6e:c3:97:17:01:82:02:b6: fd:e2:79:bf:1d:e1:1b:fd:ad:51:8f:c6:a7:e6:c3: 37:6b:f6:52:b5:87:1c:36:1e:57:e5:00:bb:11:52: 4d:f2:c5:c7:b6:85:c0:74:1a:99:d9:5d:9c:7c:8f: f5:45:78:39:ab:f1:9f:f3:59:63:87:23:91:05:fa: 4c:a3:80:5f:9c:2e:44:07:4f:93:2a:ce:ec:c2:0b: 61:9d:0e:54:41:ff:f1:a6:b5:8a:87:ad:a7:f6:e5: 6a:44:fd:66:d2:01:5d:77:70:f4:42:fb:1f:2c:24: 72:44:4b:0f:32:c9:73:21:0f:5c:4f:ee:22:b4:f4: 42:6b:ce:b8:ec:c9:d7:84:16:10:c8:5c:a4:26:32: 0a:d4:fe:b0:ed:ce:c1:c8:52:60:1b:a2:2d:30:1d: 62:4a:20:b9:99:3e:7e:b8:9d:87:6e:5e:02:2a:1d: f0:40:c0:4d:ff:1e:5f:e1:bb:fe:59:52:8a:03:c6: 1e:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:0C:92:0F:58:3A:54:58:4C:A5:9A:96:9D:F8:66:85:8F:39:76:3B X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1f:51:21:b5:c5:b0:19:77:48:e4:8e:58:4f:49:29:c6:af:4e: c8:8e:df:21:7f:25:05:6b:49:80:38:2b:57:ac:a6:c4:2b:9a: 90:d0:12:e1:b0:e2:b4:0f:70:ec:8b:b4:51:f0:f8:2b:00:18: e4:69:40:3f:88:0a:4d:fb:cb:2a:1b:fe:35:5b:a0:54:c3:31: 72:1d:cc:0d:6f:ad:0b:8d:ba:21:fc:be:cb:3f:83:3b:63:6b: 35:35:35:c1:3e:52:69:83:73:b2:ae:e4:1c:26:0a:e6:ff:75: fe:82:af:eb:3d:cc:64:84:7d:7f:cf:0d:43:8c:a3:62:19:a4: 1a:6e:ea:69:0c:b5:79:42:a8:28:56:25:1e:81:f6:ec:c5:62: ff:3a:1d:5f:e2:02:1a:79:38:d9:65:79:8c:65:eb:f7:fb:ed: 88:91:a8:74:02:fb:aa:4c:3b:a1:8e:58:c8:9f:4b:89:5a:59: 0c:33:e0:41:3f:16:a2:60:02:b3:47:9c:e3:63:54:16:f5:2c: b0:72:a7:0a:f6:a7:cc:02:25:d9:69:29:6a:bf:1a:86:9b:90: db:0b:bc:e5:a0:54:d6:73:e9:a5:ee:03:99:88:30:27:a4:b6: 01:c6:c8:58:1c:a6:7d:6a:f3:39:fc:c1:9f:9f:80:8e:b5:92: cf:82:11:6d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUUKLB3QAC1C2oHeFcW0SScv5qlMkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNTA0MjYwMjA3MTdaFw0yNTA0MjkxMzM1MTdaMDMxMTAvBgNV BAMTKDcxMEM5MjBGNTgzQTU0NTg0Q0E1OUE5NjlERjg2Njg1OEYzOTc2M0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmeikl94hrZ986Rm99NUcbnyXS zVVqPiiZSJbt+wmRTwDjEaIR8PqKZoNp2wZHasx1q53graUX/B5HFBk0KoHRPIVu w5cXAYICtv3ieb8d4Rv9rVGPxqfmwzdr9lK1hxw2HlflALsRUk3yxce2hcB0GpnZ XZx8j/VFeDmr8Z/zWWOHI5EF+kyjgF+cLkQHT5MqzuzCC2GdDlRB//GmtYqHraf2 5WpE/WbSAV13cPRC+x8sJHJESw8yyXMhD1xP7iK09EJrzrjsydeEFhDIXKQmMgrU /rDtzsHIUmAboi0wHWJKILmZPn64nYduXgIqHfBAwE3/Hl/hu/5ZUooDxh4pAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUcQySD1g6VFhMpZqWnfhmhY85djswHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAB9RIbXFsBl3SOSOWE9JKcavTsiO3yF/JQVr SYA4K1espsQrmpDQEuGw4rQPcOyLtFHw+CsAGORpQD+ICk37yyob/jVboFTDMXId zA1vrQuNuiH8vss/gztjazU1NcE+UmmDc7Ku5BwmCub/df6Cr+s9zGSEfX/PDUOM o2IZpBpu6mkMtXlCqChWJR6B9uzFYv86HV/iAhp5ONlleYxl6/f77YiRqHQC+6pM O6GOWMifS4laWQwz4EE/FqJgArNHnONjVBb1LLBypwr2p8wCJdlpKWq/GoabkNsL vOWgVNZz6aXuA5mIMCektgHGyFgcpn1q8zn8wZ+fgI61ks+CEW0= -----END CERTIFICATE-----Generated at Sun Apr 27 18:58:17 2025 by rpki-client