$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft File: 3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft (raw, json) Hash identifier: lvKHxV7eVDVFH9WhedEA74R+8gFNgU5thDqVri2/JMo= Subject key identifier: BA:F0:AC:38:27:E1:0D:33:83:7F:66:BA:00:AC:EC:AE:2D:D1:3D:3B Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 4241586DDC503A1BCB9108A358F41B81ED920E69 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft Manifest number: 0217 Signing time: Mon 04 Aug 2025 09:22:13 +0000 Manifest this update: Mon 04 Aug 2025 09:17:13 +0000 Manifest next update: Thu 07 Aug 2025 17:34:13 +0000 Files and hashes: 1: 3132302e32392e3233312e302f32342d3234203d3e203338373634.roa (hash: 3zNl9QPxwFV4edQhVMCJxnLjianzmdRSes5SZUBTIJM=) 2: 3132302e32392e3232362e302f32342d3234203d3e203338373634.roa (hash: mysGAJlaNM3q0YL8uE3Xz1GWVqbaXG+zqdMdDsNe4Gc=) 3: 3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl (hash: SWf/1g2Mrci7iOmBGB/ONuMBOPrT9lWXW8cV3piZkd8=) 4: 3132302e32392e3233302e302f32342d3234203d3e203338373634.roa (hash: 8F55uNQoN3zi97DtY0Vq2ak+DmYZUOFPxOyq8OUlCl0=) 5: 3132302e32392e3232392e302f32342d3234203d3e203338373634.roa (hash: qDCFFlpgV3kLnT4aXYTKC6LV3pb8e9ELxOyK+x211n0=) 6: 3132302e32392e3233312e302f32342d3234203d3e203139393035.roa (hash: r2yKO3KrSmkrfjQ84qnMxwLYCnCinVawrYAR52ueF/A=) 7: 3132302e32392e3232362e302f32342d3234203d3e203139393035.roa (hash: 3HF7GKrMWvA2HVJvaEA0TLWlABe/FvvXdYdd308g/bM=) 8: 3132302e32392e3232372e302f32342d3234203d3e203338373634.roa (hash: kizpm5pMXSzgoWrppvdtyhcaCD0lO2EdJCuHJxptLZU=) 9: 3132302e32392e3232382e302f32342d3234203d3e203338373634.roa (hash: RPYaZow5ZwQZRWzcXVmYwaCDDEvxoHSoWyb9lPO3JzQ=) 10: 3132302e32392e3232352e302f32342d3234203d3e203338373634.roa (hash: iVloZrBIKi8lO+ez3IilhigHeiC4/XBak2SIy/5eYbE=) 11: 3132302e32392e3232392e302f32342d3234203d3e203139393035.roa (hash: VUbT8SHEyKOKmASLTaMwWEhd8ggbwmzz2pEnc4bB2PQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 Aug 2025 17:34:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:41:58:6d:dc:50:3a:1b:cb:91:08:a3:58:f4:1b:81:ed:92:0e:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Aug 4 09:17:13 2025 GMT Not After : Aug 7 17:34:13 2025 GMT Subject: CN=BAF0AC3827E10D33837F66BA00ACECAE2DD13D3B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:94:6a:de:a0:70:b4:5b:4c:62:af:9a:1f:b2: 3e:be:dc:96:da:b0:e8:0d:43:e7:73:52:43:d7:ec: 2e:85:a2:bc:a2:63:32:1c:01:58:83:0b:ce:3e:c0: a3:5d:54:f8:ef:bc:f0:02:f4:a0:50:15:16:03:01: 70:8f:c7:4a:e8:70:b2:60:f7:ab:b4:10:01:25:6e: ed:44:24:11:e2:b3:a7:2b:2c:d1:f1:d0:06:ef:e4: 04:20:75:e3:07:d6:a5:eb:2e:e6:b3:aa:f0:83:74: 62:9b:63:37:ce:80:ee:0d:87:10:c2:d6:60:5f:f1: da:79:8b:cc:d9:ec:82:27:c7:b8:5c:46:9e:40:c2: ee:e8:be:6b:29:48:cd:a1:1e:11:9d:f5:7a:cb:fc: d0:30:36:3d:6d:1b:be:c2:23:79:cd:c3:c7:f1:6a: f9:2e:a5:6f:4e:e3:47:26:55:97:46:4b:8e:87:ae: ef:dc:c7:91:a5:42:ab:f2:e8:bf:ac:9f:a6:c6:f7: 09:81:96:a6:c8:3f:4e:37:07:35:81:9b:e6:1b:db: 70:04:6b:37:c3:57:b1:f8:cb:5f:c5:1f:05:21:1c: a5:66:14:6f:a3:81:0e:2a:b1:7a:b2:48:a1:b9:0e: 8e:e7:53:93:d7:bf:c7:96:0d:40:67:24:72:8d:c3: 7b:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:F0:AC:38:27:E1:0D:33:83:7F:66:BA:00:AC:EC:AE:2D:D1:3D:3B X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:e9:9f:36:9b:6c:c3:3a:46:b1:dd:ee:15:10:bf:c8:96:f0: aa:b2:b5:b5:b3:1e:21:71:0d:cf:b4:e9:c3:09:76:4d:2f:d6: 6a:7b:d7:dc:51:a5:4f:9f:78:30:bf:e1:b9:7e:01:3f:07:15: da:ee:89:07:a7:33:6c:f7:e9:d5:ee:47:59:29:ee:d8:c3:4d: ff:38:b6:07:8d:bc:11:f5:3f:1a:47:e0:11:2a:37:d1:5a:a3: 44:29:ec:55:0b:84:17:aa:95:02:43:59:e6:fa:07:b3:32:46: 9a:a2:81:a1:b2:b7:d5:51:76:d3:9c:04:28:3d:df:2f:5e:bb: c0:7d:f0:e2:7b:f9:e6:4e:1a:8d:77:6c:9b:43:b8:eb:81:b5: ca:64:3f:73:10:a3:4c:7a:14:1f:ea:10:cf:16:0e:b9:7b:a3: 81:86:de:7e:cd:e4:dc:84:42:c5:b1:9b:e9:4b:36:a0:60:1a: f4:e9:02:2b:9f:38:bf:6b:34:23:96:94:0e:dd:c3:91:1c:45: dc:9b:bf:a1:8d:74:36:f0:50:4e:13:32:52:a6:a0:c5:bb:a1: 73:f3:55:91:c7:b0:a7:fc:9b:ef:75:db:5f:f4:65:89:e7:2a: b8:25:e1:db:c1:b0:7c:c2:99:36:70:b3:8e:73:20:f4:6b:a2: 32:da:3c:44 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQkFYbdxQOhvLkQijWPQbge2SDmkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNTA4MDQwOTE3MTNaFw0yNTA4MDcxNzM0MTNaMDMxMTAvBgNV BAMTKEJBRjBBQzM4MjdFMTBEMzM4MzdGNjZCQTAwQUNFQ0FFMkREMTNEM0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrlGreoHC0W0xir5ofsj6+3Jba sOgNQ+dzUkPX7C6ForyiYzIcAViDC84+wKNdVPjvvPAC9KBQFRYDAXCPx0rocLJg 96u0EAElbu1EJBHis6crLNHx0Abv5AQgdeMH1qXrLuazqvCDdGKbYzfOgO4NhxDC 1mBf8dp5i8zZ7IInx7hcRp5Awu7ovmspSM2hHhGd9XrL/NAwNj1tG77CI3nNw8fx avkupW9O40cmVZdGS46Hru/cx5GlQqvy6L+sn6bG9wmBlqbIP043BzWBm+Yb23AE azfDV7H4y1/FHwUhHKVmFG+jgQ4qsXqySKG5Do7nU5PXv8eWDUBnJHKNw3tdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUuvCsOCfhDTODf2a6AKzsri3RPTswHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjIxYzljYWQtYzNiOS00NWEwLWJl YjYtYmNlNDhlMmIyMjcyLzAvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1 NTdBMzVCMDI1MS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHbpnzabbMM6RrHd7hUQv8iW8KqytbWzHiFx Dc+06cMJdk0v1mp719xRpU+feDC/4bl+AT8HFdruiQenM2z36dXuR1kp7tjDTf84 tgeNvBH1PxpH4BEqN9Fao0Qp7FULhBeqlQJDWeb6B7MyRpqigaGyt9VRdtOcBCg9 3y9eu8B98OJ7+eZOGo13bJtDuOuBtcpkP3MQo0x6FB/qEM8WDrl7o4GG3n7N5NyE QsWxm+lLNqBgGvTpAiufOL9rNCOWlA7dw5EcRdybv6GNdDbwUE4TMlKmoMW7oXPz VZHHsKf8m+9121/0ZYnnKrgl4dvBsHzCmTZws45zIPRrojLaPEQ= -----END CERTIFICATE-----Generated at Wed Aug 6 18:25:26 2025 by rpki-client