$ rpki-client -vvf repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft File: CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft (raw, json) Hash identifier: bWouNv+Dnft4aGESjHddZlxgUtPxEz70ZhlSIwwgAWI= Subject key identifier: 85:8B:B8:3E:8B:5D:F2:35:0D:D7:C9:02:2B:C7:CE:65:44:74:57:C7 Authority key identifier: CE:A0:3A:07:98:91:07:F5:47:A2:B2:AB:AA:6A:D4:E7:03:12:AD:5C Certificate issuer: /CN=CEA03A07989107F547A2B2ABAA6AD4E70312AD5C Certificate serial: 5C62F82C1A50B4CF3581DED6335DA945EAEB1179 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft Manifest number: 04F7 Signing time: Tue 05 Aug 2025 09:31:26 +0000 Manifest this update: Tue 05 Aug 2025 09:26:26 +0000 Manifest next update: Fri 08 Aug 2025 10:57:26 +0000 Files and hashes: 1: 3130332e3133302e3133362e302f32322d3234203d3e20313333383135.roa (hash: gDwS3CZNot9PKNbXfgVaxRg3XKEAojqRRjZmWUnIieM=) 2: CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl (hash: hhcGcbIBNayG7xKRH9mu3D3X4w0frGpV5pCNzVUVtZ0=) 3: 3130332e35322e34342e302f32322d3234203d3e20313333383135.roa (hash: +hHtMHqrRgOxnxPgQ1JDtVaqmRcnzLdlLvloLKvOcZA=) 4: 323430333a353763303a3a2f33322d3438203d3e20313333383135.roa (hash: qJMxf0aJqdHPfbLPNvUiMxKhq3U6DmyX3ZCQXdLa44w=) 5: 323430333a626163303a3a2f33322d3438203d3e20313333383135.roa (hash: bj03wSoaB1PZHhqBBV4Wr4Sjs0onXCgWYauPl2mcWtw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 10:57:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:62:f8:2c:1a:50:b4:cf:35:81:de:d6:33:5d:a9:45:ea:eb:11:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CEA03A07989107F547A2B2ABAA6AD4E70312AD5C Validity Not Before: Aug 5 09:26:26 2025 GMT Not After : Aug 8 10:57:26 2025 GMT Subject: CN=858BB83E8B5DF2350DD7C9022BC7CE65447457C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a5:78:53:3b:44:1f:5e:8e:c2:a6:a5:33:ee: 84:f7:64:3e:50:b4:f6:10:a8:31:9b:cd:4d:9f:93: a8:00:2a:d4:07:d7:28:d3:ba:3e:4a:88:01:9e:ad: 41:e1:2b:32:c3:ef:7f:6f:19:8d:bc:9a:02:ca:61: 86:53:41:0b:d7:b6:e6:fd:52:3a:ba:14:b2:67:8b: 19:9f:f8:38:99:03:ce:47:a2:b9:95:b1:8c:74:d1: be:e6:d0:20:95:84:74:93:d3:af:79:b7:ff:0d:94: 36:09:eb:47:9e:0d:7b:6d:b5:b1:23:db:25:91:6a: f3:85:00:09:07:28:3c:7c:f7:c6:62:bd:7a:ca:76: 07:30:2a:10:5b:d2:f0:40:87:47:a7:93:1b:02:10: c1:7c:5a:49:eb:8e:de:67:76:36:ee:e1:e1:31:0c: 15:50:60:53:5f:1e:9e:b1:a5:eb:2a:f5:c0:d0:01: c0:f2:f0:5e:13:4c:f9:70:60:c4:d8:f9:4f:0d:0f: 24:8c:0d:6a:91:05:4e:71:b7:c8:1c:82:b4:b3:0a: 8d:a3:23:a0:ed:32:a2:4f:28:42:e3:85:5b:73:66: 6d:1d:06:ed:7c:41:a1:93:06:b0:48:79:41:0a:8a: 8e:e8:a0:73:10:48:34:44:9c:a0:15:8d:27:70:45: 36:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:8B:B8:3E:8B:5D:F2:35:0D:D7:C9:02:2B:C7:CE:65:44:74:57:C7 X509v3 Authority Key Identifier: keyid:CE:A0:3A:07:98:91:07:F5:47:A2:B2:AB:AA:6A:D4:E7:03:12:AD:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d0:a3:c4:bc:29:9b:37:9d:37:36:4e:7c:df:37:af:7c:08:e0: dc:4e:23:0d:e1:2d:33:67:ec:a0:a4:f0:91:96:4c:43:b7:95: 22:9a:15:1d:ee:6f:e2:ca:ee:b1:31:09:c9:0d:45:6e:bd:8b: 15:7c:33:4a:32:09:e5:97:cb:7f:00:ae:86:06:bb:91:15:60: 3c:4d:b8:d4:56:3d:74:fc:ab:2e:fd:e5:cb:b1:78:e2:53:a1: ac:43:52:4d:f7:0b:8d:8c:4c:0a:74:04:64:1d:ab:5a:81:1a: 06:40:26:1e:70:19:4a:8d:4f:92:4f:1d:0d:a2:83:1c:f2:da: 21:9b:58:d5:9a:1e:6d:58:61:70:45:f1:94:ba:1c:82:53:c9: c1:b9:73:c2:6e:52:36:d0:b1:2c:c3:51:f2:e5:32:c8:bb:d3: 2a:41:6e:62:19:7d:b9:cb:c5:81:bb:a8:e4:92:c9:a7:4b:ef: 92:5a:a9:ee:71:11:0c:60:89:42:9b:0b:f8:1d:7f:72:4d:8c: 65:96:4f:2a:fa:7e:38:87:0e:ac:67:80:f7:cf:f0:a2:74:96: ff:6c:5e:c5:7b:fc:77:00:0f:a6:e9:fc:d8:7f:80:d0:ed:5b: 12:e2:49:47:7b:13:70:eb:2e:ed:f6:50:ba:a7:cd:ec:01:00: d2:f7:3e:e5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXGL4LBpQtM81gd7WM12pRerrEXkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0RTcw MzEyQUQ1QzAeFw0yNTA4MDUwOTI2MjZaFw0yNTA4MDgxMDU3MjZaMDMxMTAvBgNV BAMTKDg1OEJCODNFOEI1REYyMzUwREQ3QzkwMjJCQzdDRTY1NDQ3NDU3QzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/pXhTO0QfXo7CpqUz7oT3ZD5Q tPYQqDGbzU2fk6gAKtQH1yjTuj5KiAGerUHhKzLD739vGY28mgLKYYZTQQvXtub9 Ujq6FLJnixmf+DiZA85HormVsYx00b7m0CCVhHST0695t/8NlDYJ60eeDXtttbEj 2yWRavOFAAkHKDx898ZivXrKdgcwKhBb0vBAh0enkxsCEMF8Wknrjt5ndjbu4eEx DBVQYFNfHp6xpesq9cDQAcDy8F4TTPlwYMTY+U8NDySMDWqRBU5xt8gcgrSzCo2j I6DtMqJPKELjhVtzZm0dBu18QaGTBrBIeUEKio7ooHMQSDREnKAVjSdwRTabAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhYu4Potd8jUN18kCK8fOZUR0V8cwHwYDVR0j BBgwFoAUzqA6B5iRB/VHorKrqmrU5wMSrVwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YTNhZTQ4NS1hNjU4LTRjNWMtYWJlMi0xZTdmZDhiMDM4YTAvMC9DRUEwM0EwNzk4 OTEwN0Y1NDdBMkIyQUJBQTZBRDRFNzAzMTJBRDVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0RTcwMzEy QUQ1Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmEzYWU0ODUtYTY1OC00YzVjLWFi ZTItMWU3ZmQ4YjAzOGEwLzAvQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0 RTcwMzEyQUQ1Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBANCjxLwpmzedNzZOfN83r3wI4NxOIw3hLTNn 7KCk8JGWTEO3lSKaFR3ub+LK7rExCckNRW69ixV8M0oyCeWXy38AroYGu5EVYDxN uNRWPXT8qy795cuxeOJToaxDUk33C42MTAp0BGQdq1qBGgZAJh5wGUqNT5JPHQ2i gxzy2iGbWNWaHm1YYXBF8ZS6HIJTycG5c8JuUjbQsSzDUfLlMsi70ypBbmIZfbnL xYG7qOSSyadL75Jaqe5xEQxgiUKbC/gdf3JNjGWWTyr6fjiHDqxngPfP8KJ0lv9s XsV7/HcAD6bp/Nh/gNDtWxLiSUd7E3DrLu32ULqnzewBANL3PuU= -----END CERTIFICATE-----Generated at Thu Aug 7 00:27:16 2025 by rpki-client