$ rpki-client -vvf repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.mft File: 2CCC85BF6CCD365701EFA75EE416D234F861385B.mft (raw, json) Hash identifier: Ln08mayNUP0kpntRf5BGhxX0oYV9Av9SH8Rnq5jv9iY= Subject key identifier: 1A:C1:B1:13:63:58:FD:15:1E:21:C9:59:E3:14:89:69:18:17:21:86 Authority key identifier: 2C:CC:85:BF:6C:CD:36:57:01:EF:A7:5E:E4:16:D2:34:F8:61:38:5B Certificate issuer: /CN=2CCC85BF6CCD365701EFA75EE416D234F861385B Certificate serial: 7CDE8E479EA9EAE167FEF93C1AE12D4D5945B9CE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2CCC85BF6CCD365701EFA75EE416D234F861385B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.mft Manifest number: AA Signing time: Wed 06 Aug 2025 03:42:21 +0000 Manifest this update: Wed 06 Aug 2025 03:37:21 +0000 Manifest next update: Sat 09 Aug 2025 11:02:21 +0000 Files and hashes: 1: 2CCC85BF6CCD365701EFA75EE416D234F861385B.crl (hash: 53S2FA1vt+DfB+h6PWXKNd2AkRtLGIedTvrhtihh9aM=) 2: 3136302e32352e3231392e302f32342d3234203d3e20313533303836.roa (hash: JTPBl2xXnGWTl8ZrptZDVbUzFDyRS3/D40BYMh+0i4U=) 3: 3136302e32352e3231382e302f32342d3234203d3e20313533303836.roa (hash: Mr9+qsjEnJb2cnSB3AyArFy2+SWtmXNIU1+g9FxOCh0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.crl rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2CCC85BF6CCD365701EFA75EE416D234F861385B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 09:26:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:de:8e:47:9e:a9:ea:e1:67:fe:f9:3c:1a:e1:2d:4d:59:45:b9:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CCC85BF6CCD365701EFA75EE416D234F861385B Validity Not Before: Aug 6 03:37:21 2025 GMT Not After : Aug 9 11:02:21 2025 GMT Subject: CN=1AC1B1136358FD151E21C959E314896918172186 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:27:30:1c:af:ff:c9:0e:4b:d0:e5:2c:3b:9e: 3d:a4:06:f7:4e:51:8d:3f:87:2b:35:e0:37:a7:9f: a2:9a:7e:cb:73:91:3c:1d:63:8b:e3:ad:fc:27:10: a3:99:93:f3:2b:be:39:5b:4f:94:50:e8:3a:5c:16: cc:a2:58:ab:96:47:39:73:ff:26:0f:fb:16:32:a3: a8:5a:59:2a:2c:d1:e5:41:80:2f:cd:fe:73:70:f3: 5e:71:9a:fa:ea:1e:60:e6:e8:d6:d4:1e:3d:24:82: bd:43:8a:ad:29:1e:9b:e1:74:e1:d9:90:56:fb:bf: 22:15:85:e2:80:68:10:89:b2:5d:24:e5:49:b0:8d: f7:98:38:7a:f8:79:bf:63:53:d9:7c:cb:e5:83:cd: 94:06:db:b7:21:ce:64:f1:a4:f6:ea:5a:6a:e1:0d: 00:ef:f7:86:ca:52:93:35:01:2c:03:6a:0f:f3:d3: 48:91:92:60:c9:07:a4:e0:fc:79:20:2d:38:f9:90: aa:1e:34:f5:a5:02:7b:e5:11:47:52:b3:e1:89:68: 6e:fe:d7:cc:85:af:89:37:f1:09:61:ab:42:db:8c: 28:e1:d4:4f:f2:3d:9b:0a:cd:8b:01:c7:cf:37:84: 37:57:e5:6a:b8:d5:e4:43:fa:1c:23:d1:e2:4e:52: 17:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:C1:B1:13:63:58:FD:15:1E:21:C9:59:E3:14:89:69:18:17:21:86 X509v3 Authority Key Identifier: keyid:2C:CC:85:BF:6C:CD:36:57:01:EF:A7:5E:E4:16:D2:34:F8:61:38:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2CCC85BF6CCD365701EFA75EE416D234F861385B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:b9:36:0c:5b:65:ec:53:f6:0e:de:56:82:44:9c:45:2f:4f: 33:68:1a:9b:d0:ed:f8:bb:b9:81:fc:d7:16:3e:a9:0c:9c:a4: 08:41:54:36:7f:82:fa:c7:2a:fa:79:95:ff:50:f0:de:f8:61: 76:14:fd:71:a6:b5:9a:b6:47:42:bb:1c:a9:f0:43:c1:56:8a: 0a:9f:e6:89:57:65:69:12:16:58:97:d2:5a:75:62:e1:ed:f5: 10:45:bc:ed:b8:bf:31:c4:2d:82:88:4a:ff:56:af:c4:33:b7: 31:9a:05:4a:45:d5:e5:ce:e9:1f:d1:b8:ba:21:8c:2d:8e:82: 26:43:6b:68:13:dc:a8:fd:9b:4e:d0:49:dd:6d:24:b9:ba:ca: 1f:77:1c:20:8c:fe:aa:0e:7c:73:83:ff:45:78:29:bb:04:58: 04:1b:fc:d8:42:ab:8b:6d:9e:8a:93:ef:fa:2e:7e:d4:e5:7d: 2d:f1:78:44:96:be:35:99:ef:3c:25:45:4e:fe:15:c0:ae:ac: 2b:f9:4c:df:23:2c:3f:e9:cd:fe:54:45:6c:f8:1b:ee:1f:3b: 56:3d:e8:1c:ee:92:62:7a:8c:65:0e:6d:e5:73:fe:84:4b:2a: ce:36:f6:38:ab:55:41:ee:5d:48:00:31:7a:88:fa:5a:1e:1c: a2:77:70:31 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfN6OR56p6uFn/vk8GuEtTVlFuc4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkNDQzg1QkY2Q0NEMzY1NzAxRUZBNzVFRTQxNkQyMzRG ODYxMzg1QjAeFw0yNTA4MDYwMzM3MjFaFw0yNTA4MDkxMTAyMjFaMDMxMTAvBgNV BAMTKDFBQzFCMTEzNjM1OEZEMTUxRTIxQzk1OUUzMTQ4OTY5MTgxNzIxODYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnJzAcr//JDkvQ5Sw7nj2kBvdO UY0/hys14Denn6KafstzkTwdY4vjrfwnEKOZk/MrvjlbT5RQ6DpcFsyiWKuWRzlz /yYP+xYyo6haWSos0eVBgC/N/nNw815xmvrqHmDm6NbUHj0kgr1Diq0pHpvhdOHZ kFb7vyIVheKAaBCJsl0k5UmwjfeYOHr4eb9jU9l8y+WDzZQG27chzmTxpPbqWmrh DQDv94bKUpM1ASwDag/z00iRkmDJB6Tg/HkgLTj5kKoeNPWlAnvlEUdSs+GJaG7+ 18yFr4k38Qlhq0LbjCjh1E/yPZsKzYsBx883hDdX5Wq41eRD+hwj0eJOUhdNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUGsGxE2NY/RUeIclZ4xSJaRgXIYYwHwYDVR0j BBgwFoAULMyFv2zNNlcB76de5BbSNPhhOFswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YWYwN2YxOC01YzQ5LTQxMjktYWE1My03MDg1Y2NkNTdiNjMvMC8yQ0NDODVCRjZD Q0QzNjU3MDFFRkE3NUVFNDE2RDIzNEY4NjEzODVCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMkNDQzg1QkY2Q0NEMzY1NzAxRUZBNzVFRTQxNkQyMzRGODYx Mzg1Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2FmMDdmMTgtNWM0OS00MTI5LWFh NTMtNzA4NWNjZDU3YjYzLzAvMkNDQzg1QkY2Q0NEMzY1NzAxRUZBNzVFRTQxNkQy MzRGODYxMzg1Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACa5NgxbZexT9g7eVoJEnEUvTzNoGpvQ7fi7 uYH81xY+qQycpAhBVDZ/gvrHKvp5lf9Q8N74YXYU/XGmtZq2R0K7HKnwQ8FWigqf 5olXZWkSFliX0lp1YuHt9RBFvO24vzHELYKISv9Wr8QztzGaBUpF1eXO6R/RuLoh jC2OgiZDa2gT3Kj9m07QSd1tJLm6yh93HCCM/qoOfHOD/0V4KbsEWAQb/NhCq4tt noqT7/ouftTlfS3xeESWvjWZ7zwlRU7+FcCurCv5TN8jLD/pzf5URWz4G+4fO1Y9 6BzukmJ6jGUObeVz/oRLKs429jirVUHuXUgAMXqI+loeHKJ3cDE= -----END CERTIFICATE-----Generated at Wed Aug 6 10:08:49 2025 by rpki-client