$ rpki-client -vvf repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft File: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft (raw, json) Hash identifier: cTrKOccbvYWZREmBJ97PpSMBj10mUvY0w0bGGb1KgRo= Subject key identifier: 98:EA:3E:3C:0C:FE:54:27:56:6A:3B:5C:E8:9A:63:4C:11:27:88:AC Authority key identifier: D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 Certificate issuer: /CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Certificate serial: 1FCFB980B96FB5CDCF6785746C3CB782CEE6E811 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft Manifest number: 020D Signing time: Mon 04 Aug 2025 19:51:56 +0000 Manifest this update: Mon 04 Aug 2025 19:46:56 +0000 Manifest next update: Fri 08 Aug 2025 04:19:56 +0000 Files and hashes: 1: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl (hash: lf5OksbuZNCGh2g5/H97M0jg3h6afOfnXNc+WTVz0Mw=) 2: 3130332e3138332e362e302f32332d3234203d3e20313439343037.roa (hash: bu4LtbxxfvYhSmPVYXsHJnQ8u6QDASxNerDLPSby9+A=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 04:19:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:cf:b9:80:b9:6f:b5:cd:cf:67:85:74:6c:3c:b7:82:ce:e6:e8:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Validity Not Before: Aug 4 19:46:56 2025 GMT Not After : Aug 8 04:19:56 2025 GMT Subject: CN=98EA3E3C0CFE5427566A3B5CE89A634C112788AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:83:4f:6e:6e:77:6f:9e:ac:5a:e1:95:3a:29: 25:e5:fc:c6:2b:e5:5d:d7:e5:aa:4b:5d:e1:08:3a: 43:29:6b:5b:c9:6e:0a:e3:4d:bd:ba:ba:1b:58:eb: c0:93:27:ac:4d:42:51:1c:25:bd:9c:ad:80:ed:03: 24:16:bd:ec:ba:b5:80:8c:30:e5:54:c1:6e:96:f3: 3c:4b:73:12:1d:3c:52:2a:a2:af:2a:f0:8b:22:94: da:74:2a:01:5a:3a:5a:8b:41:15:08:79:8f:3d:1b: 2f:3e:21:74:d1:2c:42:b5:26:16:62:b0:c9:08:9f: a0:56:2b:fb:11:a9:a5:8f:de:8b:76:a0:5c:3f:64: d4:5a:3e:a8:dc:d8:38:9d:6f:18:a8:d1:69:8a:49: ca:0e:94:6e:c1:e1:a7:f5:98:23:88:8f:3d:6b:50: 1d:13:93:ed:fd:2c:bb:65:69:b1:5a:1a:15:14:8a: 24:bf:b9:c8:10:a6:c9:e1:3e:d1:a0:30:76:0c:1d: be:55:d9:fa:02:dd:5e:56:53:44:7c:82:db:cc:20: db:b8:9e:1d:b0:1c:92:c2:64:8b:07:46:c0:83:80: f0:ba:3e:61:06:74:fc:f7:c9:12:58:d9:ee:e8:60: e1:55:9e:50:24:c5:e7:ba:0d:d6:34:42:ec:fb:37: 12:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:EA:3E:3C:0C:FE:54:27:56:6A:3B:5C:E8:9A:63:4C:11:27:88:AC X509v3 Authority Key Identifier: keyid:D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:12:30:31:6a:25:8d:1f:0f:ee:fd:e4:c1:e2:dd:34:36:32: f4:12:e8:31:c8:19:a4:e6:61:f0:65:1b:c8:c4:88:84:d0:b3: 6a:c0:35:aa:8a:0a:a2:09:5e:93:85:e5:01:ae:5a:d3:b1:a0: 9f:40:38:6c:ce:2f:97:6f:86:2e:90:cf:e2:02:b3:3a:22:86: 8e:fc:50:fe:4b:90:90:78:2c:74:5a:1e:dd:39:b2:e4:7f:53: 23:9e:b4:d7:65:83:3a:24:dc:bf:8f:22:fe:35:71:2b:59:b0: 09:40:7b:f4:0e:8d:39:b1:f0:78:77:93:64:cb:c4:2d:f9:79: db:d8:6d:f9:e4:f1:20:03:ae:02:9f:a6:af:3e:ee:61:c6:c0: bd:e9:2b:82:2a:1a:85:9f:af:23:a9:01:51:6a:d5:f1:d2:04: fb:c3:01:3c:85:77:98:48:11:2c:75:8a:8a:95:76:80:9d:8e: a8:fd:30:c0:56:0b:45:de:c6:2d:1f:75:a1:03:43:48:5a:19: bd:3c:15:32:6f:63:a7:d5:06:d4:1f:39:2c:6e:29:65:31:7c: fd:0c:d9:27:94:fb:d2:27:a6:d3:2d:70:4e:92:b2:da:3b:cf: d6:b4:bb:fa:ab:01:c5:50:8e:ab:20:2b:17:28:76:60:8c:6c: cc:c6:89:ab -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUH8+5gLlvtc3PZ4V0bDy3gs7m6BEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2 NEREOUYyNjAeFw0yNTA4MDQxOTQ2NTZaFw0yNTA4MDgwNDE5NTZaMDMxMTAvBgNV BAMTKDk4RUEzRTNDMENGRTU0Mjc1NjZBM0I1Q0U4OUE2MzRDMTEyNzg4QUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCng09ubndvnqxa4ZU6KSXl/MYr 5V3X5apLXeEIOkMpa1vJbgrjTb26uhtY68CTJ6xNQlEcJb2crYDtAyQWvey6tYCM MOVUwW6W8zxLcxIdPFIqoq8q8IsilNp0KgFaOlqLQRUIeY89Gy8+IXTRLEK1JhZi sMkIn6BWK/sRqaWP3ot2oFw/ZNRaPqjc2Didbxio0WmKScoOlG7B4af1mCOIjz1r UB0Tk+39LLtlabFaGhUUiiS/ucgQpsnhPtGgMHYMHb5V2foC3V5WU0R8gtvMINu4 nh2wHJLCZIsHRsCDgPC6PmEGdPz3yRJY2e7oYOFVnlAkxee6DdY0Quz7NxLFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUmOo+PAz+VCdWajtc6JpjTBEniKwwHwYDVR0j BBgwFoAU0ho1l9e169mlR2gPHC7XpGTdnyYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z Y2M1NjA1ZC1mMTdhLTQwMTAtOTI1My0yMTBjNjRmMTQ4YmQvMC9EMjFBMzU5N0Q3 QjVFQkQ5QTU0NzY4MEYxQzJFRDdBNDY0REQ5RjI2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2NERE OUYyNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2NjNTYwNWQtZjE3YS00MDEwLTky NTMtMjEwYzY0ZjE0OGJkLzAvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3 QTQ2NEREOUYyNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEgSMDFqJY0fD+795MHi3TQ2MvQS6DHIGaTm YfBlG8jEiITQs2rANaqKCqIJXpOF5QGuWtOxoJ9AOGzOL5dvhi6Qz+ICszoiho78 UP5LkJB4LHRaHt05suR/UyOetNdlgzok3L+PIv41cStZsAlAe/QOjTmx8Hh3k2TL xC35edvYbfnk8SADrgKfpq8+7mHGwL3pK4IqGoWfryOpAVFq1fHSBPvDATyFd5hI ESx1ioqVdoCdjqj9MMBWC0Xexi0fdaEDQ0haGb08FTJvY6fVBtQfOSxuKWUxfP0M 2SeU+9InptMtcE6Ssto7z9a0u/qrAcVQjqsgKxcodmCMbMzGias= -----END CERTIFICATE-----Generated at Thu Aug 7 00:32:18 2025 by rpki-client