$ rpki-client -vvf repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft File: BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft (raw, json) Hash identifier: ehNw06xwV8gsXZ/Q3mdsokKEoE5VCLvBNDGp3h2/wVo= Subject key identifier: A9:D3:C4:22:29:D5:4E:43:02:E2:09:D3:53:49:7E:7E:55:31:7E:2A Authority key identifier: BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0 Certificate issuer: /CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0 Certificate serial: 65A49CFC71FDDDC2F6613B2D3A0FEFF3759AA801 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft Manifest number: 01CC Signing time: Wed 06 Aug 2025 04:10:52 +0000 Manifest this update: Wed 06 Aug 2025 04:05:52 +0000 Manifest next update: Sat 09 Aug 2025 07:51:52 +0000 Files and hashes: 1: 3130332e32302e38342e302f32342d3234203d3e20313530323337.roa (hash: 1cGJCBtgT1/NMznXhjOAyubxZil1/dRuPKJqMQpqjDY=) 2: BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl (hash: YtXgGTy+Z/lXzUq9ySxkBtn0jccY1WvvL4Yy9hV1VWg=) 3: 3130332e32302e38352e302f32342d3234203d3e20313530323337.roa (hash: xoLxa0LoHLD0+7I86yIRegh8/X09LbX3E+d8Q3rf5aA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 07:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:a4:9c:fc:71:fd:dd:c2:f6:61:3b:2d:3a:0f:ef:f3:75:9a:a8:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0 Validity Not Before: Aug 6 04:05:52 2025 GMT Not After : Aug 9 07:51:52 2025 GMT Subject: CN=A9D3C42229D54E4302E209D353497E7E55317E2A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:c2:15:28:f1:78:e3:41:d6:f0:d4:98:57:c8: 6d:68:62:25:13:64:71:51:54:fe:57:6d:8c:85:97: 5e:4d:c5:4f:80:2d:63:e6:f2:cb:a7:b7:cb:0d:d9: ee:da:05:d0:29:c5:71:8b:ca:b7:7a:d9:d6:47:84: 04:aa:a4:5b:85:52:c0:da:a2:99:4a:ae:b6:43:5d: 8e:58:6e:58:1e:88:b4:9c:3d:db:21:09:ec:35:d4: 85:9b:76:06:00:3e:fd:e7:ba:6d:95:7e:cf:4a:38: ee:76:37:1c:4c:07:e3:13:8c:6b:31:3f:fc:57:f3: 9b:40:53:9d:77:75:76:d8:e4:c5:b5:1c:96:ea:91: 29:63:e2:17:80:95:ab:00:f7:cc:9e:cb:bc:31:4e: b7:85:39:7c:2e:a3:7b:29:4d:58:fc:44:9f:8d:19: 55:e1:5c:d4:b2:5d:db:ba:bc:60:db:c8:b3:39:91: ad:9d:4b:f5:a4:02:ad:22:fc:0c:90:39:62:1b:fd: d4:ad:66:34:13:f5:78:da:a6:98:1f:86:41:b4:6c: d7:7c:0a:60:ae:19:c3:34:d8:64:a4:a9:8f:37:ed: a8:58:82:9b:d6:d8:aa:c5:0e:92:d7:21:8b:41:6f: 34:af:c3:21:3c:6e:25:d2:97:41:b9:10:4b:86:5a: 83:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:D3:C4:22:29:D5:4E:43:02:E2:09:D3:53:49:7E:7E:55:31:7E:2A X509v3 Authority Key Identifier: keyid:BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:64:d9:60:70:d9:48:6b:a4:b1:8c:08:d6:83:78:b5:8b:9f: 11:08:15:2b:dc:3d:44:b9:66:2b:1f:fb:48:b5:2e:dd:1a:0d: 6c:e3:70:8a:9a:20:9c:b5:51:7b:4d:98:db:81:26:96:df:b8: 50:48:db:f0:26:d9:c9:a3:53:49:cd:30:0f:25:39:52:6f:ad: 9d:d6:c8:ab:61:bd:1d:8f:41:52:6a:ca:6e:1e:88:82:d1:10: 61:3e:0c:07:b3:aa:d5:1e:7c:7b:b3:33:8b:83:3e:d2:9a:b0: 4c:76:89:73:ef:5c:3c:34:27:fa:f8:fb:bf:7c:4a:54:5e:bb: 3f:92:ff:5c:a8:85:82:e4:11:3c:ab:5b:8f:28:9b:16:33:12: 05:b6:38:b2:f3:3c:ac:c0:75:62:e6:f3:b0:6a:7b:d4:7e:b2: 32:b7:fa:0f:39:39:f8:32:a3:68:0d:2b:16:63:a2:c1:f7:e8: da:5b:92:b0:c3:3f:07:01:2b:66:7f:5f:0c:f2:20:2e:86:10: 62:30:05:a1:d8:c9:5b:4e:a5:56:bc:da:9d:b4:0b:d6:60:bd: 28:e2:60:3e:04:f1:31:ac:dd:2d:7a:6f:d1:8c:ce:3b:77:0a: 64:0d:93:cb:d2:6d:11:61:ff:83:61:ba:7e:ab:74:74:cc:f8: db:ff:0b:f5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZaSc/HH93cL2YTstOg/v83WaqAEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3 OURGRkZEMDAeFw0yNTA4MDYwNDA1NTJaFw0yNTA4MDkwNzUxNTJaMDMxMTAvBgNV BAMTKEE5RDNDNDIyMjlENTRFNDMwMkUyMDlEMzUzNDk3RTdFNTUzMTdFMkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8whUo8XjjQdbw1JhXyG1oYiUT ZHFRVP5XbYyFl15NxU+ALWPm8sunt8sN2e7aBdApxXGLyrd62dZHhASqpFuFUsDa oplKrrZDXY5YblgeiLScPdshCew11IWbdgYAPv3num2Vfs9KOO52NxxMB+MTjGsx P/xX85tAU513dXbY5MW1HJbqkSlj4heAlasA98yey7wxTreFOXwuo3spTVj8RJ+N GVXhXNSyXdu6vGDbyLM5ka2dS/WkAq0i/AyQOWIb/dStZjQT9XjappgfhkG0bNd8 CmCuGcM02GSkqY837ahYgpvW2KrFDpLXIYtBbzSvwyE8biXSl0G5EEuGWoMbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUqdPEIinVTkMC4gnTU0l+flUxfiowHwYDVR0j BBgwFoAUvQynu37hRZehcfGx4+MSennf/9AwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZDdhNzFiYy1mOTEwLTRiOGMtOWNmZi0wODU3ZDVmMmQzN2YvMC9CRDBDQTdCQjdF RTE0NTk3QTE3MUYxQjFFM0UzMTI3QTc5REZGRkQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3OURG RkZEMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2Q3YTcxYmMtZjkxMC00YjhjLTlj ZmYtMDg1N2Q1ZjJkMzdmLzAvQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEy N0E3OURGRkZEMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKVk2WBw2UhrpLGMCNaDeLWLnxEIFSvcPUS5 Zisf+0i1Lt0aDWzjcIqaIJy1UXtNmNuBJpbfuFBI2/Am2cmjU0nNMA8lOVJvrZ3W yKthvR2PQVJqym4eiILREGE+DAezqtUefHuzM4uDPtKasEx2iXPvXDw0J/r4+798 SlReuz+S/1yohYLkETyrW48omxYzEgW2OLLzPKzAdWLm87Bqe9R+sjK3+g85Ofgy o2gNKxZjosH36NpbkrDDPwcBK2Z/XwzyIC6GEGIwBaHYyVtOpVa82p20C9ZgvSji YD4E8TGs3S16b9GMzjt3CmQNk8vSbRFh/4Nhun6rdHTM+Nv/C/U= -----END CERTIFICATE-----Generated at Thu Aug 7 07:23:21 2025 by rpki-client