$ rpki-client -vvf repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft File: BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft (raw, json) Hash identifier: EGOQq7Tyq7u+ABRAKFj65pVM/5eXMH3HXgpCC0gORi4= Subject key identifier: 78:D9:34:53:5A:0C:3D:BE:62:CA:79:EB:57:17:74:33:AF:4B:A9:DD Authority key identifier: BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0 Certificate issuer: /CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0 Certificate serial: 65CE7D579FE24B77E71AF3FEC4B5222BAB6535BE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft Manifest number: 01B5 Signing time: Sun 15 Jun 2025 16:50:50 +0000 Manifest this update: Sun 15 Jun 2025 16:45:50 +0000 Manifest next update: Wed 18 Jun 2025 18:50:50 +0000 Files and hashes: 1: BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl (hash: OGuiTwhb5cLHl8sogLQJzu3ps+qHK21J2a5WNYwzyhU=) 2: 3130332e32302e38342e302f32342d3234203d3e20313530323337.roa (hash: 1cGJCBtgT1/NMznXhjOAyubxZil1/dRuPKJqMQpqjDY=) 3: 3130332e32302e38352e302f32342d3234203d3e20313530323337.roa (hash: xoLxa0LoHLD0+7I86yIRegh8/X09LbX3E+d8Q3rf5aA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 18:50:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:ce:7d:57:9f:e2:4b:77:e7:1a:f3:fe:c4:b5:22:2b:ab:65:35:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0 Validity Not Before: Jun 15 16:45:50 2025 GMT Not After : Jun 18 18:50:50 2025 GMT Subject: CN=78D934535A0C3DBE62CA79EB57177433AF4BA9DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:e8:20:0a:a4:d3:c7:87:6b:65:23:1e:7f:83: 8d:42:2a:de:b2:55:90:6d:3a:57:c0:eb:9e:eb:29: 65:69:2a:ca:b8:f4:da:55:58:0a:24:f2:df:b6:e3: 2f:23:23:8d:28:ce:32:ab:46:12:4b:63:90:d2:df: 64:d7:92:5f:d3:fb:db:52:08:f0:d4:c8:6b:43:f4: 8e:e0:40:b9:28:ca:83:bf:80:d2:bc:e4:76:60:aa: 57:c3:cf:11:0d:a0:3d:0e:79:2c:af:f0:0b:4f:aa: b6:b2:c7:f1:74:74:f1:26:65:91:99:26:52:0a:e1: b2:6b:a1:0a:a9:e1:af:98:ce:5b:db:42:0f:00:bc: 92:95:f1:59:0b:f1:06:a6:ab:f0:41:63:d2:0a:96: b3:a0:cc:f1:b8:1f:03:67:31:89:5d:a7:95:5d:1d: bb:5c:94:3f:c5:57:63:c1:27:43:94:56:32:e5:e1: 88:18:1f:ca:82:f8:03:cf:43:83:2c:ca:1b:46:60: 74:83:7f:3a:6b:66:a0:f0:83:60:22:ba:f7:a4:a5: 74:0c:63:00:28:a4:01:b4:bb:4f:8a:e4:1f:66:c9: 5d:7a:fd:6a:cf:4c:3f:dc:11:47:51:57:5f:2c:7a: b1:a1:9d:ee:5c:87:57:40:e3:4f:5b:f0:96:3c:97: 3d:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:D9:34:53:5A:0C:3D:BE:62:CA:79:EB:57:17:74:33:AF:4B:A9:DD X509v3 Authority Key Identifier: keyid:BD:0C:A7:BB:7E:E1:45:97:A1:71:F1:B1:E3:E3:12:7A:79:DF:FF:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3d7a71bc-f910-4b8c-9cff-0857d5f2d37f/0/BD0CA7BB7EE14597A171F1B1E3E3127A79DFFFD0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:fa:39:fb:29:df:f4:ff:d6:99:86:1a:c0:19:b0:82:74:bf: 9f:35:f3:b8:ec:79:96:d6:a2:a2:8c:91:d5:68:4d:cc:bb:55: 07:86:00:68:62:cd:ce:92:04:6f:6e:11:a2:61:5c:f4:da:2d: 9c:ef:9c:76:35:61:d1:1c:40:95:3a:e1:00:07:3c:c2:65:01: 6a:ee:32:62:4a:dd:5b:4b:84:47:04:1f:7c:30:a8:dc:4b:5d: e2:2e:12:80:49:38:f3:12:86:d3:33:03:6e:06:1e:11:dc:b3: a9:77:98:20:79:a3:5a:fc:b7:6a:19:f8:07:9f:7d:17:22:61: ef:02:20:cf:64:80:01:52:3f:ec:74:c8:ae:ff:93:23:50:00: 05:c8:e1:b5:a1:c4:72:c3:46:44:88:3f:6f:fd:49:d9:94:fc: f3:12:17:16:35:46:bc:08:03:4f:9c:f4:e2:7b:31:6d:17:b7: 24:67:74:69:19:a2:d7:0e:b6:8b:0b:e0:78:d8:a0:5d:b7:d6: c1:5f:c8:15:86:c0:d9:93:ad:c9:1e:5b:ca:f2:5b:44:06:c5: 49:75:9a:22:1d:0a:75:f0:72:e1:8a:b8:fe:79:b9:24:f7:b7: 7d:0b:bb:25:08:40:69:55:73:a2:05:b6:a6:4a:62:a8:b5:85: 3d:6d:0c:5b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZc59V5/iS3fnGvP+xLUiK6tlNb4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3 OURGRkZEMDAeFw0yNTA2MTUxNjQ1NTBaFw0yNTA2MTgxODUwNTBaMDMxMTAvBgNV BAMTKDc4RDkzNDUzNUEwQzNEQkU2MkNBNzlFQjU3MTc3NDMzQUY0QkE5REQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU6CAKpNPHh2tlIx5/g41CKt6y VZBtOlfA657rKWVpKsq49NpVWAok8t+24y8jI40ozjKrRhJLY5DS32TXkl/T+9tS CPDUyGtD9I7gQLkoyoO/gNK85HZgqlfDzxENoD0OeSyv8AtPqrayx/F0dPEmZZGZ JlIK4bJroQqp4a+YzlvbQg8AvJKV8VkL8Qamq/BBY9IKlrOgzPG4HwNnMYldp5Vd HbtclD/FV2PBJ0OUVjLl4YgYH8qC+APPQ4MsyhtGYHSDfzprZqDwg2AiuvekpXQM YwAopAG0u0+K5B9myV16/WrPTD/cEUdRV18serGhne5ch1dA409b8JY8lz2NAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUeNk0U1oMPb5iynnrVxd0M69Lqd0wHwYDVR0j BBgwFoAUvQynu37hRZehcfGx4+MSennf/9AwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZDdhNzFiYy1mOTEwLTRiOGMtOWNmZi0wODU3ZDVmMmQzN2YvMC9CRDBDQTdCQjdF RTE0NTk3QTE3MUYxQjFFM0UzMTI3QTc5REZGRkQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEyN0E3OURG RkZEMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2Q3YTcxYmMtZjkxMC00YjhjLTlj ZmYtMDg1N2Q1ZjJkMzdmLzAvQkQwQ0E3QkI3RUUxNDU5N0ExNzFGMUIxRTNFMzEy N0E3OURGRkZEMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEL6Ofsp3/T/1pmGGsAZsIJ0v58187jseZbW oqKMkdVoTcy7VQeGAGhizc6SBG9uEaJhXPTaLZzvnHY1YdEcQJU64QAHPMJlAWru MmJK3VtLhEcEH3wwqNxLXeIuEoBJOPMShtMzA24GHhHcs6l3mCB5o1r8t2oZ+Aef fRciYe8CIM9kgAFSP+x0yK7/kyNQAAXI4bWhxHLDRkSIP2/9SdmU/PMSFxY1RrwI A0+c9OJ7MW0XtyRndGkZotcOtosL4HjYoF231sFfyBWGwNmTrckeW8ryW0QGxUl1 miIdCnXwcuGKuP55uST3t30LuyUIQGlVc6IFtqZKYqi1hT1tDFs= -----END CERTIFICATE-----Generated at Mon Jun 16 21:14:21 2025 by rpki-client