$ rpki-client -vvf repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft File: CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft (raw, json) Hash identifier: AqTsEj4cLzPzeM+SyEEwPXwhjai64emT2RsWpCao3I4= Subject key identifier: 85:D2:71:A5:48:93:72:8F:66:83:56:1F:1F:A0:30:B9:2F:6E:78:3D Authority key identifier: CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C Certificate issuer: /CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Certificate serial: 5EDA83264BA51C0B8CC47D172B794B08DE281313 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft Manifest number: 033F Signing time: Mon 28 Apr 2025 08:12:13 +0000 Manifest this update: Mon 28 Apr 2025 08:07:13 +0000 Manifest next update: Thu 01 May 2025 08:43:13 +0000 Files and hashes: 1: CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl (hash: istFfelymrm7LtQtw9MmLfPtcUwgvQ5f2hz3p9/6thU=) 2: 3132332e3235332e3234342e302f32322d3234203d3e20313339333939.roa (hash: rNa2on5+DMAnzayjr8XpEII8JqHWgOprf/5TlZrlTb0=) 3: 3130332e39312e32382e302f32322d3234203d3e203338343936.roa (hash: fYk1A/6JlSofdoRQTxZ35IGs4jax1F7uqVxTxU6HBk4=) 4: 323030313a6466303a663730303a3a2f34382d3438203d3e20313339333939.roa (hash: iv2SAjyHSWCSm/Qp+qCzqgF4lXDrzm6Us1pHd8OSMEA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 08:43:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:da:83:26:4b:a5:1c:0b:8c:c4:7d:17:2b:79:4b:08:de:28:13:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Validity Not Before: Apr 28 08:07:13 2025 GMT Not After : May 1 08:43:13 2025 GMT Subject: CN=85D271A54893728F6683561F1FA030B92F6E783D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:37:5b:32:e9:d4:fd:b8:10:48:4e:db:9a:b9: c1:cc:8a:7a:24:43:1e:bb:10:2a:cc:26:81:d2:ce: f4:3a:d0:ea:d9:34:86:47:91:6b:7c:e3:7d:73:58: ed:41:3d:3f:71:36:a5:c6:4f:b2:f2:6f:50:5d:f6: 0e:cc:fd:e0:10:e9:91:e5:9b:43:d7:21:66:c5:bb: dd:51:6b:bd:c5:7a:3b:cf:46:4e:49:7f:e6:8e:e4: ff:ee:a2:c5:bf:80:5c:a7:85:e8:ef:71:4f:f2:0a: e9:c1:10:af:d6:c2:54:bf:cb:da:5e:d5:81:e4:b0: c3:bd:59:a9:23:dd:4d:4c:83:71:d9:70:5e:62:3d: fd:6d:fb:1e:8e:68:51:a2:3d:be:84:65:b6:04:6e: 6c:87:4c:03:28:6f:57:8b:f4:64:a4:a3:f7:fa:2e: 68:20:e5:c2:cc:d3:ac:fe:a9:87:0f:70:b3:57:1f: 98:65:05:79:75:a3:00:36:9d:38:c1:f0:9d:c2:ca: 6d:ae:dd:b9:84:a0:13:6d:2f:13:4e:dd:59:70:24: 2c:de:a2:8b:4a:da:42:b2:db:51:fc:06:6b:4a:89: 29:bc:72:81:3b:22:97:54:18:13:2f:9a:e4:c9:0a: 89:62:30:3b:ea:5f:14:5a:6e:f3:3c:09:45:f9:d9: ad:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:D2:71:A5:48:93:72:8F:66:83:56:1F:1F:A0:30:B9:2F:6E:78:3D X509v3 Authority Key Identifier: keyid:CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:75:64:cc:0b:c1:e3:69:f1:99:7a:69:5a:72:7a:19:82:2a: 1b:af:3a:06:f7:2c:bd:bb:85:fa:28:a8:2f:5c:56:77:95:78: 79:cb:77:61:e3:34:fd:19:75:43:86:7d:01:c2:f0:5d:7a:8f: 72:06:d4:f9:2a:83:d3:9c:54:30:6a:36:db:a7:42:2d:db:15: 3d:ed:e5:cd:9b:a6:cd:6c:ac:a5:f6:7f:02:e0:44:eb:ea:c5: 85:eb:61:57:66:88:37:3f:25:bf:6b:84:1f:33:6f:f7:a2:87: 97:fc:c2:25:ff:56:15:e5:f8:33:81:26:ce:40:5f:9c:86:1a: cc:84:2f:97:24:9f:2c:5f:f4:f1:1e:c0:ca:f6:2b:04:34:61: a6:ba:27:c9:88:7c:2e:b5:17:84:3c:0b:63:80:36:9a:59:3e: 3d:59:2a:e8:5a:4e:15:f6:94:fb:fa:f1:06:31:0a:90:64:67: e8:ac:7c:1a:de:2d:f7:b0:d7:3a:a4:06:fd:46:f0:71:fe:91: aa:48:7a:38:2e:53:e1:8f:2a:5f:8f:a2:10:6e:de:f2:a9:e7: 21:b2:c5:c1:d7:8e:e4:14:d0:24:f2:e4:e1:0c:e1:0d:1e:91: 65:0e:4d:7f:63:f1:4b:72:5b:2a:ed:d5:e7:69:54:2c:a8:f5: 36:c2:26:a8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXtqDJkulHAuMxH0XK3lLCN4oExMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRD RkQ3RTI2QzAeFw0yNTA0MjgwODA3MTNaFw0yNTA1MDEwODQzMTNaMDMxMTAvBgNV BAMTKDg1RDI3MUE1NDg5MzcyOEY2NjgzNTYxRjFGQTAzMEI5MkY2RTc4M0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJN1sy6dT9uBBITtuaucHMinok Qx67ECrMJoHSzvQ60OrZNIZHkWt8431zWO1BPT9xNqXGT7Lyb1Bd9g7M/eAQ6ZHl m0PXIWbFu91Ra73FejvPRk5Jf+aO5P/uosW/gFynhejvcU/yCunBEK/WwlS/y9pe 1YHksMO9Wakj3U1Mg3HZcF5iPf1t+x6OaFGiPb6EZbYEbmyHTAMob1eL9GSko/f6 Lmgg5cLM06z+qYcPcLNXH5hlBXl1owA2nTjB8J3Cym2u3bmEoBNtLxNO3VlwJCze ootK2kKy21H8BmtKiSm8coE7IpdUGBMvmuTJColiMDvqXxRabvM8CUX52a0RAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhdJxpUiTco9mg1YfH6AwuS9ueD0wHwYDVR0j BBgwFoAUynBPeF6liz9lnm48j3Hi1M/X4mwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NDIxOTg1Yi1hMGU2LTRlMDUtYmVmNi1mZTZmNWE2ZTJmNDMvMC9DQTcwNEY3ODVF QTU4QjNGNjU5RTZFM0M4RjcxRTJENENGRDdFMjZDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRDRkQ3 RTI2Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDQyMTk4NWItYTBlNi00ZTA1LWJl ZjYtZmU2ZjVhNmUyZjQzLzAvQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUy RDRDRkQ3RTI2Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKh1ZMwLweNp8Zl6aVpyehmCKhuvOgb3LL27 hfooqC9cVneVeHnLd2HjNP0ZdUOGfQHC8F16j3IG1Pkqg9OcVDBqNtunQi3bFT3t 5c2bps1srKX2fwLgROvqxYXrYVdmiDc/Jb9rhB8zb/eih5f8wiX/VhXl+DOBJs5A X5yGGsyEL5cknyxf9PEewMr2KwQ0Yaa6J8mIfC61F4Q8C2OANppZPj1ZKuhaThX2 lPv68QYxCpBkZ+isfBreLfew1zqkBv1G8HH+kapIejguU+GPKl+PohBu3vKp5yGy xcHXjuQU0CTy5OEM4Q0ekWUOTX9j8UtyWyrt1edpVCyo9TbCJqg= -----END CERTIFICATE-----Generated at Wed Apr 30 05:24:25 2025 by rpki-client