$ rpki-client -vvf repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft File: CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft (raw, json) Hash identifier: DnF6u6GZ9o5rpw0dqEx5CGrmKBsMNnmJLbSYdL+0Vy8= Subject key identifier: 71:EB:7E:B8:F3:E6:6D:6A:55:92:96:54:EB:CE:B0:20:73:2B:81:65 Authority key identifier: CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C Certificate issuer: /CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Certificate serial: 01F1A057144E1C0B8F07724DDE0CD854F4844012 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft Manifest number: 036C Signing time: Wed 06 Aug 2025 11:12:18 +0000 Manifest this update: Wed 06 Aug 2025 11:07:18 +0000 Manifest next update: Sat 09 Aug 2025 21:47:18 +0000 Files and hashes: 1: 323030313a6466303a663730303a3a2f34382d3438203d3e20313339333939.roa (hash: iv2SAjyHSWCSm/Qp+qCzqgF4lXDrzm6Us1pHd8OSMEA=) 2: 3132332e3235332e3234342e302f32322d3234203d3e20313339333939.roa (hash: rNa2on5+DMAnzayjr8XpEII8JqHWgOprf/5TlZrlTb0=) 3: CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl (hash: IV36Ra8mvGCHqBTNSfTJU7JF2xwGue8TtIqQtp28p5A=) 4: 3130332e39312e32382e302f32322d3234203d3e203338343936.roa (hash: fYk1A/6JlSofdoRQTxZ35IGs4jax1F7uqVxTxU6HBk4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 21:47:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:f1:a0:57:14:4e:1c:0b:8f:07:72:4d:de:0c:d8:54:f4:84:40:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Validity Not Before: Aug 6 11:07:18 2025 GMT Not After : Aug 9 21:47:18 2025 GMT Subject: CN=71EB7EB8F3E66D6A55929654EBCEB020732B8165 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:d2:52:55:b9:72:e3:a3:d0:e5:a1:ce:70:42: e1:25:63:e3:f6:90:ab:66:ac:1f:60:93:6a:f2:ae: 6e:d4:b2:12:47:ab:92:cb:9f:29:60:31:e8:04:14: c2:26:2a:a7:e8:4c:45:af:34:37:43:42:95:dc:cc: d4:ec:a2:b1:1c:38:48:c9:64:69:56:4b:9a:c8:8c: c2:65:b5:8d:41:d7:93:31:d6:6c:b0:20:1d:73:33: e2:28:4c:ff:e0:31:12:1c:33:9c:26:c7:f5:05:fa: 76:01:74:63:c3:55:39:c8:e8:4c:48:7b:3f:39:d5: b3:dc:43:19:dc:e6:52:72:b0:0a:47:b7:1a:2f:56: 71:22:1d:03:83:4e:5a:12:17:58:a8:25:97:ee:1e: 1d:fd:a0:a3:95:de:09:68:ed:c5:3e:25:a5:cb:c8: 81:f2:4a:b4:7d:8a:46:d6:98:c5:c7:a0:d7:5e:c7: 39:1d:2b:87:45:81:ae:52:f9:04:8b:91:1b:ad:55: 7b:9a:4f:a4:96:44:24:52:d1:f7:c8:81:4e:f6:71: 00:7e:d7:cf:8d:f9:45:92:8a:b3:d3:10:ed:ce:92: 76:7c:42:3a:50:9b:04:35:c6:5d:6f:08:fb:72:3c: d9:e0:6e:c4:04:f7:45:cd:f6:69:4a:38:f2:f1:a3: da:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:EB:7E:B8:F3:E6:6D:6A:55:92:96:54:EB:CE:B0:20:73:2B:81:65 X509v3 Authority Key Identifier: keyid:CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption af:56:90:d7:f0:df:28:c4:50:6b:c8:e8:d1:d6:dc:5a:41:96: 4a:bf:72:b6:da:8b:35:36:8a:6c:81:74:c2:56:75:b1:8a:8d: b0:49:0b:be:cf:42:0e:22:ce:6c:1b:ef:a6:ef:ac:98:e1:6c: fc:df:88:66:51:d3:18:0f:c2:e1:41:82:36:ca:27:26:cc:05: 04:93:47:51:44:29:a0:e1:b5:54:94:58:42:a6:a7:21:aa:bf: b5:3a:03:af:d4:21:0f:90:74:cd:7f:e6:6c:fe:20:72:e8:eb: e8:56:62:68:03:39:1f:c9:bf:f8:38:b2:7f:16:85:f5:a0:bf: 1a:86:fa:50:f5:6d:48:d0:44:de:62:56:f4:80:04:7c:d2:96: ee:ff:93:b3:6c:ef:53:dc:c2:7d:b7:76:e7:a2:b0:aa:8c:e3: 0e:d3:70:bb:76:16:03:c7:6b:30:e0:96:3d:07:42:8e:29:21: c2:11:9a:9b:bb:03:0b:10:6d:5f:43:be:15:6f:b3:1e:ef:41: 69:ca:5f:a7:1f:51:33:f7:75:98:d0:b8:9b:3a:d4:a1:db:bc: 1c:33:62:e4:2b:22:7c:90:04:1f:7a:82:d7:3c:8b:13:95:67: ab:02:5d:6d:1a:ce:3c:ad:1b:cf:27:80:e2:0b:d8:78:e2:a6: 60:f4:aa:a2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUAfGgVxROHAuPB3JN3gzYVPSEQBIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRD RkQ3RTI2QzAeFw0yNTA4MDYxMTA3MThaFw0yNTA4MDkyMTQ3MThaMDMxMTAvBgNV BAMTKDcxRUI3RUI4RjNFNjZENkE1NTkyOTY1NEVCQ0VCMDIwNzMyQjgxNjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU0lJVuXLjo9Dloc5wQuElY+P2 kKtmrB9gk2ryrm7UshJHq5LLnylgMegEFMImKqfoTEWvNDdDQpXczNTsorEcOEjJ ZGlWS5rIjMJltY1B15Mx1mywIB1zM+IoTP/gMRIcM5wmx/UF+nYBdGPDVTnI6ExI ez851bPcQxnc5lJysApHtxovVnEiHQODTloSF1ioJZfuHh39oKOV3glo7cU+JaXL yIHySrR9ikbWmMXHoNdexzkdK4dFga5S+QSLkRutVXuaT6SWRCRS0ffIgU72cQB+ 18+N+UWSirPTEO3OknZ8QjpQmwQ1xl1vCPtyPNngbsQE90XN9mlKOPLxo9qvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUcet+uPPmbWpVkpZU686wIHMrgWUwHwYDVR0j BBgwFoAUynBPeF6liz9lnm48j3Hi1M/X4mwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NDIxOTg1Yi1hMGU2LTRlMDUtYmVmNi1mZTZmNWE2ZTJmNDMvMC9DQTcwNEY3ODVF QTU4QjNGNjU5RTZFM0M4RjcxRTJENENGRDdFMjZDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRDRkQ3 RTI2Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDQyMTk4NWItYTBlNi00ZTA1LWJl ZjYtZmU2ZjVhNmUyZjQzLzAvQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUy RDRDRkQ3RTI2Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAK9WkNfw3yjEUGvI6NHW3FpBlkq/crbaizU2 imyBdMJWdbGKjbBJC77PQg4izmwb76bvrJjhbPzfiGZR0xgPwuFBgjbKJybMBQST R1FEKaDhtVSUWEKmpyGqv7U6A6/UIQ+QdM1/5mz+IHLo6+hWYmgDOR/Jv/g4sn8W hfWgvxqG+lD1bUjQRN5iVvSABHzSlu7/k7Ns71Pcwn23dueisKqM4w7TcLt2FgPH azDglj0HQo4pIcIRmpu7AwsQbV9DvhVvsx7vQWnKX6cfUTP3dZjQuJs61KHbvBwz YuQrInyQBB96gtc8ixOVZ6sCXW0azjytG88ngOIL2HjipmD0qqI= -----END CERTIFICATE-----Generated at Thu Aug 7 00:27:13 2025 by rpki-client