$ rpki-client -vvf repo-rpki.idnic.net/repo/4b388f6e-9974-4457-af4b-5c9c82f50e97/0/3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67.mft File: 3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67.mft (raw, json) Hash identifier: cA6Zs8siUdzaPB7qHwdsbwdHwT9vPN7pP+kn87zD+8I= Subject key identifier: 34:0F:20:B0:29:53:D1:0A:4E:16:2A:F5:23:CE:86:FE:D6:99:3F:58 Authority key identifier: 3A:5E:DA:CC:61:BD:7D:05:EB:D4:24:BB:DB:F5:1D:4C:50:85:2A:67 Certificate issuer: /CN=3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67 Certificate serial: 5FEA3A979ECB039F033F3A61F4AB562CBE60A177 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4b388f6e-9974-4457-af4b-5c9c82f50e97/0/3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67.mft Manifest number: 012B Signing time: Mon 28 Apr 2025 22:00:58 +0000 Manifest this update: Mon 28 Apr 2025 21:55:58 +0000 Manifest next update: Fri 02 May 2025 05:51:58 +0000 Files and hashes: 1: 3130332e3232372e3138362e302f32342d3234203d3e20313432333730.roa (hash: 5H4JKwnq4oresa7MkpV7TriW3ivumi6N3jRxijZ21Fs=) 2: 3130332e3232372e3138372e302f32342d3234203d3e20313432333730.roa (hash: Lyic6tpyx8dE3BSp7Wiu55L5Zbno6Dp9EUOJ8PKwjfM=) 3: 3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67.crl (hash: ewQd8NjUTAV7zGuNfVan+Wf+vz6yol2TYqkisj22RE8=) 4: 3130332e3232372e3138362e302f32332d3233203d3e20313432333730.roa (hash: ndDFlzQ0IuA3S69ND6C8Jsle8tJZdiO7+mspElCpg00=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4b388f6e-9974-4457-af4b-5c9c82f50e97/0/3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67.crl rsync://repo-rpki.idnic.net/repo/4b388f6e-9974-4457-af4b-5c9c82f50e97/0/3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:51:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:ea:3a:97:9e:cb:03:9f:03:3f:3a:61:f4:ab:56:2c:be:60:a1:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67 Validity Not Before: Apr 28 21:55:58 2025 GMT Not After : May 2 05:51:58 2025 GMT Subject: CN=340F20B02953D10A4E162AF523CE86FED6993F58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:b8:9c:75:36:e3:79:b1:b5:a9:76:c6:b9:a9: 4c:a8:b5:ec:a2:82:8a:e9:b2:25:fa:0d:4d:9d:06: 0f:06:92:54:98:a9:9c:ee:62:b2:61:ed:64:69:e6: f0:d7:2f:6b:9b:80:58:78:ed:69:6f:c9:a9:35:5a: 26:1b:43:ec:14:08:3f:df:23:37:c2:88:d1:a6:e5: 17:2c:dd:f2:ad:70:e4:6d:40:6e:80:78:4b:23:90: a8:bb:ae:08:e5:d8:c0:3e:f7:2d:ae:3a:9e:5c:b5: 42:24:5b:ac:e8:26:4b:23:a4:c0:a9:5e:f2:c4:8d: e0:54:d5:b2:27:2d:63:2b:ec:ef:68:a8:57:0c:68: 5e:7c:45:2a:b5:68:65:6a:9e:27:56:9f:01:f3:c5: 2f:8b:dd:5b:12:19:3b:56:dc:97:06:fd:23:92:35: 19:08:f9:7f:00:f0:a9:e7:ad:5a:74:67:9e:90:fd: db:b5:aa:ae:b8:16:ce:26:9b:e3:6d:a3:7d:b7:dc: 40:76:8c:0a:d7:25:04:cc:ff:b1:7a:a2:67:09:25: aa:5e:c8:ad:c5:ec:80:93:c5:2d:63:73:cc:92:53: c6:5c:41:78:0d:89:c1:f0:fa:4c:86:f1:02:99:ed: 12:f0:df:44:85:ea:09:86:19:8e:8e:49:3e:bc:60: 81:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:0F:20:B0:29:53:D1:0A:4E:16:2A:F5:23:CE:86:FE:D6:99:3F:58 X509v3 Authority Key Identifier: keyid:3A:5E:DA:CC:61:BD:7D:05:EB:D4:24:BB:DB:F5:1D:4C:50:85:2A:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4b388f6e-9974-4457-af4b-5c9c82f50e97/0/3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4b388f6e-9974-4457-af4b-5c9c82f50e97/0/3A5EDACC61BD7D05EBD424BBDBF51D4C50852A67.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:d7:a8:25:ba:f0:84:3d:cb:f2:d4:c8:8c:2b:8b:fe:7f:a5: 73:9f:05:df:8a:5d:32:44:a9:86:ec:91:7d:b4:d2:9f:72:f8: 46:c8:6e:41:f3:d6:72:63:34:b9:bb:fa:2b:25:b6:05:e5:49: 76:0e:20:2a:16:2d:1a:fe:ea:b6:f5:5c:74:25:c8:eb:63:74: c6:e1:5b:ac:f8:ad:4f:15:b2:28:84:93:32:39:0e:60:f8:91: e0:fb:3d:54:14:f6:f5:fe:13:72:25:9a:fd:7e:88:23:4f:20: 5b:67:4e:5a:71:21:5c:2f:c5:89:9d:52:eb:ce:41:12:72:79: b4:37:1b:98:66:f6:2e:e7:c9:e1:12:25:f4:7a:9e:e8:64:09: e2:f5:f6:07:c0:8e:77:95:e0:0c:e6:c8:d5:60:42:c0:e8:e4: d7:12:c4:ec:3d:ab:6a:64:c5:38:7c:7e:ac:bd:00:b1:4f:f6: 41:2d:8d:52:66:33:eb:bc:b3:55:e7:ca:29:17:cb:0f:64:47: 81:b5:5a:c9:b2:a0:79:2f:f7:2e:e5:30:4c:60:61:97:3b:f5: 96:9f:40:cb:e0:a6:15:12:13:b0:eb:bd:6f:d0:92:f0:88:a5: 67:09:09:ba:2e:18:16:70:55:86:ae:59:d1:99:02:da:64:b7: 65:44:6b:20 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUX+o6l57LA58DPzph9KtWLL5goXcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0E1RURBQ0M2MUJEN0QwNUVCRDQyNEJCREJGNTFENEM1 MDg1MkE2NzAeFw0yNTA0MjgyMTU1NThaFw0yNTA1MDIwNTUxNThaMDMxMTAvBgNV BAMTKDM0MEYyMEIwMjk1M0QxMEE0RTE2MkFGNTIzQ0U4NkZFRDY5OTNGNTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBuJx1NuN5sbWpdsa5qUyoteyi gorpsiX6DU2dBg8GklSYqZzuYrJh7WRp5vDXL2ubgFh47Wlvyak1WiYbQ+wUCD/f IzfCiNGm5Rcs3fKtcORtQG6AeEsjkKi7rgjl2MA+9y2uOp5ctUIkW6zoJksjpMCp XvLEjeBU1bInLWMr7O9oqFcMaF58RSq1aGVqnidWnwHzxS+L3VsSGTtW3JcG/SOS NRkI+X8A8KnnrVp0Z56Q/du1qq64Fs4mm+Nto3233EB2jArXJQTM/7F6omcJJape yK3F7ICTxS1jc8ySU8ZcQXgNicHw+kyG8QKZ7RLw30SF6gmGGY6OST68YIGdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUNA8gsClT0QpOFir1I86G/taZP1gwHwYDVR0j BBgwFoAUOl7azGG9fQXr1CS72/UdTFCFKmcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YjM4OGY2ZS05OTc0LTQ0NTctYWY0Yi01YzljODJmNTBlOTcvMC8zQTVFREFDQzYx QkQ3RDA1RUJENDI0QkJEQkY1MUQ0QzUwODUyQTY3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0E1RURBQ0M2MUJEN0QwNUVCRDQyNEJCREJGNTFENEM1MDg1 MkE2Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGIzODhmNmUtOTk3NC00NDU3LWFm NGItNWM5YzgyZjUwZTk3LzAvM0E1RURBQ0M2MUJEN0QwNUVCRDQyNEJCREJGNTFE NEM1MDg1MkE2Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACvXqCW68IQ9y/LUyIwri/5/pXOfBd+KXTJE qYbskX200p9y+EbIbkHz1nJjNLm7+isltgXlSXYOICoWLRr+6rb1XHQlyOtjdMbh W6z4rU8VsiiEkzI5DmD4keD7PVQU9vX+E3Ilmv1+iCNPIFtnTlpxIVwvxYmdUuvO QRJyebQ3G5hm9i7nyeESJfR6nuhkCeL19gfAjneV4AzmyNVgQsDo5NcSxOw9q2pk xTh8fqy9ALFP9kEtjVJmM+u8s1XnyikXyw9kR4G1WsmyoHkv9y7lMExgYZc79Zaf QMvgphUSE7DrvW/QkvCIpWcJCbouGBZwVYauWdGZAtpkt2VEayA= -----END CERTIFICATE-----Generated at Wed Apr 30 08:31:12 2025 by rpki-client