$ rpki-client -vvf repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft File: D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft (raw, json) Hash identifier: fWK8oao6ATigSvM0/Kl8ux++ihgN8/wgxhMc8JrLaOw= Subject key identifier: 87:27:53:F8:F9:BC:83:88:11:CA:C8:35:99:5B:1B:12:D0:0F:62:0B Authority key identifier: D0:FF:6F:09:3D:0D:EA:FB:5C:B4:2A:93:43:3F:A2:39:C9:03:EA:C0 Certificate issuer: /CN=D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0 Certificate serial: 5C2D3D3635CA3EDF8D7D29F766A1BE9B7C6DE8BB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft Manifest number: 01C5 Signing time: Sat 26 Apr 2025 13:01:48 +0000 Manifest this update: Sat 26 Apr 2025 12:56:48 +0000 Manifest next update: Tue 29 Apr 2025 13:23:48 +0000 Files and hashes: 1: D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.crl (hash: SEuT9GeRz/f/eHItoiMFwJcHyQv3VZ8Cf08yvO2GK5o=) 2: 3130332e3136312e3230322e302f32332d3234203d3e203338333230.roa (hash: BdsS4s7jPHig7lZYR1kjJB8vTutisx05tJ8qnuC/vHI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.crl rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Apr 2025 13:23:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:2d:3d:36:35:ca:3e:df:8d:7d:29:f7:66:a1:be:9b:7c:6d:e8:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0 Validity Not Before: Apr 26 12:56:48 2025 GMT Not After : Apr 29 13:23:48 2025 GMT Subject: CN=872753F8F9BC838811CAC835995B1B12D00F620B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:fa:de:d1:aa:30:83:34:7b:ee:53:5c:93:a2: 93:54:fc:9f:ab:a3:a7:4b:db:5a:45:64:e8:f4:ba: e3:ab:5c:7c:94:7c:5f:5f:1e:e3:29:cc:84:75:be: e5:23:97:c2:01:88:e6:ee:7d:96:9c:d8:bb:58:f5: 84:16:10:77:27:38:6a:85:a8:b1:61:22:df:bc:48: fe:cf:27:d7:9e:e3:44:23:64:4f:2e:77:be:9c:f7: f3:a9:ee:db:d9:62:09:88:77:05:11:29:8f:6e:8d: c9:a7:44:cf:6a:93:07:bb:58:d7:fb:ac:12:be:c7: 62:b1:c5:7c:7d:5e:a3:ed:cf:3c:e8:05:d8:f4:c1: 75:d5:9c:6a:12:93:c9:57:df:1e:8d:5b:55:ce:3d: 60:16:e2:c6:e4:41:d4:99:39:24:e1:7a:0e:a9:c1: 01:cd:a5:0c:ac:02:06:13:1c:3b:f0:0a:0b:1c:99: 13:78:69:0e:bd:ec:33:02:36:95:c5:58:22:3e:e8: c2:a7:fc:83:eb:db:1f:9f:ef:48:91:12:c6:69:aa: 9b:d7:40:ae:fb:6b:4b:e3:aa:c4:f1:87:68:63:13: f3:a8:07:47:78:0d:1a:b2:b5:e3:01:96:94:9a:59: 1d:a7:b6:6a:7f:3e:e2:f4:bc:83:ae:d7:06:01:f2: 14:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:27:53:F8:F9:BC:83:88:11:CA:C8:35:99:5B:1B:12:D0:0F:62:0B X509v3 Authority Key Identifier: keyid:D0:FF:6F:09:3D:0D:EA:FB:5C:B4:2A:93:43:3F:A2:39:C9:03:EA:C0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:8e:38:33:c2:7a:b5:0f:bc:f9:2e:28:41:c0:a6:51:1c:10: 58:3f:85:d1:ac:64:f5:e5:5c:aa:24:b8:90:47:91:15:4f:86: e8:4c:af:24:b9:89:13:65:8d:64:68:80:56:f1:e5:ce:46:7a: 0e:27:ec:a7:41:20:1a:0b:f2:8c:fb:4e:bc:5e:5a:5b:88:a8: 1e:3e:bc:98:5a:a4:bd:01:6a:8b:db:bb:1e:7b:e6:ec:a8:74: 80:88:3b:55:9c:53:b3:49:0b:af:34:cf:28:a8:0f:49:01:5a: 56:e0:fa:8b:a7:31:dc:d0:48:78:69:28:55:fd:e4:d3:be:90: 9d:8e:8e:1a:be:df:22:ec:04:a4:40:63:bf:2b:dc:8c:4d:38: 66:19:70:fc:f6:fa:7d:d7:da:1f:c8:15:43:ed:37:1f:27:7f: 78:e3:e6:89:68:e9:7f:52:20:5c:d2:b8:b5:ce:7e:8d:7b:72: 61:4b:42:1e:43:66:42:ef:46:26:21:4c:4b:81:a2:7b:4f:96: e8:18:c3:d1:79:30:26:e0:00:cf:d1:ae:64:30:a6:ee:64:c3: f3:1a:b7:f7:72:5c:8a:9d:c7:f3:f1:f7:89:1e:e2:63:9a:13: 71:fb:56:8a:ff:a0:72:33:0b:ad:b7:29:27:ad:ff:c1:3b:05: 57:88:c7:ba -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXC09NjXKPt+NfSn3ZqG+m3xt6LswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDBGRjZGMDkzRDBERUFGQjVDQjQyQTkzNDMzRkEyMzlD OTAzRUFDMDAeFw0yNTA0MjYxMjU2NDhaFw0yNTA0MjkxMzIzNDhaMDMxMTAvBgNV BAMTKDg3Mjc1M0Y4RjlCQzgzODgxMUNBQzgzNTk5NUIxQjEyRDAwRjYyMEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX+t7RqjCDNHvuU1yTopNU/J+r o6dL21pFZOj0uuOrXHyUfF9fHuMpzIR1vuUjl8IBiObufZac2LtY9YQWEHcnOGqF qLFhIt+8SP7PJ9ee40QjZE8ud76c9/Op7tvZYgmIdwURKY9ujcmnRM9qkwe7WNf7 rBK+x2KxxXx9XqPtzzzoBdj0wXXVnGoSk8lX3x6NW1XOPWAW4sbkQdSZOSTheg6p wQHNpQysAgYTHDvwCgscmRN4aQ697DMCNpXFWCI+6MKn/IPr2x+f70iREsZpqpvX QK77a0vjqsTxh2hjE/OoB0d4DRqyteMBlpSaWR2ntmp/PuL0vIOu1wYB8hRhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhydT+Pm8g4gRysg1mVsbEtAPYgswHwYDVR0j BBgwFoAU0P9vCT0N6vtctCqTQz+iOckD6sAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 N2Y5ZjU2Mi03MjkyLTQ0ZjEtOGUyYy00NDBhMDUzMWMzOTYvMC9EMEZGNkYwOTNE MERFQUZCNUNCNDJBOTM0MzNGQTIzOUM5MDNFQUMwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDBGRjZGMDkzRDBERUFGQjVDQjQyQTkzNDMzRkEyMzlDOTAz RUFDMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNjdmOWY1NjItNzI5Mi00NGYxLThl MmMtNDQwYTA1MzFjMzk2LzAvRDBGRjZGMDkzRDBERUFGQjVDQjQyQTkzNDMzRkEy MzlDOTAzRUFDMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAC+OODPCerUPvPkuKEHAplEcEFg/hdGsZPXl XKokuJBHkRVPhuhMryS5iRNljWRogFbx5c5Geg4n7KdBIBoL8oz7TrxeWluIqB4+ vJhapL0Baovbux575uyodICIO1WcU7NJC680zyioD0kBWlbg+ounMdzQSHhpKFX9 5NO+kJ2Ojhq+3yLsBKRAY78r3IxNOGYZcPz2+n3X2h/IFUPtNx8nf3jj5olo6X9S IFzSuLXOfo17cmFLQh5DZkLvRiYhTEuBontPlugYw9F5MCbgAM/RrmQwpu5kw/Ma t/dyXIqdx/Px94ke4mOaE3H7Vor/oHIzC623KSet/8E7BVeIx7o= -----END CERTIFICATE-----Generated at Sun Apr 27 22:23:23 2025 by rpki-client