$ rpki-client -vvf repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft File: 8CFA88063D5C0A51C1D737A5170338865A245358.mft (raw, json) Hash identifier: N0TQaFjZHC/WNK02RmCdJvkJ7CXk4jeTthy4WbYXXhE= Subject key identifier: 31:C4:69:7A:E1:CF:5A:28:5D:98:39:E4:00:29:67:D0:FD:AE:08:1D Authority key identifier: 8C:FA:88:06:3D:5C:0A:51:C1:D7:37:A5:17:03:38:86:5A:24:53:58 Certificate issuer: /CN=8CFA88063D5C0A51C1D737A5170338865A245358 Certificate serial: 5479B39822D2C0001E21F2FEF4700A5CF0B8CE5A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CFA88063D5C0A51C1D737A5170338865A245358.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft Manifest number: 04E2 Signing time: Fri 20 Jun 2025 07:51:48 +0000 Manifest this update: Fri 20 Jun 2025 07:46:48 +0000 Manifest next update: Mon 23 Jun 2025 15:24:48 +0000 Files and hashes: 1: 8CFA88063D5C0A51C1D737A5170338865A245358.crl (hash: jG1JILTiw/9cnCzVbzpYPLeXPyH9zcbf0zWXKHzNmyw=) 2: 3130332e3132362e3230302e302f32322d3232203d3e20313338313133.roa (hash: iKqR4sdrDvQYzAbaXB9On/A/Jy5fdaFvtV4f3tabdnk=) 3: 3130332e3132362e3230302e302f32332d3233203d3e20313338313133.roa (hash: OX5qJy0ELn8OIpv9cwcHP0OwwrzKVk8H6b2UKzBtyEg=) 4: 323430343a313034303a3a2f33322d3332203d3e20313338313133.roa (hash: IwOy6L011wgRp4Z43jUYFVOd/TCfuz6IilpFz+BTytc=) 5: 3130332e3132362e3230322e302f32332d3233203d3e20313338313133.roa (hash: x7tsLph+/FB0QeKJjGm8RZPvo26S0bN0rsI7VAab3d8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.crl rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CFA88063D5C0A51C1D737A5170338865A245358.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 15:24:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:79:b3:98:22:d2:c0:00:1e:21:f2:fe:f4:70:0a:5c:f0:b8:ce:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8CFA88063D5C0A51C1D737A5170338865A245358 Validity Not Before: Jun 20 07:46:48 2025 GMT Not After : Jun 23 15:24:48 2025 GMT Subject: CN=31C4697AE1CF5A285D9839E4002967D0FDAE081D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:cb:ac:04:2e:db:62:ff:48:ce:85:c0:00:e7: f7:35:d4:b3:b6:60:1b:54:37:4c:15:43:36:fb:46: b3:c1:f0:51:6b:9d:60:70:d1:e7:36:53:53:ea:da: fb:3d:9d:ea:4c:90:54:59:ed:de:ba:d0:7a:4a:2e: ee:40:26:75:a7:f1:70:53:d1:59:94:48:c6:59:ba: 04:e4:f6:9c:bd:25:ac:78:cd:25:0a:b1:c5:37:1e: 3d:ba:32:39:d1:a6:09:cb:6f:a6:01:d7:0e:77:7e: f1:61:01:40:43:57:87:a2:92:43:44:70:7f:76:05: 0d:44:e6:dc:c4:03:05:3f:42:d1:c6:ba:91:99:04: 91:74:ac:b4:d8:0c:1c:86:f5:1f:a4:56:a0:17:eb: 84:94:c9:a5:fd:3a:77:f8:58:86:68:d2:b3:a9:e2: 19:3f:98:3e:99:83:8a:0f:22:9f:86:62:d7:02:28: 73:24:00:9c:54:92:03:7d:05:37:42:be:2b:74:fe: 42:ce:ab:b8:fc:c0:a8:a6:86:c2:ab:53:00:31:f9: b9:f4:73:a5:da:1a:f9:76:43:56:71:f7:c5:a4:b3: d1:8f:ae:4a:d5:00:93:fe:99:a4:b4:ba:04:02:91: f1:06:15:b1:0d:83:66:77:be:43:d1:98:63:22:f0: dc:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:C4:69:7A:E1:CF:5A:28:5D:98:39:E4:00:29:67:D0:FD:AE:08:1D X509v3 Authority Key Identifier: keyid:8C:FA:88:06:3D:5C:0A:51:C1:D7:37:A5:17:03:38:86:5A:24:53:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CFA88063D5C0A51C1D737A5170338865A245358.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8a2e5b69-adbd-4e2d-847d-374815581d86/0/8CFA88063D5C0A51C1D737A5170338865A245358.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:c0:61:a2:02:09:e4:86:af:09:27:b0:16:ff:92:34:b0:61: 2b:71:44:ee:b9:7f:b3:e4:92:50:88:ba:61:a1:57:d3:9d:b2: de:f5:2d:18:0e:c4:4e:4c:ed:4d:38:c2:72:41:9f:8d:c5:a1: fc:4d:44:04:0c:99:83:31:fe:2a:6e:bf:19:a8:15:7c:e5:85: e5:c4:67:d1:31:fe:60:5f:91:ae:68:4b:b9:19:14:66:ae:ac: 7f:70:e9:e7:85:78:8c:88:13:54:47:fc:5c:9b:8e:98:7c:cc: cf:4b:02:e7:de:01:30:36:12:11:b1:c6:59:db:f6:66:38:cb: ac:c9:93:c3:33:3e:6d:35:de:4d:e9:2f:71:51:e9:8b:cc:33: e4:7a:47:e9:66:4e:46:63:0a:62:f5:1a:e5:e9:f8:1b:3f:ab: 25:d9:e9:92:c5:3f:53:0c:16:6c:d3:b9:31:48:33:1c:2b:ac: b8:c9:60:87:05:07:90:07:8a:c9:c0:0b:13:ba:83:15:c9:c8: 40:24:de:b2:ce:6d:f7:47:12:28:c1:b3:60:8a:95:d0:91:2c: e3:88:59:5f:51:84:64:c1:08:02:e6:4b:5f:5d:08:9f:ee:42: 3b:2f:ad:01:e0:b4:3e:c2:06:74:b2:d5:7e:e8:dd:a5:9a:d2: b4:6d:f3:de -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUVHmzmCLSwAAeIfL+9HAKXPC4zlowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOENGQTg4MDYzRDVDMEE1MUMxRDczN0E1MTcwMzM4ODY1 QTI0NTM1ODAeFw0yNTA2MjAwNzQ2NDhaFw0yNTA2MjMxNTI0NDhaMDMxMTAvBgNV BAMTKDMxQzQ2OTdBRTFDRjVBMjg1RDk4MzlFNDAwMjk2N0QwRkRBRTA4MUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/y6wELtti/0jOhcAA5/c11LO2 YBtUN0wVQzb7RrPB8FFrnWBw0ec2U1Pq2vs9nepMkFRZ7d660HpKLu5AJnWn8XBT 0VmUSMZZugTk9py9Jax4zSUKscU3Hj26MjnRpgnLb6YB1w53fvFhAUBDV4eikkNE cH92BQ1E5tzEAwU/QtHGupGZBJF0rLTYDByG9R+kVqAX64SUyaX9Onf4WIZo0rOp 4hk/mD6Zg4oPIp+GYtcCKHMkAJxUkgN9BTdCvit0/kLOq7j8wKimhsKrUwAx+bn0 c6XaGvl2Q1Zx98Wks9GPrkrVAJP+maS0ugQCkfEGFbENg2Z3vkPRmGMi8Nx1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMcRpeuHPWihdmDnkACln0P2uCB0wHwYDVR0j BBgwFoAUjPqIBj1cClHB1zelFwM4hlokU1gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YTJlNWI2OS1hZGJkLTRlMmQtODQ3ZC0zNzQ4MTU1ODFkODYvMC84Q0ZBODgwNjNE NUMwQTUxQzFENzM3QTUxNzAzMzg4NjVBMjQ1MzU4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOENGQTg4MDYzRDVDMEE1MUMxRDczN0E1MTcwMzM4ODY1QTI0 NTM1OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGEyZTViNjktYWRiZC00ZTJkLTg0 N2QtMzc0ODE1NTgxZDg2LzAvOENGQTg4MDYzRDVDMEE1MUMxRDczN0E1MTcwMzM4 ODY1QTI0NTM1OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAG/AYaICCeSGrwknsBb/kjSwYStxRO65f7Pk klCIumGhV9Odst71LRgOxE5M7U04wnJBn43FofxNRAQMmYMx/ipuvxmoFXzlheXE Z9Ex/mBfka5oS7kZFGaurH9w6eeFeIyIE1RH/Fybjph8zM9LAufeATA2EhGxxlnb 9mY4y6zJk8MzPm013k3pL3FR6YvMM+R6R+lmTkZjCmL1GuXp+Bs/qyXZ6ZLFP1MM FmzTuTFIMxwrrLjJYIcFB5AHisnACxO6gxXJyEAk3rLObfdHEijBs2CKldCRLOOI WV9RhGTBCALmS19dCJ/uQjsvrQHgtD7CBnSy1X7o3aWa0rRt894= -----END CERTIFICATE-----Generated at Sat Jun 21 09:13:17 2025 by rpki-client