$ rpki-client -vvf repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.mft File: 749E8F6C5F22D18A70B682F86C65ECD3EA27635C.mft (raw, json) Hash identifier: 6i8Z5FOKk+VcygjZ8G5g/Z5I7loCSsfy+CeMM7g2+HA= Subject key identifier: 63:CF:D3:BE:68:85:2F:16:C1:87:D4:9A:F0:D3:3F:E7:3F:AC:6D:7E Authority key identifier: 74:9E:8F:6C:5F:22:D1:8A:70:B6:82:F8:6C:65:EC:D3:EA:27:63:5C Certificate issuer: /CN=749E8F6C5F22D18A70B682F86C65ECD3EA27635C Certificate serial: 1708CEB1899463D860E3702409E41611EE8473A7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.mft Manifest number: 01CA Signing time: Sun 27 Apr 2025 18:01:51 +0000 Manifest this update: Sun 27 Apr 2025 17:56:51 +0000 Manifest next update: Thu 01 May 2025 03:35:51 +0000 Files and hashes: 1: 3130332e3134392e3137372e302f32342d3234203d3e20313430343433.roa (hash: q3nnfuFQ9fllwu5vaDMWKT58tFIU7r2iWutM+FFs7uM=) 2: 323030313a6466333a333438303a3a2f34382d3438203d3e20313430343433.roa (hash: VaGZ2rtQiVhlvvEqhey8VuIsjUW/H1CymqkYlv2nCyM=) 3: 3130332e3134392e3137362e302f32332d3233203d3e20313430343433.roa (hash: lT4i2I1kp5QXvRWP6Y3CyMWdYfvPbMf8mprwGrOyT/s=) 4: 749E8F6C5F22D18A70B682F86C65ECD3EA27635C.crl (hash: sxLg7DNSqIFuhWEHqq297AEbMqNQwPOm6fOb0bVj8dg=) 5: 3130332e3134392e3137362e302f32342d3234203d3e20313430343433.roa (hash: u/HGXTKlzUVzN3BHvIbNac6O5D491LLOLOhh0HKRChM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.crl rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 01:18:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:08:ce:b1:89:94:63:d8:60:e3:70:24:09:e4:16:11:ee:84:73:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=749E8F6C5F22D18A70B682F86C65ECD3EA27635C Validity Not Before: Apr 27 17:56:51 2025 GMT Not After : May 1 03:35:51 2025 GMT Subject: CN=63CFD3BE68852F16C187D49AF0D33FE73FAC6D7E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:31:4c:00:d6:33:83:04:36:27:e6:01:f3:56: 20:7d:23:00:6a:8d:4b:d5:5d:3e:b7:87:ae:00:bc: aa:83:72:94:26:3a:f4:77:5d:f0:86:3d:3b:81:1b: cd:76:9b:c4:d0:8d:b0:d9:b9:72:4c:7e:52:08:b5: e1:36:e8:6c:30:bc:be:68:6c:8c:e5:63:3b:d8:81: cb:95:99:8c:6b:d7:c4:2d:e8:20:dc:3b:54:4b:88: 0a:48:88:4c:11:ea:67:81:d9:88:d4:3e:59:67:d3: 9b:5f:f9:c3:31:56:9d:15:8f:98:f4:07:3b:25:40: b1:84:a9:1f:1a:fb:1d:b9:68:18:9f:92:28:3c:1d: f8:6b:7b:37:5e:8a:b7:6c:f2:83:5d:ef:82:58:d7: 90:76:6f:62:4b:c6:74:2b:e9:d5:da:9b:a3:32:6f: d0:5e:ed:53:68:3d:7c:5f:65:b7:07:1a:9d:cc:da: 7a:0d:b2:60:7a:68:36:c3:82:f2:aa:da:73:02:93: 1e:74:ed:78:2f:f7:79:74:19:8d:53:65:ed:7f:8e: da:eb:2b:f4:a7:12:1a:7f:60:1b:77:14:e8:51:17: 7c:0b:cc:6e:16:a5:30:92:c5:4f:8e:8f:55:cf:de: 6d:24:23:cf:dd:e3:00:1a:a8:ac:65:73:f4:c2:cb: d1:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:CF:D3:BE:68:85:2F:16:C1:87:D4:9A:F0:D3:3F:E7:3F:AC:6D:7E X509v3 Authority Key Identifier: keyid:74:9E:8F:6C:5F:22:D1:8A:70:B6:82:F8:6C:65:EC:D3:EA:27:63:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:96:5f:e5:af:64:2b:29:04:74:84:67:a9:49:bf:eb:ce:06: dd:98:f3:5f:c6:39:d8:a2:81:62:1b:35:36:e2:95:65:b7:35: c5:e3:03:fa:e5:b2:1f:f5:7a:94:b6:fe:79:92:68:12:ed:37: 58:e4:5e:1d:f7:32:cf:dc:c5:39:80:9b:b3:76:ff:d1:df:4a: 03:b8:2b:ae:87:ba:11:64:65:85:0f:38:1c:34:7d:b3:85:72: e0:89:5e:cd:b8:08:dc:e6:16:15:15:d9:02:b2:ad:58:c7:b4: e7:fc:f6:17:47:6b:74:0f:11:9c:db:b8:41:5e:18:c0:76:a0: fe:87:71:ef:39:c6:34:24:5b:06:9c:b9:8b:df:fa:0f:bc:64: a6:0d:bd:99:39:7f:6c:bf:f6:88:34:fe:c4:9f:b0:a1:86:e7: ff:01:85:b0:a9:7e:4f:33:81:93:21:15:a4:1d:12:90:80:7f: 34:df:ec:cc:c1:3e:f6:9e:6e:4f:40:7a:44:4e:8d:b7:23:01: fa:36:ae:95:20:9a:65:a9:65:4e:a4:84:16:95:8e:9b:c5:f5: 14:9c:ea:1f:d6:c5:d3:2a:9a:7f:de:bf:f9:2d:79:4c:57:bb: ac:f3:eb:c2:39:9f:63:7c:6a:15:1b:40:ce:d8:2b:7f:c4:ec: a6:3b:7d:62 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFwjOsYmUY9hg43AkCeQWEe6Ec6cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzQ5RThGNkM1RjIyRDE4QTcwQjY4MkY4NkM2NUVDRDNF QTI3NjM1QzAeFw0yNTA0MjcxNzU2NTFaFw0yNTA1MDEwMzM1NTFaMDMxMTAvBgNV BAMTKDYzQ0ZEM0JFNjg4NTJGMTZDMTg3RDQ5QUYwRDMzRkU3M0ZBQzZEN0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9MUwA1jODBDYn5gHzViB9IwBq jUvVXT63h64AvKqDcpQmOvR3XfCGPTuBG812m8TQjbDZuXJMflIIteE26GwwvL5o bIzlYzvYgcuVmYxr18Qt6CDcO1RLiApIiEwR6meB2YjUPlln05tf+cMxVp0Vj5j0 BzslQLGEqR8a+x25aBifkig8Hfhrezdeirds8oNd74JY15B2b2JLxnQr6dXam6My b9Be7VNoPXxfZbcHGp3M2noNsmB6aDbDgvKq2nMCkx507Xgv93l0GY1TZe1/jtrr K/SnEhp/YBt3FOhRF3wLzG4WpTCSxU+Oj1XP3m0kI8/d4wAaqKxlc/TCy9GfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUY8/TvmiFLxbBh9Sa8NM/5z+sbX4wHwYDVR0j BBgwFoAUdJ6PbF8i0YpwtoL4bGXs0+onY1wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YWU4ZGIzOC02M2E4LTQxM2MtYTlmNi1jYzIyM2FmYTRhNzUvMC83NDlFOEY2QzVG MjJEMThBNzBCNjgyRjg2QzY1RUNEM0VBMjc2MzVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNzQ5RThGNkM1RjIyRDE4QTcwQjY4MkY4NkM2NUVDRDNFQTI3 NjM1Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGFlOGRiMzgtNjNhOC00MTNjLWE5 ZjYtY2MyMjNhZmE0YTc1LzAvNzQ5RThGNkM1RjIyRDE4QTcwQjY4MkY4NkM2NUVD RDNFQTI3NjM1Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJGWX+WvZCspBHSEZ6lJv+vOBt2Y81/GOdii gWIbNTbilWW3NcXjA/rlsh/1epS2/nmSaBLtN1jkXh33Ms/cxTmAm7N2/9HfSgO4 K66HuhFkZYUPOBw0fbOFcuCJXs24CNzmFhUV2QKyrVjHtOf89hdHa3QPEZzbuEFe GMB2oP6Hce85xjQkWwacuYvf+g+8ZKYNvZk5f2y/9og0/sSfsKGG5/8BhbCpfk8z gZMhFaQdEpCAfzTf7MzBPvaebk9AekROjbcjAfo2rpUgmmWpZU6khBaVjpvF9RSc 6h/WxdMqmn/ev/kteUxXu6zz68I5n2N8ahUbQM7YK3/E7KY7fWI= -----END CERTIFICATE-----Generated at Sun Apr 27 21:32:44 2025 by rpki-client