$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: ZGZH/X5A6zVqsdNPXR61uiG1eoNohupr0n849MKWoEU= Subject key identifier: C5:91:35:B1:5A:AD:B5:74:A3:EC:1D:52:25:54:9E:23:89:48:9E:13 Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 1643A4AAF49B4539B9F8E50EB6CD157F386F904A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 04F7 Signing time: Tue 05 Aug 2025 00:02:02 +0000 Manifest this update: Mon 04 Aug 2025 23:57:02 +0000 Manifest next update: Fri 08 Aug 2025 10:25:02 +0000 Files and hashes: 1: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: 2DjM7v/IeJUlrxSeU5lNuyNZw6TKGGR3cdmOHmrCRt8=) 2: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) 3: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 4: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) 5: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) 6: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) 7: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) 8: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: WP2a3mqmpHS88/eMPFKKdSw0yMT5X5wgEeVzGMtnjlw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 10:25:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:43:a4:aa:f4:9b:45:39:b9:f8:e5:0e:b6:cd:15:7f:38:6f:90:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Aug 4 23:57:02 2025 GMT Not After : Aug 8 10:25:02 2025 GMT Subject: CN=C59135B15AADB574A3EC1D5225549E2389489E13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:b4:11:0f:15:60:c3:d1:a9:62:20:2d:64:ad: 60:b6:9a:2a:bf:52:77:01:76:a9:b2:db:a8:4b:0d: 25:f1:bb:4e:64:6b:be:35:73:dc:52:93:c6:4c:3e: 45:79:59:b4:cc:10:0a:0d:d9:22:c4:1f:60:3f:9b: 5a:d3:da:9e:94:36:a0:3b:20:c4:e4:25:1e:13:1d: 09:2d:93:35:b5:4d:b0:17:83:e0:f1:8b:0d:fe:57: fd:76:c3:0e:b7:69:75:d8:82:a5:7f:6e:ee:e9:5b: 20:d0:63:c0:23:eb:a3:ea:26:cc:14:c4:30:40:4f: 2b:d9:df:e2:d2:b7:eb:3e:92:3b:7f:4b:2e:7f:48: 2d:c2:9f:e6:b9:34:6f:e9:c5:95:d7:71:69:02:32: 79:3e:ef:9f:d9:fc:df:06:cb:7a:f7:7a:74:f0:66: 6e:b2:1a:43:28:6b:cb:51:c1:f6:0d:67:f4:1d:e5: 66:c0:6b:ff:74:d5:2c:a2:37:fb:92:84:e1:82:24: d5:31:34:38:22:63:0a:01:12:38:7a:f3:bf:67:3f: c0:0f:e1:23:e8:4d:76:46:dd:89:12:c7:ea:b5:60: 0e:a8:47:51:c9:90:c2:f8:ea:66:d0:a0:fc:d3:98: 9f:c3:1b:02:57:54:50:56:b9:67:a8:02:a3:03:00: 89:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:91:35:B1:5A:AD:B5:74:A3:EC:1D:52:25:54:9E:23:89:48:9E:13 X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:70:49:44:d6:26:3c:53:91:25:07:c4:8e:fe:30:f6:15:bf: 15:8f:f8:0c:24:e4:d4:04:0e:3f:01:25:a0:f2:cf:21:92:32: 66:1e:6c:69:ef:e4:6d:7d:86:7a:72:15:de:9a:a6:58:1e:3c: df:c7:e3:6f:39:7d:b8:bf:cc:1a:73:68:27:24:37:64:5d:46: 12:d2:44:b6:83:31:87:b0:09:17:2f:7c:e3:c7:7b:4f:4e:fb: 22:65:e3:a2:5c:eb:7b:af:5d:66:c7:9f:0d:36:d8:c8:ce:86: 6e:5e:fd:82:40:cf:bb:04:10:9d:eb:92:19:6c:af:8e:cc:0a: 63:c3:b2:09:b9:a1:4b:6b:b1:0d:53:c0:50:db:83:cb:e0:13: 6d:bd:56:0e:31:b2:04:d3:a4:39:04:f7:51:3b:1f:c0:e2:b0: a7:2f:a6:df:af:a0:06:06:bb:d5:4f:9f:52:df:fd:4e:8d:6b: 88:23:ff:55:a6:7c:74:ac:f2:ec:4b:66:31:01:19:be:4c:99: 07:ce:b0:50:05:90:96:56:eb:6c:31:03:0b:30:53:c1:d1:99: 71:64:ea:3a:c3:99:fd:1e:14:7d:b9:7c:28:e7:eb:df:f8:2f: 52:9b:85:0a:e7:7f:95:a6:da:a6:a5:6f:0f:c4:87:e1:ba:b6: ed:65:ed:67 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFkOkqvSbRTm5+OUOts0VfzhvkEowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTA4MDQyMzU3MDJaFw0yNTA4MDgxMDI1MDJaMDMxMTAvBgNV BAMTKEM1OTEzNUIxNUFBREI1NzRBM0VDMUQ1MjI1NTQ5RTIzODk0ODlFMTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDntBEPFWDD0aliIC1krWC2miq/ UncBdqmy26hLDSXxu05ka741c9xSk8ZMPkV5WbTMEAoN2SLEH2A/m1rT2p6UNqA7 IMTkJR4THQktkzW1TbAXg+Dxiw3+V/12ww63aXXYgqV/bu7pWyDQY8Aj66PqJswU xDBATyvZ3+LSt+s+kjt/Sy5/SC3Cn+a5NG/pxZXXcWkCMnk+75/Z/N8Gy3r3enTw Zm6yGkMoa8tRwfYNZ/Qd5WbAa/901SyiN/uShOGCJNUxNDgiYwoBEjh6879nP8AP 4SPoTXZG3YkSx+q1YA6oR1HJkML46mbQoPzTmJ/DGwJXVFBWuWeoAqMDAIkPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUxZE1sVqttXSj7B1SJVSeI4lInhMwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKdwSUTWJjxTkSUHxI7+MPYVvxWP+Awk5NQE Dj8BJaDyzyGSMmYebGnv5G19hnpyFd6aplgePN/H4285fbi/zBpzaCckN2RdRhLS RLaDMYewCRcvfOPHe09O+yJl46Jc63uvXWbHnw022MjOhm5e/YJAz7sEEJ3rkhls r47MCmPDsgm5oUtrsQ1TwFDbg8vgE229Vg4xsgTTpDkE91E7H8DisKcvpt+voAYG u9VPn1Lf/U6Na4gj/1WmfHSs8uxLZjEBGb5MmQfOsFAFkJZW62wxAwswU8HRmXFk 6jrDmf0eFH25fCjn69/4L1KbhQrnf5Wm2qalbw/Eh+G6tu1l7Wc= -----END CERTIFICATE-----Generated at Thu Aug 7 04:25:17 2025 by rpki-client