$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: tXl6QW2+U9GnyzgxdP14BFVscd3Mb7v7tkLaKlwbmBg= Subject key identifier: D2:2D:EC:68:F9:58:8F:2F:18:69:2F:C7:A2:79:4C:BD:56:28:D0:A7 Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 3F1395DC46DF2A89C8F4CBA7655A3B24A7510FC7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 04E1 Signing time: Sun 15 Jun 2025 23:41:59 +0000 Manifest this update: Sun 15 Jun 2025 23:36:59 +0000 Manifest next update: Thu 19 Jun 2025 11:25:59 +0000 Files and hashes: 1: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) 2: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 3: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) 4: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) 5: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: WP2a3mqmpHS88/eMPFKKdSw0yMT5X5wgEeVzGMtnjlw=) 6: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) 7: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: NhUd1mQ5m5K2zgyRGSjRH++wa5ckdZOtlAC3nlug1Xc=) 8: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 11:25:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:13:95:dc:46:df:2a:89:c8:f4:cb:a7:65:5a:3b:24:a7:51:0f:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Jun 15 23:36:59 2025 GMT Not After : Jun 19 11:25:59 2025 GMT Subject: CN=D22DEC68F9588F2F18692FC7A2794CBD5628D0A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:e4:2a:7d:6a:16:02:32:56:1c:e4:3d:39:b0: 03:75:3c:8c:d0:c2:37:fa:02:a3:11:8e:93:c1:d7: 06:30:95:ce:62:f9:d8:c8:54:68:5d:fd:fa:75:9e: 1b:e4:a7:e3:e9:c7:da:7d:d3:a9:a9:28:cd:b2:e0: 5e:82:44:36:48:70:e8:64:65:88:53:b3:8e:2c:e3: 49:46:3b:c9:22:ad:5b:19:5c:47:fa:91:6b:c4:e6: ba:d8:c1:f8:ce:d1:62:33:33:3b:09:1e:90:2d:17: e4:9d:3f:6b:f8:e1:6c:55:7f:20:ac:16:70:83:a0: d2:86:65:1c:20:ee:4c:a8:2b:fc:bc:10:44:d0:af: 58:49:bf:d2:6d:b8:29:9b:82:a3:51:61:c6:1c:01: db:f0:cc:cb:3a:4d:fe:ac:da:ae:b8:fa:73:23:7c: cb:47:c1:64:68:82:fe:c5:10:e8:7c:5a:3f:39:74: 3c:ba:fa:af:9e:26:44:a2:dc:23:6c:0b:e2:ea:b5: ec:7a:22:b9:58:7d:0a:0f:24:79:f0:df:ff:b9:b1: 56:13:c9:0c:77:72:d4:95:59:80:2a:ff:a2:f7:d0: a1:a0:73:bc:69:22:b2:42:a1:10:2d:96:65:25:e7: dd:8f:d7:19:66:38:44:90:d0:d3:0f:b5:b6:ff:bb: a1:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:2D:EC:68:F9:58:8F:2F:18:69:2F:C7:A2:79:4C:BD:56:28:D0:A7 X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b4:f1:91:37:f6:98:08:d6:fc:86:66:47:2d:9d:da:15:a9:4d: 83:e8:64:f5:fe:0e:a5:6f:57:d2:95:f8:ca:36:aa:73:11:30: 1a:9a:97:93:c5:40:fa:48:81:61:31:fc:cb:d8:39:fa:c9:f0: 6c:58:70:91:50:07:01:be:38:a7:1f:b1:f2:1a:0a:c4:68:18: 59:4f:87:97:14:42:07:7f:7b:0e:70:b6:b5:08:eb:c8:4b:e1: 4a:37:9c:f8:c0:d3:7c:87:df:e8:1b:d4:45:24:12:de:6e:91: f6:7f:b4:be:bd:26:0f:e8:8e:cf:61:7b:8b:47:2f:f4:89:e2: 77:af:dd:8d:60:dc:fb:c7:60:6e:b5:36:f9:ec:12:68:8b:c7: 14:b1:19:db:bf:e6:f9:ef:d1:63:42:5f:a8:bb:86:ea:b3:36: da:9f:44:97:2f:92:61:8d:66:1f:8f:88:01:e7:a1:86:b5:cc: 3f:16:52:fa:18:fe:e6:75:9f:8b:64:7a:2f:d7:25:30:f2:42: ad:f2:32:bd:8a:51:b8:d0:ad:b5:83:e9:a9:9b:28:1f:d4:e4: c0:b4:07:a0:17:38:9a:65:ae:b7:72:e6:3f:84:61:ad:4b:9c: 2e:6a:08:a1:66:84:d7:3e:58:cd:fb:5e:29:76:a5:56:b5:db: 5f:42:95:5e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPxOV3EbfKonI9MunZVo7JKdRD8cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTA2MTUyMzM2NTlaFw0yNTA2MTkxMTI1NTlaMDMxMTAvBgNV BAMTKEQyMkRFQzY4Rjk1ODhGMkYxODY5MkZDN0EyNzk0Q0JENTYyOEQwQTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg5Cp9ahYCMlYc5D05sAN1PIzQ wjf6AqMRjpPB1wYwlc5i+djIVGhd/fp1nhvkp+Ppx9p906mpKM2y4F6CRDZIcOhk ZYhTs44s40lGO8kirVsZXEf6kWvE5rrYwfjO0WIzMzsJHpAtF+SdP2v44WxVfyCs FnCDoNKGZRwg7kyoK/y8EETQr1hJv9JtuCmbgqNRYcYcAdvwzMs6Tf6s2q64+nMj fMtHwWRogv7FEOh8Wj85dDy6+q+eJkSi3CNsC+Lqtex6IrlYfQoPJHnw3/+5sVYT yQx3ctSVWYAq/6L30KGgc7xpIrJCoRAtlmUl592P1xlmOESQ0NMPtbb/u6ExAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU0i3saPlYjy8YaS/HonlMvVYo0KcwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALTxkTf2mAjW/IZmRy2d2hWpTYPoZPX+DqVv V9KV+Mo2qnMRMBqal5PFQPpIgWEx/MvYOfrJ8GxYcJFQBwG+OKcfsfIaCsRoGFlP h5cUQgd/ew5wtrUI68hL4Uo3nPjA03yH3+gb1EUkEt5ukfZ/tL69Jg/ojs9he4tH L/SJ4nev3Y1g3PvHYG61NvnsEmiLxxSxGdu/5vnv0WNCX6i7huqzNtqfRJcvkmGN Zh+PiAHnoYa1zD8WUvoY/uZ1n4tkei/XJTDyQq3yMr2KUbjQrbWD6ambKB/U5MC0 B6AXOJplrrdy5j+EYa1LnC5qCKFmhNc+WM37Xil2pVa1219ClV4= -----END CERTIFICATE-----Generated at Wed Jun 18 00:11:42 2025 by rpki-client