$ rpki-client -vvf repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft File: AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft (raw, json) Hash identifier: nTnkUjdDKUCxhoLXY38a1MV0Mrr5bMt1Fl6X+HUEpQc= Subject key identifier: D7:F9:A8:62:6E:DF:09:65:F7:16:98:FE:BF:62:95:F0:06:0C:98:72 Authority key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Certificate issuer: /CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Certificate serial: 6ABECED5B6F5D98767F78485C8BBE623FE7F56A4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject info access: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft Manifest number: 89 Signing time: Sat 14 Jun 2025 10:31:39 +0000 Manifest this update: Sat 14 Jun 2025 10:26:39 +0000 Manifest next update: Tue 17 Jun 2025 16:03:39 +0000 Files and hashes: 1: 3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa (hash: cxXcs5+F77Lg7/Ojwbw2WUqjYrzsnoyA2M5AF3WeU8k=) 2: AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl (hash: POXqtxciwA9gAlTcOSm2ry6kXcB0Ajk3qtsPtWYZESk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 17 Jun 2025 16:03:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:be:ce:d5:b6:f5:d9:87:67:f7:84:85:c8:bb:e6:23:fe:7f:56:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Validity Not Before: Jun 14 10:26:39 2025 GMT Not After : Jun 17 16:03:39 2025 GMT Subject: CN=D7F9A8626EDF0965F71698FEBF6295F0060C9872 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:1e:b4:68:ab:2d:16:d9:7c:40:48:c9:4e:f8: a1:e3:df:f9:2f:e2:d8:55:4c:af:8a:85:2c:29:bf: 01:0a:34:4e:41:29:5e:ca:1f:27:8b:45:6e:ec:6a: 88:51:b5:33:fb:38:5c:5f:16:6f:12:9f:26:fa:f6: 06:cd:e4:df:c0:bf:3d:31:7c:11:6a:6c:85:60:22: 9c:c9:3c:49:23:f4:81:91:06:73:0b:9e:bd:74:a3: 27:07:b5:61:d1:89:2f:4d:d3:bd:d6:61:e0:b5:cb: c7:14:af:64:fd:f8:d7:69:f1:ea:18:4a:4f:a2:75: ef:1c:4a:12:7b:0d:36:15:9d:27:e9:08:ed:fa:da: dc:66:75:d3:58:67:f5:52:a3:0d:88:88:e2:4e:00: 93:83:c0:33:ef:cb:d4:3b:fd:f6:ec:34:d6:82:f3: 2f:79:6d:af:d9:28:4b:07:c2:cf:71:df:89:8b:64: 5c:be:24:7f:e8:67:1a:b2:72:78:4e:ab:ac:94:5a: 5f:c2:fe:7f:fc:4a:ef:86:c8:ab:8a:64:c0:9d:05: e9:ff:ff:0a:5e:be:41:52:c1:ce:f6:94:91:24:ad: 5c:bc:16:1b:56:f1:ca:59:8a:19:09:57:c7:d3:97: 44:1f:91:5f:a0:2c:15:45:82:01:52:ca:7c:97:2f: 91:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:F9:A8:62:6E:DF:09:65:F7:16:98:FE:BF:62:95:F0:06:0C:98:72 X509v3 Authority Key Identifier: keyid:AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:01:74:7f:0f:15:8f:81:27:27:10:53:5c:23:fe:32:8a:50: 1c:3f:09:2a:3a:48:6a:49:85:4c:0f:53:0e:d3:04:f5:a0:a1: 88:e1:54:ed:0c:a6:e2:7f:cf:1a:d2:a5:82:95:e0:83:eb:e0: 58:f4:f8:88:aa:9f:1b:a1:6d:83:99:ec:e3:cf:8b:82:b3:7e: 19:62:e4:24:5d:ad:3b:25:93:59:7f:19:1a:d7:83:91:30:aa: 91:c5:82:c3:57:ba:46:17:5b:9c:de:14:08:12:aa:f4:49:d1: 6b:52:3b:08:b3:62:14:b2:cc:df:2b:0d:75:92:e8:f5:ba:6e: 9f:e4:4a:53:b6:e9:78:5b:ff:73:be:3e:00:79:4f:ef:fa:b6: b4:03:8e:1f:05:07:78:b2:56:8b:ef:0a:a9:d5:de:15:21:36: 60:cd:e6:94:00:ba:2e:6f:88:78:9b:d8:f6:39:e0:6d:09:30: e3:e8:e6:b0:45:57:10:1b:22:5c:25:4d:7f:5f:42:16:83:db: 83:1d:6b:5c:b6:c6:2c:1a:57:44:3e:4e:20:84:15:21:16:91: 0c:6f:29:5b:a9:78:37:04:8e:32:3b:1e:3c:6e:7c:b1:13:9b: 9c:e1:20:7d:5d:2e:ff:aa:48:27:8f:8e:f3:fa:61:e7:1d:6d: 6f:8a:86:1f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUar7O1bb12Ydn94SFyLvmI/5/VqQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQw MkQ2QUYyMTAeFw0yNTA2MTQxMDI2MzlaFw0yNTA2MTcxNjAzMzlaMDMxMTAvBgNV BAMTKEQ3RjlBODYyNkVERjA5NjVGNzE2OThGRUJGNjI5NUYwMDYwQzk4NzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEHrRoqy0W2XxASMlO+KHj3/kv 4thVTK+KhSwpvwEKNE5BKV7KHyeLRW7saohRtTP7OFxfFm8Snyb69gbN5N/Avz0x fBFqbIVgIpzJPEkj9IGRBnMLnr10oycHtWHRiS9N073WYeC1y8cUr2T9+Ndp8eoY Sk+ide8cShJ7DTYVnSfpCO362txmddNYZ/VSow2IiOJOAJODwDPvy9Q7/fbsNNaC 8y95ba/ZKEsHws9x34mLZFy+JH/oZxqycnhOq6yUWl/C/n/8Su+GyKuKZMCdBen/ /wpevkFSwc72lJEkrVy8FhtW8cpZihkJV8fTl0QfkV+gLBVFggFSynyXL5FnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU1/moYm7fCWX3Fpj+v2KV8AYMmHIwHwYDVR0j BBgwFoAUqj1/UDyZwKtjDVTFKDg8NALWryEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMC9BQTNEN0Y1MDND OTlDMEFCNjMwRDU0QzUyODM4M0MzNDAyRDZBRjIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQwMkQ2 QUYyMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTZjZDAzMjUtMzFhZi00ZmZlLThi ZWItZTc3OTk3ZTZjM2UxLzAvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODND MzQwMkQ2QUYyMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFYBdH8PFY+BJycQU1wj/jKKUBw/CSo6SGpJ hUwPUw7TBPWgoYjhVO0MpuJ/zxrSpYKV4IPr4Fj0+IiqnxuhbYOZ7OPPi4Kzfhli 5CRdrTslk1l/GRrXg5EwqpHFgsNXukYXW5zeFAgSqvRJ0WtSOwizYhSyzN8rDXWS 6PW6bp/kSlO26Xhb/3O+PgB5T+/6trQDjh8FB3iyVovvCqnV3hUhNmDN5pQAui5v iHib2PY54G0JMOPo5rBFVxAbIlwlTX9fQhaD24Mda1y2xiwaV0Q+TiCEFSEWkQxv KVupeDcEjjI7HjxufLETm5zhIH1dLv+qSCePjvP6YecdbW+Khh8= -----END CERTIFICATE-----Generated at Mon Jun 16 12:19:30 2025 by rpki-client