$ rpki-client -vvf repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft File: AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft (raw, json) Hash identifier: 0sIlJIsZ0ratZZSOAdhFsoqA1ciVbAhWWVx19tr6SZQ= Subject key identifier: 00:67:A1:A2:C4:87:6B:9F:60:68:4D:83:B0:4A:3D:09:D6:B8:1F:9B Authority key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Certificate issuer: /CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Certificate serial: 1E7D6B2260B053CB2F8C74D87AD40EA92709D386 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject info access: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft Manifest number: A0 Signing time: Sun 03 Aug 2025 20:51:41 +0000 Manifest this update: Sun 03 Aug 2025 20:46:41 +0000 Manifest next update: Thu 07 Aug 2025 00:25:41 +0000 Files and hashes: 1: 3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa (hash: okMulqCwmQrHdU+kO0nYzAvF/vvi8wTCEKi+VdDT9lQ=) 2: AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl (hash: RFM0TWITpUZ7dfjrBcntTkwTTurWdi7WRnyUeeP2kHY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 Aug 2025 00:25:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:7d:6b:22:60:b0:53:cb:2f:8c:74:d8:7a:d4:0e:a9:27:09:d3:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Validity Not Before: Aug 3 20:46:41 2025 GMT Not After : Aug 7 00:25:41 2025 GMT Subject: CN=0067A1A2C4876B9F60684D83B04A3D09D6B81F9B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:3d:28:88:a7:51:c2:ce:4e:f7:b2:d8:8e:ae: cb:34:71:9a:f3:d0:c8:fc:95:84:06:57:b8:33:85: 1b:87:e3:d3:3e:f7:6b:72:54:fc:e4:10:6a:7c:f2: 57:3b:f4:1a:7f:06:f6:ca:14:a6:ed:9b:07:42:07: 87:c3:c9:d9:4e:94:e7:db:ba:73:b8:21:f4:f8:09: ab:96:55:00:84:9d:86:0c:73:dc:f1:0e:96:1b:66: 1d:19:b6:c8:bb:65:68:86:79:19:23:45:e0:bc:40: 15:cc:61:16:d6:eb:92:c8:f4:27:93:31:2a:e0:b1: bf:5d:7d:d5:cd:92:e9:a5:ad:a6:92:8b:7e:cd:84: fb:db:2c:5f:16:10:94:3b:8f:82:e3:53:7a:3a:75: d4:4c:34:67:8c:40:bd:7d:92:7d:b9:9a:75:d1:3b: 2d:e6:3a:35:c3:c7:87:56:a7:7c:84:02:c1:7a:c3: 9b:20:ba:bc:1b:84:b6:a5:0a:74:5a:a6:ae:27:12: da:f9:39:ff:e0:9c:66:d7:9e:c0:f9:6b:96:33:13: 3f:3c:b0:93:3f:47:fa:20:7c:c1:bf:f2:cf:84:52: ca:39:cb:fb:82:0f:3a:65:49:8d:94:85:be:dc:46: 3c:2f:a7:a8:aa:4a:e7:20:66:16:ed:9b:f3:08:4d: 0e:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:67:A1:A2:C4:87:6B:9F:60:68:4D:83:B0:4A:3D:09:D6:B8:1F:9B X509v3 Authority Key Identifier: keyid:AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:1d:d2:01:98:c8:f3:91:98:78:38:c8:36:27:09:29:c1:8d: ba:4e:5a:f3:7a:3e:00:da:70:18:44:6d:d0:7f:eb:98:e7:de: be:3a:c2:3d:96:25:64:6a:55:0b:04:74:1c:5b:56:8f:d2:90: 00:da:31:0f:3e:10:be:2a:ad:9d:a3:c0:d2:83:fc:19:7b:e8: b9:1c:42:dc:96:cd:5b:a4:90:b1:b4:bc:9f:7e:b3:7b:a8:25: 70:1a:59:9d:d2:d5:4d:16:ca:30:94:d2:80:ba:9c:39:4b:81: be:53:b7:25:7d:8f:6f:53:da:29:f7:b5:10:9e:c9:67:32:f9: f6:32:02:8c:fc:84:2d:7d:92:bd:1a:30:e8:bc:0f:54:23:e6: 77:a1:ba:2b:82:2a:7c:ea:c6:8c:25:0c:f7:e1:b0:d6:3b:6d: 55:67:f1:51:5e:d4:bc:1c:c8:b6:0e:11:a2:04:f8:88:57:d0: 8e:74:b3:d0:05:56:c6:a2:76:f6:40:fe:cf:15:04:36:64:97: c3:17:ab:cd:8c:72:c9:1b:26:73:44:60:e3:b6:66:5a:ef:88: 08:9c:7c:35:ee:8c:16:f3:25:0c:ef:bd:41:a7:60:14:b6:7d: f6:85:3a:1f:5d:5d:f0:9e:ae:8a:99:6a:65:32:2e:e7:59:54: 84:dc:2f:2a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUHn1rImCwU8svjHTYetQOqScJ04YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQw MkQ2QUYyMTAeFw0yNTA4MDMyMDQ2NDFaFw0yNTA4MDcwMDI1NDFaMDMxMTAvBgNV BAMTKDAwNjdBMUEyQzQ4NzZCOUY2MDY4NEQ4M0IwNEEzRDA5RDZCODFGOUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8PSiIp1HCzk73stiOrss0cZrz 0Mj8lYQGV7gzhRuH49M+92tyVPzkEGp88lc79Bp/BvbKFKbtmwdCB4fDydlOlOfb unO4IfT4CauWVQCEnYYMc9zxDpYbZh0Ztsi7ZWiGeRkjReC8QBXMYRbW65LI9CeT MSrgsb9dfdXNkumlraaSi37NhPvbLF8WEJQ7j4LjU3o6ddRMNGeMQL19kn25mnXR Oy3mOjXDx4dWp3yEAsF6w5sgurwbhLalCnRapq4nEtr5Of/gnGbXnsD5a5YzEz88 sJM/R/ogfMG/8s+EUso5y/uCDzplSY2Uhb7cRjwvp6iqSucgZhbtm/MITQ6fAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUAGehosSHa59gaE2DsEo9Cda4H5swHwYDVR0j BBgwFoAUqj1/UDyZwKtjDVTFKDg8NALWryEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMC9BQTNEN0Y1MDND OTlDMEFCNjMwRDU0QzUyODM4M0MzNDAyRDZBRjIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQwMkQ2 QUYyMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTZjZDAzMjUtMzFhZi00ZmZlLThi ZWItZTc3OTk3ZTZjM2UxLzAvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODND MzQwMkQ2QUYyMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIAd0gGYyPORmHg4yDYnCSnBjbpOWvN6PgDa cBhEbdB/65jn3r46wj2WJWRqVQsEdBxbVo/SkADaMQ8+EL4qrZ2jwNKD/Bl76Lkc QtyWzVukkLG0vJ9+s3uoJXAaWZ3S1U0WyjCU0oC6nDlLgb5TtyV9j29T2in3tRCe yWcy+fYyAoz8hC19kr0aMOi8D1Qj5nehuiuCKnzqxowlDPfhsNY7bVVn8VFe1Lwc yLYOEaIE+IhX0I50s9AFVsaidvZA/s8VBDZkl8MXq82McskbJnNEYOO2ZlrviAic fDXujBbzJQzvvUGnYBS2ffaFOh9dXfCeroqZamUyLudZVITcLyo= -----END CERTIFICATE-----Generated at Tue Aug 5 20:20:03 2025 by rpki-client