$ rpki-client -vvf repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft File: B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft (raw, json) Hash identifier: WaGJItnPZNQEwU3Gj35awRVLtQCFABU823XqKqOWI5o= Subject key identifier: 5C:2B:6F:DA:FB:0D:3D:A9:4A:26:E3:83:A1:89:92:67:24:8A:D0:0F Authority key identifier: B5:E9:7B:71:FA:FA:24:FF:8F:A2:B1:A3:35:58:D8:0A:98:25:4D:B2 Certificate issuer: /CN=B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2 Certificate serial: 1A0D42C712200D241710280B31E9831EF1A9189D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft Manifest number: 01EA Signing time: Tue 05 Aug 2025 13:22:03 +0000 Manifest this update: Tue 05 Aug 2025 13:17:03 +0000 Manifest next update: Fri 08 Aug 2025 16:52:03 +0000 Files and hashes: 1: B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl (hash: jofXnIr7mjmqm2pJ7wIIkhGLYG0mtApeY7eiMh0cpAs=) 2: 3130332e3138382e3235322e302f32342d3234203d3e20313439373337.roa (hash: kjCPg8CNqMlAMRebUqHb4gpHFMec5lXxDxlOd53bN+M=) 3: 3130332e3138382e3235332e302f32342d3234203d3e20313439373337.roa (hash: fMitGvSIMZKR/xojJDzG2iWApTg4bDt/1kqJnOfFiTo=) 4: 3130332e3138382e3235322e302f32332d3233203d3e20313439373337.roa (hash: SLcrpmMGhS+iLPHlXSc6GQF6hzriCb0znzXu+cnHQhI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 16:52:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:0d:42:c7:12:20:0d:24:17:10:28:0b:31:e9:83:1e:f1:a9:18:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2 Validity Not Before: Aug 5 13:17:03 2025 GMT Not After : Aug 8 16:52:03 2025 GMT Subject: CN=5C2B6FDAFB0D3DA94A26E383A1899267248AD00F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:90:df:0f:1c:2c:35:5c:2a:38:e6:5c:19:73: 3b:b8:d4:9c:02:d4:e4:d8:3a:d0:49:87:3e:fb:53: c2:c8:2a:1f:8e:79:3d:c0:2e:a2:06:38:52:df:e4: 89:41:46:6e:34:58:61:79:2a:d9:e4:af:4e:85:53: 79:82:87:2b:e2:aa:73:57:76:3b:ca:6c:bc:75:e4: 65:3e:26:08:98:f9:86:03:11:9e:19:ed:52:d2:3d: 2d:cc:5d:6c:fa:53:b1:4c:5c:4d:df:a9:f7:ad:11: c7:79:d8:b0:d1:f4:c0:61:49:cc:0a:7e:b2:d3:5e: 14:1d:1c:bd:b7:36:db:d6:41:9f:a9:f4:6c:cd:e5: 14:4d:c8:00:fc:63:5e:5e:6f:a3:a5:58:04:fd:70: 03:74:76:61:60:a6:3a:b2:88:50:66:56:5e:bf:d6: d4:5e:31:3f:e9:d4:db:95:a7:a5:e6:9d:00:e0:17: e9:08:86:f5:83:ff:e6:07:ac:6f:69:4e:72:a7:a1: 93:05:82:71:86:4c:a5:e1:b8:a3:96:b6:90:52:93: 0c:a4:58:35:d2:2a:68:bd:81:40:43:cf:b8:e6:4d: bc:e3:87:b8:90:79:3b:5e:74:06:77:39:a0:50:fa: 46:22:37:f3:47:6a:3c:62:ba:7f:82:40:37:db:9d: 00:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:2B:6F:DA:FB:0D:3D:A9:4A:26:E3:83:A1:89:92:67:24:8A:D0:0F X509v3 Authority Key Identifier: keyid:B5:E9:7B:71:FA:FA:24:FF:8F:A2:B1:A3:35:58:D8:0A:98:25:4D:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:22:88:2d:04:84:61:a9:a7:83:f9:57:6c:14:32:44:45:1c: 0d:0a:e2:56:7b:1f:b4:56:02:e4:06:d6:a2:6f:94:bf:d0:00: fa:5a:79:c5:9f:0c:cd:01:52:f0:87:b7:d1:c2:43:8d:3d:22: 9c:b5:a0:c8:6b:32:d1:02:c3:d9:fe:55:f8:c1:86:ba:1d:03: 24:3c:07:03:49:df:e1:51:f5:db:9b:22:ed:cd:36:61:93:85: 19:2c:fd:be:ac:6d:66:e5:eb:3f:3b:f5:59:8d:2f:50:88:62: 17:6b:b5:9a:35:ed:6b:34:29:48:f0:f3:de:79:56:a4:29:c2: de:1d:76:9a:65:9d:aa:3c:d0:79:94:6c:54:61:97:54:bf:e7: 77:16:f0:f8:67:77:f3:8b:6a:82:7f:e2:e6:cd:6a:00:af:c9: 55:2b:ed:5f:9a:07:60:20:9b:fe:92:4f:17:9d:51:c8:21:29: d1:b2:b1:c4:54:21:51:f8:e4:8d:93:60:c1:18:46:c2:46:71: 3a:bc:77:ca:73:3d:25:6b:4d:ae:87:2a:72:96:59:34:c7:00: 88:42:2f:ba:b1:07:f3:29:e7:cc:b4:98:9f:b5:48:94:b0:29: bf:9d:fb:b1:ec:66:68:81:d6:9f:36:a8:33:76:79:d2:1f:71: 3f:58:0c:33 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGg1CxxIgDSQXECgLMemDHvGpGJ0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4MEE5 ODI1NERCMjAeFw0yNTA4MDUxMzE3MDNaFw0yNTA4MDgxNjUyMDNaMDMxMTAvBgNV BAMTKDVDMkI2RkRBRkIwRDNEQTk0QTI2RTM4M0ExODk5MjY3MjQ4QUQwMEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgkN8PHCw1XCo45lwZczu41JwC 1OTYOtBJhz77U8LIKh+OeT3ALqIGOFLf5IlBRm40WGF5Ktnkr06FU3mChyviqnNX djvKbLx15GU+JgiY+YYDEZ4Z7VLSPS3MXWz6U7FMXE3fqfetEcd52LDR9MBhScwK frLTXhQdHL23NtvWQZ+p9GzN5RRNyAD8Y15eb6OlWAT9cAN0dmFgpjqyiFBmVl6/ 1tReMT/p1NuVp6XmnQDgF+kIhvWD/+YHrG9pTnKnoZMFgnGGTKXhuKOWtpBSkwyk WDXSKmi9gUBDz7jmTbzjh7iQeTtedAZ3OaBQ+kYiN/NHajxiun+CQDfbnQDjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUXCtv2vsNPalKJuODoYmSZySK0A8wHwYDVR0j BBgwFoAUtel7cfr6JP+PorGjNVjYCpglTbIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 YWVkMDk4Yi00OWIxLTRmNTMtYjc1YS0yNzNlMTFjMjUxNDkvMC9CNUU5N0I3MUZB RkEyNEZGOEZBMkIxQTMzNTU4RDgwQTk4MjU0REIyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4MEE5ODI1 NERCMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOWFlZDA5OGItNDliMS00ZjUzLWI3 NWEtMjczZTExYzI1MTQ5LzAvQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4 MEE5ODI1NERCMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGkiiC0EhGGpp4P5V2wUMkRFHA0K4lZ7H7RW AuQG1qJvlL/QAPpaecWfDM0BUvCHt9HCQ409Ipy1oMhrMtECw9n+VfjBhrodAyQ8 BwNJ3+FR9dubIu3NNmGThRks/b6sbWbl6z879VmNL1CIYhdrtZo17Ws0KUjw8955 VqQpwt4ddpplnao80HmUbFRhl1S/53cW8Phnd/OLaoJ/4ubNagCvyVUr7V+aB2Ag m/6STxedUcghKdGyscRUIVH45I2TYMEYRsJGcTq8d8pzPSVrTa6HKnKWWTTHAIhC L7qxB/Mp58y0mJ+1SJSwKb+d+7HsZmiB1p82qDN2edIfcT9YDDM= -----END CERTIFICATE-----Generated at Thu Aug 7 00:27:04 2025 by rpki-client