$ rpki-client -vvf repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft File: AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft (raw, json) Hash identifier: RdPDpz4fa8NG4gESjLlwH3f9i04NfIuN84UDSluQvwU= Subject key identifier: 04:AF:21:0E:E3:F1:7B:9B:F8:74:61:A9:1F:12:8A:CA:42:F0:46:4D Authority key identifier: AF:DF:D5:D1:C4:B3:9F:2F:AA:BB:A5:BC:15:23:4C:2B:12:43:BF:FB Certificate issuer: /CN=AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB Certificate serial: 3B48C98824A6BBD35168D02ACB0A9B468456C482 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft Manifest number: 03A5 Signing time: Wed 06 Aug 2025 09:11:30 +0000 Manifest this update: Wed 06 Aug 2025 09:06:30 +0000 Manifest next update: Sat 09 Aug 2025 20:11:30 +0000 Files and hashes: 1: AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.crl (hash: YmGGF32QmJtyluNP4G4Po/692doTHC7aFcklUl/yrsk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.crl rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 20:11:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:48:c9:88:24:a6:bb:d3:51:68:d0:2a:cb:0a:9b:46:84:56:c4:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB Validity Not Before: Aug 6 09:06:30 2025 GMT Not After : Aug 9 20:11:30 2025 GMT Subject: CN=04AF210EE3F17B9BF87461A91F128ACA42F0464D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:84:b1:03:f6:30:3f:1f:40:54:af:7c:3c:2c: 26:e0:a3:b9:db:bd:6d:c9:19:6f:ef:29:19:6e:a0: 2e:00:fa:af:16:43:ea:58:77:ff:0d:f6:82:34:e1: 90:62:12:e7:09:3b:8d:1a:eb:e7:81:73:4c:d7:0c: 0b:db:c0:f4:ff:12:19:c4:6d:10:eb:be:ef:73:cc: dc:5c:81:61:b1:11:35:c8:c7:87:ed:cc:bb:14:0b: 95:7e:39:b8:c5:b6:a4:db:8a:3b:d3:58:33:63:46: a5:16:4e:98:c4:16:45:31:a7:e5:19:d7:dc:40:7a: c2:2b:0e:65:79:4d:17:58:fb:e6:84:5f:2d:c8:38: 01:69:da:6d:a8:b3:7f:7a:68:b6:75:28:1b:56:06: 28:c0:9c:a4:5b:fa:92:24:a4:dd:b1:ec:0f:25:a3: 83:8a:15:44:c8:c6:6a:ca:1f:cd:45:e5:38:b9:6e: b8:41:0d:05:d8:16:49:0b:ee:df:7b:2f:24:e8:ed: 52:7c:e8:5a:04:ff:89:de:e7:31:fd:80:4f:de:f8: de:13:6c:cc:b5:86:ef:ff:35:c0:45:40:38:74:10: 88:b7:ea:0a:29:d3:ef:51:e9:e3:c3:e1:d1:1e:c6: 47:a2:29:59:f3:a4:cd:5f:7e:e3:9d:ca:ad:bc:5e: b1:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:AF:21:0E:E3:F1:7B:9B:F8:74:61:A9:1F:12:8A:CA:42:F0:46:4D X509v3 Authority Key Identifier: keyid:AF:DF:D5:D1:C4:B3:9F:2F:AA:BB:A5:BC:15:23:4C:2B:12:43:BF:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a4fe1811-c03f-49d8-9217-13ff22a31ebe/0/AFDFD5D1C4B39F2FAABBA5BC15234C2B1243BFFB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:6a:c8:d7:dd:69:ab:98:80:e5:2f:29:36:d1:21:c1:fd:ad: 11:8b:5d:83:ab:e0:a3:3f:97:38:16:93:22:fc:b5:82:85:c4: 91:14:87:7a:7f:1e:b4:c7:3d:41:ea:2f:3d:1e:36:bc:1c:af: eb:22:3a:e9:67:bf:7c:08:0d:12:94:b7:f2:8c:f4:a6:43:e4: bd:71:17:29:f0:aa:b6:21:26:d4:77:0d:fc:a2:3a:0e:42:5b: b3:4f:5c:06:a8:4b:c5:22:1a:1a:ca:38:38:79:12:6e:82:56: 6a:85:61:8f:18:35:bf:36:cd:09:83:e0:10:0b:f5:78:82:3c: f2:c0:ee:67:b1:f1:1c:a6:69:bc:da:e8:cd:b4:5a:9e:72:d5: 6b:74:2e:29:b6:4d:71:c1:0c:89:db:fc:6c:87:e3:e2:17:2b: 24:3d:f4:a1:10:b8:d8:09:88:cd:03:4b:f8:1e:d6:cd:ce:38: e8:c5:bc:e6:d5:af:d9:b8:4d:f1:30:38:4c:10:be:96:50:20: 7f:95:74:6e:fe:a2:ec:dd:6c:48:29:51:ed:6d:53:81:3b:02: 51:24:bd:b2:bf:16:d1:fd:b9:5e:4e:c3:4b:31:d1:49:92:47: 13:11:43:57:47:08:1c:44:87:88:c9:9a:f3:eb:9d:2d:c3:4c: 38:b6:9c:00 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUO0jJiCSmu9NRaNAqywqbRoRWxIIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUZERkQ1RDFDNEIzOUYyRkFBQkJBNUJDMTUyMzRDMkIx MjQzQkZGQjAeFw0yNTA4MDYwOTA2MzBaFw0yNTA4MDkyMDExMzBaMDMxMTAvBgNV BAMTKDA0QUYyMTBFRTNGMTdCOUJGODc0NjFBOTFGMTI4QUNBNDJGMDQ2NEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPhLED9jA/H0BUr3w8LCbgo7nb vW3JGW/vKRluoC4A+q8WQ+pYd/8N9oI04ZBiEucJO40a6+eBc0zXDAvbwPT/EhnE bRDrvu9zzNxcgWGxETXIx4ftzLsUC5V+ObjFtqTbijvTWDNjRqUWTpjEFkUxp+UZ 19xAesIrDmV5TRdY++aEXy3IOAFp2m2os396aLZ1KBtWBijAnKRb+pIkpN2x7A8l o4OKFUTIxmrKH81F5Ti5brhBDQXYFkkL7t97LyTo7VJ86FoE/4ne5zH9gE/e+N4T bMy1hu//NcBFQDh0EIi36gop0+9R6ePD4dEexkeiKVnzpM1ffuOdyq28XrFDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUBK8hDuPxe5v4dGGpHxKKykLwRk0wHwYDVR0j BBgwFoAUr9/V0cSzny+qu6W8FSNMKxJDv/swDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NGZlMTgxMS1jMDNmLTQ5ZDgtOTIxNy0xM2ZmMjJhMzFlYmUvMC9BRkRGRDVEMUM0 QjM5RjJGQUFCQkE1QkMxNTIzNEMyQjEyNDNCRkZCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQUZERkQ1RDFDNEIzOUYyRkFBQkJBNUJDMTUyMzRDMkIxMjQz QkZGQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTRmZTE4MTEtYzAzZi00OWQ4LTky MTctMTNmZjIyYTMxZWJlLzAvQUZERkQ1RDFDNEIzOUYyRkFBQkJBNUJDMTUyMzRD MkIxMjQzQkZGQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADhqyNfdaauYgOUvKTbRIcH9rRGLXYOr4KM/ lzgWkyL8tYKFxJEUh3p/HrTHPUHqLz0eNrwcr+siOulnv3wIDRKUt/KM9KZD5L1x FynwqrYhJtR3DfyiOg5CW7NPXAaoS8UiGhrKODh5Em6CVmqFYY8YNb82zQmD4BAL 9XiCPPLA7mex8Rymabza6M20Wp5y1Wt0Lim2TXHBDInb/GyH4+IXKyQ99KEQuNgJ iM0DS/ge1s3OOOjFvObVr9m4TfEwOEwQvpZQIH+VdG7+ouzdbEgpUe1tU4E7AlEk vbK/FtH9uV5Ow0sx0UmSRxMRQ1dHCBxEh4jJmvPrnS3DTDi2nAA= -----END CERTIFICATE-----Generated at Thu Aug 7 00:26:21 2025 by rpki-client