$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: 1wUZLZ6MzFAnguFhWwUQhDKEB4FlG858ZvkM0bLn/SE= Subject key identifier: AF:3E:A4:68:7D:60:11:C4:D1:CD:9A:9A:25:5B:71:85:E6:33:9E:C1 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 1FC79A2BE9733AD50711D2D6AC8EBB330D117D7B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 01C6 Signing time: Sun 15 Jun 2025 12:31:48 +0000 Manifest this update: Sun 15 Jun 2025 12:26:48 +0000 Manifest next update: Wed 18 Jun 2025 16:11:48 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: I+WRQwGWOXnTEeg5VK/w3OnNzpREiSwx4rPZrF+XYek=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 16:11:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:c7:9a:2b:e9:73:3a:d5:07:11:d2:d6:ac:8e:bb:33:0d:11:7d:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Jun 15 12:26:48 2025 GMT Not After : Jun 18 16:11:48 2025 GMT Subject: CN=AF3EA4687D6011C4D1CD9A9A255B7185E6339EC1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:3c:f1:17:ec:6a:2d:01:41:03:aa:b1:92:90: 69:43:f3:af:69:83:9d:fa:99:84:a7:b3:2a:43:46: b5:eb:cf:25:5d:4e:45:90:5d:88:12:d7:db:0a:b2: 7c:e5:dd:4f:cc:ba:9d:b6:63:67:8e:0b:6f:31:18: d6:a4:07:4d:ab:27:76:32:67:b0:bd:ac:68:8d:34: 95:9e:76:63:e9:9b:2e:ea:74:cb:fb:4e:66:66:ec: b5:0f:53:50:0a:60:44:2d:6d:ae:0b:2a:15:d8:92: 68:a6:7a:53:0f:6d:ec:cc:9d:f1:b5:49:b5:ce:23: 4a:53:28:d5:3b:83:c8:f6:c4:de:8b:01:dc:2f:8d: b6:95:4a:2e:60:2a:31:f8:f8:76:75:a4:a7:19:cb: 44:92:4e:2d:44:20:48:ad:6e:99:7e:40:e0:9d:2d: 01:1a:d0:b1:37:a0:13:c2:82:33:33:51:4a:bf:9a: 40:1c:d6:12:f9:a2:79:8f:e4:57:da:2c:2b:52:da: 8d:8d:4a:8f:73:f8:14:92:3d:0f:af:85:77:c0:78: 78:d0:5d:ec:3a:15:4d:c8:c5:8c:6c:b2:bf:6f:bc: 62:87:10:70:fd:be:3a:be:74:77:4b:c2:9d:cd:2b: 6c:36:80:f5:ac:b2:20:c2:34:31:66:9b:eb:52:2e: 02:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:3E:A4:68:7D:60:11:C4:D1:CD:9A:9A:25:5B:71:85:E6:33:9E:C1 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:51:6a:bb:59:b8:a2:e9:21:ca:9c:3d:b5:ef:50:50:d2:f5: 99:0d:14:38:d9:7c:e8:1b:f6:82:55:77:2c:58:19:fb:47:cc: d7:23:4d:95:4a:07:13:d0:a2:2a:27:b3:a4:61:9b:30:f6:82: ed:88:c0:09:b1:b7:89:00:97:c6:05:a5:d8:57:4d:a6:12:bc: 81:61:3e:1c:94:96:f3:56:5b:f5:4a:cd:b2:21:cd:f0:8c:74: 6e:4d:49:3f:0c:de:14:75:ce:ca:48:60:87:8b:6a:39:5e:88: 04:37:7b:97:1c:e3:be:f1:33:43:9e:c4:48:21:78:5f:9c:16: 7b:2c:d1:e5:51:27:8a:79:8b:16:6a:89:23:5f:4a:0d:d8:9e: 35:ed:81:b3:60:1a:fb:eb:9f:8c:5f:8f:e7:69:74:81:71:80: 33:98:44:1e:1f:9c:f9:a9:62:ef:64:c5:a9:8c:ff:53:ab:76: 8f:b7:64:4d:10:2d:3f:27:47:7f:e7:94:78:4c:12:fc:54:f8: 97:02:f1:b5:25:6d:0f:fc:e7:61:5d:90:5d:a3:ad:e9:49:de: e4:06:65:30:38:11:a9:2e:e2:a4:5b:d3:cf:5c:68:92:08:31: d8:b4:55:ca:21:85:5f:c3:8d:f0:e5:4c:9c:42:d9:9d:71:20: 3e:da:1f:8b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUH8eaK+lzOtUHEdLWrI67Mw0RfXswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTA2MTUxMjI2NDhaFw0yNTA2MTgxNjExNDhaMDMxMTAvBgNV BAMTKEFGM0VBNDY4N0Q2MDExQzREMUNEOUE5QTI1NUI3MTg1RTYzMzlFQzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7PPEX7GotAUEDqrGSkGlD869p g536mYSnsypDRrXrzyVdTkWQXYgS19sKsnzl3U/Mup22Y2eOC28xGNakB02rJ3Yy Z7C9rGiNNJWedmPpmy7qdMv7TmZm7LUPU1AKYEQtba4LKhXYkmimelMPbezMnfG1 SbXOI0pTKNU7g8j2xN6LAdwvjbaVSi5gKjH4+HZ1pKcZy0SSTi1EIEitbpl+QOCd LQEa0LE3oBPCgjMzUUq/mkAc1hL5onmP5FfaLCtS2o2NSo9z+BSSPQ+vhXfAeHjQ Xew6FU3IxYxssr9vvGKHEHD9vjq+dHdLwp3NK2w2gPWssiDCNDFmm+tSLgLfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUrz6kaH1gEcTRzZqaJVtxheYznsEwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIpRartZuKLpIcqcPbXvUFDS9ZkNFDjZfOgb 9oJVdyxYGftHzNcjTZVKBxPQoions6RhmzD2gu2IwAmxt4kAl8YFpdhXTaYSvIFh PhyUlvNWW/VKzbIhzfCMdG5NST8M3hR1zspIYIeLajleiAQ3e5cc477xM0OexEgh eF+cFnss0eVRJ4p5ixZqiSNfSg3YnjXtgbNgGvvrn4xfj+dpdIFxgDOYRB4fnPmp Yu9kxamM/1Ordo+3ZE0QLT8nR3/nlHhMEvxU+JcC8bUlbQ/852FdkF2jrelJ3uQG ZTA4Eaku4qRb089caJIIMdi0VcohhV/DjfDlTJxC2Z1xID7aH4s= -----END CERTIFICATE-----Generated at Mon Jun 16 02:14:37 2025 by rpki-client