$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: +067jcJDbPCgRhetrUGe/iqPJ9ykqnOr7THQzaARHlc= Subject key identifier: 21:0C:FA:C1:07:73:9D:26:67:E3:99:3B:A7:F5:7E:43:2B:DB:A6:AC Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 36FF2A78541DC5B5F7DB47A71079006D32AAC857 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 01DC Signing time: Mon 04 Aug 2025 15:31:51 +0000 Manifest this update: Mon 04 Aug 2025 15:26:50 +0000 Manifest next update: Thu 07 Aug 2025 23:32:50 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: L41PhyrYWKmX2T2ix0OhhPUUmTg8m+L9O8wmRljaENs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 Aug 2025 23:32:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:ff:2a:78:54:1d:c5:b5:f7:db:47:a7:10:79:00:6d:32:aa:c8:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Aug 4 15:26:50 2025 GMT Not After : Aug 7 23:32:50 2025 GMT Subject: CN=210CFAC107739D2667E3993BA7F57E432BDBA6AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:3e:40:4c:76:8a:ce:8b:9b:3b:37:08:3e:85: 37:aa:57:c3:5a:b0:da:61:97:42:6d:f9:35:c5:06: 72:67:4d:ca:57:02:b9:bd:a1:49:29:06:e9:63:bf: 30:b0:5a:c7:12:04:f9:ee:aa:bf:b6:6c:62:da:3c: 54:f6:70:84:71:78:3c:0a:5a:83:6c:fb:59:63:10: 2c:15:94:b3:30:ca:16:ac:92:98:01:35:1b:76:ea: 88:b7:47:fb:81:c4:e0:4b:8a:fe:c7:fa:09:33:34: f8:aa:c0:8e:fd:c6:71:ba:76:ef:88:50:5b:01:9a: 75:ce:b6:87:94:56:72:0b:7e:32:bb:f6:ff:a5:7b: ab:29:a2:15:d3:64:9d:fe:9a:59:ec:00:82:ab:45: 05:2f:f1:ae:4d:6a:f9:ad:aa:aa:1a:ca:62:d0:71: ce:7f:99:7d:8e:fd:6c:ba:7f:0d:bd:a0:30:22:63: 86:21:bb:90:e6:30:32:86:23:51:c3:f7:3b:90:2d: 48:0e:eb:ba:d4:fd:91:f0:c2:f7:7f:e5:98:35:ad: e3:6d:0d:00:3b:35:cb:b6:fa:79:fd:bd:48:58:17: b1:4a:0d:95:f0:72:2f:96:12:19:86:d3:0b:e4:a4: 0f:a0:2d:32:03:fe:6d:fe:14:e5:8e:e7:f0:d8:c0: eb:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:0C:FA:C1:07:73:9D:26:67:E3:99:3B:A7:F5:7E:43:2B:DB:A6:AC X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b2:f0:9c:23:a2:b5:b7:03:ee:e1:fd:a1:9e:e4:89:34:54:05: 59:53:6c:8a:85:ab:25:fd:b2:22:b3:71:05:35:52:1b:7b:49: b3:39:f4:82:c4:c2:08:6a:13:86:ca:09:e6:af:7b:ab:bf:8c: c8:00:5c:e7:e0:10:2f:c9:6c:b5:e9:84:84:62:07:51:76:70: 09:03:3d:f1:59:fd:a3:37:73:79:b0:9e:ff:90:af:c2:fa:8a: 21:f0:14:03:37:99:75:b0:fb:9e:c2:f6:0a:6b:f8:6f:a5:08: ee:79:e5:29:f6:f0:a0:99:98:31:6f:3e:da:cb:d9:24:0b:d4: 0c:4b:08:6c:99:8c:fb:6c:1b:a6:4f:0e:bb:86:a6:94:18:ef: 24:12:07:dd:f3:cd:4f:dd:e1:2a:ab:5a:17:cb:55:47:26:06: f7:52:b9:c3:72:49:e8:fd:08:10:0b:1e:50:ec:91:0d:bd:8c: 52:92:5a:11:46:9e:df:2a:28:0e:8f:d1:54:5f:f0:de:2c:b4: ed:e0:32:da:f9:80:c4:3f:bb:15:ee:ae:18:24:70:5e:5e:54: c7:e6:55:89:fb:4a:da:2d:d7:c0:62:b6:d0:6e:0f:2a:6d:34: 56:e1:a4:05:a0:f5:be:c2:fa:1a:42:d8:34:ea:15:57:c8:40: 2e:46:68:aa -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNv8qeFQdxbX320enEHkAbTKqyFcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTA4MDQxNTI2NTBaFw0yNTA4MDcyMzMyNTBaMDMxMTAvBgNV BAMTKDIxMENGQUMxMDc3MzlEMjY2N0UzOTkzQkE3RjU3RTQzMkJEQkE2QUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwPkBMdorOi5s7Nwg+hTeqV8Na sNphl0Jt+TXFBnJnTcpXArm9oUkpBuljvzCwWscSBPnuqr+2bGLaPFT2cIRxeDwK WoNs+1ljECwVlLMwyhaskpgBNRt26oi3R/uBxOBLiv7H+gkzNPiqwI79xnG6du+I UFsBmnXOtoeUVnILfjK79v+le6spohXTZJ3+mlnsAIKrRQUv8a5NavmtqqoaymLQ cc5/mX2O/Wy6fw29oDAiY4Yhu5DmMDKGI1HD9zuQLUgO67rU/ZHwwvd/5Zg1reNt DQA7Ncu2+nn9vUhYF7FKDZXwci+WEhmG0wvkpA+gLTID/m3+FOWO5/DYwOtfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIQz6wQdznSZn45k7p/V+QyvbpqwwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALLwnCOitbcD7uH9oZ7kiTRUBVlTbIqFqyX9 siKzcQU1Uht7SbM59ILEwghqE4bKCeave6u/jMgAXOfgEC/JbLXphIRiB1F2cAkD PfFZ/aM3c3mwnv+Qr8L6iiHwFAM3mXWw+57C9gpr+G+lCO555Sn28KCZmDFvPtrL 2SQL1AxLCGyZjPtsG6ZPDruGppQY7yQSB93zzU/d4SqrWhfLVUcmBvdSucNySej9 CBALHlDskQ29jFKSWhFGnt8qKA6P0VRf8N4stO3gMtr5gMQ/uxXurhgkcF5eVMfm VYn7Stot18BittBuDyptNFbhpAWg9b7C+hpC2DTqFVfIQC5GaKo= -----END CERTIFICATE-----Generated at Thu Aug 7 00:38:31 2025 by rpki-client