$ rpki-client -vvf repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft File: 432AE9E2B00941EF8925409E82CA40508A4688B1.mft (raw, json) Hash identifier: 2cyFq1VRbGYFm8Sh03FKN9Z9J08QFGO6hcmt9mntQZY= Subject key identifier: 05:A3:77:75:C2:26:B6:38:94:86:31:20:4A:36:10:A5:13:06:9A:32 Authority key identifier: 43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 Certificate issuer: /CN=432AE9E2B00941EF8925409E82CA40508A4688B1 Certificate serial: 57C7F056687B4D724950BF0697A7F7927904C631 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft Manifest number: D5 Signing time: Sat 26 Apr 2025 22:01:50 +0000 Manifest this update: Sat 26 Apr 2025 21:56:50 +0000 Manifest next update: Wed 30 Apr 2025 08:16:50 +0000 Files and hashes: 1: 3135372e31302e3136302e302f32332d3234203d3e20313336303532.roa (hash: xeW9Q+jrWgb1kNw9Ck6owBJ7nXg3E26nbn0fhXlo6qI=) 2: 432AE9E2B00941EF8925409E82CA40508A4688B1.crl (hash: Yu24lyTD91AZrc1F3jp8xEMUi9EemwkioitV0wcJ5sk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.crl rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 08:16:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:c7:f0:56:68:7b:4d:72:49:50:bf:06:97:a7:f7:92:79:04:c6:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=432AE9E2B00941EF8925409E82CA40508A4688B1 Validity Not Before: Apr 26 21:56:50 2025 GMT Not After : Apr 30 08:16:50 2025 GMT Subject: CN=05A37775C226B638948631204A3610A513069A32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:b5:ca:bc:8c:df:0e:35:2d:6e:60:c0:2e:38: d6:41:73:66:e9:67:4b:62:15:b1:54:b9:e5:5e:96: e4:27:fd:8a:26:ee:55:96:e5:8a:e1:5c:f1:db:e8: 1d:8e:39:71:c9:01:1d:45:70:21:52:c8:5a:ee:8f: 5a:11:49:a7:e4:54:71:da:9c:8b:05:fb:e3:68:dd: 1f:e1:22:db:9c:93:b7:0c:b0:96:d9:9f:ae:b8:c5: f5:0d:13:8c:6f:c8:6e:10:d7:3d:58:d4:fd:31:24: 14:d5:f4:d3:22:8e:50:aa:e1:de:68:08:e8:2e:93: a3:cc:f7:06:52:ad:0c:f5:45:4b:6a:ba:76:1b:dd: cb:db:5d:bb:d0:41:43:8b:42:af:f9:98:25:36:51: 23:0a:ed:32:8a:8b:2a:36:c1:1e:ca:6d:a3:e7:62: df:ff:77:c5:e9:78:92:31:0d:fd:68:b4:fe:51:ad: 86:fb:67:71:86:43:89:a8:82:59:62:bd:cc:9c:5f: 04:61:51:a7:fd:53:a6:2a:32:65:d2:79:06:a1:a7: f2:a1:98:f8:95:bf:ee:a6:2a:4a:8f:a3:75:42:3f: 75:2b:07:53:c6:02:0c:58:e2:90:b6:87:b8:42:1e: 9c:8e:71:a6:32:cd:25:29:81:64:90:3c:b4:5c:8a: 85:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:A3:77:75:C2:26:B6:38:94:86:31:20:4A:36:10:A5:13:06:9A:32 X509v3 Authority Key Identifier: keyid:43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:6c:8c:77:b9:88:2f:32:9b:c2:da:99:5b:c4:99:d5:03:9c: 0b:e4:f1:27:40:94:9b:da:72:60:cd:b1:44:2b:fe:ef:8a:49: 79:36:24:e3:66:cf:90:48:50:32:9f:b0:57:7f:79:13:00:c1: 87:88:b4:54:9a:34:1d:1b:4c:dc:2b:d1:5d:09:13:48:78:d4: bc:fa:b0:60:c4:9d:eb:78:22:23:d0:a8:38:d0:a1:7a:22:cc: 10:c8:1b:a7:3c:7b:fc:26:16:2c:94:4d:90:c2:26:95:94:da: 93:f1:18:a1:23:f3:6d:f1:2c:e1:60:d7:a3:b5:36:bf:29:6f: 36:c4:89:6c:5e:b3:af:c3:1a:d7:86:f7:3b:3e:0a:6b:01:54: 0d:d4:eb:92:96:38:cb:bb:ca:8d:2c:e5:4f:64:e4:ce:2d:68: d6:57:cd:ad:cf:a7:ad:7d:d1:27:dd:91:58:89:83:64:4a:79: ce:3c:87:0f:3f:41:eb:c3:96:68:87:c7:5f:48:fe:62:91:39: 47:f6:82:6b:98:3e:10:b8:02:6e:9f:ec:1e:9a:c3:88:cf:72: a6:dc:f0:36:01:ce:9e:c9:89:21:5f:6d:97:40:40:a2:bc:3a: 18:bd:b7:c9:d0:88:5a:61:0c:9d:3e:e5:7c:b2:d9:1f:b4:64: ed:e4:e3:4a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUV8fwVmh7TXJJUL8Gl6f3knkExjEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQwNTA4 QTQ2ODhCMTAeFw0yNTA0MjYyMTU2NTBaFw0yNTA0MzAwODE2NTBaMDMxMTAvBgNV BAMTKDA1QTM3Nzc1QzIyNkI2Mzg5NDg2MzEyMDRBMzYxMEE1MTMwNjlBMzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7tcq8jN8ONS1uYMAuONZBc2bp Z0tiFbFUueVeluQn/Yom7lWW5YrhXPHb6B2OOXHJAR1FcCFSyFruj1oRSafkVHHa nIsF++No3R/hItuck7cMsJbZn664xfUNE4xvyG4Q1z1Y1P0xJBTV9NMijlCq4d5o COguk6PM9wZSrQz1RUtqunYb3cvbXbvQQUOLQq/5mCU2USMK7TKKiyo2wR7KbaPn Yt//d8XpeJIxDf1otP5RrYb7Z3GGQ4mogllivcycXwRhUaf9U6YqMmXSeQahp/Kh mPiVv+6mKkqPo3VCP3UrB1PGAgxY4pC2h7hCHpyOcaYyzSUpgWSQPLRcioVrAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUBaN3dcImtjiUhjEgSjYQpRMGmjIwHwYDVR0j BBgwFoAUQyrp4rAJQe+JJUCegspAUIpGiLEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l YzJmYzFkNC0zN2E2LTQ5NDMtYjRjNi02ZDhlOWI0ZTU1OTEvMC80MzJBRTlFMkIw MDk0MUVGODkyNTQwOUU4MkNBNDA1MDhBNDY4OEIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQwNTA4QTQ2 ODhCMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWMyZmMxZDQtMzdhNi00OTQzLWI0 YzYtNmQ4ZTliNGU1NTkxLzAvNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQw NTA4QTQ2ODhCMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHpsjHe5iC8ym8LamVvEmdUDnAvk8SdAlJva cmDNsUQr/u+KSXk2JONmz5BIUDKfsFd/eRMAwYeItFSaNB0bTNwr0V0JE0h41Lz6 sGDEnet4IiPQqDjQoXoizBDIG6c8e/wmFiyUTZDCJpWU2pPxGKEj823xLOFg16O1 Nr8pbzbEiWxes6/DGteG9zs+CmsBVA3U65KWOMu7yo0s5U9k5M4taNZXza3Pp619 0SfdkViJg2RKec48hw8/QevDlmiHx19I/mKROUf2gmuYPhC4Am6f7B6aw4jPcqbc 8DYBzp7JiSFfbZdAQKK8Ohi9t8nQiFphDJ0+5Xyy2R+0ZO3k40o= -----END CERTIFICATE-----Generated at Tue Apr 29 00:07:57 2025 by rpki-client