$ rpki-client -vvf repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.mft File: 1697127AE288F4C03503ED0ED8F09BD7A10A1E20.mft (raw, json) Hash identifier: Rikp5S3vHoP3OMBlRIsO2C14NX7gz6/VeDLrfvLziiI= Subject key identifier: 44:C8:95:D3:DF:F8:2E:3A:51:C4:20:95:DC:8B:B0:66:F1:D2:1D:ED Authority key identifier: 16:97:12:7A:E2:88:F4:C0:35:03:ED:0E:D8:F0:9B:D7:A1:0A:1E:20 Certificate issuer: /CN=1697127AE288F4C03503ED0ED8F09BD7A10A1E20 Certificate serial: 34296DE6B83AE5422B02CA2E19A38C7513C81C37 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.mft Manifest number: 0226 Signing time: Mon 21 Jul 2025 09:41:44 +0000 Manifest this update: Mon 21 Jul 2025 09:36:44 +0000 Manifest next update: Thu 24 Jul 2025 18:25:44 +0000 Files and hashes: 1: 1697127AE288F4C03503ED0ED8F09BD7A10A1E20.crl (hash: KOpURR3WfsUK5545yZWBbsiiZUVVLwndPdphRalmFy4=) 2: 3130332e3138302e3235302e302f32342d3234203d3e20313439333733.roa (hash: 132Kizc+R6ps/hT6AogJkCilm9HX7+ORPphZ8hVhLQ8=) 3: 3130332e3138302e3235312e302f32342d3234203d3e20313439333733.roa (hash: omQCe9i6UAQabn658NY546AFhSlSDQxwejMwWzEAolo=) 4: 3130332e3138302e3235302e302f32332d3234203d3e20313439333733.roa (hash: 6+aOTOrAxzWsWipZ2VbdRwlhEyJYsC/PS67oMR2JaEk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.crl rsync://repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 18:25:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:29:6d:e6:b8:3a:e5:42:2b:02:ca:2e:19:a3:8c:75:13:c8:1c:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1697127AE288F4C03503ED0ED8F09BD7A10A1E20 Validity Not Before: Jul 21 09:36:44 2025 GMT Not After : Jul 24 18:25:44 2025 GMT Subject: CN=44C895D3DFF82E3A51C42095DC8BB066F1D21DED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:d2:20:8c:81:88:8f:01:26:d8:a3:f9:1c:92: 80:27:0a:d8:f4:05:39:3b:af:0e:15:d2:d2:85:26: 7b:0e:30:d8:f5:71:c3:65:f0:60:bb:2f:25:7b:c0: f6:bc:37:61:fa:a6:ca:8c:1e:ab:73:11:8a:48:45: 59:31:3a:cf:18:71:36:84:0c:b5:9e:29:71:b0:31: 4b:2c:95:4b:1f:01:74:a1:ea:9a:8c:82:9b:61:2a: 07:00:53:f6:d6:e9:0a:d0:14:de:85:94:e7:c6:6c: 11:83:ac:2a:e9:28:8a:e5:df:7b:41:23:83:60:ba: 56:a6:c4:b6:ec:8b:0d:35:bd:ad:0a:ee:9b:55:82: 1a:ea:ed:22:b9:2a:8e:e4:a4:64:23:a9:41:26:cf: cf:32:93:cb:9e:c2:78:6d:b8:34:c6:a6:75:00:4d: e6:e3:37:72:57:70:17:12:85:41:4b:cd:3c:71:0e: d0:8e:cc:03:54:82:08:39:f2:cf:9f:8a:53:26:97: 17:c3:f5:12:58:5c:91:ea:67:2a:b7:d4:ab:8f:f1: 36:f7:08:0c:48:b3:a3:2b:2c:6d:83:52:61:06:3c: b0:fe:8e:04:83:3b:75:99:f9:46:3e:fc:88:46:93: 9b:85:91:98:9e:b0:2e:e8:86:a1:75:05:ca:07:47: 89:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:C8:95:D3:DF:F8:2E:3A:51:C4:20:95:DC:8B:B0:66:F1:D2:1D:ED X509v3 Authority Key Identifier: keyid:16:97:12:7A:E2:88:F4:C0:35:03:ED:0E:D8:F0:9B:D7:A1:0A:1E:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1249d387-70cf-40e9-8759-9b86e0c65128/0/1697127AE288F4C03503ED0ED8F09BD7A10A1E20.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:f2:8b:b0:dd:e3:30:e6:99:65:a4:9a:fa:23:ae:72:b9:75: a4:c8:53:1d:55:4c:b5:bd:6d:02:ea:51:f6:cf:b0:9d:4a:18: 48:cb:4c:8a:c1:e9:1d:0a:87:70:71:9b:c7:2d:4b:6b:a9:45: 53:e7:ec:22:90:09:68:c4:b5:3f:e7:91:94:73:56:f3:46:e6: 97:09:a8:45:32:02:e5:ee:cf:8d:a4:97:f6:1b:ec:85:aa:40: 57:73:82:ac:ea:6a:6a:05:f0:da:26:5b:68:94:e0:dd:78:60: bd:31:1d:ca:c7:c2:86:07:91:10:5b:a6:d6:17:1b:a0:da:55: 9f:f0:b6:da:73:dd:09:bf:db:41:0c:f4:3b:d3:34:49:54:4c: a0:48:11:a8:b7:83:5d:bf:40:d8:ba:78:e4:e9:3e:c4:25:96: 53:7f:59:93:95:9c:f0:a1:91:8c:73:6f:58:53:b3:a5:8c:b4: 27:47:df:b3:df:cb:51:a0:64:df:a8:91:bb:64:a8:ba:37:de: 7e:85:d2:76:8d:30:8e:d0:13:e4:f5:d1:16:73:08:4d:89:63: af:92:8b:4a:e7:3f:9d:21:ff:c6:f7:99:29:50:96:ce:77:0c: 69:e0:8a:69:c5:c7:c6:85:75:f9:36:3f:8d:8d:23:0b:2f:93: c5:e8:ae:3d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNClt5rg65UIrAsouGaOMdRPIHDcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTY5NzEyN0FFMjg4RjRDMDM1MDNFRDBFRDhGMDlCRDdB MTBBMUUyMDAeFw0yNTA3MjEwOTM2NDRaFw0yNTA3MjQxODI1NDRaMDMxMTAvBgNV BAMTKDQ0Qzg5NUQzREZGODJFM0E1MUM0MjA5NURDOEJCMDY2RjFEMjFERUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp0iCMgYiPASbYo/kckoAnCtj0 BTk7rw4V0tKFJnsOMNj1ccNl8GC7LyV7wPa8N2H6psqMHqtzEYpIRVkxOs8YcTaE DLWeKXGwMUsslUsfAXSh6pqMgpthKgcAU/bW6QrQFN6FlOfGbBGDrCrpKIrl33tB I4NgulamxLbsiw01va0K7ptVghrq7SK5Ko7kpGQjqUEmz88yk8uewnhtuDTGpnUA TebjN3JXcBcShUFLzTxxDtCOzANUggg58s+filMmlxfD9RJYXJHqZyq31KuP8Tb3 CAxIs6MrLG2DUmEGPLD+jgSDO3WZ+UY+/IhGk5uFkZiesC7ohqF1BcoHR4knAgMB AAGjggI8MIICODAdBgNVHQ4EFgQURMiV09/4LjpRxCCV3IuwZvHSHe0wHwYDVR0j BBgwFoAUFpcSeuKI9MA1A+0O2PCb16EKHiAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x MjQ5ZDM4Ny03MGNmLTQwZTktODc1OS05Yjg2ZTBjNjUxMjgvMC8xNjk3MTI3QUUy ODhGNEMwMzUwM0VEMEVEOEYwOUJEN0ExMEExRTIwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTY5NzEyN0FFMjg4RjRDMDM1MDNFRDBFRDhGMDlCRDdBMTBB MUUyMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTI0OWQzODctNzBjZi00MGU5LTg3 NTktOWI4NmUwYzY1MTI4LzAvMTY5NzEyN0FFMjg4RjRDMDM1MDNFRDBFRDhGMDlC RDdBMTBBMUUyMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIPyi7Dd4zDmmWWkmvojrnK5daTIUx1VTLW9 bQLqUfbPsJ1KGEjLTIrB6R0Kh3Bxm8ctS2upRVPn7CKQCWjEtT/nkZRzVvNG5pcJ qEUyAuXuz42kl/Yb7IWqQFdzgqzqamoF8NomW2iU4N14YL0xHcrHwoYHkRBbptYX G6DaVZ/wttpz3Qm/20EM9DvTNElUTKBIEai3g12/QNi6eOTpPsQlllN/WZOVnPCh kYxzb1hTs6WMtCdH37Pfy1GgZN+okbtkqLo33n6F0naNMI7QE+T10RZzCE2JY6+S i0rnP50h/8b3mSlQls53DGngimnFx8aFdfk2P42NIwsvk8Xorj0= -----END CERTIFICATE-----Generated at Wed Jul 23 02:06:03 2025 by rpki-client