$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: SelEd8Xj+kNuv9gORqwAIDASQxPI4UKNqoLWuczSik4= Subject key identifier: D9:84:95:91:61:1A:65:3E:92:BE:FC:2D:82:14:69:19:83:66:63:28 Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 0C7590ACD2AA497AC2720AE87E4C4539C760DF17 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 04EF Signing time: Sat 19 Jul 2025 16:10:55 +0000 Manifest this update: Sat 19 Jul 2025 16:05:55 +0000 Manifest next update: Tue 22 Jul 2025 19:28:55 +0000 Files and hashes: 1: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: f8ejnxWdnVnJhdwREVxljvRRWqt/xRf4OjkrNgJsLUw=) 2: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) 3: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) 4: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: 43ScMK1xGJHkc43OYqRAxNw2Nmb59FaJi1G0FFtsD2M=) 5: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 19:28:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:75:90:ac:d2:aa:49:7a:c2:72:0a:e8:7e:4c:45:39:c7:60:df:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Jul 19 16:05:55 2025 GMT Not After : Jul 22 19:28:55 2025 GMT Subject: CN=D9849591611A653E92BEFC2D8214691983666328 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:cc:44:48:6b:61:4e:13:1e:34:c0:35:1a:ad: 0d:c9:bd:93:5b:a0:89:6d:90:8c:af:8c:1a:5e:fb: e1:9b:6d:95:2f:18:68:b7:6a:25:35:82:d1:d5:36: 03:da:b0:ae:7b:ce:b9:06:c6:4d:38:de:c2:7c:96: db:3a:a1:d8:73:33:6f:f1:31:a6:11:99:6c:49:74: 76:37:fe:ef:43:c6:c0:9f:9e:23:fa:2e:7f:e1:b5: 85:f8:7b:7e:e6:c5:6a:19:5c:6c:9e:83:74:b8:09: 45:16:08:ab:bb:d9:4a:ac:75:46:7f:06:4d:fe:05: a1:15:b7:ce:2b:91:0b:63:3a:c8:a7:63:a6:ab:b4: 8a:f2:e5:56:fe:76:7d:e1:1f:e9:54:4b:d6:29:6a: 89:30:2b:d5:a8:7b:66:35:6d:10:22:83:18:11:fb: 7a:f0:76:6d:1f:77:56:ec:25:19:f6:c2:02:80:66: 2f:24:74:0a:da:96:31:db:4e:2e:6b:20:68:0b:cb: 15:b0:81:dd:72:93:10:85:32:9a:3b:b3:bb:0c:33: f4:ab:c9:3e:82:eb:10:22:85:2a:a3:9e:9d:3f:90: a9:3a:fd:67:5f:4a:bb:9e:19:d5:40:5a:e8:0d:62: 71:f6:17:e7:95:f3:33:1b:c4:b1:d2:d2:6b:04:64: cf:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:84:95:91:61:1A:65:3E:92:BE:FC:2D:82:14:69:19:83:66:63:28 X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:9a:1a:15:58:54:25:e1:a3:7c:bf:50:0f:1c:7a:c7:2d:12: d4:26:e2:8b:31:32:43:b4:30:12:55:52:f1:7b:91:38:09:2a: 33:b3:b5:55:1f:38:16:67:ea:5a:14:42:fc:86:cd:37:4c:e0: bb:98:51:b4:3b:73:b1:c2:07:c9:a5:95:75:0a:3f:f8:23:80: eb:7a:07:b9:ee:8c:f8:b2:7e:fc:84:eb:be:cb:70:ac:3e:0a: 81:b3:93:b7:24:4b:00:8c:84:b0:25:b5:c5:db:59:9c:23:b5: 48:87:a7:65:e7:fa:9c:1a:fb:eb:9e:dc:73:0d:c9:3e:a8:54: 32:06:05:27:21:bf:10:0e:c4:3a:d5:87:20:c4:87:d7:bf:03: c7:ad:bf:1f:8d:0b:f6:3a:9e:93:0b:fc:85:dd:93:c3:ad:35: 3a:7c:e9:be:4d:6c:bc:9b:43:29:de:30:02:de:19:1f:4a:0c: a2:80:74:fe:cc:31:97:79:e5:ba:0b:8b:d1:26:28:08:bb:11: 59:af:8a:46:3f:bd:23:7a:c9:c7:02:e5:50:55:1f:50:3d:bd: f4:9d:74:55:f1:67:04:71:8c:51:f8:2d:44:58:bf:2d:75:2f: 9b:3a:6e:b2:74:c8:2d:ff:27:84:c4:24:5d:14:fb:3e:ef:54: e4:d8:5d:d6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUDHWQrNKqSXrCcgrofkxFOcdg3xcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTA3MTkxNjA1NTVaFw0yNTA3MjIxOTI4NTVaMDMxMTAvBgNV BAMTKEQ5ODQ5NTkxNjExQTY1M0U5MkJFRkMyRDgyMTQ2OTE5ODM2NjYzMjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwzERIa2FOEx40wDUarQ3JvZNb oIltkIyvjBpe++GbbZUvGGi3aiU1gtHVNgPasK57zrkGxk043sJ8lts6odhzM2/x MaYRmWxJdHY3/u9DxsCfniP6Ln/htYX4e37mxWoZXGyeg3S4CUUWCKu72UqsdUZ/ Bk3+BaEVt84rkQtjOsinY6artIry5Vb+dn3hH+lUS9YpaokwK9Woe2Y1bRAigxgR +3rwdm0fd1bsJRn2wgKAZi8kdAraljHbTi5rIGgLyxWwgd1ykxCFMpo7s7sMM/Sr yT6C6xAihSqjnp0/kKk6/WdfSrueGdVAWugNYnH2F+eV8zMbxLHS0msEZM99AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU2YSVkWEaZT6SvvwtghRpGYNmYygwHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIOaGhVYVCXho3y/UA8cesctEtQm4osxMkO0 MBJVUvF7kTgJKjOztVUfOBZn6loUQvyGzTdM4LuYUbQ7c7HCB8mllXUKP/gjgOt6 B7nujPiyfvyE677LcKw+CoGzk7ckSwCMhLAltcXbWZwjtUiHp2Xn+pwa++ue3HMN yT6oVDIGBSchvxAOxDrVhyDEh9e/A8etvx+NC/Y6npML/IXdk8OtNTp86b5NbLyb QyneMALeGR9KDKKAdP7MMZd55boLi9EmKAi7EVmvikY/vSN6yccC5VBVH1A9vfSd dFXxZwRxjFH4LURYvy11L5s6brJ0yC3/J4TEJF0U+z7vVOTYXdY= -----END CERTIFICATE-----Generated at Mon Jul 21 18:05:55 2025 by rpki-client