$ rpki-client -vvf repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.mft File: 17D02B116D4BBA651245CBC7CCC30A5927A744E4.mft (raw, json) Hash identifier: YWMYMKLSghP7AyZgqPc8/byTydsIzxzpY7OHvP/u4XQ= Subject key identifier: AE:04:D0:32:6B:66:9D:E4:25:8A:49:20:A0:2E:0D:BF:05:71:6F:82 Authority key identifier: 17:D0:2B:11:6D:4B:BA:65:12:45:CB:C7:CC:C3:0A:59:27:A7:44:E4 Certificate issuer: /CN=17D02B116D4BBA651245CBC7CCC30A5927A744E4 Certificate serial: 4BBFDE3EA1C0CB9F2A48B913D8CC3530565BF384 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/17D02B116D4BBA651245CBC7CCC30A5927A744E4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.mft Manifest number: 04BB Signing time: Sun 20 Jul 2025 06:02:54 +0000 Manifest this update: Sun 20 Jul 2025 05:57:54 +0000 Manifest next update: Wed 23 Jul 2025 08:03:54 +0000 Files and hashes: 1: 17D02B116D4BBA651245CBC7CCC30A5927A744E4.crl (hash: eoDQj7XDY/IcxpbTEdtjDT8iFAaHKAAwbuwHXDbkHVc=) 2: 3130332e34372e3133332e302f32342d3234203d3e203633383539.roa (hash: EZteEph/2m/6PSU4HhniFTSW+lioN4P6OqCDsqE63rs=) 3: 3130332e34372e3133352e302f32342d3234203d3e203633383539.roa (hash: Lg5dQN6opERAWYn9yaTR81th2kNEptreAqT5F7qUOxg=) 4: 3130332e34372e3133342e302f32342d3234203d3e203633383539.roa (hash: ISUPB5yjW6tmMrkjewjTPmASyvfsPyLCAirfzGZHkUw=) 5: 3130332e34372e3133322e302f32342d3234203d3e203633383539.roa (hash: KrQXE8D2Q5Yo3g//mdDYJidQwyMwsHM3lR4ILfL9Uvk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.crl rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/17D02B116D4BBA651245CBC7CCC30A5927A744E4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Jul 2025 08:03:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:bf:de:3e:a1:c0:cb:9f:2a:48:b9:13:d8:cc:35:30:56:5b:f3:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17D02B116D4BBA651245CBC7CCC30A5927A744E4 Validity Not Before: Jul 20 05:57:54 2025 GMT Not After : Jul 23 08:03:54 2025 GMT Subject: CN=AE04D0326B669DE4258A4920A02E0DBF05716F82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:fa:8f:00:19:65:6b:68:c3:36:1c:49:99:ca: f0:cd:24:4b:32:81:1c:ec:55:11:b5:11:9d:ae:00: 34:45:fc:07:52:f9:91:99:0e:7a:52:c9:0d:97:ff: d7:77:3d:bf:f9:b4:cd:4e:77:c3:eb:5a:ba:64:52: df:38:ea:9c:f0:2a:a8:cd:32:7f:46:26:1a:84:cf: 0e:b3:9d:7e:b2:dd:6c:95:e1:f6:6c:e4:a1:e7:db: 79:2e:c8:1a:5c:1a:5f:b5:8f:16:9b:ff:bc:d5:17: ed:39:a6:4e:44:a4:d2:9b:78:d4:ae:ef:12:59:d9: 61:a4:f9:14:ef:78:5a:10:55:03:00:39:09:df:80: e5:b0:72:8d:be:b5:5b:47:de:a4:39:88:44:b8:35: 89:8a:72:21:5e:b7:c9:ad:26:d0:9a:2e:92:4a:4b: e8:d3:b2:70:1e:bd:b0:1b:8b:df:8f:02:d9:ad:12: 3a:6a:3d:db:1b:b6:4d:19:b8:d2:fc:e8:ca:92:67: 13:93:c2:76:0c:ef:1b:6d:1d:5b:88:81:0b:ec:ac: 5d:d3:d3:65:8f:5f:56:90:35:12:dd:2a:0b:b1:63: 39:c0:a0:b2:ae:bf:93:a5:0e:40:d8:7b:b8:00:52: 4d:a6:9d:35:ae:4c:ba:bf:84:8a:a3:11:98:f4:1e: dc:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:04:D0:32:6B:66:9D:E4:25:8A:49:20:A0:2E:0D:BF:05:71:6F:82 X509v3 Authority Key Identifier: keyid:17:D0:2B:11:6D:4B:BA:65:12:45:CB:C7:CC:C3:0A:59:27:A7:44:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/17D02B116D4BBA651245CBC7CCC30A5927A744E4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e5:31:0d:b6:8b:77:9a:ed:a3:c9:d6:c3:ea:2c:bf:94:dd:2c: 94:02:08:16:f2:5f:69:41:6a:8a:97:25:c6:5e:d1:78:02:79: 7c:7f:65:2e:8a:df:9e:2d:ca:44:cf:73:0c:a3:9b:f8:fc:71: 48:52:bd:c0:01:1c:98:05:08:4c:85:cc:b0:82:99:db:a2:f1: 29:14:f0:eb:a7:d5:40:c1:32:36:43:12:a5:25:f7:84:b1:3e: 5c:7e:30:d7:a9:88:cc:c5:a8:05:f9:e9:c2:e1:e5:fc:1c:e2: bc:d8:73:c8:6a:80:19:50:82:0c:48:26:72:82:f5:d7:cc:48: 32:56:c7:b9:11:c5:90:20:94:7d:eb:0b:cc:2a:41:fb:4c:53: 40:91:27:1e:a0:67:7c:57:ec:9b:8b:93:f7:5b:14:3d:11:5f: c8:c0:b5:51:71:e1:58:fb:b7:c2:d8:84:05:34:d7:d3:72:b0: 4e:55:52:f1:c7:89:e2:83:2c:2b:84:45:0c:a9:9e:7d:55:f0: 17:b8:10:93:14:ee:67:33:bb:0e:f7:f9:34:01:dc:47:6c:86: b7:68:18:f2:eb:56:8e:99:b6:61:05:7b:1a:4b:51:d5:17:b3: 53:12:44:17:a5:6c:06:32:b2:92:af:28:05:29:ce:ef:1d:01: 5a:d9:b5:ea -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUS7/ePqHAy58qSLkT2Mw1MFZb84QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTdEMDJCMTE2RDRCQkE2NTEyNDVDQkM3Q0NDMzBBNTky N0E3NDRFNDAeFw0yNTA3MjAwNTU3NTRaFw0yNTA3MjMwODAzNTRaMDMxMTAvBgNV BAMTKEFFMDREMDMyNkI2NjlERTQyNThBNDkyMEEwMkUwREJGMDU3MTZGODIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy+o8AGWVraMM2HEmZyvDNJEsy gRzsVRG1EZ2uADRF/AdS+ZGZDnpSyQ2X/9d3Pb/5tM1Od8PrWrpkUt846pzwKqjN Mn9GJhqEzw6znX6y3WyV4fZs5KHn23kuyBpcGl+1jxab/7zVF+05pk5EpNKbeNSu 7xJZ2WGk+RTveFoQVQMAOQnfgOWwco2+tVtH3qQ5iES4NYmKciFet8mtJtCaLpJK S+jTsnAevbAbi9+PAtmtEjpqPdsbtk0ZuNL86MqSZxOTwnYM7xttHVuIgQvsrF3T 02WPX1aQNRLdKguxYznAoLKuv5OlDkDYe7gAUk2mnTWuTLq/hIqjEZj0HtwjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUrgTQMmtmneQlikkgoC4NvwVxb4IwHwYDVR0j BBgwFoAUF9ArEW1LumUSRcvHzMMKWSenROQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YmJiMjczNC1lNWZhLTQwZWItODU5OC1iN2NkMTAxMzQzY2EvMC8xN0QwMkIxMTZE NEJCQTY1MTI0NUNCQzdDQ0MzMEE1OTI3QTc0NEU0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTdEMDJCMTE2RDRCQkE2NTEyNDVDQkM3Q0NDMzBBNTkyN0E3 NDRFNC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2JiYjI3MzQtZTVmYS00MGViLTg1 OTgtYjdjZDEwMTM0M2NhLzAvMTdEMDJCMTE2RDRCQkE2NTEyNDVDQkM3Q0NDMzBB NTkyN0E3NDRFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAOUxDbaLd5rto8nWw+osv5TdLJQCCBbyX2lB aoqXJcZe0XgCeXx/ZS6K354tykTPcwyjm/j8cUhSvcABHJgFCEyFzLCCmdui8SkU 8Oun1UDBMjZDEqUl94SxPlx+MNepiMzFqAX56cLh5fwc4rzYc8hqgBlQggxIJnKC 9dfMSDJWx7kRxZAglH3rC8wqQftMU0CRJx6gZ3xX7JuLk/dbFD0RX8jAtVFx4Vj7 t8LYhAU019NysE5VUvHHieKDLCuERQypnn1V8Be4EJMU7mczuw73+TQB3Edshrdo GPLrVo6ZtmEFexpLUdUXs1MSRBelbAYyspKvKAUpzu8dAVrZteo= -----END CERTIFICATE-----Generated at Mon Jul 21 18:13:24 2025 by rpki-client