$ rpki-client -vvf repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.mft File: 68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.mft (raw, json) Hash identifier: xMvaI/YjTKJ/gAwgY1tGsO6lzYHuZgSYLtzaaecaRu8= Subject key identifier: B9:56:E7:28:E0:DB:12:3A:F2:70:7E:60:56:08:95:E8:02:33:FF:62 Authority key identifier: 68:D5:78:2F:BA:DB:91:4C:FD:74:AE:28:DA:59:78:4A:5A:AE:AA:F8 Certificate issuer: /CN=68D5782FBADB914CFD74AE28DA59784A5AAEAAF8 Certificate serial: 0B011B229C024A3CDA5D86044EB18EA3527F1309 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.mft Manifest number: 0457 Signing time: Mon 21 Jul 2025 03:50:58 +0000 Manifest this update: Mon 21 Jul 2025 03:45:58 +0000 Manifest next update: Thu 24 Jul 2025 13:06:58 +0000 Files and hashes: 1: 3130332e3136312e3131312e302f32342d3234203d3e20313431363135.roa (hash: DSCdhRjgPhVc7GP3hYwZBTxGLDzPYuxYKap6JH0m82g=) 2: 68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.crl (hash: dOCMKp/gE77hWT4gutUtKPsYz8oi4c+SJSmB4MpQcK0=) 3: 3130332e3136312e3131302e302f32342d3234203d3e20313431363135.roa (hash: I1rDYvqqFg4aRnuf/vWK5XXOGVBK8suZyd8orlilX60=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.crl rsync://repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 06:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:01:1b:22:9c:02:4a:3c:da:5d:86:04:4e:b1:8e:a3:52:7f:13:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68D5782FBADB914CFD74AE28DA59784A5AAEAAF8 Validity Not Before: Jul 21 03:45:58 2025 GMT Not After : Jul 24 13:06:58 2025 GMT Subject: CN=B956E728E0DB123AF2707E60560895E80233FF62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:10:25:32:c7:1c:69:49:bc:1d:d4:b5:e0:6e: b6:a5:a8:d4:46:73:1b:8f:26:31:7b:ca:0a:14:fe: dc:ee:f0:ae:cb:7e:c8:89:81:e5:ed:9a:1f:cc:04: ca:09:d1:64:8d:ab:b1:3c:30:b3:66:9f:e9:e1:e5: e3:89:9e:1f:61:cb:8f:e3:44:79:8e:cd:bd:ed:4d: db:f1:89:d5:4a:5c:a5:5e:da:d0:06:86:a4:08:75: ee:c5:db:4c:4c:6c:14:b1:70:c9:8c:94:83:62:de: 13:4d:62:5c:b7:11:a7:73:2e:ca:4c:aa:27:23:5c: 3a:4a:53:8f:45:0a:6f:c5:be:a5:a2:9a:5f:37:56: 4e:f4:ff:d9:01:f3:89:9e:74:2a:24:3e:23:c3:af: 70:b4:c0:8f:3e:9c:c9:d7:fe:8d:71:ca:26:09:f3: f6:7f:c2:ec:db:3e:da:67:f0:59:4e:30:67:f8:a6: d6:b9:79:80:97:84:34:85:11:c3:b4:d9:26:51:23: e0:db:64:08:73:97:71:ef:9a:63:b3:8d:df:fb:07: 1e:74:8f:f0:45:ec:a6:b9:7e:ab:44:5f:30:93:5e: 20:ab:ef:80:63:b1:59:19:c3:91:b6:45:eb:d9:00: 89:1c:aa:04:7b:ee:17:11:ec:f0:90:a5:66:a1:c8: b7:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:56:E7:28:E0:DB:12:3A:F2:70:7E:60:56:08:95:E8:02:33:FF:62 X509v3 Authority Key Identifier: keyid:68:D5:78:2F:BA:DB:91:4C:FD:74:AE:28:DA:59:78:4A:5A:AE:AA:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:fb:b3:32:b6:93:24:90:d5:eb:ad:d0:ee:b3:dc:2a:8e:72: a3:81:b6:74:a3:a6:09:97:80:c1:11:71:f5:67:68:c6:51:9f: 44:e3:c1:f5:a4:97:68:e2:6a:b1:ee:8b:9e:9b:77:a1:06:9e: f6:29:39:c1:43:4e:93:ad:de:5b:ed:c6:cb:67:d9:0f:bb:57: 14:74:cb:28:61:37:7f:65:66:4e:43:9c:16:66:87:76:22:a5: 67:93:16:26:62:13:08:65:07:63:2e:c2:e1:84:fe:3f:08:17: f1:4b:49:82:ef:3f:07:6d:3e:bd:21:66:93:db:99:15:e4:3c: 17:51:39:c6:e7:30:b6:f5:b1:8f:88:00:1e:8b:35:c3:51:86: 16:08:96:c8:47:d8:1f:f7:b4:94:a3:82:b0:f6:ad:cb:05:fb: 21:5b:88:bc:52:5e:94:f8:ea:78:33:ee:8e:cb:19:85:ab:74: 17:a9:5d:65:de:8f:b7:9b:45:1e:1f:2d:bf:1b:92:cd:b2:55: ed:32:07:38:f9:d9:45:fe:b1:5e:9d:38:51:b7:36:dd:26:03: 9f:2f:d9:aa:af:58:a8:4a:b3:7e:86:d7:79:51:f1:54:18:1f: 24:df:8e:04:41:5f:a5:75:97:42:5b:bf:c9:d6:81:64:65:28: 57:ec:6d:92 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCwEbIpwCSjzaXYYETrGOo1J/EwkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjhENTc4MkZCQURCOTE0Q0ZENzRBRTI4REE1OTc4NEE1 QUFFQUFGODAeFw0yNTA3MjEwMzQ1NThaFw0yNTA3MjQxMzA2NThaMDMxMTAvBgNV BAMTKEI5NTZFNzI4RTBEQjEyM0FGMjcwN0U2MDU2MDg5NUU4MDIzM0ZGNjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4ECUyxxxpSbwd1LXgbralqNRG cxuPJjF7ygoU/tzu8K7LfsiJgeXtmh/MBMoJ0WSNq7E8MLNmn+nh5eOJnh9hy4/j RHmOzb3tTdvxidVKXKVe2tAGhqQIde7F20xMbBSxcMmMlINi3hNNYly3EadzLspM qicjXDpKU49FCm/FvqWiml83Vk70/9kB84medCokPiPDr3C0wI8+nMnX/o1xyiYJ 8/Z/wuzbPtpn8FlOMGf4pta5eYCXhDSFEcO02SZRI+DbZAhzl3HvmmOzjd/7Bx50 j/BF7Ka5fqtEXzCTXiCr74BjsVkZw5G2RevZAIkcqgR77hcR7PCQpWahyLfVAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUuVbnKODbEjrycH5gVgiV6AIz/2IwHwYDVR0j BBgwFoAUaNV4L7rbkUz9dK4o2ll4SlquqvgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZjQwOGU0NC0zZTljLTQ1ZTUtYmNhNC01ZGZiZDRiMjcxMzAvMC82OEQ1NzgyRkJB REI5MTRDRkQ3NEFFMjhEQTU5Nzg0QTVBQUVBQUY4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjhENTc4MkZCQURCOTE0Q0ZENzRBRTI4REE1OTc4NEE1QUFF QUFGOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2Y0MDhlNDQtM2U5Yy00NWU1LWJj YTQtNWRmYmQ0YjI3MTMwLzAvNjhENTc4MkZCQURCOTE0Q0ZENzRBRTI4REE1OTc4 NEE1QUFFQUFGOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABf7szK2kySQ1eut0O6z3CqOcqOBtnSjpgmX gMERcfVnaMZRn0TjwfWkl2jiarHui56bd6EGnvYpOcFDTpOt3lvtxstn2Q+7VxR0 yyhhN39lZk5DnBZmh3YipWeTFiZiEwhlB2MuwuGE/j8IF/FLSYLvPwdtPr0hZpPb mRXkPBdROcbnMLb1sY+IAB6LNcNRhhYIlshH2B/3tJSjgrD2rcsF+yFbiLxSXpT4 6ngz7o7LGYWrdBepXWXej7ebRR4fLb8bks2yVe0yBzj52UX+sV6dOFG3Nt0mA58v 2aqvWKhKs36G13lR8VQYHyTfjgRBX6V1l0Jbv8nWgWRlKFfsbZI= -----END CERTIFICATE-----Generated at Mon Jul 21 07:27:47 2025 by rpki-client