$ rpki-client -vvf repo-rpki.idnic.net/repo/4b0e7f8e-c29f-4e6b-ad0a-9957fbd56953/0/C7F5AA72DB870E161B62ACA9250AD98AA110A014.mft File: C7F5AA72DB870E161B62ACA9250AD98AA110A014.mft (raw, json) Hash identifier: N82GgBbdkYXSs+1PDvDSvnIF9NW7NLCARFYaqN7e8jE= Subject key identifier: 2D:E3:D1:85:BA:6E:8F:5E:C1:97:AF:30:D5:EF:59:56:95:4A:32:7D Authority key identifier: C7:F5:AA:72:DB:87:0E:16:1B:62:AC:A9:25:0A:D9:8A:A1:10:A0:14 Certificate issuer: /CN=C7F5AA72DB870E161B62ACA9250AD98AA110A014 Certificate serial: 6535B008EDAF65BF987D86E4C4DBE81C08C2A36D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C7F5AA72DB870E161B62ACA9250AD98AA110A014.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4b0e7f8e-c29f-4e6b-ad0a-9957fbd56953/0/C7F5AA72DB870E161B62ACA9250AD98AA110A014.mft Manifest number: 0289 Signing time: Sun 20 Jul 2025 11:41:56 +0000 Manifest this update: Sun 20 Jul 2025 11:36:56 +0000 Manifest next update: Wed 23 Jul 2025 15:28:56 +0000 Files and hashes: 1: 3130332e3230372e3233382e302f32342d3234203d3e20313338303936.roa (hash: kqyShD8grMzsW8WAD+q93A9hYlzfgDARjSsqGTZiG54=) 2: 3130332e3230372e3233392e302f32342d3234203d3e20313338303936.roa (hash: bCN0BjFIkGXQoNiGlR2Rw4pyaw/6SRLkI5yDk6Jonrg=) 3: C7F5AA72DB870E161B62ACA9250AD98AA110A014.crl (hash: CWXwqFRCYj/M5eT5E7Pfi9t0H7QhGUbH0AOj/9ODeYA=) 4: 3130332e3230372e3233362e302f32332d3234203d3e20313334363434.roa (hash: FuTP+olekR94POOQRMWB2DM9MZrHgp1r/imUNhheQk0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4b0e7f8e-c29f-4e6b-ad0a-9957fbd56953/0/C7F5AA72DB870E161B62ACA9250AD98AA110A014.crl rsync://repo-rpki.idnic.net/repo/4b0e7f8e-c29f-4e6b-ad0a-9957fbd56953/0/C7F5AA72DB870E161B62ACA9250AD98AA110A014.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C7F5AA72DB870E161B62ACA9250AD98AA110A014.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Jul 2025 15:28:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:35:b0:08:ed:af:65:bf:98:7d:86:e4:c4:db:e8:1c:08:c2:a3:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C7F5AA72DB870E161B62ACA9250AD98AA110A014 Validity Not Before: Jul 20 11:36:56 2025 GMT Not After : Jul 23 15:28:56 2025 GMT Subject: CN=2DE3D185BA6E8F5EC197AF30D5EF5956954A327D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:6b:97:9e:88:62:59:0e:d4:e3:44:cc:2d:41: 64:cf:7d:fe:55:b5:87:53:1f:62:0c:cd:de:2c:dc: b5:2f:d0:89:1e:47:5d:fd:13:de:ec:ed:ad:fd:7e: 3a:66:fe:99:45:25:d7:97:29:fe:e0:c7:9c:13:e3: 3e:e7:67:a7:39:68:f8:f3:0e:67:a4:c2:85:94:94: b0:91:7a:11:ff:d7:a7:70:3b:fd:98:cc:3f:a6:53: 49:be:e1:6a:6f:0f:54:c9:ec:df:3c:e3:1b:34:65: 6d:89:7f:3f:92:eb:33:a5:eb:66:c7:f0:b1:14:18: 9f:51:00:bf:2a:08:93:6e:65:d6:86:c2:80:92:11: 69:88:fa:e2:bb:35:31:a6:66:cf:01:e3:0a:cc:d3: 85:ea:06:b0:a1:a6:a0:e7:d2:69:52:c8:a8:16:b5: 6c:0d:e7:ce:08:eb:90:23:33:db:7f:e5:68:73:98: 60:04:23:71:09:a2:85:ad:91:59:6c:a1:c8:9e:3b: 9d:ab:b6:74:fa:77:47:b6:0d:a4:ec:c6:b1:3b:63: e6:90:68:dc:68:4b:37:0c:de:3e:b3:50:6a:70:97: fe:b6:ed:98:bc:4f:ec:99:39:5e:2f:7f:b8:00:c3: ce:64:ed:6e:9b:01:95:9b:0a:59:c9:b9:99:b4:35: 31:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:E3:D1:85:BA:6E:8F:5E:C1:97:AF:30:D5:EF:59:56:95:4A:32:7D X509v3 Authority Key Identifier: keyid:C7:F5:AA:72:DB:87:0E:16:1B:62:AC:A9:25:0A:D9:8A:A1:10:A0:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4b0e7f8e-c29f-4e6b-ad0a-9957fbd56953/0/C7F5AA72DB870E161B62ACA9250AD98AA110A014.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C7F5AA72DB870E161B62ACA9250AD98AA110A014.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4b0e7f8e-c29f-4e6b-ad0a-9957fbd56953/0/C7F5AA72DB870E161B62ACA9250AD98AA110A014.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:d3:fe:dc:97:5e:3c:d4:aa:58:cd:a0:f4:cc:bc:ac:56:26: c2:48:62:b5:7d:67:23:74:cd:2c:64:8b:12:e7:f0:95:31:9c: df:d2:15:04:d2:5d:66:a4:cf:84:03:02:17:0d:b9:a8:05:d5: 5f:a6:27:c9:90:7d:52:8d:c2:01:8c:26:da:35:37:7a:3e:00: af:99:f2:88:3e:06:6b:cf:d2:a8:98:31:fe:cc:11:85:ed:f0: de:38:b7:a3:71:79:a4:c9:35:7b:92:b5:db:05:75:c1:03:2a: da:82:f3:b7:49:52:29:70:5e:61:45:58:ce:4f:1b:de:e5:a6: df:a2:55:9d:9b:7e:1b:82:1d:a9:1d:19:4a:24:e7:4d:a6:c8: 04:ce:73:06:74:9c:78:0d:07:2c:0b:93:03:10:9c:f6:f0:62: b8:92:68:c9:3a:f7:0b:e4:71:cd:a6:40:c3:3a:12:3b:f6:c0: e3:bd:b7:87:0a:c6:aa:cf:a6:2c:56:11:42:6c:05:a5:7a:18: 6a:21:67:00:54:0f:a7:1d:3e:35:cc:ee:a2:90:00:27:d2:4d: 91:4d:3e:53:73:d8:a3:05:21:35:21:a2:4b:8b:05:91:10:49: 50:8a:18:dd:67:06:2c:1f:78:ca:d0:49:fb:e3:3e:6e:69:ba: c9:c4:6f:7d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZTWwCO2vZb+YfYbkxNvoHAjCo20wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzdGNUFBNzJEQjg3MEUxNjFCNjJBQ0E5MjUwQUQ5OEFB MTEwQTAxNDAeFw0yNTA3MjAxMTM2NTZaFw0yNTA3MjMxNTI4NTZaMDMxMTAvBgNV BAMTKDJERTNEMTg1QkE2RThGNUVDMTk3QUYzMEQ1RUY1OTU2OTU0QTMyN0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0a5eeiGJZDtTjRMwtQWTPff5V tYdTH2IMzd4s3LUv0IkeR139E97s7a39fjpm/plFJdeXKf7gx5wT4z7nZ6c5aPjz DmekwoWUlLCRehH/16dwO/2YzD+mU0m+4WpvD1TJ7N884xs0ZW2Jfz+S6zOl62bH 8LEUGJ9RAL8qCJNuZdaGwoCSEWmI+uK7NTGmZs8B4wrM04XqBrChpqDn0mlSyKgW tWwN584I65AjM9t/5WhzmGAEI3EJooWtkVlsocieO52rtnT6d0e2DaTsxrE7Y+aQ aNxoSzcM3j6zUGpwl/627Zi8T+yZOV4vf7gAw85k7W6bAZWbClnJuZm0NTGvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQULePRhbpuj17Bl68w1e9ZVpVKMn0wHwYDVR0j BBgwFoAUx/WqctuHDhYbYqypJQrZiqEQoBQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YjBlN2Y4ZS1jMjlmLTRlNmItYWQwYS05OTU3ZmJkNTY5NTMvMC9DN0Y1QUE3MkRC ODcwRTE2MUI2MkFDQTkyNTBBRDk4QUExMTBBMDE0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzdGNUFBNzJEQjg3MEUxNjFCNjJBQ0E5MjUwQUQ5OEFBMTEw QTAxNC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGIwZTdmOGUtYzI5Zi00ZTZiLWFk MGEtOTk1N2ZiZDU2OTUzLzAvQzdGNUFBNzJEQjg3MEUxNjFCNjJBQ0E5MjUwQUQ5 OEFBMTEwQTAxNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIvT/tyXXjzUqljNoPTMvKxWJsJIYrV9ZyN0 zSxkixLn8JUxnN/SFQTSXWakz4QDAhcNuagF1V+mJ8mQfVKNwgGMJto1N3o+AK+Z 8og+BmvP0qiYMf7MEYXt8N44t6NxeaTJNXuStdsFdcEDKtqC87dJUilwXmFFWM5P G97lpt+iVZ2bfhuCHakdGUok502myATOcwZ0nHgNBywLkwMQnPbwYriSaMk69wvk cc2mQMM6Ejv2wOO9t4cKxqrPpixWEUJsBaV6GGohZwBUD6cdPjXM7qKQACfSTZFN PlNz2KMFITUhokuLBZEQSVCKGN1nBiwfeMrQSfvjPm5pusnEb30= -----END CERTIFICATE-----Generated at Sun Jul 20 21:24:20 2025 by rpki-client