$ rpki-client -vvf repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft File: 0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft (raw, json) Hash identifier: gQv8rBpS7zYCDP2R/zk1eXR8zIYjPl/O9HlhwXEU0NA= Subject key identifier: 61:4D:37:8F:73:78:42:73:9A:03:7E:D8:D6:81:83:C4:5F:90:40:B9 Authority key identifier: 0B:B4:E9:52:78:9A:C5:02:FA:0C:FB:95:C2:E0:3F:43:44:97:BF:E3 Certificate issuer: /CN=0BB4E952789AC502FA0CFB95C2E03F434497BFE3 Certificate serial: 6A436CB15A606965B928A6C92D829F1E3A092879 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft Manifest number: A0 Signing time: Tue 22 Jul 2025 09:32:01 +0000 Manifest this update: Tue 22 Jul 2025 09:27:01 +0000 Manifest next update: Fri 25 Jul 2025 10:59:01 +0000 Files and hashes: 1: 0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl (hash: hcDfYRmvBKTa/GoLU+o1ll/PNX+zk/BsgQYGSF8hfGA=) 2: 3130332e3134382e38382e302f32342d3234203d3e20313430343231.roa (hash: neEFe0w5kAvbktE6GbOUZcC2jhb5+07V2Dgm04kOOSQ=) 3: 3130332e3134382e38382e302f32332d3233203d3e20313430343231.roa (hash: l6is4dO0R0PbZ70dLKCH7MsIvztrQYbYg8s+N5j55/w=) 4: 323030313a6466323a633938303a3a2f34382d3438203d3e20313430343231.roa (hash: S9qtO6NNat29VwWXnPO9Ad1pn0XLAWnDz3QkqSTjTbI=) 5: 3130332e3134382e38392e302f32342d3234203d3e20313430343231.roa (hash: TZoglv4gVSEGVdYtRZ4lgIJlzz7UT43dp4O+n8rkNNY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 10:59:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:43:6c:b1:5a:60:69:65:b9:28:a6:c9:2d:82:9f:1e:3a:09:28:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0BB4E952789AC502FA0CFB95C2E03F434497BFE3 Validity Not Before: Jul 22 09:27:01 2025 GMT Not After : Jul 25 10:59:01 2025 GMT Subject: CN=614D378F737842739A037ED8D68183C45F9040B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:80:54:e1:c3:ac:7e:8a:a7:96:2b:b7:ac:76: cc:6e:9d:9c:0c:b3:39:e4:5a:a0:0a:af:73:fd:83: cc:49:da:a5:de:7f:e6:de:5b:5d:2e:4d:a2:d1:4f: d4:af:c6:3b:cb:d4:a1:07:4d:1a:23:ca:20:5d:89: 99:14:23:98:01:2b:08:cc:48:3b:ac:bf:75:cf:75: 2d:d1:61:6f:2b:e0:86:52:99:7f:fe:50:64:5f:5f: 94:dc:41:9c:93:56:49:50:0c:b4:28:03:82:fe:58: 78:36:dd:f9:8f:fe:37:ac:b7:e3:36:a5:d0:41:27: ee:73:ef:24:64:d6:86:44:73:c5:d3:00:12:ef:85: 58:3c:9a:0a:84:fc:8f:f0:0f:9c:98:14:95:e4:1e: bb:8d:6b:8c:55:76:b9:ca:ea:14:16:a0:06:b0:95: 2a:d5:e8:5c:65:36:98:15:16:ba:58:b3:82:cf:7c: 6b:9a:8b:ee:7c:97:c7:b4:31:54:24:17:05:6e:49: 47:d8:ee:76:b9:18:87:81:57:bd:80:62:47:8c:c7: f5:ca:a6:b8:20:52:01:a0:ef:5b:df:89:55:7e:09: e6:2d:4d:81:d1:62:69:6a:27:a8:1a:b3:9f:e6:3e: fd:ad:04:bf:0e:99:9b:28:39:4d:83:2b:c4:f8:0b: 32:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:4D:37:8F:73:78:42:73:9A:03:7E:D8:D6:81:83:C4:5F:90:40:B9 X509v3 Authority Key Identifier: keyid:0B:B4:E9:52:78:9A:C5:02:FA:0C:FB:95:C2:E0:3F:43:44:97:BF:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9b:95:60:d8:6d:d2:ce:29:13:0f:1a:77:e4:cd:a8:f5:9f:1f: a6:2e:91:96:19:ff:2d:86:7e:69:88:c6:51:67:2e:d0:aa:f0: ba:76:99:2c:8c:56:83:f9:9b:9b:a4:81:08:f4:17:8c:b7:8c: 17:16:c4:19:73:6c:85:24:32:ce:14:d5:45:84:c8:27:c0:2d: 7c:0e:01:31:c0:32:9f:3e:bf:b7:4c:87:8a:78:9f:d0:22:2d: 52:3d:0c:d9:39:2b:74:e4:56:0f:c1:58:81:8a:4c:91:5e:21: a2:f7:c4:d6:70:57:37:3d:c1:55:5d:86:36:e1:b9:d2:c0:eb: ad:5d:d8:15:3e:c0:63:25:7b:c7:ae:e9:74:a0:05:cb:43:0a: 03:15:dc:b2:94:60:ed:00:bc:d0:3a:e2:71:07:5f:42:90:a4: e2:ec:8a:f6:fd:ce:83:bf:23:88:78:04:8c:b0:8d:c7:8b:52: 12:ab:89:1d:28:41:a8:27:9d:88:66:84:b6:31:c7:8c:c6:cc: 9d:73:e9:18:ab:b8:0d:9b:e8:58:86:3e:99:1f:b6:80:49:3a: 9a:46:57:b6:41:60:51:e7:bd:2e:e4:1d:e5:d2:af:f5:a2:86: 24:91:f2:c9:30:84:36:95:f1:6b:49:3e:c6:7e:e4:0e:a8:84: 29:bf:ea:bc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUakNssVpgaWW5KKbJLYKfHjoJKHkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNGNDM0 NDk3QkZFMzAeFw0yNTA3MjIwOTI3MDFaFw0yNTA3MjUxMDU5MDFaMDMxMTAvBgNV BAMTKDYxNEQzNzhGNzM3ODQyNzM5QTAzN0VEOEQ2ODE4M0M0NUY5MDQwQjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBgFThw6x+iqeWK7esdsxunZwM sznkWqAKr3P9g8xJ2qXef+beW10uTaLRT9SvxjvL1KEHTRojyiBdiZkUI5gBKwjM SDusv3XPdS3RYW8r4IZSmX/+UGRfX5TcQZyTVklQDLQoA4L+WHg23fmP/jest+M2 pdBBJ+5z7yRk1oZEc8XTABLvhVg8mgqE/I/wD5yYFJXkHruNa4xVdrnK6hQWoAaw lSrV6FxlNpgVFrpYs4LPfGuai+58l8e0MVQkFwVuSUfY7na5GIeBV72AYkeMx/XK prggUgGg71vfiVV+CeYtTYHRYmlqJ6gas5/mPv2tBL8OmZsoOU2DK8T4CzKBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUYU03j3N4QnOaA37Y1oGDxF+QQLkwHwYDVR0j BBgwFoAUC7TpUniaxQL6DPuVwuA/Q0SXv+MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YjcyZWNhNC03M2FkLTRlMGItYTZhNi03YTY1Njk4YjczYmUvMC8wQkI0RTk1Mjc4 OUFDNTAyRkEwQ0ZCOTVDMkUwM0Y0MzQ0OTdCRkUzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNGNDM0NDk3 QkZFMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGI3MmVjYTQtNzNhZC00ZTBiLWE2 YTYtN2E2NTY5OGI3M2JlLzAvMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNG NDM0NDk3QkZFMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJuVYNht0s4pEw8ad+TNqPWfH6YukZYZ/y2G fmmIxlFnLtCq8Lp2mSyMVoP5m5ukgQj0F4y3jBcWxBlzbIUkMs4U1UWEyCfALXwO ATHAMp8+v7dMh4p4n9AiLVI9DNk5K3TkVg/BWIGKTJFeIaL3xNZwVzc9wVVdhjbh udLA661d2BU+wGMle8eu6XSgBctDCgMV3LKUYO0AvNA64nEHX0KQpOLsivb9zoO/ I4h4BIywjceLUhKriR0oQagnnYhmhLYxx4zGzJ1z6RiruA2b6FiGPpkftoBJOppG V7ZBYFHnvS7kHeXSr/WihiSR8skwhDaV8WtJPsZ+5A6ohCm/6rw= -----END CERTIFICATE-----Generated at Wed Jul 23 02:01:53 2025 by rpki-client