$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: 2zkkN0doO9Z29DQC0wYT1rA//3UrfmE0DR/KiLBMuyM= Subject key identifier: 03:2E:CC:26:7C:A5:02:57:81:4E:52:E5:17:5B:8F:55:0F:50:41:84 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 123D81C2EE6C1AC7EFB2040A5247EDE4A3342669 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 01D5 Signing time: Sat 19 Jul 2025 14:11:49 +0000 Manifest this update: Sat 19 Jul 2025 14:06:49 +0000 Manifest next update: Tue 22 Jul 2025 19:04:49 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: 6k8aOPiW+OpeYZ2yQSM9fG0evoEZGkTRPHFUWbm+4Jc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 19:04:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:3d:81:c2:ee:6c:1a:c7:ef:b2:04:0a:52:47:ed:e4:a3:34:26:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Jul 19 14:06:49 2025 GMT Not After : Jul 22 19:04:49 2025 GMT Subject: CN=032ECC267CA50257814E52E5175B8F550F504184 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:fc:ea:89:64:47:f2:75:5d:2f:03:37:ff:6e: ac:c6:ef:8c:57:c7:72:cb:b8:d2:4f:02:d2:9c:71: d1:1f:68:e3:1f:5d:b9:a1:6a:1a:1b:11:4d:fb:e7: 64:62:c5:ab:07:99:58:b4:f5:78:3d:c1:34:cd:0e: 84:3b:93:3f:d6:25:2e:92:3b:73:ad:51:4b:8b:62: 30:6b:ee:e9:47:5f:88:de:8a:74:9a:8b:11:c3:b6: 01:4b:86:e3:64:bd:60:4a:62:0f:54:21:4a:8e:70: 3f:0b:f4:50:64:75:ce:6a:6e:cc:7e:5d:63:42:ec: 3f:b0:1f:f7:10:59:5f:df:bd:b7:32:dc:30:8b:32: b0:ea:3b:78:0a:ad:45:24:68:7b:a4:ae:99:6f:b9: 41:aa:4b:06:a2:32:e7:1d:a3:ea:b1:61:8b:11:49: 1e:2a:ab:24:c9:90:48:df:2f:cc:6e:e5:8e:2a:97: 10:d6:a3:49:24:6e:0a:dd:22:22:33:2c:43:85:f1: 2b:e5:b2:58:fc:21:20:25:77:40:bf:f0:6e:a3:99: 5e:89:d2:09:a3:19:75:e9:4a:31:b6:35:c5:a3:10: 23:63:72:74:f3:ea:95:26:6c:33:21:cd:36:6f:ef: 35:fc:a8:42:96:f5:ea:5a:00:63:a5:13:a0:4c:41: 64:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:2E:CC:26:7C:A5:02:57:81:4E:52:E5:17:5B:8F:55:0F:50:41:84 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:db:04:2f:99:7f:90:b5:d1:57:74:da:f8:e3:93:11:34:53: 92:ec:bb:f2:ad:eb:8d:a7:d5:3e:89:c2:9d:18:32:68:85:6f: 45:02:0b:01:74:89:c3:d6:57:2e:6c:a6:40:0f:82:c0:4c:a0: f3:e7:eb:31:95:7a:c9:30:35:76:f6:40:50:60:8b:55:45:cf: d3:11:b7:af:f8:8f:ca:1c:aa:96:51:17:2a:48:d7:95:ec:7a: 41:a4:ba:31:e5:d8:52:4e:b0:ac:4a:c8:9c:53:33:91:f5:2e: 78:b4:12:26:94:bb:d0:61:e3:5f:5c:16:02:94:2c:06:55:55: 7f:5b:30:b3:21:4f:1e:d3:03:e2:e4:95:6f:b7:b1:42:7e:cc: 78:32:94:25:d4:74:bf:c3:47:ac:42:0b:6b:ef:a8:e1:f1:4d: f1:8b:c7:08:b0:e3:d1:36:6c:fb:fb:54:10:b2:87:c9:7f:5d: b3:af:ae:5e:ae:0e:69:58:a1:09:1d:f2:9e:ab:ee:23:41:75: 86:91:f2:3f:dc:ca:88:15:b8:e2:e8:c7:79:53:da:96:5c:e5: 0c:a6:ff:a1:8c:11:2e:78:fb:1e:33:cf:5b:b8:f4:d3:4e:41: 16:ea:ef:da:eb:a8:a0:72:a0:7e:20:a8:3a:b9:f9:38:df:b6: 97:9a:73:de -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUEj2Bwu5sGsfvsgQKUkft5KM0JmkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTA3MTkxNDA2NDlaFw0yNTA3MjIxOTA0NDlaMDMxMTAvBgNV BAMTKDAzMkVDQzI2N0NBNTAyNTc4MTRFNTJFNTE3NUI4RjU1MEY1MDQxODQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1/OqJZEfydV0vAzf/bqzG74xX x3LLuNJPAtKccdEfaOMfXbmhahobEU3752RixasHmVi09Xg9wTTNDoQ7kz/WJS6S O3OtUUuLYjBr7ulHX4jeinSaixHDtgFLhuNkvWBKYg9UIUqOcD8L9FBkdc5qbsx+ XWNC7D+wH/cQWV/fvbcy3DCLMrDqO3gKrUUkaHukrplvuUGqSwaiMucdo+qxYYsR SR4qqyTJkEjfL8xu5Y4qlxDWo0kkbgrdIiIzLEOF8Svlslj8ISAld0C/8G6jmV6J 0gmjGXXpSjG2NcWjECNjcnTz6pUmbDMhzTZv7zX8qEKW9epaAGOlE6BMQWTPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUAy7MJnylAleBTlLlF1uPVQ9QQYQwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADLbBC+Zf5C10Vd02vjjkxE0U5Lsu/Kt642n 1T6Jwp0YMmiFb0UCCwF0icPWVy5spkAPgsBMoPPn6zGVeskwNXb2QFBgi1VFz9MR t6/4j8ocqpZRFypI15XsekGkujHl2FJOsKxKyJxTM5H1Lni0EiaUu9Bh419cFgKU LAZVVX9bMLMhTx7TA+LklW+3sUJ+zHgylCXUdL/DR6xCC2vvqOHxTfGLxwiw49E2 bPv7VBCyh8l/XbOvrl6uDmlYoQkd8p6r7iNBdYaR8j/cyogVuOLox3lT2pZc5Qym /6GMES54+x4zz1u49NNOQRbq79rrqKByoH4gqDq5+Tjftpeac94= -----END CERTIFICATE-----Generated at Sun Jul 20 21:28:20 2025 by rpki-client