$ rpki-client -vvf repo-rpki.idnic.net/repo/a95901cc-1b8e-4f3f-a3d0-3269f0e16c41/0/70FE5658A7C2993DC505F75545A128384472227E.mft File: 70FE5658A7C2993DC505F75545A128384472227E.mft (raw, json) Hash identifier: pKx7ctyJQAbKNziS/2Zqaq+SpSGAGOs1GKM+gw1aGbI= Subject key identifier: 11:DF:E1:CF:ED:9E:0B:46:9A:D6:FB:99:6F:10:C5:88:A5:B4:14:D4 Authority key identifier: 70:FE:56:58:A7:C2:99:3D:C5:05:F7:55:45:A1:28:38:44:72:22:7E Certificate issuer: /CN=70FE5658A7C2993DC505F75545A128384472227E Certificate serial: 5D0239B7F9B7C3AD9C82052D698518F301533D09 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/70FE5658A7C2993DC505F75545A128384472227E.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a95901cc-1b8e-4f3f-a3d0-3269f0e16c41/0/70FE5658A7C2993DC505F75545A128384472227E.mft Manifest number: 024D Signing time: Mon 21 Jul 2025 19:21:17 +0000 Manifest this update: Mon 21 Jul 2025 19:16:17 +0000 Manifest next update: Fri 25 Jul 2025 04:26:17 +0000 Files and hashes: 1: 3130332e3137392e3234382e302f32332d3233203d3e2039333431.roa (hash: Q5pvwdFKL1lgBG6fYcr2yl0tesQth6vA5guIwHg8TXM=) 2: 3130332e3137392e3234392e302f32342d3234203d3e2039333431.roa (hash: VpIKxGpnGG5kY+TxgaFm5MAMJ5OPwOweNd+seLyS58Q=) 3: 3130332e3137392e3234382e302f32342d3234203d3e2039333431.roa (hash: gLStYnptht5TyqoGXBL5Rk0CVBS4ZoGmnO4HsnZPkL0=) 4: 70FE5658A7C2993DC505F75545A128384472227E.crl (hash: rYHhDt94G/AEAH4wEaX1LM50mrwsyGfJ9NvtePiC33U=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a95901cc-1b8e-4f3f-a3d0-3269f0e16c41/0/70FE5658A7C2993DC505F75545A128384472227E.crl rsync://repo-rpki.idnic.net/repo/a95901cc-1b8e-4f3f-a3d0-3269f0e16c41/0/70FE5658A7C2993DC505F75545A128384472227E.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/70FE5658A7C2993DC505F75545A128384472227E.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 04:26:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:02:39:b7:f9:b7:c3:ad:9c:82:05:2d:69:85:18:f3:01:53:3d:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70FE5658A7C2993DC505F75545A128384472227E Validity Not Before: Jul 21 19:16:17 2025 GMT Not After : Jul 25 04:26:17 2025 GMT Subject: CN=11DFE1CFED9E0B469AD6FB996F10C588A5B414D4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:fb:10:29:56:05:78:5a:11:cf:a7:5e:55:eb: 50:f2:f1:b8:30:ce:ff:29:c9:a0:79:b8:37:98:49: ad:6b:ca:e4:6a:c1:df:fb:60:07:c1:5e:df:bb:ec: de:6c:0e:68:07:b7:bf:9c:ea:28:d5:8e:5d:ba:b2: 51:6f:d8:21:46:2f:d4:ce:96:3f:7e:d5:23:f5:68: 69:4d:ed:95:84:ed:e4:f0:3c:b9:8a:af:69:9a:3f: be:1e:e3:a7:c5:63:13:ef:bb:90:a5:59:4c:38:a4: b6:a8:e5:a5:01:d3:91:7b:ab:4d:31:49:48:93:4c: 78:2b:e2:53:b1:a8:6f:09:10:22:58:c3:43:18:9d: 03:77:26:b1:03:72:c0:14:d5:3e:28:0c:f5:75:2f: c2:db:0a:c5:45:41:2e:40:de:85:31:61:d1:2a:b1: 53:52:c6:e7:7c:e6:97:76:92:9d:62:ef:49:35:51: 57:e4:60:32:bb:20:8b:38:c0:7c:65:2f:6b:71:ff: 20:f1:da:ef:a3:1f:0d:3c:89:29:1d:0c:c6:17:4d: f9:be:5d:99:87:c6:77:69:d0:f2:fd:09:1d:5e:af: e9:4c:c5:0a:61:5a:13:20:f1:10:3c:c7:f7:9c:66: 17:60:c6:24:34:4a:a2:09:4a:53:fa:0d:b1:3b:f1: 29:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:DF:E1:CF:ED:9E:0B:46:9A:D6:FB:99:6F:10:C5:88:A5:B4:14:D4 X509v3 Authority Key Identifier: keyid:70:FE:56:58:A7:C2:99:3D:C5:05:F7:55:45:A1:28:38:44:72:22:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a95901cc-1b8e-4f3f-a3d0-3269f0e16c41/0/70FE5658A7C2993DC505F75545A128384472227E.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/70FE5658A7C2993DC505F75545A128384472227E.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a95901cc-1b8e-4f3f-a3d0-3269f0e16c41/0/70FE5658A7C2993DC505F75545A128384472227E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:e4:36:2c:16:fc:af:43:4b:4f:6b:b2:81:59:0d:c1:87:9c: 23:d7:d0:de:27:c2:20:9e:8d:26:bd:7a:95:97:f9:86:65:47: 0a:18:bb:f8:5d:d1:78:30:8f:a8:51:32:80:77:a7:c5:c7:53: 24:1f:d6:04:8b:41:d9:85:ad:cb:9b:50:39:40:9a:50:9f:2e: 7b:2d:62:b4:73:d8:a4:7d:78:d9:72:43:64:35:4c:b3:7f:cd: 54:62:38:47:68:88:5d:cb:0d:be:94:d7:91:aa:3a:5c:af:c1: 1b:5e:26:ed:3e:4e:e7:de:f4:f6:37:16:a7:1f:3e:5f:10:21: 76:f3:f6:32:d7:af:51:70:66:f3:5b:8a:a2:1a:f9:c3:15:9a: 93:87:02:31:a9:20:7f:71:fa:da:71:46:6a:3a:bb:be:db:b2: a9:14:ab:55:9b:96:76:d4:db:43:96:08:4e:07:81:fa:16:d7: 33:6a:c4:cf:8f:1b:84:d6:cf:cd:99:cf:ce:ba:e8:36:dd:ef: 8a:d3:af:87:42:c2:0c:3a:b8:57:d3:d9:37:29:92:39:99:00: 6f:46:54:db:14:fc:97:29:e6:e0:cc:4e:f7:01:ea:a3:69:14: 5b:ed:3e:a8:ad:0d:c9:f5:dd:b6:bb:a7:4c:a5:0a:b7:5f:23: 44:e8:79:2e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXQI5t/m3w62cggUtaYUY8wFTPQkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzBGRTU2NThBN0MyOTkzREM1MDVGNzU1NDVBMTI4Mzg0 NDcyMjI3RTAeFw0yNTA3MjExOTE2MTdaFw0yNTA3MjUwNDI2MTdaMDMxMTAvBgNV BAMTKDExREZFMUNGRUQ5RTBCNDY5QUQ2RkI5OTZGMTBDNTg4QTVCNDE0RDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe+xApVgV4WhHPp15V61Dy8bgw zv8pyaB5uDeYSa1ryuRqwd/7YAfBXt+77N5sDmgHt7+c6ijVjl26slFv2CFGL9TO lj9+1SP1aGlN7ZWE7eTwPLmKr2maP74e46fFYxPvu5ClWUw4pLao5aUB05F7q00x SUiTTHgr4lOxqG8JECJYw0MYnQN3JrEDcsAU1T4oDPV1L8LbCsVFQS5A3oUxYdEq sVNSxud85pd2kp1i70k1UVfkYDK7IIs4wHxlL2tx/yDx2u+jHw08iSkdDMYXTfm+ XZmHxndp0PL9CR1er+lMxQphWhMg8RA8x/ecZhdgxiQ0SqIJSlP6DbE78SkJAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUEd/hz+2eC0aa1vuZbxDFiKW0FNQwHwYDVR0j BBgwFoAUcP5WWKfCmT3FBfdVRaEoOERyIn4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h OTU5MDFjYy0xYjhlLTRmM2YtYTNkMC0zMjY5ZjBlMTZjNDEvMC83MEZFNTY1OEE3 QzI5OTNEQzUwNUY3NTU0NUExMjgzODQ0NzIyMjdFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNzBGRTU2NThBN0MyOTkzREM1MDVGNzU1NDVBMTI4Mzg0NDcy MjI3RS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTk1OTAxY2MtMWI4ZS00ZjNmLWEz ZDAtMzI2OWYwZTE2YzQxLzAvNzBGRTU2NThBN0MyOTkzREM1MDVGNzU1NDVBMTI4 Mzg0NDcyMjI3RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFvkNiwW/K9DS09rsoFZDcGHnCPX0N4nwiCe jSa9epWX+YZlRwoYu/hd0Xgwj6hRMoB3p8XHUyQf1gSLQdmFrcubUDlAmlCfLnst YrRz2KR9eNlyQ2Q1TLN/zVRiOEdoiF3LDb6U15GqOlyvwRteJu0+Tufe9PY3Fqcf Pl8QIXbz9jLXr1FwZvNbiqIa+cMVmpOHAjGpIH9x+tpxRmo6u77bsqkUq1WblnbU 20OWCE4HgfoW1zNqxM+PG4TWz82Zz8666Dbd74rTr4dCwgw6uFfT2TcpkjmZAG9G VNsU/Jcp5uDMTvcB6qNpFFvtPqitDcn13ba7p0ylCrdfI0ToeS4= -----END CERTIFICATE-----Generated at Wed Jul 23 12:26:19 2025 by rpki-client