$ rpki-client -vvf repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft File: 2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft (raw, json) Hash identifier: VKl/eV4Nh/wlLMHBxMe8tkzuJpbKrbU0nthNE/wYueQ= Subject key identifier: C2:86:00:73:2B:93:3D:5A:B7:25:B4:6B:BD:3D:DE:70:F6:7A:71:3A Authority key identifier: 2D:23:11:F5:63:DF:0A:F8:EB:EF:DA:21:87:16:26:B5:DD:78:C5:BD Certificate issuer: /CN=2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD Certificate serial: 4F0A201860B4620AB935DFBB0956D3191678AA68 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft Manifest number: 04C1 Signing time: Fri 18 Jul 2025 18:31:59 +0000 Manifest this update: Fri 18 Jul 2025 18:26:59 +0000 Manifest next update: Mon 21 Jul 2025 22:53:59 +0000 Files and hashes: 1: 3130332e3232372e3234302e302f32322d3234203d3e203539323738.roa (hash: pAsXLpsnvtFY9CiLQfO4MgBTQXdXjfq9fjmjjZL7V7Y=) 2: 3130332e35382e3136302e302f32322d3234203d3e203539323738.roa (hash: 3p6KpA6/uKsXu1iiVTHxP1H1aKBvRxURT7LJ3HzRuNw=) 3: 323430323a363938303a313030303a3a2f34382d3438203d3e203539323738.roa (hash: Cf4F1dHsLMAEwRXj/sLvggNAyN9aUktmarNyz8vl8uk=) 4: 323430323a363938303a323030303a3a2f34382d3438203d3e203539323738.roa (hash: D6GCo3ceVvJhAX1b+afxEUHTBD9rmTcpfSp7SCURViA=) 5: 323430323a363938303a333030303a3a2f34382d3438203d3e203539323738.roa (hash: 1MuWl4R2LfAc9czxG6/QjtCE9g5QKK5BETiXC4FMLHs=) 6: 323430323a363938303a343030303a3a2f34382d3438203d3e203539323738.roa (hash: LrRa5/YbMQIirnwavEqQmjlSXIv4GPDAL8XSH/RPz2k=) 7: 2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.crl (hash: do2z5UTI0l4sfbBjXzwR8uFNXvO2pqHsYSuraMZpB9Q=) 8: 323430323a363938303a3a2f33322d3438203d3e203539323738.roa (hash: IyTH+iDrZwcYpQjVq5OAN4r5uvDjzNsSK7r7mWOE79s=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.crl rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Jul 2025 22:53:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:0a:20:18:60:b4:62:0a:b9:35:df:bb:09:56:d3:19:16:78:aa:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD Validity Not Before: Jul 18 18:26:59 2025 GMT Not After : Jul 21 22:53:59 2025 GMT Subject: CN=C28600732B933D5AB725B46BBD3DDE70F67A713A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:96:88:b4:fb:bf:c4:cb:b3:18:6e:ca:6a:e3: 12:84:58:43:9a:af:e1:84:2e:cf:b6:bc:2d:84:21: ef:e2:a0:95:a0:de:1f:33:cd:42:ee:08:f7:01:95: 36:c7:c5:cb:95:1f:b7:3a:f1:49:79:d9:7f:12:3a: f5:35:3a:2d:6a:b6:33:9b:c2:84:e9:84:7c:11:0e: fb:5a:a6:6a:d8:ba:92:19:fb:c5:bc:af:e5:2a:00: 40:60:19:6b:c2:96:3b:89:d4:b3:43:99:35:35:6c: 27:da:6d:b0:94:87:4f:ed:10:4c:fe:f8:fc:a8:d0: 8c:3a:70:0f:83:3f:ca:a1:d8:ff:fd:3d:93:17:97: 71:b7:12:12:65:d8:ef:e3:78:24:f2:85:37:34:21: 69:76:09:0d:86:3a:b5:f2:ff:56:c2:ea:a7:a7:c4: 09:1f:44:93:53:ee:2e:0f:35:57:96:65:ea:6e:6f: 53:a1:70:96:22:9a:c4:2d:27:84:52:03:4f:1b:8e: a0:3e:c4:e8:b9:5d:a6:b1:7f:a8:59:a4:3f:7b:7d: 59:9d:2f:0e:44:49:b4:ee:8f:0a:74:ea:3e:8b:93: 25:ed:8b:ab:ed:eb:36:2e:74:82:a7:5b:c4:12:c5: 8c:7e:8b:e0:91:f1:cd:dc:bb:9d:73:3e:19:3f:5f: 26:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:86:00:73:2B:93:3D:5A:B7:25:B4:6B:BD:3D:DE:70:F6:7A:71:3A X509v3 Authority Key Identifier: keyid:2D:23:11:F5:63:DF:0A:F8:EB:EF:DA:21:87:16:26:B5:DD:78:C5:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:1f:ba:d6:d0:cb:9d:d7:61:cd:24:ac:1a:50:b5:61:de:98: 08:d1:27:77:7d:16:e4:63:87:86:78:04:01:4f:54:56:00:d9: 1b:80:45:80:12:0a:11:12:e1:16:91:53:1e:f2:6b:86:3d:6c: eb:38:95:25:72:56:e2:ec:48:6f:bd:9c:d1:38:53:7c:b1:cf: c9:f2:ce:eb:aa:d3:65:08:12:18:f0:97:08:61:57:5e:a2:4f: 42:fb:50:b4:13:34:cc:f9:7a:59:0a:69:43:1c:94:bf:34:7d: 02:26:a6:dd:c5:df:21:29:0e:71:3b:30:f7:95:7c:02:63:ac: 96:2b:f6:f2:cc:1c:71:6b:ed:74:c2:31:e6:6b:a6:ab:4c:79: 1f:e0:c6:a3:b5:4d:cc:93:5c:c3:74:f4:4a:4e:c9:f7:41:c9: f7:29:9f:db:97:0d:3b:d7:ed:f6:02:ce:71:37:f3:82:9d:3e: e1:58:d4:9a:4e:61:21:2d:42:0e:6e:a1:9c:c1:1b:2d:5c:6c: 10:e2:07:c8:c8:67:7e:2d:b0:b8:ab:1c:f3:a1:7d:8f:51:59: d2:9c:13:2f:ec:db:62:5e:21:c0:40:d0:ee:e0:fc:6a:c0:13: 4d:9a:17:f1:73:52:87:b4:e5:54:f5:35:79:13:e6:1d:aa:45: 34:6a:56:ac -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUTwogGGC0Ygq5Nd+7CVbTGRZ4qmgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQyMzExRjU2M0RGMEFGOEVCRUZEQTIxODcxNjI2QjVE RDc4QzVCRDAeFw0yNTA3MTgxODI2NTlaFw0yNTA3MjEyMjUzNTlaMDMxMTAvBgNV BAMTKEMyODYwMDczMkI5MzNENUFCNzI1QjQ2QkJEM0RERTcwRjY3QTcxM0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbloi0+7/Ey7MYbspq4xKEWEOa r+GELs+2vC2EIe/ioJWg3h8zzULuCPcBlTbHxcuVH7c68Ul52X8SOvU1Oi1qtjOb woTphHwRDvtapmrYupIZ+8W8r+UqAEBgGWvCljuJ1LNDmTU1bCfabbCUh0/tEEz+ +Pyo0Iw6cA+DP8qh2P/9PZMXl3G3EhJl2O/jeCTyhTc0IWl2CQ2GOrXy/1bC6qen xAkfRJNT7i4PNVeWZepub1OhcJYimsQtJ4RSA08bjqA+xOi5Xaaxf6hZpD97fVmd Lw5ESbTujwp06j6LkyXti6vt6zYudIKnW8QSxYx+i+CR8c3cu51zPhk/Xya/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUwoYAcyuTPVq3JbRrvT3ecPZ6cTowHwYDVR0j BBgwFoAULSMR9WPfCvjr79ohhxYmtd14xb0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h ZjFjNzlmMS0yNjRlLTQyM2YtOWUwOC0wYjI5MDBkYTY5NDkvMC8yRDIzMTFGNTYz REYwQUY4RUJFRkRBMjE4NzE2MjZCNURENzhDNUJELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQyMzExRjU2M0RGMEFGOEVCRUZEQTIxODcxNjI2QjVERDc4 QzVCRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYWYxYzc5ZjEtMjY0ZS00MjNmLTll MDgtMGIyOTAwZGE2OTQ5LzAvMkQyMzExRjU2M0RGMEFGOEVCRUZEQTIxODcxNjI2 QjVERDc4QzVCRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAsfutbQy53XYc0krBpQtWHemAjRJ3d9FuRj h4Z4BAFPVFYA2RuARYASChES4RaRUx7ya4Y9bOs4lSVyVuLsSG+9nNE4U3yxz8ny zuuq02UIEhjwlwhhV16iT0L7ULQTNMz5elkKaUMclL80fQImpt3F3yEpDnE7MPeV fAJjrJYr9vLMHHFr7XTCMeZrpqtMeR/gxqO1TcyTXMN09EpOyfdByfcpn9uXDTvX 7fYCznE384KdPuFY1JpOYSEtQg5uoZzBGy1cbBDiB8jIZ34tsLirHPOhfY9RWdKc Ey/s22JeIcBA0O7g/GrAE02aF/FzUoe05VT1NXkT5h2qRTRqVqw= -----END CERTIFICATE-----Generated at Sun Jul 20 21:25:23 2025 by rpki-client