$ rpki-client -vvf repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.mft File: B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.mft (raw, json) Hash identifier: rEsztlbJ00CeTOJkPIXrBjRSZbpgR8iJ4mph3nlcH2Y= Subject key identifier: 94:50:39:B2:E4:3E:69:DA:CE:09:74:A5:20:5A:92:0E:8C:A5:DA:23 Authority key identifier: B8:C2:A2:B1:B2:11:64:AF:8E:AE:E3:87:C7:D9:A5:D9:4D:4F:83:08 Certificate issuer: /CN=B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308 Certificate serial: 5737EBFC9353F7CAC2F58ED629EB64B42A3E0B13 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.mft Manifest number: 0195 Signing time: Sat 19 Jul 2025 10:11:05 +0000 Manifest this update: Sat 19 Jul 2025 10:06:05 +0000 Manifest next update: Tue 22 Jul 2025 22:09:05 +0000 Files and hashes: 1: 3230322e35332e3232342e302f31392d3234203d3e2039333430.roa (hash: cxySA+7GoKy0ZBQ953Jz7wXFE+7U1S6vU/NAFozpO4w=) 2: 3230322e3135392e35302e302f32332d3234203d3e203435373239.roa (hash: 7LPe2lEj9jSSghBzwzWvEJHD1rdTalK2jKZeyt7h7R0=) 3: 3230322e3135392e39362e302f31392d3234203d3e2039333430.roa (hash: 4CYpX855PsKjE7pRqG0I65N8tDE2yevHm2JcGXCxF84=) 4: B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.crl (hash: LnMi+cDNJh3mTij1BjR+TMmyvujjF/ddSXR0PMrS9jc=) 5: 3230322e3135392e302e302f31382d3234203d3e2039333430.roa (hash: Juur4GxLWpPp32FXP5B1lQD8F+2wWzZU/lQ5cSimSag=) 6: 3131372e35342e302e302f31362d3234203d3e2039333430.roa (hash: UieSxZjEvKIMrWcJdH2TDXUustdkDqF4w0J/hh4yLRA=) 7: 3230322e3135332e3232342e302f31392d3234203d3e2039333430.roa (hash: vY8tbOcXriyCtT6FUxDmURMpeDa3xL/alWeAEYVK8DM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.crl rsync://repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 22:09:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:37:eb:fc:93:53:f7:ca:c2:f5:8e:d6:29:eb:64:b4:2a:3e:0b:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308 Validity Not Before: Jul 19 10:06:05 2025 GMT Not After : Jul 22 22:09:05 2025 GMT Subject: CN=945039B2E43E69DACE0974A5205A920E8CA5DA23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:cb:a0:7b:f0:ec:a7:7c:ae:01:13:28:06:6a: 27:69:3c:fb:bc:38:84:65:fa:8c:fe:d9:85:52:48: bf:ed:67:7c:14:23:58:3c:aa:f3:29:de:05:69:2d: 34:87:61:b9:62:2f:5e:50:9f:4d:c1:a3:ad:52:20: c2:b1:cf:29:07:84:83:b9:9b:e4:75:9b:30:1d:0b: b3:de:fa:97:41:aa:64:cf:09:f5:73:db:1d:dc:df: 3d:70:d4:0c:9c:d8:0d:eb:17:8a:68:e3:ae:bb:5a: cc:b1:f3:89:86:68:92:3a:e9:01:3b:4d:32:17:cd: 18:c5:f5:fd:35:76:60:ce:7d:f8:d2:19:22:c3:22: 6f:7f:4f:b9:1f:f7:f5:0c:69:59:9f:c8:7b:b5:31: 04:7a:9f:4a:33:7e:d8:1e:cc:0d:12:52:f3:1b:b9: 5c:de:f3:93:c5:49:1c:fe:ab:f8:80:19:14:a3:95: 22:62:39:e6:ae:99:eb:f7:2d:b1:4d:ee:13:b7:84: 91:53:d0:6c:f6:ed:9e:95:b9:ce:ca:bf:2a:1f:27: 3f:c4:ed:d7:99:60:9a:4a:9f:04:a5:3c:d1:f8:07: 77:f3:c0:a7:e2:cd:11:49:67:79:c0:23:27:30:fd: 76:ae:02:9f:40:6c:30:d3:83:13:a1:3f:e6:f7:42: 42:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:50:39:B2:E4:3E:69:DA:CE:09:74:A5:20:5A:92:0E:8C:A5:DA:23 X509v3 Authority Key Identifier: keyid:B8:C2:A2:B1:B2:11:64:AF:8E:AE:E3:87:C7:D9:A5:D9:4D:4F:83:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:cb:35:17:92:2a:d6:58:c5:cb:82:ce:ac:e9:a6:23:9f:9f: 33:ad:51:67:9b:be:11:9e:1f:b7:14:4c:97:40:40:bb:21:b7: c1:4f:ef:30:4d:e1:7d:80:bd:d3:8b:a4:2f:4c:a5:5b:18:ea: 05:b1:b5:30:59:88:ae:50:db:60:f4:75:88:55:34:78:25:17: 8f:ae:d5:df:c6:aa:c0:60:36:48:3a:eb:a3:91:27:5a:c8:04: 94:b3:b9:df:53:4e:49:6d:a7:3d:c2:07:11:8f:0d:2a:c5:1a: 14:93:35:b5:8d:db:29:0b:ab:81:25:cd:eb:88:ef:4e:da:6e: b9:f4:4d:60:13:0b:42:0f:ba:67:d8:68:a4:da:4e:c7:4d:f0: a9:3d:d3:f4:38:36:d8:cf:74:96:27:d0:0a:d0:e7:e8:54:84: e4:3f:2e:43:71:e6:7d:cc:cb:26:65:74:fa:0f:46:71:01:dc: e8:13:18:06:f9:23:08:57:fc:89:c4:58:38:eb:3c:4e:10:58: d6:6f:e2:aa:b9:8d:3d:c6:0e:f5:9f:86:6a:5a:7a:9d:ac:8c: 53:5b:8e:93:df:af:0d:e5:e5:f4:5c:c6:13:55:9c:ab:f4:7c: de:a5:27:87:81:75:f9:1f:b0:20:c7:b9:cc:55:18:da:11:9d: 00:0c:6a:08 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUVzfr/JNT98rC9Y7WKetktCo+CxMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjhDMkEyQjFCMjExNjRBRjhFQUVFMzg3QzdEOUE1RDk0 RDRGODMwODAeFw0yNTA3MTkxMDA2MDVaFw0yNTA3MjIyMjA5MDVaMDMxMTAvBgNV BAMTKDk0NTAzOUIyRTQzRTY5REFDRTA5NzRBNTIwNUE5MjBFOENBNURBMjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/y6B78OynfK4BEygGaidpPPu8 OIRl+oz+2YVSSL/tZ3wUI1g8qvMp3gVpLTSHYbliL15Qn03Bo61SIMKxzykHhIO5 m+R1mzAdC7Pe+pdBqmTPCfVz2x3c3z1w1Ayc2A3rF4po4667Wsyx84mGaJI66QE7 TTIXzRjF9f01dmDOffjSGSLDIm9/T7kf9/UMaVmfyHu1MQR6n0ozftgezA0SUvMb uVze85PFSRz+q/iAGRSjlSJiOeaumev3LbFN7hO3hJFT0Gz27Z6Vuc7KvyofJz/E 7deZYJpKnwSlPNH4B3fzwKfizRFJZ3nAIycw/XauAp9AbDDTgxOhP+b3QkLbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUlFA5suQ+adrOCXSlIFqSDoyl2iMwHwYDVR0j BBgwFoAUuMKisbIRZK+OruOHx9ml2U1PgwgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l NWIxZTU3ZS1hMGYxLTQ2N2YtYTQ2Zi01NWEzMTU3YjBkNjUvMC9COEMyQTJCMUIy MTE2NEFGOEVBRUUzODdDN0Q5QTVEOTRENEY4MzA4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjhDMkEyQjFCMjExNjRBRjhFQUVFMzg3QzdEOUE1RDk0RDRG ODMwOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZTViMWU1N2UtYTBmMS00NjdmLWE0 NmYtNTVhMzE1N2IwZDY1LzAvQjhDMkEyQjFCMjExNjRBRjhFQUVFMzg3QzdEOUE1 RDk0RDRGODMwOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABHLNReSKtZYxcuCzqzppiOfnzOtUWebvhGe H7cUTJdAQLsht8FP7zBN4X2AvdOLpC9MpVsY6gWxtTBZiK5Q22D0dYhVNHglF4+u 1d/GqsBgNkg666ORJ1rIBJSzud9TTkltpz3CBxGPDSrFGhSTNbWN2ykLq4ElzeuI 707abrn0TWATC0IPumfYaKTaTsdN8Kk90/Q4NtjPdJYn0ArQ5+hUhOQ/LkNx5n3M yyZldPoPRnEB3OgTGAb5IwhX/InEWDjrPE4QWNZv4qq5jT3GDvWfhmpaep2sjFNb jpPfrw3l5fRcxhNVnKv0fN6lJ4eBdfkfsCDHucxVGNoRnQAMagg= -----END CERTIFICATE-----Generated at Mon Jul 21 07:24:59 2025 by rpki-client