$ rpki-client -vvf repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft File: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft (raw, json) Hash identifier: Hkc1ebr4XIBPc82MWn6XoIaKPZkLvmkm9/ONFm/A2Es= Subject key identifier: 16:C8:02:18:24:D5:7A:B9:7F:46:EC:C9:44:B0:0C:53:AD:87:93:D9 Authority key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Certificate issuer: /CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Certificate serial: 41283C4E09875DB2B229D14ABA33123751048FB8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft Manifest number: 5D Signing time: Fri 14 Feb 2025 15:21:40 +0000 Manifest this update: Fri 14 Feb 2025 15:16:40 +0000 Manifest next update: Tue 18 Feb 2025 01:26:40 +0000 Files and hashes: 1: 3136302e32322e31332e302f32342d3234203d3e20313532373935.roa (hash: 4zrjWTGjIfmRVD7KoG+5XB5sYDfQiVJOsTHraO00txU=) 2: 3136302e32322e31322e302f32342d3234203d3e20313532373935.roa (hash: c7u9a3tNo+sinKbXEOZIkxb5lpQ3V3xHWxLJ0wK62sQ=) 3: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl (hash: He4ml0UmXvdPocV+xiHSjNxrcGz1rR49h/Dtyt5x4AU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 18 Feb 2025 01:26:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:28:3c:4e:09:87:5d:b2:b2:29:d1:4a:ba:33:12:37:51:04:8f:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Validity Not Before: Feb 14 15:16:40 2025 GMT Not After : Feb 18 01:26:40 2025 GMT Subject: CN=16C8021824D57AB97F46ECC944B00C53AD8793D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:ec:6f:08:7e:3f:cd:91:d2:ce:e6:c0:d3:57: 4e:de:ee:ed:73:bc:08:02:8b:28:c2:93:c9:5b:0b: 99:0d:9e:53:9f:2c:f2:26:6b:4f:83:f0:e2:2c:2e: 6b:a6:7d:80:f1:16:4f:d3:30:0c:d1:b8:7e:d2:b5: 36:2c:ad:72:05:55:a9:9e:1f:aa:26:fc:2c:a3:0c: 57:67:f7:38:a6:4e:79:94:43:04:be:e2:5b:f7:c8: 32:9e:a4:54:21:d3:85:b9:c8:66:92:20:9b:b2:fb: f1:1c:d1:09:8b:c3:7e:b7:21:87:01:58:90:4a:a1: b9:29:a0:5b:96:ec:f6:00:50:ba:cc:47:56:5a:00: 86:51:b9:ab:2d:98:e1:4b:ee:76:ab:19:17:da:f2: 9e:b0:6c:e9:d3:ed:bd:7c:30:82:ce:de:82:7d:55: e8:bf:ab:4e:f3:b4:3c:0b:9b:74:e3:44:79:db:7a: 51:7a:11:b9:ba:85:2e:5f:df:1a:db:f2:99:88:1b: f1:9c:d4:c0:1b:6c:e1:4e:42:e7:76:fc:35:15:87: a9:bf:e1:74:6f:84:32:73:27:e0:29:4e:06:39:29: 36:0f:ee:1e:c6:9f:8f:a2:8a:7e:00:5e:69:3d:ee: 2e:20:2a:a6:5d:5c:b5:93:79:b3:fa:ad:f2:f2:d8: 1d:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:C8:02:18:24:D5:7A:B9:7F:46:EC:C9:44:B0:0C:53:AD:87:93:D9 X509v3 Authority Key Identifier: keyid:58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:b8:71:e1:99:5d:ad:15:92:97:48:44:ac:a9:7e:d4:f8:4e: 76:67:6a:cd:65:a1:13:51:6b:bb:53:28:b0:49:95:75:d6:77: bb:df:7f:81:14:72:62:d3:95:9c:cb:0a:a4:bf:cc:fb:07:62: 1e:0a:56:fd:e8:80:13:15:f5:6c:8b:0e:51:5f:08:ec:01:ad: 41:5e:4b:f3:c1:09:25:c2:9f:67:04:72:7a:de:25:78:0e:33: 77:71:d6:d3:37:bc:fc:d1:4d:7f:03:d8:ab:e2:c9:9d:ca:bf: e9:bb:25:e7:e0:5e:1c:90:d3:31:ae:4f:06:91:ed:a9:75:ad: dc:f6:3a:73:0b:bc:37:e5:3a:fc:c6:bc:35:22:d3:00:5e:bf: c0:4e:2e:69:68:ac:18:74:0d:dc:c1:6c:ee:59:b1:6f:e0:1e: 4a:05:bc:39:1e:42:ea:44:84:37:94:16:47:b3:ee:ca:0b:eb: ad:4e:74:52:1e:34:0f:f3:9d:c3:ad:8d:7a:f5:db:3d:45:11: de:d0:46:77:7b:ed:53:71:6a:e3:14:0b:4c:96:6b:98:6a:51: 2f:40:8a:69:84:69:8b:a6:db:09:19:de:ae:c3:bc:70:a3:f0: 8e:5d:cc:f1:21:a0:25:ab:21:5a:04:62:f4:4b:35:90:d4:7f: 56:af:ce:89 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQSg8TgmHXbKyKdFKujMSN1EEj7gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdF MEU0RDA2OTAeFw0yNTAyMTQxNTE2NDBaFw0yNTAyMTgwMTI2NDBaMDMxMTAvBgNV BAMTKDE2QzgwMjE4MjRENTdBQjk3RjQ2RUNDOTQ0QjAwQzUzQUQ4NzkzRDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw7G8Ifj/NkdLO5sDTV07e7u1z vAgCiyjCk8lbC5kNnlOfLPIma0+D8OIsLmumfYDxFk/TMAzRuH7StTYsrXIFVame H6om/CyjDFdn9zimTnmUQwS+4lv3yDKepFQh04W5yGaSIJuy+/Ec0QmLw363IYcB WJBKobkpoFuW7PYAULrMR1ZaAIZRuastmOFL7narGRfa8p6wbOnT7b18MILO3oJ9 Vei/q07ztDwLm3TjRHnbelF6Ebm6hS5f3xrb8pmIG/Gc1MAbbOFOQud2/DUVh6m/ 4XRvhDJzJ+ApTgY5KTYP7h7Gn4+iin4AXmk97i4gKqZdXLWTebP6rfLy2B09AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUFsgCGCTVerl/RuzJRLAMU62Hk9kwHwYDVR0j BBgwFoAUWI3Q/OS8JDzJxtaK4E6EZ+Dk0GkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMC81ODhERDBGQ0U0 QkMyNDNDQzlDNkQ2OEFFMDRFODQ2N0UwRTREMDY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdFMEU0 RDA2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDE5OWU1NDEtMTg2MS00ZDZhLThl MjgtYjAyODQ1ODYxNDk2LzAvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0 NjdFMEU0RDA2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIG4ceGZXa0VkpdIRKypftT4TnZnas1loRNR a7tTKLBJlXXWd7vff4EUcmLTlZzLCqS/zPsHYh4KVv3ogBMV9WyLDlFfCOwBrUFe S/PBCSXCn2cEcnreJXgOM3dx1tM3vPzRTX8D2KviyZ3Kv+m7JefgXhyQ0zGuTwaR 7al1rdz2OnMLvDflOvzGvDUi0wBev8BOLmlorBh0DdzBbO5ZsW/gHkoFvDkeQupE hDeUFkez7soL661OdFIeNA/zncOtjXr12z1FEd7QRnd77VNxauMUC0yWa5hqUS9A immEaYum2wkZ3q7DvHCj8I5dzPEhoCWrIVoEYvRLNZDUf1avzok= -----END CERTIFICATE-----Generated at Sun Feb 16 20:59:30 2025 by rpki-client