$ rpki-client -vvf repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft File: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft (raw, json) Hash identifier: SBQV88qmqjS1OkTicmOorpmEaJQoaNljtvR59u1H1B4= Subject key identifier: 3D:01:F4:35:BF:9E:B9:08:F3:91:5E:D7:A8:1F:BD:14:FC:6E:C2:21 Authority key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Certificate issuer: /CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Certificate serial: 779008DEC4F8B1C3AAA6E044424C076676958AFC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft Manifest number: B8 Signing time: Fri 05 Sep 2025 23:41:43 +0000 Manifest this update: Fri 05 Sep 2025 23:36:43 +0000 Manifest next update: Tue 09 Sep 2025 04:15:43 +0000 Files and hashes: 1: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl (hash: S/P/NXGze/0MSg0ZMPmHsObB//vY6buhG346Fcm139E=) 2: 3136302e32322e31332e302f32342d3234203d3e20313532373935.roa (hash: CjQ8LjHFMEFZAKqjfhXd2Dui1+KhZzwEUkNHDbRDo5c=) 3: 3136302e32322e31322e302f32342d3234203d3e20313532373935.roa (hash: kSF1VyQJjpek8Mf3gy+lWICO98IQh62K2L543jgKTUA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 04:15:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:90:08:de:c4:f8:b1:c3:aa:a6:e0:44:42:4c:07:66:76:95:8a:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Validity Not Before: Sep 5 23:36:43 2025 GMT Not After : Sep 9 04:15:43 2025 GMT Subject: CN=3D01F435BF9EB908F3915ED7A81FBD14FC6EC221 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:f0:1e:de:5e:6b:bc:bd:47:f4:20:41:e4:1f: c6:54:00:bf:63:ac:1d:5f:0e:8b:96:0c:3c:16:39: ef:05:9e:9a:fa:63:ff:44:7a:f2:68:3d:14:e2:01: af:2b:96:f3:27:55:45:da:e5:b7:dc:df:da:2e:0d: f9:1e:1b:54:29:6b:2c:6d:1c:96:54:56:82:08:0d: 54:7b:aa:d0:0f:48:6a:63:da:e0:a5:42:75:ae:25: a0:ca:10:fc:ac:6e:49:e7:04:57:5d:16:f3:de:ba: f6:0a:19:9e:04:44:4b:4c:c0:4a:b1:ce:20:d5:ce: 50:8c:92:a7:a1:d7:17:57:d4:bb:d2:35:cf:e5:5d: c8:5c:a4:92:25:7e:00:11:39:be:5a:b2:e5:c3:40: af:33:4c:c6:21:fb:43:89:dc:23:74:a7:ac:bf:0f: 3e:cf:ea:b6:d3:62:49:85:9e:e2:2d:a6:d6:91:10: 7c:2f:51:81:1b:9c:10:6a:13:69:ba:b7:66:ba:d8: a7:ff:b2:66:c0:7d:43:7b:0e:bb:07:cf:18:7a:38: a6:a7:6a:22:5c:55:7b:8e:b1:d4:7c:ea:a2:fa:5d: a0:e1:2b:20:e1:83:e5:75:57:6b:af:ca:a3:5d:db: 52:86:b8:c2:9c:ca:2c:4f:6b:89:21:e0:71:fe:d6: 1f:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:01:F4:35:BF:9E:B9:08:F3:91:5E:D7:A8:1F:BD:14:FC:6E:C2:21 X509v3 Authority Key Identifier: keyid:58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:15:fa:d7:d1:5a:24:b0:5b:de:02:ce:53:6e:3d:ed:e3:f2: 2e:ed:ac:b6:1c:f8:13:72:44:5d:cf:0d:c3:dd:2d:d8:c1:ee: 07:93:3f:63:da:20:58:5e:17:60:bb:fb:c3:33:73:2a:f8:54: 3e:ae:b6:cd:89:4a:2e:48:fb:75:6f:76:a5:32:12:ef:53:41: be:7e:53:2e:73:12:8d:43:37:0b:32:53:f7:75:df:f9:54:9f: 91:37:81:a4:e2:04:34:33:b7:c5:81:21:63:a1:91:3a:08:fd: 3d:b6:34:18:fe:8d:0b:b5:9d:82:c9:42:6b:ca:df:34:8a:4b: 2c:fa:7a:5a:ee:59:ee:9c:7b:76:a2:0c:a9:c3:d2:13:f1:11: e4:a8:97:6e:c3:80:74:59:d3:55:34:a3:d2:78:b8:f4:0e:76: a4:1a:45:78:68:ab:a9:2d:5c:09:2c:8d:0a:84:2c:7e:84:55: 72:82:fa:0d:94:aa:6d:f6:50:86:0c:c9:06:2b:c6:79:e1:f5: 87:14:d5:a0:b9:77:30:f9:4b:f7:03:4f:09:09:ab:2f:54:c2: ea:8d:df:d2:3f:b4:3c:d3:a6:d0:55:59:a1:58:5c:72:c7:50: 84:b6:41:e9:8b:82:eb:60:2d:db:cd:a2:8d:f1:60:31:d7:83: d3:f7:73:19 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUd5AI3sT4scOqpuBEQkwHZnaVivwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdF MEU0RDA2OTAeFw0yNTA5MDUyMzM2NDNaFw0yNTA5MDkwNDE1NDNaMDMxMTAvBgNV BAMTKDNEMDFGNDM1QkY5RUI5MDhGMzkxNUVEN0E4MUZCRDE0RkM2RUMyMjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG8B7eXmu8vUf0IEHkH8ZUAL9j rB1fDouWDDwWOe8Fnpr6Y/9EevJoPRTiAa8rlvMnVUXa5bfc39ouDfkeG1Qpayxt HJZUVoIIDVR7qtAPSGpj2uClQnWuJaDKEPysbknnBFddFvPeuvYKGZ4EREtMwEqx ziDVzlCMkqeh1xdX1LvSNc/lXchcpJIlfgAROb5asuXDQK8zTMYh+0OJ3CN0p6y/ Dz7P6rbTYkmFnuItptaREHwvUYEbnBBqE2m6t2a62Kf/smbAfUN7DrsHzxh6OKan aiJcVXuOsdR86qL6XaDhKyDhg+V1V2uvyqNd21KGuMKcyixPa4kh4HH+1h8TAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUPQH0Nb+euQjzkV7XqB+9FPxuwiEwHwYDVR0j BBgwFoAUWI3Q/OS8JDzJxtaK4E6EZ+Dk0GkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMC81ODhERDBGQ0U0 QkMyNDNDQzlDNkQ2OEFFMDRFODQ2N0UwRTREMDY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdFMEU0 RDA2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDE5OWU1NDEtMTg2MS00ZDZhLThl MjgtYjAyODQ1ODYxNDk2LzAvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0 NjdFMEU0RDA2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFoV+tfRWiSwW94CzlNuPe3j8i7trLYc+BNy RF3PDcPdLdjB7geTP2PaIFheF2C7+8Mzcyr4VD6uts2JSi5I+3VvdqUyEu9TQb5+ Uy5zEo1DNwsyU/d13/lUn5E3gaTiBDQzt8WBIWOhkToI/T22NBj+jQu1nYLJQmvK 3zSKSyz6elruWe6ce3aiDKnD0hPxEeSol27DgHRZ01U0o9J4uPQOdqQaRXhoq6kt XAksjQqELH6EVXKC+g2Uqm32UIYMyQYrxnnh9YcU1aC5dzD5S/cDTwkJqy9UwuqN 39I/tDzTptBVWaFYXHLHUIS2QemLgutgLdvNoo3xYDHXg9P3cxk= -----END CERTIFICATE-----Generated at Mon Sep 8 05:01:04 2025 by rpki-client