$ rpki-client -vvf repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.mft File: 535D46F4044E2CC21293CC061A2783074BDF7AE7.mft (raw, json) Hash identifier: WCQzteVdJLJHrX5YqDTbE3DS9dsGnKgxgeNd7BmD9bk= Subject key identifier: 84:DA:54:7E:CA:F2:A5:B9:B8:7F:4E:D9:B5:9F:A2:82:03:5F:A2:F2 Authority key identifier: 53:5D:46:F4:04:4E:2C:C2:12:93:CC:06:1A:27:83:07:4B:DF:7A:E7 Certificate issuer: /CN=535D46F4044E2CC21293CC061A2783074BDF7AE7 Certificate serial: 12D647E3BEAE9E1CD60853A6345C1ADA13B74CF7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/535D46F4044E2CC21293CC061A2783074BDF7AE7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.mft Manifest number: D8 Signing time: Sat 19 Apr 2025 09:11:19 +0000 Manifest this update: Sat 19 Apr 2025 09:06:19 +0000 Manifest next update: Tue 22 Apr 2025 10:17:19 +0000 Files and hashes: 1: 3130332e3134332e32322e302f32342d3234203d3e20313339343331.roa (hash: jf5znzRFy2+P6OoEH2nJsLB6FzpE4dX49Aqe9OCR/Ck=) 2: 323430353a343663303a3a2f33322d3332203d3e20313339343331.roa (hash: yq265ELsxp0oAlCM/3VQz9AgxchX8BpcvalzRZ4r8Rc=) 3: 3130332e3134332e32322e302f32332d3233203d3e20313339343331.roa (hash: O+DYiMiMwkf2fjBBi2Y0uG1bMY8o2RWfJ3yizKPcbzk=) 4: 535D46F4044E2CC21293CC061A2783074BDF7AE7.crl (hash: x9fC9Rz/EiuuAVM2d2SX7fRoWl2SxM9xRS59+4qkgeg=) 5: 3130332e3134332e32332e302f32342d3234203d3e20313339343331.roa (hash: ziqyElqA9AWawQsIwtFYhW7vigptCpJYDFMjj4wIn2E=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.crl rsync://repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/535D46F4044E2CC21293CC061A2783074BDF7AE7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 00:59:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:d6:47:e3:be:ae:9e:1c:d6:08:53:a6:34:5c:1a:da:13:b7:4c:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=535D46F4044E2CC21293CC061A2783074BDF7AE7 Validity Not Before: Apr 19 09:06:19 2025 GMT Not After : Apr 22 10:17:19 2025 GMT Subject: CN=84DA547ECAF2A5B9B87F4ED9B59FA282035FA2F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:2b:51:57:74:c4:69:a5:7d:de:1c:2c:c0:b0: c2:29:d8:a5:e1:ae:70:75:7e:11:f4:1e:33:38:06: 32:12:5e:6b:ae:ee:c1:63:ca:10:dc:51:99:c0:cd: 80:11:1b:a9:84:5c:53:68:2a:7e:42:6d:8e:8c:b1: 9f:b9:ce:cf:f0:a6:fe:00:eb:85:b2:00:f0:4b:4a: c3:73:80:fa:42:4a:64:b5:51:2d:66:fa:d9:9d:e1: 96:f0:8b:e6:f4:ed:00:27:de:02:72:5c:4c:5d:b5: 64:a6:c1:20:50:cd:98:d6:02:07:8e:d6:19:d6:ae: f8:a5:b1:fe:5e:06:5d:79:02:67:32:ab:8b:df:1c: 5c:14:f4:6f:d5:ec:4b:7b:4d:40:bc:99:ef:f2:6b: 6e:6b:ca:74:0e:6e:ca:7e:18:22:4e:a3:f6:7a:25: a6:64:1a:46:c1:74:b2:40:c0:3b:f0:04:b6:ca:a4: c1:5a:70:6c:09:c3:07:62:96:81:3d:8d:0b:3c:2e: fe:3c:aa:d8:85:51:86:61:e4:18:30:56:c4:6e:ff: 7f:c6:d6:60:13:44:fd:18:a3:2a:92:ce:1f:e2:97: 7c:b6:97:d9:31:75:ab:03:a1:3b:db:af:64:6a:7a: 6e:cb:2e:82:ba:eb:ae:6d:38:f8:94:d0:c9:79:a2: 43:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:DA:54:7E:CA:F2:A5:B9:B8:7F:4E:D9:B5:9F:A2:82:03:5F:A2:F2 X509v3 Authority Key Identifier: keyid:53:5D:46:F4:04:4E:2C:C2:12:93:CC:06:1A:27:83:07:4B:DF:7A:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/535D46F4044E2CC21293CC061A2783074BDF7AE7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:be:c4:9b:52:89:8f:0a:c3:6e:9e:f0:02:52:69:bc:65:93: 6e:33:2a:a8:ec:6a:30:b8:08:b5:d2:2b:9d:35:6a:7e:b3:99: 18:cb:2e:27:07:fb:fa:d9:6e:2c:58:1b:db:7d:0e:c0:66:fc: ce:e3:28:35:50:81:6b:e7:20:69:ea:b1:6f:28:ba:f0:74:3e: 0a:8f:7d:50:cd:9e:da:df:cc:79:e0:f2:15:e9:b8:9b:61:e4: b3:c2:ea:c3:2f:fa:32:65:92:39:46:96:9d:b3:09:40:2a:6e: 8c:69:a3:5a:44:fe:2f:2a:5a:a9:fa:64:e1:c3:e6:1d:db:15: c8:ba:f1:18:92:62:23:38:c5:87:52:a6:23:cf:67:5c:75:90: 8e:10:b2:90:d6:3c:cf:14:7a:c0:d5:7d:8a:4b:e3:30:5c:fe: 15:b4:b4:8b:00:6e:e2:02:11:80:d6:9f:4d:0d:cf:a9:89:e3: d4:ba:fd:f0:fd:3a:49:d9:24:4e:21:b9:c6:b0:f6:84:aa:c5: 80:cb:c0:92:b6:7a:ec:4c:0c:30:00:74:02:89:b5:4a:eb:06: cf:0a:f1:6e:66:d2:f0:42:bb:7d:b6:7e:45:03:cd:b6:af:65: 23:9b:48:eb:99:c7:01:94:e1:84:47:43:d2:11:7b:fc:21:17: 1a:e1:02:22 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUEtZH476unhzWCFOmNFwa2hO3TPcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTM1RDQ2RjQwNDRFMkNDMjEyOTNDQzA2MUEyNzgzMDc0 QkRGN0FFNzAeFw0yNTA0MTkwOTA2MTlaFw0yNTA0MjIxMDE3MTlaMDMxMTAvBgNV BAMTKDg0REE1NDdFQ0FGMkE1QjlCODdGNEVEOUI1OUZBMjgyMDM1RkEyRjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOK1FXdMRppX3eHCzAsMIp2KXh rnB1fhH0HjM4BjISXmuu7sFjyhDcUZnAzYARG6mEXFNoKn5CbY6MsZ+5zs/wpv4A 64WyAPBLSsNzgPpCSmS1US1m+tmd4Zbwi+b07QAn3gJyXExdtWSmwSBQzZjWAgeO 1hnWrvilsf5eBl15Amcyq4vfHFwU9G/V7Et7TUC8me/ya25rynQObsp+GCJOo/Z6 JaZkGkbBdLJAwDvwBLbKpMFacGwJwwdiloE9jQs8Lv48qtiFUYZh5BgwVsRu/3/G 1mATRP0YoyqSzh/il3y2l9kxdasDoTvbr2Rqem7LLoK6665tOPiU0Ml5okOvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhNpUfsrypbm4f07ZtZ+iggNfovIwHwYDVR0j BBgwFoAUU11G9AROLMISk8wGGieDB0vfeucwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x NDZmMzNmMi1mMDZlLTRlYjYtYWU2MS01NTI5YmNhMWNkY2QvMC81MzVENDZGNDA0 NEUyQ0MyMTI5M0NDMDYxQTI3ODMwNzRCREY3QUU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTM1RDQ2RjQwNDRFMkNDMjEyOTNDQzA2MUEyNzgzMDc0QkRG N0FFNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTQ2ZjMzZjItZjA2ZS00ZWI2LWFl NjEtNTUyOWJjYTFjZGNkLzAvNTM1RDQ2RjQwNDRFMkNDMjEyOTNDQzA2MUEyNzgz MDc0QkRGN0FFNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIC+xJtSiY8Kw26e8AJSabxlk24zKqjsajC4 CLXSK501an6zmRjLLicH+/rZbixYG9t9DsBm/M7jKDVQgWvnIGnqsW8ouvB0PgqP fVDNntrfzHng8hXpuJth5LPC6sMv+jJlkjlGlp2zCUAqboxpo1pE/i8qWqn6ZOHD 5h3bFci68RiSYiM4xYdSpiPPZ1x1kI4QspDWPM8UesDVfYpL4zBc/hW0tIsAbuIC EYDWn00Nz6mJ49S6/fD9OknZJE4hucaw9oSqxYDLwJK2euxMDDAAdAKJtUrrBs8K 8W5m0vBCu322fkUDzbavZSObSOuZxwGU4YRHQ9IRe/whFxrhAiI= -----END CERTIFICATE-----Generated at Sat Apr 19 12:11:37 2025 by rpki-client