$ rpki-client -vvf repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.mft File: 535D46F4044E2CC21293CC061A2783074BDF7AE7.mft (raw, json) Hash identifier: eRHNbFn5jSGFCO4b311mCwjClgDGs2x96rW8/JFqhsM= Subject key identifier: 94:43:E5:C9:BA:FC:8E:42:AD:D5:CF:5E:FE:F7:36:4F:6C:78:D4:71 Authority key identifier: 53:5D:46:F4:04:4E:2C:C2:12:93:CC:06:1A:27:83:07:4B:DF:7A:E7 Certificate issuer: /CN=535D46F4044E2CC21293CC061A2783074BDF7AE7 Certificate serial: 590B813AB0ECF35A0A1D5D327D13365572D849FF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/535D46F4044E2CC21293CC061A2783074BDF7AE7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.mft Manifest number: BE Signing time: Wed 19 Feb 2025 01:41:18 +0000 Manifest this update: Wed 19 Feb 2025 01:36:18 +0000 Manifest next update: Sat 22 Feb 2025 10:52:18 +0000 Files and hashes: 1: 535D46F4044E2CC21293CC061A2783074BDF7AE7.crl (hash: P7YLOZJlcgwdbd3ckmgQPNrd+bAWlxHP4khX9DmVK+Y=) 2: 323430353a343663303a3a2f33322d3332203d3e20313339343331.roa (hash: yq265ELsxp0oAlCM/3VQz9AgxchX8BpcvalzRZ4r8Rc=) 3: 3130332e3134332e32322e302f32342d3234203d3e20313339343331.roa (hash: jf5znzRFy2+P6OoEH2nJsLB6FzpE4dX49Aqe9OCR/Ck=) 4: 3130332e3134332e32332e302f32342d3234203d3e20313339343331.roa (hash: ziqyElqA9AWawQsIwtFYhW7vigptCpJYDFMjj4wIn2E=) 5: 3130332e3134332e32322e302f32332d3233203d3e20313339343331.roa (hash: O+DYiMiMwkf2fjBBi2Y0uG1bMY8o2RWfJ3yizKPcbzk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.crl rsync://repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/535D46F4044E2CC21293CC061A2783074BDF7AE7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Feb 2025 10:52:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:0b:81:3a:b0:ec:f3:5a:0a:1d:5d:32:7d:13:36:55:72:d8:49:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=535D46F4044E2CC21293CC061A2783074BDF7AE7 Validity Not Before: Feb 19 01:36:18 2025 GMT Not After : Feb 22 10:52:18 2025 GMT Subject: CN=9443E5C9BAFC8E42ADD5CF5EFEF7364F6C78D471 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:0f:63:f6:14:1d:79:c4:77:76:0f:68:37:e2: 46:31:6d:cf:d3:9e:81:80:7e:a1:6f:9d:79:f2:4c: fc:cc:62:cc:e7:d9:bc:93:05:70:85:95:b0:86:be: 62:04:e9:66:99:ca:d7:b0:ad:82:ce:13:bd:4c:38: 7a:3d:41:dc:4e:0c:c0:25:c5:b6:10:7b:b2:49:1a: 5a:f2:29:bc:aa:28:4b:11:f5:0a:5e:70:b7:e9:7c: 0c:5c:a2:c9:6d:ba:70:ba:d1:6c:b8:3d:37:6b:6e: bb:cb:df:36:d0:b1:f7:de:50:bc:7c:37:ca:e9:b3: 83:06:16:7d:40:35:1c:77:ae:8d:c6:8d:72:8d:c8: 9d:32:81:3f:4e:90:6f:de:16:2c:17:0e:37:5b:6d: 07:4f:fd:8f:ec:af:b1:43:b0:dd:31:be:31:69:43: 67:09:e0:df:83:5d:32:63:2e:8e:da:f1:26:43:b0: a8:76:6f:d2:16:18:e1:9e:20:6b:f2:52:fc:6b:aa: 39:e9:f0:a3:bc:e7:0f:1b:03:f1:d4:4a:a0:1a:d6: 56:bc:e1:66:27:aa:1e:e5:15:eb:18:23:50:2a:2b: 00:9b:2c:68:47:a8:21:3c:86:8e:2b:31:80:d2:d4: 6c:0c:10:a0:6d:90:92:e4:05:21:bd:24:dc:70:f2: 1f:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:43:E5:C9:BA:FC:8E:42:AD:D5:CF:5E:FE:F7:36:4F:6C:78:D4:71 X509v3 Authority Key Identifier: keyid:53:5D:46:F4:04:4E:2C:C2:12:93:CC:06:1A:27:83:07:4B:DF:7A:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/535D46F4044E2CC21293CC061A2783074BDF7AE7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/146f33f2-f06e-4eb6-ae61-5529bca1cdcd/0/535D46F4044E2CC21293CC061A2783074BDF7AE7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:fb:10:75:f3:e2:b9:8d:26:3d:d9:a8:96:57:2b:b4:57:37: d6:c0:e6:e2:13:fb:d2:2c:90:88:d8:fd:0d:7e:ff:ae:b8:58: b0:c3:1c:dc:1b:b7:df:d0:bf:59:a4:46:76:b1:6b:69:38:46: 00:77:79:95:f3:89:fb:d2:ee:57:63:ad:b1:91:e6:29:af:bb: d7:0d:2e:4f:9d:7b:b9:6d:d5:77:6a:47:27:0e:ec:ee:5c:d6: b4:f7:b9:e6:7c:71:24:e9:d8:63:80:a1:f8:66:04:ef:cd:40: 7a:2a:c5:c7:c4:d9:dd:2f:a5:4e:2b:3c:a3:ac:95:3a:49:c5: 51:85:7c:be:5e:d5:e9:c9:38:41:ed:45:85:e5:f1:57:43:c0: 8c:db:a4:9e:d8:f1:c0:bb:4d:cc:27:a8:73:65:29:50:e9:b3: 11:03:aa:e6:59:72:ab:6d:b6:87:ff:4c:af:b3:57:0f:7f:ce: 5e:84:c0:5c:d6:0d:cd:c5:ca:cd:20:87:83:12:31:bf:1c:a2: f9:68:33:20:1b:3f:37:32:4c:42:a0:57:dd:c7:cb:be:6d:84: 5e:42:ab:b8:d9:92:73:72:ca:32:88:73:06:11:7a:0f:0e:99: e8:9f:5c:91:fe:48:05:cb:5c:24:61:84:d7:7c:54:7e:43:24: 34:de:27:19 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWQuBOrDs81oKHV0yfRM2VXLYSf8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTM1RDQ2RjQwNDRFMkNDMjEyOTNDQzA2MUEyNzgzMDc0 QkRGN0FFNzAeFw0yNTAyMTkwMTM2MThaFw0yNTAyMjIxMDUyMThaMDMxMTAvBgNV BAMTKDk0NDNFNUM5QkFGQzhFNDJBREQ1Q0Y1RUZFRjczNjRGNkM3OEQ0NzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7D2P2FB15xHd2D2g34kYxbc/T noGAfqFvnXnyTPzMYszn2byTBXCFlbCGvmIE6WaZytewrYLOE71MOHo9QdxODMAl xbYQe7JJGlryKbyqKEsR9QpecLfpfAxcosltunC60Wy4PTdrbrvL3zbQsffeULx8 N8rps4MGFn1ANRx3ro3GjXKNyJ0ygT9OkG/eFiwXDjdbbQdP/Y/sr7FDsN0xvjFp Q2cJ4N+DXTJjLo7a8SZDsKh2b9IWGOGeIGvyUvxrqjnp8KO85w8bA/HUSqAa1la8 4WYnqh7lFesYI1AqKwCbLGhHqCE8ho4rMYDS1GwMEKBtkJLkBSG9JNxw8h/NAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUlEPlybr8jkKt1c9e/vc2T2x41HEwHwYDVR0j BBgwFoAUU11G9AROLMISk8wGGieDB0vfeucwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x NDZmMzNmMi1mMDZlLTRlYjYtYWU2MS01NTI5YmNhMWNkY2QvMC81MzVENDZGNDA0 NEUyQ0MyMTI5M0NDMDYxQTI3ODMwNzRCREY3QUU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTM1RDQ2RjQwNDRFMkNDMjEyOTNDQzA2MUEyNzgzMDc0QkRG N0FFNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTQ2ZjMzZjItZjA2ZS00ZWI2LWFl NjEtNTUyOWJjYTFjZGNkLzAvNTM1RDQ2RjQwNDRFMkNDMjEyOTNDQzA2MUEyNzgz MDc0QkRGN0FFNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAC77EHXz4rmNJj3ZqJZXK7RXN9bA5uIT+9Is kIjY/Q1+/664WLDDHNwbt9/Qv1mkRnaxa2k4RgB3eZXzifvS7ldjrbGR5imvu9cN Lk+de7lt1XdqRycO7O5c1rT3ueZ8cSTp2GOAofhmBO/NQHoqxcfE2d0vpU4rPKOs lTpJxVGFfL5e1enJOEHtRYXl8VdDwIzbpJ7Y8cC7TcwnqHNlKVDpsxEDquZZcqtt tof/TK+zVw9/zl6EwFzWDc3Fys0gh4MSMb8covloMyAbPzcyTEKgV93Hy75thF5C q7jZknNyyjKIcwYReg8OmeifXJH+SAXLXCRhhNd8VH5DJDTeJxk= -----END CERTIFICATE-----Generated at Wed Feb 19 22:22:14 2025 by rpki-client