$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: aUGJTintU3lzsJQNmCba3CWUzzAdGPoxQ5QJMqojH0w= Subject key identifier: D8:48:7E:37:EE:53:93:20:FE:04:CB:F6:0C:99:A3:B6:2D:52:2B:61 Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 3F09EE3AD50375B2AB464C989CAFFD0CA272EF8D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 0432 Signing time: Tue 21 May 2024 17:10:51 +0000 Manifest this update: Tue 21 May 2024 17:05:51 +0000 Manifest next update: Fri 24 May 2024 20:48:51 +0000 Files and hashes: 1: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: RsjclfA4UI4Ib3XQzvsEeNxGPTVUI6STPHh+sY8Jop8=) 2: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: zg2ywZvhXk1OBE+v0Nmay43y91QU2g9xsVV4MCw8I0Y=) 3: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: NkGE7egrmKZH4727pm6vWntt61gvK28kS+95VzPF7gY=) 4: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: qpogm2kKADAUiGpU69RKsjYLPGsgnGrKjXC94Ou4EkY=) 5: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: Ph2LxEiolC6ArIBIyc7nIIe12ZHiBP++mEznYLkMNzE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 May 2024 20:48:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:09:ee:3a:d5:03:75:b2:ab:46:4c:98:9c:af:fd:0c:a2:72:ef:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: May 21 17:05:51 2024 GMT Not After : May 24 20:48:51 2024 GMT Subject: CN=D8487E37EE539320FE04CBF60C99A3B62D522B61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:4c:01:98:6d:c6:01:91:4c:9f:e2:6e:8a:cd: 4c:33:30:72:30:bb:47:e8:d3:5d:58:01:24:9b:5b: e3:f6:0c:c4:73:51:47:bf:13:c7:71:c2:db:7c:65: 47:55:f6:33:d1:8b:8a:1b:c1:b1:1e:ee:46:6c:81: 8d:77:63:d3:cf:f8:94:86:7d:95:be:9e:1c:6c:e7: 86:08:1f:1f:e8:31:52:b1:12:42:90:04:37:b1:10: 3a:5b:50:7d:37:42:4a:45:5e:1c:82:bd:f0:ad:26: e3:25:e4:11:6f:b4:b7:da:6a:b9:a8:e7:12:af:fa: 53:51:ed:1b:d7:0c:25:bf:4d:fd:53:83:1d:02:8e: 88:70:39:2b:3a:e2:e3:81:66:db:b6:b3:a5:e8:40: b5:a3:bc:b2:16:6a:85:31:6c:23:c1:b3:48:77:bd: 63:57:05:77:0d:b5:82:2c:11:f5:e4:43:f6:ad:e0: c2:0c:61:45:f9:0f:4b:67:94:63:96:dd:0f:65:04: c1:50:2a:e7:9f:8a:ad:df:80:bd:99:21:99:38:ff: a1:5a:7a:a1:ea:11:12:20:06:10:96:ac:ed:b1:07: 53:a6:06:ea:fc:ad:8b:6a:7d:dc:28:32:ca:c2:f2: 29:40:be:17:04:fb:3b:6d:de:08:bc:92:67:c8:0b: aa:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:48:7E:37:EE:53:93:20:FE:04:CB:F6:0C:99:A3:B6:2D:52:2B:61 X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:db:a9:5e:5b:50:e1:b4:6f:79:28:8f:9a:6d:88:3e:62:10: 31:72:34:86:e0:b3:c3:5b:30:e5:31:b4:de:4b:f5:12:49:e0: 5a:67:8c:01:8f:73:8e:bb:c5:8c:d9:1a:7e:eb:0c:da:f5:cb: 28:e3:58:db:9c:bb:62:2c:70:e5:1d:a2:d5:d2:a4:6e:2c:37: fc:d0:80:12:5b:fd:d0:35:b0:e7:dd:13:e4:2e:64:09:2f:82: 06:10:4d:d1:80:e6:18:b2:c0:81:a0:19:e3:e2:1e:ed:0a:a8: 34:9e:57:94:9c:38:1d:99:66:9f:e6:f0:d5:88:f5:23:15:73: 24:1d:5d:1c:1a:d6:b9:8f:25:47:a3:c8:f2:fe:6f:1b:18:f8: 01:07:a0:d1:df:67:b1:b9:e9:ca:fa:7f:bf:a1:71:50:54:6a: 59:2c:56:f4:5b:95:5a:d8:a3:a4:66:f6:68:cd:59:f3:4c:3e: 90:71:e4:7d:ec:db:bc:ad:d9:b0:f8:44:09:a4:d1:93:74:83: 82:15:46:4c:c3:ac:cf:0b:97:46:db:7a:02:23:e5:71:15:d0: 0c:ce:2e:7c:b4:b1:cc:cc:96:06:c7:fe:e0:ba:b7:10:6f:58: 12:68:69:df:77:6a:ac:1f:c5:6a:14:c9:fe:cc:b5:2c:b4:7a: e0:76:63:23 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPwnuOtUDdbKrRkyYnK/9DKJy740wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNDA1MjExNzA1NTFaFw0yNDA1MjQyMDQ4NTFaMDMxMTAvBgNV BAMTKEQ4NDg3RTM3RUU1MzkzMjBGRTA0Q0JGNjBDOTlBM0I2MkQ1MjJCNjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwTAGYbcYBkUyf4m6KzUwzMHIw u0fo011YASSbW+P2DMRzUUe/E8dxwtt8ZUdV9jPRi4obwbEe7kZsgY13Y9PP+JSG fZW+nhxs54YIHx/oMVKxEkKQBDexEDpbUH03QkpFXhyCvfCtJuMl5BFvtLfaarmo 5xKv+lNR7RvXDCW/Tf1Tgx0CjohwOSs64uOBZtu2s6XoQLWjvLIWaoUxbCPBs0h3 vWNXBXcNtYIsEfXkQ/at4MIMYUX5D0tnlGOW3Q9lBMFQKuefiq3fgL2ZIZk4/6Fa eqHqERIgBhCWrO2xB1OmBur8rYtqfdwoMsrC8ilAvhcE+ztt3gi8kmfIC6phAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU2Eh+N+5TkyD+BMv2DJmjti1SK2EwHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHPbqV5bUOG0b3koj5ptiD5iEDFyNIbgs8Nb MOUxtN5L9RJJ4FpnjAGPc467xYzZGn7rDNr1yyjjWNucu2IscOUdotXSpG4sN/zQ gBJb/dA1sOfdE+QuZAkvggYQTdGA5hiywIGgGePiHu0KqDSeV5ScOB2ZZp/m8NWI 9SMVcyQdXRwa1rmPJUejyPL+bxsY+AEHoNHfZ7G56cr6f7+hcVBUalksVvRblVrY o6Rm9mjNWfNMPpBx5H3s27yt2bD4RAmk0ZN0g4IVRkzDrM8Ll0bbegIj5XEV0AzO Lny0sczMlgbH/uC6txBvWBJoad93aqwfxWoUyf7MtSy0euB2YyM= -----END CERTIFICATE-----Generated at Tue May 21 20:05:05 2024 by rpki-client on console-ams.rpki-client.org