$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: BIWbL1jrqD7dyECEUxvUaUf1xZZVr5+1HY8VX8Jymlc= Subject key identifier: 82:2F:F7:38:BD:44:77:9A:81:FE:93:21:4C:F8:9B:77:C5:1C:B3:6E Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 48D6B832B4741C4E5987F87EBE1504802FD69D03 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 04DA Signing time: Wed 04 Jun 2025 03:40:56 +0000 Manifest this update: Wed 04 Jun 2025 03:35:56 +0000 Manifest next update: Sat 07 Jun 2025 08:02:56 +0000 Files and hashes: 1: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: S+MMrSxkm+20Gx180EdlH1YNBkEDPrj8PEBtJ4+Q9J4=) 2: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) 3: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: 3Y905/IqiCPCFGG8o/n5jk+yNT4z//Nnpph4Zc1tUHg=) 4: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) 5: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 08:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:d6:b8:32:b4:74:1c:4e:59:87:f8:7e:be:15:04:80:2f:d6:9d:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Jun 4 03:35:56 2025 GMT Not After : Jun 7 08:02:56 2025 GMT Subject: CN=822FF738BD44779A81FE93214CF89B77C51CB36E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:e8:8d:07:e9:fa:d8:24:a6:03:6f:32:70:9d: 18:b0:c1:f3:46:a4:d0:76:fa:6d:51:c4:9e:3c:f5: 77:13:a2:ff:38:8c:1c:a7:6d:54:53:45:23:cb:6d: e2:90:df:c4:ef:7c:aa:0e:24:58:fd:d3:25:48:af: f4:a5:5b:e0:ea:be:1f:cb:0d:7b:7c:0c:d4:45:af: f0:5e:95:fe:bd:86:8f:02:f7:f5:2b:b2:2f:35:ca: 60:f1:30:09:44:3b:b9:94:b4:6e:1f:78:2a:1f:cd: f4:c0:6d:ce:73:4c:dc:b8:e4:0d:f8:f3:84:3c:54: 1a:10:a9:fb:8b:cb:d2:10:fd:99:69:fa:5f:0f:8f: 36:b7:d2:93:95:0a:91:85:a6:d8:09:07:9f:06:fd: d6:71:c5:b3:7c:68:da:5c:08:af:eb:50:9a:ac:57: a4:1c:f7:88:d8:af:6b:9a:5c:a8:b7:e7:f0:51:18: a6:94:6d:dc:92:32:1a:73:6a:fc:99:92:80:c1:3a: c2:3e:6b:3f:05:0c:5d:b4:2f:3b:b8:d0:08:a4:27: a7:51:be:a4:1e:32:f7:8e:b3:7f:e7:e1:03:54:46: 4f:bc:5c:19:bc:96:ac:e2:c7:a0:0b:06:f8:b0:95: 34:5b:cf:38:0e:4b:67:5b:33:e3:52:b3:6c:3e:86: b1:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:2F:F7:38:BD:44:77:9A:81:FE:93:21:4C:F8:9B:77:C5:1C:B3:6E X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:a9:16:f8:73:43:23:f1:25:cc:6c:77:0d:fe:bb:5e:7c:7e: 59:21:22:48:c0:0e:65:43:64:e8:54:21:e4:55:08:e6:45:ce: 5f:30:c1:b2:e0:23:85:e4:c8:b7:71:28:b3:b9:0a:8b:48:f7: df:ad:bf:6c:4e:87:8b:83:36:a0:db:14:23:27:0b:d2:49:c5: 13:e6:5a:77:2c:01:76:d8:6b:c3:2e:f8:7b:87:3e:1f:8f:a2: 84:7e:7d:10:ce:dd:3a:85:6f:47:0b:7d:36:11:1d:17:7e:f6: 5a:a6:35:cb:00:e1:40:5c:6b:58:64:c1:79:e6:eb:d5:f3:28: 4e:47:ad:f8:a9:c6:ea:64:96:f0:21:b9:16:aa:05:44:ca:4e: f4:88:b7:39:35:04:27:77:91:75:2e:82:31:22:60:08:a7:74: 5f:4d:84:00:2a:af:3c:13:00:4f:be:1d:31:a6:c6:0e:ab:96: ca:7f:b9:1c:3b:95:ab:46:90:4c:04:4e:26:9b:02:98:cf:93: b8:ac:04:0c:c9:70:79:58:9a:dc:85:7b:f8:77:fd:72:99:ba: e6:9f:a9:09:6c:b8:90:a8:c7:68:96:25:a3:06:41:97:5d:8e: d0:ae:ad:1e:f4:f9:2b:36:d7:fa:44:73:38:29:9f:5e:2b:93: 86:eb:13:db -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSNa4MrR0HE5Zh/h+vhUEgC/WnQMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTA2MDQwMzM1NTZaFw0yNTA2MDcwODAyNTZaMDMxMTAvBgNV BAMTKDgyMkZGNzM4QkQ0NDc3OUE4MUZFOTMyMTRDRjg5Qjc3QzUxQ0IzNkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC86I0H6frYJKYDbzJwnRiwwfNG pNB2+m1RxJ489XcTov84jBynbVRTRSPLbeKQ38TvfKoOJFj90yVIr/SlW+Dqvh/L DXt8DNRFr/Belf69ho8C9/Ursi81ymDxMAlEO7mUtG4feCofzfTAbc5zTNy45A34 84Q8VBoQqfuLy9IQ/Zlp+l8Pjza30pOVCpGFptgJB58G/dZxxbN8aNpcCK/rUJqs V6Qc94jYr2uaXKi35/BRGKaUbdySMhpzavyZkoDBOsI+az8FDF20Lzu40AikJ6dR vqQeMveOs3/n4QNURk+8XBm8lqzix6ALBviwlTRbzzgOS2dbM+NSs2w+hrF5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUgi/3OL1Ed5qB/pMhTPibd8Ucs24wHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAI2pFvhzQyPxJcxsdw3+u158flkhIkjADmVD ZOhUIeRVCOZFzl8wwbLgI4XkyLdxKLO5CotI99+tv2xOh4uDNqDbFCMnC9JJxRPm WncsAXbYa8Mu+HuHPh+PooR+fRDO3TqFb0cLfTYRHRd+9lqmNcsA4UBca1hkwXnm 69XzKE5HrfipxupklvAhuRaqBUTKTvSItzk1BCd3kXUugjEiYAindF9NhAAqrzwT AE++HTGmxg6rlsp/uRw7latGkEwETiabApjPk7isBAzJcHlYmtyFe/h3/XKZuuaf qQlsuJCox2iWJaMGQZddjtCurR70+Ss21/pEczgpn14rk4brE9s= -----END CERTIFICATE-----Generated at Thu Jun 5 18:19:02 2025 by rpki-client