$ rpki-client -vvf repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft File: 4AA76DED689FD4420809D0962087A03BCF018FEA.mft (raw, json) Hash identifier: ZS1KLMEIv0mA9V59WrQchQaSisg3RQgYZzz31x4tKAg= Subject key identifier: 4F:5C:DA:AF:9C:D1:C3:3C:F3:64:4F:02:69:4B:24:E6:A2:6C:D9:33 Authority key identifier: 4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA Certificate issuer: /CN=4AA76DED689FD4420809D0962087A03BCF018FEA Certificate serial: 67ED56F7B3B06E5472C8D1D232586BF5A6B3B05F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft Manifest number: 96 Signing time: Tue 03 Jun 2025 02:23:18 +0000 Manifest this update: Tue 03 Jun 2025 02:18:18 +0000 Manifest next update: Fri 06 Jun 2025 03:14:18 +0000 Files and hashes: 1: 3130332e39392e3133362e302f32342d3234203d3e20313531353735.roa (hash: O0N8YnmOgvwU8r8KKC4SJAWcGP/YV+Rw0wgGJ4ZOg7I=) 2: 3130332e39392e3133362e302f32332d3233203d3e20313531353735.roa (hash: fDg3pcJLO4nMKHIhIadc4UOWwJA6xSlIAC7zIOEu60s=) 3: 3130332e39392e3133372e302f32342d3234203d3e20313531353735.roa (hash: t1oPzu4VEOt7+PmdI8majMljNsaF8ctMOjhLL1SL0Go=) 4: 323030313a6466343a3763303a3a2f34382d3438203d3e20313531353735.roa (hash: ONsSDNwNCKSQA0g6zXrNIJFeG1JttoPkAupg3mK+FJ4=) 5: 4AA76DED689FD4420809D0962087A03BCF018FEA.crl (hash: PkOJzf44nC2gGwLvGVa4BDQGOzWJFwEKpzAC8zvSBG0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 03:14:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:ed:56:f7:b3:b0:6e:54:72:c8:d1:d2:32:58:6b:f5:a6:b3:b0:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4AA76DED689FD4420809D0962087A03BCF018FEA Validity Not Before: Jun 3 02:18:18 2025 GMT Not After : Jun 6 03:14:18 2025 GMT Subject: CN=4F5CDAAF9CD1C33CF3644F02694B24E6A26CD933 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:79:55:c5:5c:23:f6:1d:d4:bd:6c:4f:ba:0b: cc:b9:37:56:d7:50:92:9a:c8:b4:a8:a0:e7:6b:fc: fb:02:2f:2e:8d:fd:00:10:dc:40:5c:e0:fd:02:64: bd:94:f6:f4:4f:85:f1:04:0b:96:d9:42:f4:26:cb: 3b:21:0a:f9:90:4a:50:b6:27:10:6a:15:38:3b:3c: 5a:25:23:66:72:79:43:43:bb:33:3e:1a:11:c3:14: 8a:25:51:ff:e0:dd:b0:af:38:bb:9c:b8:38:b5:a5: dd:a0:5a:a8:cd:38:2b:50:c0:23:4c:98:a6:96:ef: 36:f2:e0:de:7d:ba:f9:7e:2f:91:0b:a3:d1:1d:b0: cb:95:92:16:75:f4:ff:c1:74:4d:f0:3c:75:41:75: dd:be:9a:3c:86:7b:e8:66:00:81:27:0d:57:bd:61: 5d:c6:fb:6d:d7:a6:7b:cc:6b:e0:1d:99:c9:ba:7a: 4b:95:5a:7c:62:61:e7:32:07:3f:ab:39:1c:da:82: c4:3f:d8:40:0d:61:13:c8:55:5a:65:82:b8:86:69: 80:6c:c7:81:6a:9f:07:5c:4f:11:54:d8:31:b1:b3: 2e:6a:1a:e6:53:62:31:f9:54:3e:03:be:4f:6f:ab: 66:e3:9a:37:56:c2:f0:d9:b7:c4:b8:16:ab:b7:c0: 46:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:5C:DA:AF:9C:D1:C3:3C:F3:64:4F:02:69:4B:24:E6:A2:6C:D9:33 X509v3 Authority Key Identifier: keyid:4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:d1:10:be:d1:53:a3:d7:81:bc:94:cd:50:5f:98:17:14:e2: d0:f3:34:65:6b:c4:ad:76:52:f4:87:b4:3e:28:27:d1:90:6c: d7:26:9f:07:4e:dc:ab:bd:83:11:b7:36:5f:8b:99:d8:5c:88: c1:e5:16:6b:be:2f:ba:9e:19:5c:a7:4f:35:43:bf:11:9a:dd: 24:aa:4f:db:4a:ed:08:70:73:e5:79:f3:c8:ed:4b:02:3a:6b: ec:f3:09:72:f2:88:c1:8e:29:c1:d8:72:e7:63:4e:ec:24:fc: 29:3f:05:47:43:8c:e2:5d:1f:96:5f:7a:a8:43:82:2c:ee:9a: dd:12:aa:d8:ba:26:2d:83:b9:4c:e8:d1:bd:8b:3f:69:66:c6: ca:c1:f8:5d:96:56:2a:c6:96:c7:6f:21:96:a8:86:80:69:2b: a6:34:6c:4a:1c:12:b1:24:b9:68:98:bf:6f:a1:48:bb:a7:61: 36:73:12:e2:0a:e6:29:1d:19:8a:dd:cd:bb:ed:31:a2:52:05: 86:2e:2b:e4:56:a9:b9:ba:6a:f0:a5:1e:89:1e:d5:dc:65:0d: 49:2f:b2:44:dc:bc:4e:d9:ad:4b:4a:46:12:7f:8a:6b:b6:57: b2:31:6a:cb:b1:37:26:f2:be:25:e5:af:d7:4b:62:ab:6f:53: 43:05:7d:5d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZ+1W97OwblRyyNHSMlhr9aazsF8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JD RjAxOEZFQTAeFw0yNTA2MDMwMjE4MThaFw0yNTA2MDYwMzE0MThaMDMxMTAvBgNV BAMTKDRGNUNEQUFGOUNEMUMzM0NGMzY0NEYwMjY5NEIyNEU2QTI2Q0Q5MzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCveVXFXCP2HdS9bE+6C8y5N1bX UJKayLSooOdr/PsCLy6N/QAQ3EBc4P0CZL2U9vRPhfEEC5bZQvQmyzshCvmQSlC2 JxBqFTg7PFolI2ZyeUNDuzM+GhHDFIolUf/g3bCvOLucuDi1pd2gWqjNOCtQwCNM mKaW7zby4N59uvl+L5ELo9EdsMuVkhZ19P/BdE3wPHVBdd2+mjyGe+hmAIEnDVe9 YV3G+23XpnvMa+Admcm6ekuVWnxiYecyBz+rORzagsQ/2EANYRPIVVplgriGaYBs x4FqnwdcTxFU2DGxsy5qGuZTYjH5VD4Dvk9vq2bjmjdWwvDZt8S4Fqu3wEajAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUT1zar5zRwzzzZE8CaUsk5qJs2TMwHwYDVR0j BBgwFoAUSqdt7Wif1EIICdCWIIegO88Bj+owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YzI4MGFmMy1hYTFkLTQyNzEtOGMwNi1hM2ZhMjg4OTg0MjYvMC80QUE3NkRFRDY4 OUZENDQyMDgwOUQwOTYyMDg3QTAzQkNGMDE4RkVBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JDRjAx OEZFQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmMyODBhZjMtYWExZC00MjcxLThj MDYtYTNmYTI4ODk4NDI2LzAvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0Ew M0JDRjAxOEZFQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJjREL7RU6PXgbyUzVBfmBcU4tDzNGVrxK12 UvSHtD4oJ9GQbNcmnwdO3Ku9gxG3Nl+LmdhciMHlFmu+L7qeGVynTzVDvxGa3SSq T9tK7Qhwc+V588jtSwI6a+zzCXLyiMGOKcHYcudjTuwk/Ck/BUdDjOJdH5ZfeqhD gizumt0Sqti6Ji2DuUzo0b2LP2lmxsrB+F2WVirGlsdvIZaohoBpK6Y0bEocErEk uWiYv2+hSLunYTZzEuIK5ikdGYrdzbvtMaJSBYYuK+RWqbm6avClHoke1dxlDUkv skTcvE7ZrUtKRhJ/imu2V7IxasuxNybyviXlr9dLYqtvU0MFfV0= -----END CERTIFICATE-----Generated at Tue Jun 3 23:10:32 2025 by rpki-client