$ rpki-client -vvf repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft File: A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft (raw, json) Hash identifier: p+56uZlN2Z7AAwLRa38LZNNeKQ9aGq3CNxLNN2EC6+0= Subject key identifier: 17:1D:14:7D:76:35:CB:1A:0D:A8:F0:45:7D:AB:5A:03:27:C0:89:7D Authority key identifier: A2:1B:A7:0D:F8:EE:47:0F:E7:A6:03:85:B6:65:38:42:57:0E:D3:A4 Certificate issuer: /CN=A21BA70DF8EE470FE7A60385B6653842570ED3A4 Certificate serial: 29763E2B2B3F6649E2B243791511512041872F87 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft Manifest number: 14 Signing time: Tue 08 Apr 2025 15:11:15 +0000 Manifest this update: Tue 08 Apr 2025 15:06:15 +0000 Manifest next update: Fri 11 Apr 2025 20:36:15 +0000 Files and hashes: 1: 3136302e32352e3234392e302f32342d3234203d3e20313336303939.roa (hash: fAL9MfqpRcilmiK6cDbN2CreeawZppTYa6tvP1zgN7Y=) 2: A21BA70DF8EE470FE7A60385B6653842570ED3A4.crl (hash: XiYBeuG0QytQ9s25d2zkVOXus/D9EkYJGbxqfLFWNVk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.crl rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 20:36:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:76:3e:2b:2b:3f:66:49:e2:b2:43:79:15:11:51:20:41:87:2f:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A21BA70DF8EE470FE7A60385B6653842570ED3A4 Validity Not Before: Apr 8 15:06:15 2025 GMT Not After : Apr 11 20:36:15 2025 GMT Subject: CN=171D147D7635CB1A0DA8F0457DAB5A0327C0897D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:d9:15:a3:3e:d1:f0:7b:09:b2:17:62:a5:fe: 33:da:09:a4:9e:18:83:bf:43:57:ee:5a:ef:50:92: 64:b4:e9:ad:f5:a9:8c:ff:df:8c:36:ad:18:ab:fb: aa:9f:cc:71:11:81:05:3c:4a:80:f0:92:ce:a3:4f: 27:11:dc:2f:db:98:8e:fd:41:55:fe:79:87:c0:0d: 9f:ab:cc:03:8f:9e:77:95:ba:67:b7:49:78:f2:1f: fd:50:e0:08:98:9c:22:f0:9b:df:96:c7:f3:3d:72: 3b:12:eb:aa:4c:57:05:38:07:39:6d:ee:a0:16:7d: 56:a7:f1:c5:97:7c:f0:15:0b:f4:a4:fd:e6:85:c5: 48:15:13:31:15:f7:2c:4f:e9:7d:84:e7:7c:5c:d1: 18:4d:ef:81:a4:dd:ff:bf:cf:52:06:e9:f5:f5:55: 33:6b:e9:2c:30:35:bd:e1:a7:33:5d:fe:cd:23:84: 98:33:c8:b3:75:1e:8e:28:df:b3:eb:4c:4a:ce:8f: 3e:9e:72:81:48:d2:9d:48:3a:61:27:16:97:c6:2c: 42:f7:03:8d:db:c9:55:30:d1:f5:3b:00:f5:19:d1: 12:44:ab:a0:69:49:7e:84:12:2f:54:b1:a7:53:e9: b5:90:c0:5e:33:42:86:22:4f:11:89:c9:58:f1:4b: 16:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:1D:14:7D:76:35:CB:1A:0D:A8:F0:45:7D:AB:5A:03:27:C0:89:7D X509v3 Authority Key Identifier: keyid:A2:1B:A7:0D:F8:EE:47:0F:E7:A6:03:85:B6:65:38:42:57:0E:D3:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/41405545-c35d-4de1-9618-44b5f417a303/1/A21BA70DF8EE470FE7A60385B6653842570ED3A4.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:06:ac:8b:73:7c:3c:b8:5d:81:1e:6a:0a:47:c4:bd:18:85: 57:ce:08:72:d6:f2:f8:ca:9b:12:11:d8:35:3d:b3:c0:34:30: 59:48:a9:e4:88:77:59:41:6f:ee:c4:d7:22:c0:83:f4:57:46: 6f:09:74:1f:b5:a7:73:0b:4a:a7:2c:fb:c0:71:3d:a4:4c:82: 2b:2c:d4:fc:96:e2:f5:43:24:90:12:2e:58:6d:32:70:9e:ba: e4:c3:95:c4:3c:c3:bf:fe:9a:95:09:d5:eb:11:0f:eb:ab:48: a6:17:f9:c3:06:b2:e5:d3:74:d3:bf:a4:7b:f7:b0:65:6b:0c: c5:92:64:a4:0a:4a:2d:b8:f6:4f:17:2a:0d:9d:4b:b6:75:6f: 7c:5e:4b:79:54:64:3e:5e:3e:65:00:51:49:c4:da:ef:23:b0: 59:41:90:33:11:29:d8:59:13:fb:8e:7c:e2:c9:b6:b5:f1:79: e6:6d:88:5f:8f:36:1f:3e:73:09:e3:81:30:b2:8c:56:cf:07: 4f:bd:2e:f8:52:42:7e:da:52:ac:da:e9:cb:ee:16:ed:3f:8d: f9:1a:39:dc:b8:89:a6:b6:21:f9:c8:3b:8b:10:a9:f8:0d:ab: 8c:88:6f:ca:53:e4:1e:e8:aa:b0:0a:82:9b:51:bd:63:a0:9c: cc:b8:1b:5c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKXY+Kys/ZkniskN5FRFRIEGHL4cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTIxQkE3MERGOEVFNDcwRkU3QTYwMzg1QjY2NTM4NDI1 NzBFRDNBNDAeFw0yNTA0MDgxNTA2MTVaFw0yNTA0MTEyMDM2MTVaMDMxMTAvBgNV BAMTKDE3MUQxNDdENzYzNUNCMUEwREE4RjA0NTdEQUI1QTAzMjdDMDg5N0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb2RWjPtHwewmyF2Kl/jPaCaSe GIO/Q1fuWu9QkmS06a31qYz/34w2rRir+6qfzHERgQU8SoDwks6jTycR3C/bmI79 QVX+eYfADZ+rzAOPnneVume3SXjyH/1Q4AiYnCLwm9+Wx/M9cjsS66pMVwU4Bzlt 7qAWfVan8cWXfPAVC/Sk/eaFxUgVEzEV9yxP6X2E53xc0RhN74Gk3f+/z1IG6fX1 VTNr6SwwNb3hpzNd/s0jhJgzyLN1Ho4o37PrTErOjz6ecoFI0p1IOmEnFpfGLEL3 A43byVUw0fU7APUZ0RJEq6BpSX6EEi9UsadT6bWQwF4zQoYiTxGJyVjxSxbvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUFx0UfXY1yxoNqPBFfataAyfAiX0wHwYDVR0j BBgwFoAUohunDfjuRw/npgOFtmU4QlcO06QwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 MTQwNTU0NS1jMzVkLTRkZTEtOTYxOC00NGI1ZjQxN2EzMDMvMS9BMjFCQTcwREY4 RUU0NzBGRTdBNjAzODVCNjY1Mzg0MjU3MEVEM0E0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQTIxQkE3MERGOEVFNDcwRkU3QTYwMzg1QjY2NTM4NDI1NzBF RDNBNC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDE0MDU1NDUtYzM1ZC00ZGUxLTk2 MTgtNDRiNWY0MTdhMzAzLzEvQTIxQkE3MERGOEVFNDcwRkU3QTYwMzg1QjY2NTM4 NDI1NzBFRDNBNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIgGrItzfDy4XYEeagpHxL0YhVfOCHLW8vjK mxIR2DU9s8A0MFlIqeSId1lBb+7E1yLAg/RXRm8JdB+1p3MLSqcs+8BxPaRMgiss 1PyW4vVDJJASLlhtMnCeuuTDlcQ8w7/+mpUJ1esRD+urSKYX+cMGsuXTdNO/pHv3 sGVrDMWSZKQKSi249k8XKg2dS7Z1b3xeS3lUZD5ePmUAUUnE2u8jsFlBkDMRKdhZ E/uOfOLJtrXxeeZtiF+PNh8+cwnjgTCyjFbPB0+9LvhSQn7aUqza6cvuFu0/jfka Ody4iaa2IfnIO4sQqfgNq4yIb8pT5B7oqrAKgptRvWOgnMy4G1w= -----END CERTIFICATE-----Generated at Wed Apr 9 16:58:01 2025 by rpki-client