$ rpki-client -vvf repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft File: CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft (raw, json) Hash identifier: pG5GQa4/OkuVBYpFXBs6jgeRmhJ8QLqvn79A8Be8f8k= Subject key identifier: B7:DB:C6:9D:BA:ED:BB:35:12:C3:41:1B:32:0C:89:E4:35:EB:92:D1 Authority key identifier: CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C Certificate issuer: /CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Certificate serial: 2161581F778682DB12EF2FDB78E33657459295C0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft Manifest number: 0329 Signing time: Tue 11 Mar 2025 18:22:12 +0000 Manifest this update: Tue 11 Mar 2025 18:17:12 +0000 Manifest next update: Fri 14 Mar 2025 23:02:12 +0000 Files and hashes: 1: CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl (hash: 1rrQVco/uiqPhhfJKtMWCmekHteHlMBOlWdfg4bxlLE=) 2: 323030313a6466303a663730303a3a2f34382d3438203d3e20313339333939.roa (hash: iv2SAjyHSWCSm/Qp+qCzqgF4lXDrzm6Us1pHd8OSMEA=) 3: 3132332e3235332e3234342e302f32322d3234203d3e20313339333939.roa (hash: J0yFIU8yPJPvRf3j8RKfhubQW1HtIykVJHVnsQp+Y88=) 4: 3130332e39312e32382e302f32322d3234203d3e203338343936.roa (hash: ZrInKy3rN8CQHG74U5DNNhQz02tlUukWAziTX5F6+yM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 14 Mar 2025 23:02:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:61:58:1f:77:86:82:db:12:ef:2f:db:78:e3:36:57:45:92:95:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Validity Not Before: Mar 11 18:17:12 2025 GMT Not After : Mar 14 23:02:12 2025 GMT Subject: CN=B7DBC69DBAEDBB3512C3411B320C89E435EB92D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:05:d8:d6:2d:c6:29:18:98:e5:d8:c7:9f:22: 89:78:7b:ff:e7:51:d0:5c:08:f3:6c:ee:dd:28:cb: eb:a6:6a:b0:9e:84:99:03:12:11:67:0c:2b:13:42: 86:a4:82:0e:28:ef:7f:e4:38:1e:68:f8:5c:60:43: 9a:f7:ec:23:3e:20:90:f4:a8:2e:59:56:48:69:e9: b3:a2:49:58:90:88:9d:91:c8:b1:ef:c9:1c:70:da: 92:c0:11:e0:61:51:9a:0b:e7:ef:5a:05:15:ea:73: 0c:5f:18:72:aa:1b:af:b4:d9:03:3a:5d:c9:7d:74: 6d:a1:9f:93:53:36:74:aa:bc:67:bf:00:70:b7:8e: 40:95:ff:a5:78:a3:35:7b:37:b2:27:12:e1:d2:1a: 7b:bf:28:28:b8:f9:ab:8f:c7:b7:01:c7:7b:94:4d: dc:89:9a:b8:74:7c:94:ce:fe:e2:ef:5b:21:6b:df: 60:ec:f5:7f:b7:f3:91:52:cd:a0:7f:46:7b:9a:31: c1:5e:d4:b5:c3:ce:c8:63:8f:1a:55:1b:ec:b3:5e: 2a:a1:ff:2f:fe:35:c0:a2:b4:49:1d:6a:5e:41:0c: 6d:57:06:60:a1:05:67:ea:f7:c1:fa:fd:cd:89:66: 53:bc:e2:77:0a:80:5a:7c:6a:a7:cd:49:29:63:e1: d0:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:DB:C6:9D:BA:ED:BB:35:12:C3:41:1B:32:0C:89:E4:35:EB:92:D1 X509v3 Authority Key Identifier: keyid:CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b2:74:fd:0c:f6:9f:aa:81:82:b7:4a:70:ed:e4:5a:93:0d:10: 64:f8:33:0e:95:d8:4a:63:d1:49:ae:15:b3:4b:ca:17:54:0f: ea:7e:46:e9:22:58:94:f8:80:61:70:8a:ce:2e:43:61:8c:4c: a5:7e:71:7a:de:77:41:12:2d:dd:5a:a6:8c:09:67:53:13:48: 78:f5:5b:f3:0e:e4:7a:1c:ec:6c:98:d0:12:de:2b:f3:01:e1: 73:5a:70:e4:76:8f:09:39:fc:13:62:7b:7f:7b:de:b0:28:15: 34:77:a3:4a:6a:78:b9:73:60:20:85:1f:1c:6f:27:b2:5d:ed: a9:f4:b5:93:64:43:a3:0c:fd:c3:0b:df:5d:f2:36:42:78:8f: b3:ba:c9:c7:a5:cc:e3:07:ba:75:d4:ed:ae:85:67:b2:f2:41: 9c:dc:d9:3f:7c:f9:cf:e1:aa:94:c5:ff:08:bc:72:8c:cd:e1: f3:e6:a9:35:84:88:5a:ee:60:e2:c9:d0:91:9d:72:8c:ef:74: 5a:f4:f8:04:e8:62:c9:77:e9:a0:01:47:b0:5b:1f:f6:5f:a4: 4c:78:af:dd:6d:a5:70:66:bc:d7:4f:d1:fb:85:03:d6:a4:2f: 29:fc:12:c6:e9:55:df:c9:b5:df:5f:a4:a6:1c:31:e0:ce:ef: 32:42:6b:4a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIWFYH3eGgtsS7y/beOM2V0WSlcAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRD RkQ3RTI2QzAeFw0yNTAzMTExODE3MTJaFw0yNTAzMTQyMzAyMTJaMDMxMTAvBgNV BAMTKEI3REJDNjlEQkFFREJCMzUxMkMzNDExQjMyMEM4OUU0MzVFQjkyRDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5BdjWLcYpGJjl2MefIol4e//n UdBcCPNs7t0oy+umarCehJkDEhFnDCsTQoakgg4o73/kOB5o+FxgQ5r37CM+IJD0 qC5ZVkhp6bOiSViQiJ2RyLHvyRxw2pLAEeBhUZoL5+9aBRXqcwxfGHKqG6+02QM6 Xcl9dG2hn5NTNnSqvGe/AHC3jkCV/6V4ozV7N7InEuHSGnu/KCi4+auPx7cBx3uU TdyJmrh0fJTO/uLvWyFr32Ds9X+385FSzaB/RnuaMcFe1LXDzshjjxpVG+yzXiqh /y/+NcCitEkdal5BDG1XBmChBWfq98H6/c2JZlO84ncKgFp8aqfNSSlj4dBrAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUt9vGnbrtuzUSw0EbMgyJ5DXrktEwHwYDVR0j BBgwFoAUynBPeF6liz9lnm48j3Hi1M/X4mwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NDIxOTg1Yi1hMGU2LTRlMDUtYmVmNi1mZTZmNWE2ZTJmNDMvMC9DQTcwNEY3ODVF QTU4QjNGNjU5RTZFM0M4RjcxRTJENENGRDdFMjZDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRDRkQ3 RTI2Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDQyMTk4NWItYTBlNi00ZTA1LWJl ZjYtZmU2ZjVhNmUyZjQzLzAvQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUy RDRDRkQ3RTI2Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALJ0/Qz2n6qBgrdKcO3kWpMNEGT4Mw6V2Epj 0UmuFbNLyhdUD+p+RukiWJT4gGFwis4uQ2GMTKV+cXred0ESLd1apowJZ1MTSHj1 W/MO5Hoc7GyY0BLeK/MB4XNacOR2jwk5/BNie3973rAoFTR3o0pqeLlzYCCFHxxv J7Jd7an0tZNkQ6MM/cML313yNkJ4j7O6ycelzOMHunXU7a6FZ7LyQZzc2T98+c/h qpTF/wi8cozN4fPmqTWEiFruYOLJ0JGdcozvdFr0+AToYsl36aABR7BbH/ZfpEx4 r91tpXBmvNdP0fuFA9akLyn8EsbpVd/Jtd9fpKYcMeDO7zJCa0o= -----END CERTIFICATE-----Generated at Thu Mar 13 21:31:34 2025 by rpki-client