$ rpki-client -vvf repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft File: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft (raw, json) Hash identifier: 7vHu6MZ9oE8KYy83wv17zv0kTWati/jQyV2uD8tEsgg= Subject key identifier: 21:57:9F:13:CC:0D:C1:45:D5:C9:C1:7C:BE:6F:B6:64:C6:03:3E:47 Authority key identifier: 28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC Certificate issuer: /CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Certificate serial: 597CF33012B7492B71967D0BA73127808DA8D755 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft Manifest number: 3C Signing time: Thu 17 Apr 2025 16:11:57 +0000 Manifest this update: Thu 17 Apr 2025 16:06:57 +0000 Manifest next update: Mon 21 Apr 2025 02:35:57 +0000 Files and hashes: 1: 3130332e3135352e3139302e302f32342d3234203d3e20313431303637.roa (hash: sz4VmdCTe+rtqXvjcCCv+oeArdLugQ/bUPNEnmt0I5U=) 2: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl (hash: Ae9RKpvjjTUcUiOQhvz7UMXB0dRrUq5G5WEICaMtheE=) 3: 3130332e3135352e3139312e302f32342d3234203d3e20313431303637.roa (hash: sCyLtPxP1W6eDrRKM5zzBxs1T1DM9NmEIRenFAs3CLU=) 4: 323430363a373534303a3a2f33322d3332203d3e20313431303637.roa (hash: bv6pC6gX0eRc1LFkXxFUMTO8NK/3ORK3VMfpVTQQLkE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 02:35:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:7c:f3:30:12:b7:49:2b:71:96:7d:0b:a7:31:27:80:8d:a8:d7:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Validity Not Before: Apr 17 16:06:57 2025 GMT Not After : Apr 21 02:35:57 2025 GMT Subject: CN=21579F13CC0DC145D5C9C17CBE6FB664C6033E47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:1d:96:60:5a:0c:07:97:d0:94:de:30:25:38: 53:09:a8:fe:32:bf:3e:b3:4e:a0:74:ab:e9:48:27: 05:3e:0f:34:aa:e6:ec:21:e7:7c:02:b6:00:f1:cf: de:15:91:81:fb:5b:d3:6a:b0:34:4d:ab:03:15:32: bd:c6:91:36:38:e2:ec:84:bd:c9:1f:0a:d1:f7:df: 44:0e:59:ab:c2:81:d2:6c:c2:fb:7e:98:f8:c1:cc: 17:91:cb:cc:87:7c:8e:15:54:13:bc:88:a1:99:61: 99:00:b5:58:ff:6c:22:06:a0:45:b3:ac:f5:c0:8b: 15:3a:e3:87:71:3b:c6:96:71:e6:18:ff:df:f1:52: 7a:e1:e6:7c:58:9b:de:f7:25:59:b7:c7:d3:f5:73: db:67:d6:ca:1a:eb:5b:20:54:85:73:d9:c0:4e:04: 6d:b5:d4:0f:2a:3a:79:b7:41:79:ee:79:1c:d6:5c: 48:79:a2:15:62:c0:73:06:67:f7:30:11:03:8e:a7: b9:f4:39:be:5b:ec:20:15:9c:f5:19:ab:e0:fd:11: 72:ed:5c:11:3d:d6:71:33:5c:22:d7:70:df:d7:8b: 8f:73:b1:64:d0:21:ac:cd:b8:0c:68:4f:1f:57:d2: 65:ca:9a:ad:91:18:6d:e4:97:6e:79:ce:87:a1:74: 22:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:57:9F:13:CC:0D:C1:45:D5:C9:C1:7C:BE:6F:B6:64:C6:03:3E:47 X509v3 Authority Key Identifier: keyid:28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:a1:14:ad:a4:e9:02:a8:24:54:db:94:7f:1a:99:77:42:75: ec:4a:cd:c2:bf:ad:fe:a8:84:b9:bd:36:63:d0:7f:75:ac:5d: cf:2d:32:ad:77:fb:f1:bf:5c:5d:95:9b:c9:9c:81:97:64:43: 90:7f:09:bb:91:cf:bb:a8:51:40:05:15:51:20:4c:5f:8f:6c: dc:df:2b:ee:21:43:e7:bf:7d:98:f4:9a:68:d1:6d:4e:92:bd: 25:5f:d2:f4:28:f3:6d:a7:87:d3:b5:1d:5a:51:49:8f:15:17: a9:36:ee:f2:a1:c3:e8:ae:95:ad:16:02:67:b2:36:9e:14:09: 93:0b:fa:9b:94:90:8d:69:64:d1:4d:6d:07:f4:ce:ee:85:05: 6d:1c:e2:be:7d:80:49:17:5e:a5:43:5c:88:a4:cf:39:63:2c: f0:a6:39:fb:98:9f:b3:62:08:7d:29:43:5c:38:5e:9a:f3:b9: b5:76:b1:e1:ae:33:e3:68:25:ec:22:70:75:b2:c4:a3:e9:d0: 73:50:03:9d:5d:f6:cb:cd:23:84:35:91:a7:90:af:21:53:75: 5e:5d:9e:68:d6:8f:f7:08:35:4d:26:37:d4:49:73:87:3c:16: ac:af:dc:cb:42:2d:53:de:c7:37:6e:1f:56:9a:73:47:e7:21: 4c:38:4f:e8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWXzzMBK3SStxln0LpzEngI2o11UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZD NTdFOUJFQzAeFw0yNTA0MTcxNjA2NTdaFw0yNTA0MjEwMjM1NTdaMDMxMTAvBgNV BAMTKDIxNTc5RjEzQ0MwREMxNDVENUM5QzE3Q0JFNkZCNjY0QzYwMzNFNDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWHZZgWgwHl9CU3jAlOFMJqP4y vz6zTqB0q+lIJwU+DzSq5uwh53wCtgDxz94VkYH7W9NqsDRNqwMVMr3GkTY44uyE vckfCtH330QOWavCgdJswvt+mPjBzBeRy8yHfI4VVBO8iKGZYZkAtVj/bCIGoEWz rPXAixU644dxO8aWceYY/9/xUnrh5nxYm973JVm3x9P1c9tn1soa61sgVIVz2cBO BG211A8qOnm3QXnueRzWXEh5ohViwHMGZ/cwEQOOp7n0Ob5b7CAVnPUZq+D9EXLt XBE91nEzXCLXcN/Xi49zsWTQIazNuAxoTx9X0mXKmq2RGG3kl255zoehdCLlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIVefE8wNwUXVycF8vm+2ZMYDPkcwHwYDVR0j BBgwFoAUKLMFxmM2xDOrYBum8LNS5sV+m+wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YjZlOWI1MS1iZDg3LTQ5MDUtOWJmNC1hODQ4YTQ0ZTViYTUvMC8yOEIzMDVDNjYz MzZDNDMzQUI2MDFCQTZGMEIzNTJFNkM1N0U5QkVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZDNTdF OUJFQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGI2ZTliNTEtYmQ4Ny00OTA1LTli ZjQtYTg0OGE0NGU1YmE1LzAvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUy RTZDNTdFOUJFQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAWhFK2k6QKoJFTblH8amXdCdexKzcK/rf6o hLm9NmPQf3WsXc8tMq13+/G/XF2Vm8mcgZdkQ5B/CbuRz7uoUUAFFVEgTF+PbNzf K+4hQ+e/fZj0mmjRbU6SvSVf0vQo822nh9O1HVpRSY8VF6k27vKhw+iula0WAmey Np4UCZML+puUkI1pZNFNbQf0zu6FBW0c4r59gEkXXqVDXIikzzljLPCmOfuYn7Ni CH0pQ1w4XprzubV2seGuM+NoJewicHWyxKPp0HNQA51d9svNI4Q1kaeQryFTdV5d nmjWj/cINU0mN9RJc4c8Fqyv3MtCLVPexzduH1aac0fnIUw4T+g= -----END CERTIFICATE-----Generated at Fri Apr 18 07:39:08 2025 by rpki-client