$ rpki-client -vvf repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.mft File: 33D26363FA5B5B53C17981915CBADB375AE27253.mft (raw, json) Hash identifier: 26pzBG06nPD9kc1uU9FYKP2KUYfQu9VoOftx7nSzl44= Subject key identifier: B0:A5:27:52:29:26:5B:DA:28:33:D9:07:90:11:2A:C5:22:2C:12:B5 Authority key identifier: 33:D2:63:63:FA:5B:5B:53:C1:79:81:91:5C:BA:DB:37:5A:E2:72:53 Certificate issuer: /CN=33D26363FA5B5B53C17981915CBADB375AE27253 Certificate serial: 598A5E061BB0D0BE40394B1E03D5ADD2E68A3DA9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/33D26363FA5B5B53C17981915CBADB375AE27253.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.mft Manifest number: 3D Signing time: Thu 17 Apr 2025 20:51:21 +0000 Manifest this update: Thu 17 Apr 2025 20:46:21 +0000 Manifest next update: Mon 21 Apr 2025 02:22:21 +0000 Files and hashes: 1: 33D26363FA5B5B53C17981915CBADB375AE27253.crl (hash: u34YBfct6HDCvpCtyVWbaAN2xW+mwCeQb2p0/FjWzTs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.crl rsync://repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/33D26363FA5B5B53C17981915CBADB375AE27253.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 02:22:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:8a:5e:06:1b:b0:d0:be:40:39:4b:1e:03:d5:ad:d2:e6:8a:3d:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33D26363FA5B5B53C17981915CBADB375AE27253 Validity Not Before: Apr 17 20:46:21 2025 GMT Not After : Apr 21 02:22:21 2025 GMT Subject: CN=B0A5275229265BDA2833D90790112AC5222C12B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:e0:4a:53:df:85:ed:9d:88:e9:97:67:c6:ac: d1:c9:ff:dc:d5:57:30:27:13:1f:e7:72:8d:0a:48: 7d:f7:ce:cd:1a:c7:fd:e8:d9:fb:89:9e:77:0a:98: a7:a2:39:01:d6:a5:82:be:99:d4:4b:30:99:2e:48: 12:2a:c6:18:c8:a2:eb:24:58:57:b7:91:82:ad:b7: 72:85:55:35:18:fd:42:07:24:7c:b8:f9:cf:72:af: 5a:75:55:b4:7f:61:d9:0b:dd:27:a8:b0:2e:be:b3: e0:33:f2:bf:0b:34:9d:9a:dd:be:1a:62:be:ee:ba: ba:31:1d:e8:0e:a7:9a:a0:52:21:4d:c4:e7:d5:cb: 99:22:8e:f5:62:32:75:fe:33:e7:b1:97:a1:23:0d: b4:1f:5d:8c:c3:ef:ff:a1:a0:2c:9b:cd:a2:e1:d0: 83:ab:00:65:97:43:89:d6:cf:1e:97:7e:c4:25:6b: cf:6a:9b:e8:1d:65:45:73:59:67:72:28:80:fc:96: 4d:a6:76:59:69:49:25:06:3c:0b:9b:46:1a:19:6b: d0:a5:92:8d:f2:fd:05:af:5d:9b:47:e2:df:b5:1d: 05:fc:9c:ab:88:4a:91:10:62:c3:57:0f:ca:50:99: ee:73:b9:5d:66:13:54:fd:70:95:0e:50:e0:0c:0b: db:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:A5:27:52:29:26:5B:DA:28:33:D9:07:90:11:2A:C5:22:2C:12:B5 X509v3 Authority Key Identifier: keyid:33:D2:63:63:FA:5B:5B:53:C1:79:81:91:5C:BA:DB:37:5A:E2:72:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/33D26363FA5B5B53C17981915CBADB375AE27253.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:a0:f8:6c:c7:ce:0e:9e:8e:43:63:8e:e0:9a:98:40:d6:e0: da:2b:0a:c8:99:7a:15:ba:e9:10:52:2f:b3:1f:30:8a:ba:a7: 4d:1d:ca:d1:00:f1:c2:cd:96:18:1e:f0:72:c1:3e:22:c0:b3: e8:e5:a8:c7:d7:18:0f:f7:01:5e:cc:a4:f0:4e:5a:79:d2:92: 72:fa:db:2c:bf:24:7a:bd:4a:cd:00:2e:a9:28:35:18:11:ef: 72:78:58:74:f0:71:f5:11:a2:7f:3d:28:48:a1:10:a3:74:6e: 2f:a3:92:d0:d1:11:6f:fd:ad:a7:d7:df:7d:c3:d1:d1:1e:d8: b8:f3:fd:20:93:56:61:3f:39:97:4a:63:e2:06:49:04:22:9c: 9e:e2:0d:6d:fb:eb:3f:a6:5a:b8:67:a2:44:7b:86:d7:bc:4a: f0:dd:75:a2:cf:d5:b1:fc:e6:b1:f7:12:72:0d:b6:2b:5e:a8: 23:1f:75:14:89:6d:47:6d:58:22:b5:66:2d:93:02:24:d0:56: 70:e9:13:0b:4a:26:05:cc:dd:3c:11:55:50:29:28:ee:d3:bb: c7:b0:dc:e6:93:a4:1a:9d:8e:68:39:2d:9d:f1:33:02:6a:6b: 18:06:ac:14:b1:96:b8:ed:08:47:0f:16:31:4c:36:6a:c9:d7: b3:7a:09:0d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWYpeBhuw0L5AOUseA9Wt0uaKPakwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzNEMjYzNjNGQTVCNUI1M0MxNzk4MTkxNUNCQURCMzc1 QUUyNzI1MzAeFw0yNTA0MTcyMDQ2MjFaFw0yNTA0MjEwMjIyMjFaMDMxMTAvBgNV BAMTKEIwQTUyNzUyMjkyNjVCREEyODMzRDkwNzkwMTEyQUM1MjIyQzEyQjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC4EpT34XtnYjpl2fGrNHJ/9zV VzAnEx/nco0KSH33zs0ax/3o2fuJnncKmKeiOQHWpYK+mdRLMJkuSBIqxhjIousk WFe3kYKtt3KFVTUY/UIHJHy4+c9yr1p1VbR/YdkL3SeosC6+s+Az8r8LNJ2a3b4a Yr7uuroxHegOp5qgUiFNxOfVy5kijvViMnX+M+exl6EjDbQfXYzD7/+hoCybzaLh 0IOrAGWXQ4nWzx6XfsQla89qm+gdZUVzWWdyKID8lk2mdllpSSUGPAubRhoZa9Cl ko3y/QWvXZtH4t+1HQX8nKuISpEQYsNXD8pQme5zuV1mE1T9cJUOUOAMC9v3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUsKUnUikmW9ooM9kHkBEqxSIsErUwHwYDVR0j BBgwFoAUM9JjY/pbW1PBeYGRXLrbN1riclMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YzU4ZmI3Yy02N2I4LTRiY2UtOTZkOS1iZTkxMmUzZjczZGQvMS8zM0QyNjM2M0ZB NUI1QjUzQzE3OTgxOTE1Q0JBREIzNzVBRTI3MjUzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzNEMjYzNjNGQTVCNUI1M0MxNzk4MTkxNUNCQURCMzc1QUUy NzI1My5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGM1OGZiN2MtNjdiOC00YmNlLTk2 ZDktYmU5MTJlM2Y3M2RkLzEvMzNEMjYzNjNGQTVCNUI1M0MxNzk4MTkxNUNCQURC Mzc1QUUyNzI1My5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJSg+GzHzg6ejkNjjuCamEDW4NorCsiZehW6 6RBSL7MfMIq6p00dytEA8cLNlhge8HLBPiLAs+jlqMfXGA/3AV7MpPBOWnnSknL6 2yy/JHq9Ss0ALqkoNRgR73J4WHTwcfURon89KEihEKN0bi+jktDREW/9rafX333D 0dEe2Ljz/SCTVmE/OZdKY+IGSQQinJ7iDW376z+mWrhnokR7hte8SvDddaLP1bH8 5rH3EnINtiteqCMfdRSJbUdtWCK1Zi2TAiTQVnDpEwtKJgXM3TwRVVApKO7Tu8ew 3OaTpBqdjmg5LZ3xMwJqaxgGrBSxlrjtCEcPFjFMNmrJ17N6CQ0= -----END CERTIFICATE-----Generated at Sun Apr 20 02:07:47 2025 by rpki-client