$ rpki-client -vvf repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.mft File: 33D26363FA5B5B53C17981915CBADB375AE27253.mft (raw, json) Hash identifier: f3duLeCYkYjfGuuxqNp/PMhlB3UXf/uyiQf3URIr+5E= Subject key identifier: E3:60:61:2B:ED:F9:84:5B:0A:8B:4A:0D:45:AE:11:C7:5A:3B:DD:15 Authority key identifier: 33:D2:63:63:FA:5B:5B:53:C1:79:81:91:5C:BA:DB:37:5A:E2:72:53 Certificate issuer: /CN=33D26363FA5B5B53C17981915CBADB375AE27253 Certificate serial: 244C214C4FF9668C758A30D3739AF17BDA79A619 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/33D26363FA5B5B53C17981915CBADB375AE27253.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.mft Manifest number: 24 Signing time: Sat 22 Feb 2025 00:51:20 +0000 Manifest this update: Sat 22 Feb 2025 00:46:20 +0000 Manifest next update: Tue 25 Feb 2025 10:22:20 +0000 Files and hashes: 1: 33D26363FA5B5B53C17981915CBADB375AE27253.crl (hash: B1p1r5zSeJASGX/KF9mV47YrFR36cDjw+pzjY7201Ro=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.crl rsync://repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/33D26363FA5B5B53C17981915CBADB375AE27253.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Feb 2025 04:54:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:4c:21:4c:4f:f9:66:8c:75:8a:30:d3:73:9a:f1:7b:da:79:a6:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33D26363FA5B5B53C17981915CBADB375AE27253 Validity Not Before: Feb 22 00:46:20 2025 GMT Not After : Feb 25 10:22:20 2025 GMT Subject: CN=E360612BEDF9845B0A8B4A0D45AE11C75A3BDD15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:58:66:16:95:e5:25:e5:ad:04:6d:ec:64:ef: 92:82:13:98:2b:d8:2e:7f:95:de:03:79:8b:c2:20: 7a:b3:f5:ae:a4:c7:48:e9:37:bf:bb:58:51:bb:17: 85:8d:b2:a1:45:74:c5:3c:f2:d1:2b:fa:d3:d2:be: 27:3d:3e:1d:70:c0:db:ee:9e:9f:6c:ea:01:a9:ad: 48:74:5c:6c:cc:43:da:95:6e:69:e9:22:ca:d0:06: ee:4e:ea:8b:d3:6c:a5:49:51:c7:7b:00:cb:a1:71: 52:a5:02:dd:39:5e:1f:06:9b:2d:7f:1f:19:47:58: 3a:ec:96:8a:07:5d:7d:59:77:5f:65:1e:69:86:fc: 24:b2:f1:a5:89:bb:63:42:48:f3:71:9b:51:dd:4c: b9:5e:ea:b8:48:81:29:04:dd:ea:8c:99:b2:91:18: e7:63:ad:f2:eb:b4:55:79:87:17:bd:1a:01:86:7a: 21:12:37:69:a8:5f:71:89:71:10:7e:95:30:56:83: 37:8d:c4:7f:17:7e:56:ad:41:f4:3c:f1:49:42:7a: f0:66:a2:08:78:0a:2d:97:59:2d:9f:53:db:d8:a1: 64:a4:a9:a3:9c:87:d5:ef:f6:73:a2:32:de:3b:07: a3:18:52:dc:ed:6d:3a:b3:17:7f:33:1f:4a:30:40: 0f:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:60:61:2B:ED:F9:84:5B:0A:8B:4A:0D:45:AE:11:C7:5A:3B:DD:15 X509v3 Authority Key Identifier: keyid:33:D2:63:63:FA:5B:5B:53:C1:79:81:91:5C:BA:DB:37:5A:E2:72:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/33D26363FA5B5B53C17981915CBADB375AE27253.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4c58fb7c-67b8-4bce-96d9-be912e3f73dd/1/33D26363FA5B5B53C17981915CBADB375AE27253.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:68:a7:11:d1:c1:71:c7:af:c9:5c:b8:09:08:d1:cb:41:e9: f2:c9:09:65:7a:4f:16:84:8d:ae:40:92:de:04:dd:d0:88:bf: 95:44:a1:d1:95:e9:7c:73:01:62:78:a6:23:91:cf:8f:45:d9: ce:91:56:00:da:d4:24:9e:ae:0f:24:80:75:d8:5b:50:56:cb: 91:7e:4c:1d:e8:c8:83:e4:99:dd:06:b6:ce:3d:ca:68:cc:52: 29:01:5a:cf:86:a8:df:3e:00:6c:53:93:de:1b:d2:9b:24:b8: cb:08:f7:c9:45:d2:47:59:1b:7a:b2:99:2f:41:17:c9:c6:a2: b1:4f:bf:92:16:cf:cb:3b:85:49:37:e1:22:b9:93:2e:6a:3a: 4a:63:50:db:65:33:71:45:f4:b4:4a:e9:33:9d:a1:9f:03:bf: 70:f0:7d:1a:ab:9b:69:b6:d3:7f:27:a8:91:57:e3:dd:7d:01: fa:aa:94:79:75:0f:8f:fd:96:31:4c:ee:ea:27:a0:bd:74:ed: 8b:4f:27:e7:29:f1:25:22:f9:2c:41:0f:3b:1f:54:72:10:07: 50:ee:f2:ff:e7:2b:63:6a:bf:49:19:89:74:5a:00:35:0c:85: 0a:fd:4b:2e:65:a1:0a:e2:2f:52:6a:39:f2:02:5c:3c:c5:45: 59:5e:39:9f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJEwhTE/5Zox1ijDTc5rxe9p5phkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzNEMjYzNjNGQTVCNUI1M0MxNzk4MTkxNUNCQURCMzc1 QUUyNzI1MzAeFw0yNTAyMjIwMDQ2MjBaFw0yNTAyMjUxMDIyMjBaMDMxMTAvBgNV BAMTKEUzNjA2MTJCRURGOTg0NUIwQThCNEEwRDQ1QUUxMUM3NUEzQkREMTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+WGYWleUl5a0Ebexk75KCE5gr 2C5/ld4DeYvCIHqz9a6kx0jpN7+7WFG7F4WNsqFFdMU88tEr+tPSvic9Ph1wwNvu np9s6gGprUh0XGzMQ9qVbmnpIsrQBu5O6ovTbKVJUcd7AMuhcVKlAt05Xh8Gmy1/ HxlHWDrslooHXX1Zd19lHmmG/CSy8aWJu2NCSPNxm1HdTLle6rhIgSkE3eqMmbKR GOdjrfLrtFV5hxe9GgGGeiESN2moX3GJcRB+lTBWgzeNxH8XflatQfQ88UlCevBm ogh4Ci2XWS2fU9vYoWSkqaOch9Xv9nOiMt47B6MYUtztbTqzF38zH0owQA/PAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU42BhK+35hFsKi0oNRa4Rx1o73RUwHwYDVR0j BBgwFoAUM9JjY/pbW1PBeYGRXLrbN1riclMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YzU4ZmI3Yy02N2I4LTRiY2UtOTZkOS1iZTkxMmUzZjczZGQvMS8zM0QyNjM2M0ZB NUI1QjUzQzE3OTgxOTE1Q0JBREIzNzVBRTI3MjUzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzNEMjYzNjNGQTVCNUI1M0MxNzk4MTkxNUNCQURCMzc1QUUy NzI1My5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGM1OGZiN2MtNjdiOC00YmNlLTk2 ZDktYmU5MTJlM2Y3M2RkLzEvMzNEMjYzNjNGQTVCNUI1M0MxNzk4MTkxNUNCQURC Mzc1QUUyNzI1My5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAC9opxHRwXHHr8lcuAkI0ctB6fLJCWV6TxaE ja5Akt4E3dCIv5VEodGV6XxzAWJ4piORz49F2c6RVgDa1CSerg8kgHXYW1BWy5F+ TB3oyIPkmd0Gts49ymjMUikBWs+GqN8+AGxTk94b0pskuMsI98lF0kdZG3qymS9B F8nGorFPv5IWz8s7hUk34SK5ky5qOkpjUNtlM3FF9LRK6TOdoZ8Dv3DwfRqrm2m2 038nqJFX4919AfqqlHl1D4/9ljFM7uonoL107YtPJ+cp8SUi+SxBDzsfVHIQB1Du 8v/nK2Nqv0kZiXRaADUMhQr9Sy5loQriL1JqOfICXDzFRVleOZ8= -----END CERTIFICATE-----Generated at Sat Feb 22 04:43:16 2025 by rpki-client