$ rpki-client -vvf repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.mft File: BD6731D05CD61815BC0A711C659F17313EF0F5EB.mft (raw, json) Hash identifier: VPsUV1sGGVCct8BZHtUfe9oLuZgfljHPotM7Jp59ItQ= Subject key identifier: 89:AE:C4:E5:6C:CE:18:66:4F:B8:48:C0:BE:32:CE:A1:DD:75:6D:05 Authority key identifier: BD:67:31:D0:5C:D6:18:15:BC:0A:71:1C:65:9F:17:31:3E:F0:F5:EB Certificate issuer: /CN=BD6731D05CD61815BC0A711C659F17313EF0F5EB Certificate serial: 189BF614A84FCE77A50E7DDAC84CE8FCD86D3B29 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD6731D05CD61815BC0A711C659F17313EF0F5EB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.mft Manifest number: 2A Signing time: Fri 21 Feb 2025 19:30:58 +0000 Manifest this update: Fri 21 Feb 2025 19:25:58 +0000 Manifest next update: Tue 25 Feb 2025 01:13:58 +0000 Files and hashes: 1: 3136302e32322e39332e302f32342d3234203d3e20313532383335.roa (hash: WHnXa3+l2BVF9pDA34p2y5MPrgNJ1xOLxXqgijc3bbM=) 2: BD6731D05CD61815BC0A711C659F17313EF0F5EB.crl (hash: 5HQZULE/fS43QLjWzLvOCF1/8xpvjjAh7XtHsyP7AlM=) 3: 3136302e32322e39322e302f32342d3234203d3e20313532383335.roa (hash: oo6mbVmnsw7e/0gjMVSA14EiHwAIiPeTDgFb+zR54Og=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.crl rsync://repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD6731D05CD61815BC0A711C659F17313EF0F5EB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 24 Feb 2025 00:07:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:9b:f6:14:a8:4f:ce:77:a5:0e:7d:da:c8:4c:e8:fc:d8:6d:3b:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD6731D05CD61815BC0A711C659F17313EF0F5EB Validity Not Before: Feb 21 19:25:58 2025 GMT Not After : Feb 25 01:13:58 2025 GMT Subject: CN=89AEC4E56CCE18664FB848C0BE32CEA1DD756D05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:f4:0f:0b:b5:2e:7b:d3:e1:6b:52:6f:a5:1d: 65:ae:96:4a:39:2a:6f:f5:f1:f0:5e:a4:1c:63:2a: 52:88:5e:b9:27:53:be:1f:d1:d6:51:48:be:fd:c0: df:9f:a8:02:b7:1b:93:f9:9a:bc:eb:48:e9:7e:15: 60:4a:09:e0:99:73:86:3b:d5:ef:df:22:e8:ab:76: 50:38:12:bb:cf:df:7f:62:c5:01:35:90:3f:c7:62: 0f:61:2a:54:dc:aa:0f:3d:a7:ab:58:08:be:89:b5: 2a:72:05:3a:d2:af:fe:7e:c7:f1:b5:3c:d9:e7:25: 76:fc:9d:82:d4:27:b5:d1:41:e8:24:4f:20:53:23: 42:47:0c:fa:77:dc:ec:10:34:a0:67:dc:94:e7:a0: 42:4c:dc:e8:71:c0:f9:43:e0:9c:58:1e:e6:26:e3: 25:22:10:35:48:c9:a8:23:34:2b:fd:a3:98:24:70: cf:90:d1:f2:65:a7:f5:08:87:97:91:cb:56:db:0f: fd:e9:10:e9:81:9f:09:d6:d1:a3:da:45:e3:7b:81: 6e:d4:15:2e:d8:89:9c:89:7c:bc:79:fa:28:40:52: 47:3b:3c:f7:91:99:9c:39:82:5a:61:97:ae:e0:2c: 7d:03:62:aa:cf:ce:f7:a5:48:5a:56:e3:c4:43:70: 5a:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:AE:C4:E5:6C:CE:18:66:4F:B8:48:C0:BE:32:CE:A1:DD:75:6D:05 X509v3 Authority Key Identifier: keyid:BD:67:31:D0:5C:D6:18:15:BC:0A:71:1C:65:9F:17:31:3E:F0:F5:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD6731D05CD61815BC0A711C659F17313EF0F5EB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/62d29b32-3a29-4a14-bc9b-c76a007ca032/0/BD6731D05CD61815BC0A711C659F17313EF0F5EB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:5e:5a:33:98:9b:e2:d0:b7:70:5c:2a:fe:06:15:63:e8:84: 23:57:f5:dd:58:64:14:fb:f1:4a:45:9c:ec:f6:2b:be:32:6c: a5:74:f2:56:6f:c7:c7:a4:79:9d:0e:9f:5b:3e:a6:ef:ce:d6: bc:5d:4b:48:34:47:71:2d:b6:22:51:91:b6:81:61:5d:db:b5: 2d:9d:dd:e4:93:fd:f2:dc:b4:aa:a7:f9:dd:ba:6b:fe:8e:8f: aa:bc:a7:11:e2:ed:a6:fd:48:1a:64:01:e6:d9:79:cb:04:6a: 21:ba:d8:f7:7b:6d:8b:a9:07:4e:c0:77:9a:3b:d7:4a:c0:de: d3:a9:4f:ea:28:92:aa:7b:b3:da:1c:94:31:6b:50:ad:2e:6a: fc:58:33:57:33:2a:23:9f:f3:ea:a3:45:b4:7d:94:51:36:f1: 5f:f8:51:5a:07:8a:ad:e0:cb:3c:0c:ba:03:96:a0:ff:75:b9: da:5e:1b:35:f0:65:cd:3f:bf:1c:0c:f9:86:db:02:b1:d2:1d: 57:b2:38:7b:67:51:80:94:8c:0d:3f:2d:0c:a8:05:36:9e:db: 4d:83:05:6e:e8:8c:1b:cc:84:1c:7b:f9:44:ba:63:b3:5a:5c: db:ba:50:30:33:68:5a:27:53:ae:db:5c:ac:1a:40:7f:bb:09: b4:4c:9b:95 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGJv2FKhPznelDn3ayEzo/NhtOykwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQ2NzMxRDA1Q0Q2MTgxNUJDMEE3MTFDNjU5RjE3MzEz RUYwRjVFQjAeFw0yNTAyMjExOTI1NThaFw0yNTAyMjUwMTEzNThaMDMxMTAvBgNV BAMTKDg5QUVDNEU1NkNDRTE4NjY0RkI4NDhDMEJFMzJDRUExREQ3NTZEMDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV9A8LtS570+FrUm+lHWWulko5 Km/18fBepBxjKlKIXrknU74f0dZRSL79wN+fqAK3G5P5mrzrSOl+FWBKCeCZc4Y7 1e/fIuirdlA4ErvP339ixQE1kD/HYg9hKlTcqg89p6tYCL6JtSpyBTrSr/5+x/G1 PNnnJXb8nYLUJ7XRQegkTyBTI0JHDPp33OwQNKBn3JTnoEJM3OhxwPlD4JxYHuYm 4yUiEDVIyagjNCv9o5gkcM+Q0fJlp/UIh5eRy1bbD/3pEOmBnwnW0aPaReN7gW7U FS7YiZyJfLx5+ihAUkc7PPeRmZw5glphl67gLH0DYqrPzvelSFpW48RDcFpLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUia7E5WzOGGZPuEjAvjLOod11bQUwHwYDVR0j BBgwFoAUvWcx0FzWGBW8CnEcZZ8XMT7w9eswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 MmQyOWIzMi0zYTI5LTRhMTQtYmM5Yi1jNzZhMDA3Y2EwMzIvMC9CRDY3MzFEMDVD RDYxODE1QkMwQTcxMUM2NTlGMTczMTNFRjBGNUVCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQkQ2NzMxRDA1Q0Q2MTgxNUJDMEE3MTFDNjU5RjE3MzEzRUYw RjVFQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNjJkMjliMzItM2EyOS00YTE0LWJj OWItYzc2YTAwN2NhMDMyLzAvQkQ2NzMxRDA1Q0Q2MTgxNUJDMEE3MTFDNjU5RjE3 MzEzRUYwRjVFQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKdeWjOYm+LQt3BcKv4GFWPohCNX9d1YZBT7 8UpFnOz2K74ybKV08lZvx8ekeZ0On1s+pu/O1rxdS0g0R3EttiJRkbaBYV3btS2d 3eST/fLctKqn+d26a/6Oj6q8pxHi7ab9SBpkAebZecsEaiG62Pd7bYupB07Ad5o7 10rA3tOpT+ookqp7s9oclDFrUK0uavxYM1czKiOf8+qjRbR9lFE28V/4UVoHiq3g yzwMugOWoP91udpeGzXwZc0/vxwM+YbbArHSHVeyOHtnUYCUjA0/LQyoBTae202D BW7ojBvMhBx7+US6Y7NaXNu6UDAzaFonU67bXKwaQH+7CbRMm5U= -----END CERTIFICATE-----Generated at Sat Feb 22 04:44:10 2025 by rpki-client