$ rpki-client -vvf repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft File: 40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft (raw, json) Hash identifier: uSzrnRWW5nV5EsloWL+uO0NCytk/BWzyvqzPwd1m3Mc= Subject key identifier: 40:15:75:C3:D8:B2:D3:0D:58:B2:5C:85:71:ED:0C:BF:7A:54:92:38 Authority key identifier: 40:94:9C:7C:9D:D0:D3:F8:99:68:1F:F2:EB:53:E4:9C:8F:85:2B:AA Certificate issuer: /CN=40949C7C9DD0D3F899681FF2EB53E49C8F852BAA Certificate serial: 50B05A187E3D1C0DEA229A1B72EFBDC6788EF915 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft Manifest number: D0 Signing time: Sun 07 Sep 2025 23:22:01 +0000 Manifest this update: Sun 07 Sep 2025 23:17:01 +0000 Manifest next update: Thu 11 Sep 2025 06:21:01 +0000 Files and hashes: 1: 40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.crl (hash: YJM98U6yZHVz+MBZ5EP18hC1Z4PSUUnf8PJjJFQMSyI=) 2: 3135372e36362e302e302f32332d3234203d3e20313430343737.roa (hash: VPuK+1+6ePV1CKusC5qXhYaOQr6/W2sAl7gu8K+R3ug=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.crl rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 06:21:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:b0:5a:18:7e:3d:1c:0d:ea:22:9a:1b:72:ef:bd:c6:78:8e:f9:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40949C7C9DD0D3F899681FF2EB53E49C8F852BAA Validity Not Before: Sep 7 23:17:01 2025 GMT Not After : Sep 11 06:21:01 2025 GMT Subject: CN=401575C3D8B2D30D58B25C8571ED0CBF7A549238 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:1b:50:1a:dd:32:06:de:c9:b8:f2:f0:38:11: a9:31:8f:ec:ff:fa:fc:ca:1b:97:08:bb:a1:a8:5e: 49:17:72:11:a5:d3:34:5f:e8:6a:1d:ce:e5:ef:83: 00:b7:96:f7:75:1d:dd:cf:f3:0b:99:fb:98:76:28: ed:81:31:71:5c:9e:18:f8:dc:0c:eb:b5:3e:6c:ca: b6:de:4c:86:96:7c:c0:97:c4:4b:21:8f:c7:15:25: a4:7d:e7:51:68:7a:42:ff:06:83:df:29:c4:65:44: 0b:0f:b1:8f:76:c9:7a:f2:ed:ce:4c:bb:21:fe:29: 70:2e:f0:14:08:be:f2:af:fb:1f:3b:9f:e1:d2:ae: cd:f0:d9:85:a4:e8:b6:f4:2e:cc:d0:6b:c0:a2:95: 4c:1f:24:c9:62:6f:64:32:f7:87:00:76:06:03:4d: e9:f2:f0:37:18:56:d8:6b:bc:c0:98:40:e0:0d:6a: cf:eb:16:8d:d4:d0:3b:34:c0:6c:b9:d2:e8:0d:7d: f5:ca:c1:79:84:0c:35:1f:7b:54:59:48:94:1f:ed: f1:cd:62:4a:fb:38:ff:ec:65:4d:36:6b:1b:a6:7c: f7:d9:4e:7d:d9:50:ae:5a:86:ce:4d:05:9b:82:c1: 08:30:e3:25:23:76:9d:35:7c:75:ee:7a:55:c7:c4: dd:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:15:75:C3:D8:B2:D3:0D:58:B2:5C:85:71:ED:0C:BF:7A:54:92:38 X509v3 Authority Key Identifier: keyid:40:94:9C:7C:9D:D0:D3:F8:99:68:1F:F2:EB:53:E4:9C:8F:85:2B:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/89dae97f-1ad1-4b34-8fe9-1bc65b0908f3/0/40949C7C9DD0D3F899681FF2EB53E49C8F852BAA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:35:c6:4e:dd:94:e8:ff:5d:7b:a5:b1:88:72:47:18:fd:d5: 6f:de:a4:f8:ad:8a:7f:f5:03:5b:63:10:81:6a:2e:87:f5:e2: f1:cd:45:c6:17:ab:ea:05:96:bd:61:89:0b:a5:7f:4f:d7:09: ca:66:cb:70:35:9d:f3:06:c3:b3:bc:58:ca:9f:dd:22:06:d0: 11:68:0e:77:8d:07:32:b8:b1:52:ea:f5:37:d3:b3:dd:06:59: 9d:2b:a7:a5:67:34:32:68:0b:9e:76:a1:45:69:60:ca:af:f5: dd:f4:56:00:24:af:03:a6:cd:94:b3:44:a6:2c:1c:96:32:58: 39:bd:5f:e7:d3:e7:ca:a0:4c:30:b5:14:ac:7a:63:68:89:ea: d1:f3:e6:24:82:8c:8d:77:f9:d1:26:27:8f:d9:83:3c:96:6e: 38:e9:df:bf:fb:90:24:21:30:30:e5:b2:86:e4:49:bf:4b:af: ca:79:0d:18:e3:b1:46:ec:e4:b1:1f:c0:f7:a5:69:f5:a0:99: 9e:8c:d8:ec:19:ac:5a:a3:a6:3e:85:62:52:55:5a:fa:49:cb: de:36:22:f7:6e:c9:77:32:41:1f:c5:82:50:1e:02:f2:51:93: 44:85:7b:53:e3:e3:34:75:62:ba:0e:04:ff:eb:c0:25:90:b8: bb:28:a8:d5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUULBaGH49HA3qIpobcu+9xniO+RUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA5NDlDN0M5REQwRDNGODk5NjgxRkYyRUI1M0U0OUM4 Rjg1MkJBQTAeFw0yNTA5MDcyMzE3MDFaFw0yNTA5MTEwNjIxMDFaMDMxMTAvBgNV BAMTKDQwMTU3NUMzRDhCMkQzMEQ1OEIyNUM4NTcxRUQwQ0JGN0E1NDkyMzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkG1Aa3TIG3sm48vA4Eakxj+z/ +vzKG5cIu6GoXkkXchGl0zRf6GodzuXvgwC3lvd1Hd3P8wuZ+5h2KO2BMXFcnhj4 3AzrtT5syrbeTIaWfMCXxEshj8cVJaR951FoekL/BoPfKcRlRAsPsY92yXry7c5M uyH+KXAu8BQIvvKv+x87n+HSrs3w2YWk6Lb0LszQa8CilUwfJMlib2Qy94cAdgYD Teny8DcYVthrvMCYQOANas/rFo3U0Ds0wGy50ugNffXKwXmEDDUfe1RZSJQf7fHN Ykr7OP/sZU02axumfPfZTn3ZUK5ahs5NBZuCwQgw4yUjdp01fHXuelXHxN2NAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUQBV1w9iy0w1YslyFce0Mv3pUkjgwHwYDVR0j BBgwFoAUQJScfJ3Q0/iZaB/y61PknI+FK6owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 OWRhZTk3Zi0xYWQxLTRiMzQtOGZlOS0xYmM2NWIwOTA4ZjMvMC80MDk0OUM3QzlE RDBEM0Y4OTk2ODFGRjJFQjUzRTQ5QzhGODUyQkFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDA5NDlDN0M5REQwRDNGODk5NjgxRkYyRUI1M0U0OUM4Rjg1 MkJBQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODlkYWU5N2YtMWFkMS00YjM0LThm ZTktMWJjNjViMDkwOGYzLzAvNDA5NDlDN0M5REQwRDNGODk5NjgxRkYyRUI1M0U0 OUM4Rjg1MkJBQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADs1xk7dlOj/XXulsYhyRxj91W/epPitin/1 A1tjEIFqLof14vHNRcYXq+oFlr1hiQulf0/XCcpmy3A1nfMGw7O8WMqf3SIG0BFo DneNBzK4sVLq9TfTs90GWZ0rp6VnNDJoC552oUVpYMqv9d30VgAkrwOmzZSzRKYs HJYyWDm9X+fT58qgTDC1FKx6Y2iJ6tHz5iSCjI13+dEmJ4/ZgzyWbjjp37/7kCQh MDDlsobkSb9Lr8p5DRjjsUbs5LEfwPelafWgmZ6M2OwZrFqjpj6FYlJVWvpJy942 IvduyXcyQR/FglAeAvJRk0SFe1Pj4zR1YroOBP/rwCWQuLsoqNU= -----END CERTIFICATE-----Generated at Mon Sep 8 05:09:09 2025 by rpki-client