$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: CDgMqY/udetdy6i1OkN09UBYS1MpBn3tIOVw4+7C1ok= Subject key identifier: 7B:CF:15:09:E3:CC:C9:15:92:5F:3E:B3:C5:8F:CC:DF:A8:AA:B6:29 Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 7723984BCA143E7F9597CB99245A3C77494D37BF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 04B7 Signing time: Wed 12 Mar 2025 16:31:58 +0000 Manifest this update: Wed 12 Mar 2025 16:26:58 +0000 Manifest next update: Sat 15 Mar 2025 21:36:58 +0000 Files and hashes: 1: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: Iun52nY6O3+qxGHYtLUd/o4wD4j6UUv+WuPemCxO82w=) 2: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: 22RLhkv5wcfkLvJa2A4q9yzhJOfOwPwznkhzX8R0kBU=) 3: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: A6MeiC5iYEUgfCxOlrP4tgy4Dgl5PsOFZcNkusDqHVo=) 4: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: Duv7had9qz23magj0/7Gknmw1o3t5P/2ZxbNo+6irPU=) 5: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: wEPYX74PJW0e23h+Erkt8/FRL+TupCEB/27FgHd4lV0=) 6: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: WP2a3mqmpHS88/eMPFKKdSw0yMT5X5wgEeVzGMtnjlw=) 7: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: c8RxI909Anvx0BRzpA0Rb0YziahBzyNU99IlhCC5XuA=) 8: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: lTPGED6Euas+yMtjFiZeN4ZQaRI9ugutG6SYSfzJsJs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 15 Mar 2025 21:36:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:23:98:4b:ca:14:3e:7f:95:97:cb:99:24:5a:3c:77:49:4d:37:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Mar 12 16:26:58 2025 GMT Not After : Mar 15 21:36:58 2025 GMT Subject: CN=7BCF1509E3CCC915925F3EB3C58FCCDFA8AAB629 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:54:84:53:d8:62:0e:a1:7e:93:d8:e4:d5:2f: 0b:89:77:70:a6:f3:7b:d6:41:5f:3b:c5:e1:30:f7: c3:5d:5a:c9:74:b3:17:24:f7:71:a6:c7:cc:75:49: 60:43:17:11:8a:20:73:14:aa:ad:15:ee:b3:f0:81: 33:9c:2f:e0:8d:38:c7:42:73:db:48:94:9f:35:e1: 49:cd:d2:34:89:37:ec:e8:93:30:9d:6d:d4:6d:cc: 61:91:60:c4:b0:38:ba:46:e8:52:f6:a0:1c:8d:8a: 93:c0:95:b6:b6:59:6a:a8:85:86:49:bc:4d:3e:0b: cb:62:8e:f1:d3:66:32:f5:eb:15:43:39:0e:e3:46: 96:77:aa:3d:15:1f:54:27:6b:e5:b5:fd:7b:23:41: c4:c5:49:da:94:f6:2f:ef:f8:20:ef:bd:21:ff:81: 5c:08:d4:32:d0:a0:22:1c:f2:da:4c:1b:7f:85:79: a0:91:65:83:3d:c8:bf:67:ca:ff:28:70:66:58:40: 2e:fb:07:de:a5:b5:b2:d0:23:f4:cb:68:e4:e9:f0: 86:06:97:5f:40:63:68:c8:89:04:3b:ca:d3:43:0b: d9:50:2d:06:7d:c4:29:5d:cc:5b:30:f6:c4:0d:f8: c6:f4:d0:70:67:b2:d0:fa:c6:5f:11:ef:5f:d0:25: d8:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:CF:15:09:E3:CC:C9:15:92:5F:3E:B3:C5:8F:CC:DF:A8:AA:B6:29 X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:b3:72:1f:77:f7:77:2e:a4:74:8e:ca:a3:25:6a:95:f5:0c: 74:2e:17:68:38:13:1f:f0:7f:a1:79:39:3b:58:f9:5f:77:41: 36:60:7b:88:09:b2:38:f3:e5:a9:f0:e5:31:28:bd:ff:57:bc: c6:0a:96:dd:03:42:8d:7e:85:14:5c:a0:4b:85:ac:8a:4c:cf: 32:64:0e:ca:d9:bb:e9:a9:b8:b2:c0:54:34:55:a1:4b:91:61: c8:1a:30:be:d7:bc:33:64:8e:af:cb:c5:cc:3c:9e:43:d2:72: 5a:8d:7a:d2:c2:2d:ed:8b:a4:00:5c:87:c5:17:79:d3:bd:97: 56:0a:12:24:1b:cf:e6:b9:d7:08:f9:70:37:23:31:d4:94:ea: d5:48:09:54:68:22:9f:5b:a4:f7:4e:97:09:59:26:c5:5f:d4: b1:28:aa:c3:c4:32:e8:41:a0:87:d3:ff:ed:44:a9:59:57:2e: ca:6f:75:46:0f:2d:da:ee:e3:26:63:51:e6:51:21:70:91:dd: 12:ae:d3:f4:44:da:cc:8b:58:ce:2e:c5:cd:43:0c:49:88:37: 86:2e:5e:3e:5b:82:0c:68:8c:65:9e:75:58:34:78:fe:ac:1f: f6:7f:bd:e7:8a:af:b5:ea:7c:a9:4c:f4:42:6b:d3:a4:89:37: 13:4d:20:b1 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdyOYS8oUPn+Vl8uZJFo8d0lNN78wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTAzMTIxNjI2NThaFw0yNTAzMTUyMTM2NThaMDMxMTAvBgNV BAMTKDdCQ0YxNTA5RTNDQ0M5MTU5MjVGM0VCM0M1OEZDQ0RGQThBQUI2MjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9VIRT2GIOoX6T2OTVLwuJd3Cm 83vWQV87xeEw98NdWsl0sxck93Gmx8x1SWBDFxGKIHMUqq0V7rPwgTOcL+CNOMdC c9tIlJ814UnN0jSJN+zokzCdbdRtzGGRYMSwOLpG6FL2oByNipPAlba2WWqohYZJ vE0+C8tijvHTZjL16xVDOQ7jRpZ3qj0VH1Qna+W1/XsjQcTFSdqU9i/v+CDvvSH/ gVwI1DLQoCIc8tpMG3+FeaCRZYM9yL9nyv8ocGZYQC77B96ltbLQI/TLaOTp8IYG l19AY2jIiQQ7ytNDC9lQLQZ9xCldzFsw9sQN+Mb00HBnstD6xl8R71/QJdjtAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUe88VCePMyRWSXz6zxY/M36iqtikwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGKzch9393cupHSOyqMlapX1DHQuF2g4Ex/w f6F5OTtY+V93QTZge4gJsjjz5anw5TEovf9XvMYKlt0DQo1+hRRcoEuFrIpMzzJk DsrZu+mpuLLAVDRVoUuRYcgaML7XvDNkjq/Lxcw8nkPSclqNetLCLe2LpABch8UX edO9l1YKEiQbz+a51wj5cDcjMdSU6tVICVRoIp9bpPdOlwlZJsVf1LEoqsPEMuhB oIfT/+1EqVlXLspvdUYPLdru4yZjUeZRIXCR3RKu0/RE2syLWM4uxc1DDEmIN4Yu Xj5bggxojGWedVg0eP6sH/Z/veeKr7XqfKlM9EJr06SJNxNNILE= -----END CERTIFICATE-----Generated at Thu Mar 13 21:31:28 2025 by rpki-client