$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: LKMJ9AhreF0ZBRpyGx7quTd93gqchGVy9eyLeotyRyU= Subject key identifier: 08:C7:D7:02:59:CF:BF:A1:AF:0B:77:11:05:96:75:12:3E:AB:9F:4E Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 26E362050D02C9299D80C9D49DC4D8A3C110A98F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 04AC Signing time: Sat 15 Feb 2025 18:11:58 +0000 Manifest this update: Sat 15 Feb 2025 18:06:58 +0000 Manifest next update: Tue 18 Feb 2025 21:20:58 +0000 Files and hashes: 1: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: WP2a3mqmpHS88/eMPFKKdSw0yMT5X5wgEeVzGMtnjlw=) 2: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: lTPGED6Euas+yMtjFiZeN4ZQaRI9ugutG6SYSfzJsJs=) 3: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: vrWUYNcyMVUmGsUz5Vaa8Lrn6J038PLRLJ1xu6UOaDM=) 4: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: c8RxI909Anvx0BRzpA0Rb0YziahBzyNU99IlhCC5XuA=) 5: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: wEPYX74PJW0e23h+Erkt8/FRL+TupCEB/27FgHd4lV0=) 6: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: A6MeiC5iYEUgfCxOlrP4tgy4Dgl5PsOFZcNkusDqHVo=) 7: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: Iun52nY6O3+qxGHYtLUd/o4wD4j6UUv+WuPemCxO82w=) 8: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: Duv7had9qz23magj0/7Gknmw1o3t5P/2ZxbNo+6irPU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 18 Feb 2025 21:20:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:e3:62:05:0d:02:c9:29:9d:80:c9:d4:9d:c4:d8:a3:c1:10:a9:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Feb 15 18:06:58 2025 GMT Not After : Feb 18 21:20:58 2025 GMT Subject: CN=08C7D70259CFBFA1AF0B7711059675123EAB9F4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:67:0b:5f:77:48:5c:9e:d5:6d:17:3c:ac:d7: d3:0f:06:31:7e:1b:a5:41:ff:fd:32:da:50:5b:bd: 5e:99:e3:4a:0c:f5:6b:bc:cb:90:6b:72:0c:8a:1e: 4e:ff:b9:9f:32:89:ed:d3:38:d4:64:56:59:e7:e1: 61:ef:57:74:29:63:59:55:41:58:a4:63:7f:b0:27: 64:06:a4:e6:65:b8:5e:4b:7b:81:60:a1:64:6a:c7: f2:37:36:b8:ce:e3:33:a2:22:b4:f4:71:3e:4a:11: 0a:fd:0b:30:da:5a:4c:b5:42:a3:a3:a6:ce:09:a3: 31:92:f3:d7:f8:44:f2:61:73:b4:79:08:f9:3a:02: 4f:cb:3f:49:79:d5:11:89:d5:50:03:ee:29:65:cc: 4c:71:eb:da:71:f1:47:b5:e8:7c:78:ae:ac:cb:57: 40:8a:e1:03:e1:5a:e5:dd:94:62:ff:fa:22:2b:5d: f7:4f:4c:d6:a0:61:0a:ab:e2:b9:00:81:3d:1c:75: 0c:e2:4b:5e:f9:b0:ca:5e:07:81:e5:8d:6b:eb:62: 72:05:19:6c:d2:36:bc:06:40:32:ce:d0:1d:b0:72: f1:3a:d8:94:36:c9:be:8c:ec:51:77:a9:0f:6c:9f: e3:16:50:e1:ca:25:d3:a7:67:ed:c9:d3:25:ce:5f: 95:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:C7:D7:02:59:CF:BF:A1:AF:0B:77:11:05:96:75:12:3E:AB:9F:4E X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c8:35:69:fa:3d:2d:f3:31:c9:74:2a:ed:c3:a7:98:8d:6c:2c: 95:f9:59:17:0f:2d:25:d1:ae:94:2b:38:0b:0a:96:7b:5b:45: 3d:97:f2:6b:bf:dd:99:4e:30:10:c6:43:21:ce:7b:49:51:88: 95:07:5e:c6:f9:7c:6d:4e:23:d3:ce:80:49:1c:88:48:be:b0: 20:a0:d5:d6:e8:1e:bd:e8:19:49:15:02:ac:a7:eb:e4:ff:0d: 27:7b:30:0b:39:bf:e9:6a:87:43:ea:4d:89:f5:8c:20:d9:f9: 7c:c4:c2:27:3a:45:9c:6c:31:11:96:d7:72:c5:eb:a6:58:da: 78:6c:da:59:77:24:34:fb:92:02:35:a6:1b:4b:ce:9d:e9:37: bd:2c:c9:6c:92:18:1e:e2:ea:f1:48:9a:92:6b:15:bc:1c:d4: a5:55:e0:61:68:1b:b7:6b:1f:35:ad:03:81:68:12:5b:1b:2b: 6f:f6:1b:5e:57:8b:ec:0c:01:90:96:65:30:16:28:32:a9:0d: a4:7f:b8:7b:a0:cc:56:93:34:03:12:f9:6e:4d:26:5e:0b:be: 40:76:cb:04:90:fa:03:d3:20:05:80:85:f3:94:8e:36:23:92: f8:98:f8:32:85:c9:29:40:62:1d:f6:ed:a6:eb:59:21:1f:75: c4:c3:18:62 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJuNiBQ0CySmdgMnUncTYo8EQqY8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTAyMTUxODA2NThaFw0yNTAyMTgyMTIwNThaMDMxMTAvBgNV BAMTKDA4QzdENzAyNTlDRkJGQTFBRjBCNzcxMTA1OTY3NTEyM0VBQjlGNEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlZwtfd0hcntVtFzys19MPBjF+ G6VB//0y2lBbvV6Z40oM9Wu8y5BrcgyKHk7/uZ8yie3TONRkVlnn4WHvV3QpY1lV QVikY3+wJ2QGpOZluF5Le4FgoWRqx/I3NrjO4zOiIrT0cT5KEQr9CzDaWky1QqOj ps4JozGS89f4RPJhc7R5CPk6Ak/LP0l51RGJ1VAD7illzExx69px8Ue16Hx4rqzL V0CK4QPhWuXdlGL/+iIrXfdPTNagYQqr4rkAgT0cdQziS175sMpeB4HljWvrYnIF GWzSNrwGQDLO0B2wcvE62JQ2yb6M7FF3qQ9sn+MWUOHKJdOnZ+3J0yXOX5VrAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUCMfXAlnPv6GvC3cRBZZ1Ej6rn04wHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMg1afo9LfMxyXQq7cOnmI1sLJX5WRcPLSXR rpQrOAsKlntbRT2X8mu/3ZlOMBDGQyHOe0lRiJUHXsb5fG1OI9POgEkciEi+sCCg 1dboHr3oGUkVAqyn6+T/DSd7MAs5v+lqh0PqTYn1jCDZ+XzEwic6RZxsMRGW13LF 66ZY2nhs2ll3JDT7kgI1phtLzp3pN70syWySGB7i6vFImpJrFbwc1KVV4GFoG7dr HzWtA4FoElsbK2/2G15Xi+wMAZCWZTAWKDKpDaR/uHugzFaTNAMS+W5NJl4LvkB2 ywSQ+gPTIAWAhfOUjjYjkviY+DKFySlAYh327abrWSEfdcTDGGI= -----END CERTIFICATE-----Generated at Mon Feb 17 07:49:30 2025 by rpki-client