$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: yfrz451bUkakNyJm6eXq2QTRZWSTKwRMvakd1Z8sgQI= Subject key identifier: 61:5A:25:3E:79:11:82:3C:F3:C6:AC:B3:5A:E3:4F:CC:E3:1A:C3:42 Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 5C81B7B62FDA867E852B5A610ED5676988C30C25 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 04C7 Signing time: Thu 17 Apr 2025 17:41:57 +0000 Manifest this update: Thu 17 Apr 2025 17:36:57 +0000 Manifest next update: Mon 21 Apr 2025 05:04:57 +0000 Files and hashes: 1: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: A6MeiC5iYEUgfCxOlrP4tgy4Dgl5PsOFZcNkusDqHVo=) 2: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: lTPGED6Euas+yMtjFiZeN4ZQaRI9ugutG6SYSfzJsJs=) 3: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: EFJn2PByyOspAAlZeFBStkTPjKzfKY6iaqSl5mzaWTQ=) 4: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: Iun52nY6O3+qxGHYtLUd/o4wD4j6UUv+WuPemCxO82w=) 5: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: wEPYX74PJW0e23h+Erkt8/FRL+TupCEB/27FgHd4lV0=) 6: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: c8RxI909Anvx0BRzpA0Rb0YziahBzyNU99IlhCC5XuA=) 7: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: WP2a3mqmpHS88/eMPFKKdSw0yMT5X5wgEeVzGMtnjlw=) 8: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: Duv7had9qz23magj0/7Gknmw1o3t5P/2ZxbNo+6irPU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Apr 2025 05:04:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:81:b7:b6:2f:da:86:7e:85:2b:5a:61:0e:d5:67:69:88:c3:0c:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Apr 17 17:36:57 2025 GMT Not After : Apr 21 05:04:57 2025 GMT Subject: CN=615A253E7911823CF3C6ACB35AE34FCCE31AC342 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ba:37:80:6e:d4:cf:b1:6d:1b:83:6b:23:5c: 42:e5:a3:d9:40:a5:3b:53:36:7e:da:73:5b:39:8d: 61:4c:d5:b7:1d:d4:27:dd:da:14:b0:38:c8:28:e5: 40:0f:0a:0b:a2:49:db:d4:4e:f7:ef:2e:67:f7:70: fb:b1:b8:a6:5e:0d:72:d5:9a:66:5e:f0:ce:a7:bf: 39:02:d0:e1:43:ff:55:43:16:58:35:95:e8:d3:bc: 45:9f:bf:53:34:04:c9:dd:c7:93:f5:d8:aa:e7:a5: 69:b1:3e:4a:a5:85:50:d0:8d:fd:11:09:15:c9:7b: 35:2d:e1:91:5b:32:e7:58:a9:a7:5c:e8:fd:46:a5: ac:44:7f:0d:63:ee:09:93:18:34:0b:e0:1b:d9:df: 2c:18:c1:8e:36:a6:c0:04:14:17:5d:4c:3a:43:99: 16:12:e9:98:b0:40:8c:01:a9:23:68:2b:92:19:5a: c3:a0:04:30:12:95:de:3e:ce:b1:93:e5:97:55:f3: e1:14:6c:b9:94:2d:a8:75:fe:0e:ef:70:9b:d4:27: c2:c2:61:9a:03:39:aa:db:c4:74:80:d8:64:12:87: b9:0d:13:c9:82:50:7b:41:df:7a:22:73:44:85:e1: 87:50:ea:b1:00:d6:54:23:ac:4a:93:6b:89:bc:2e: 04:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:5A:25:3E:79:11:82:3C:F3:C6:AC:B3:5A:E3:4F:CC:E3:1A:C3:42 X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:3f:89:c4:55:bf:9d:fd:51:ab:1f:b7:aa:90:6b:37:cb:75: 53:12:4e:8e:c6:d1:f4:cb:8b:84:75:36:14:78:12:1c:55:90: b3:12:16:0e:ac:0f:43:b0:22:2e:26:8a:24:5a:75:58:c1:ad: 17:70:69:64:b2:88:66:b5:c6:7c:1b:8f:8f:b5:79:86:db:85: 0e:78:aa:1d:ae:d9:fb:75:64:dd:50:c2:65:06:1f:14:2a:8b: 20:b2:1e:ab:96:a1:71:3a:74:20:d2:23:88:09:8e:02:1c:25: 22:01:00:06:f6:1e:d3:1f:79:b4:19:29:c9:47:f1:e3:b4:58: f6:f9:ae:cc:0c:27:0b:c7:9b:37:22:16:1a:3f:35:e3:45:67: 46:69:1a:df:64:6e:f1:ff:fb:92:a4:66:90:73:d4:ec:23:2d: 52:14:5d:e1:8e:26:86:c1:4a:96:b1:7b:a8:bf:40:02:61:d8: 6c:9d:79:bd:5d:57:94:a3:38:e0:6d:e3:17:88:5e:5d:9b:d8: b5:a4:d7:38:47:ed:9d:b6:49:38:e1:9e:ff:06:b8:65:0d:15: 43:9a:3c:d6:01:46:fa:1c:80:9a:96:bc:0c:fd:95:a7:76:5e: f3:fd:67:50:30:14:e2:f4:6a:02:a0:26:98:7c:cb:cf:ab:ab: df:9e:5f:4f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXIG3ti/ahn6FK1phDtVnaYjDDCUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTA0MTcxNzM2NTdaFw0yNTA0MjEwNTA0NTdaMDMxMTAvBgNV BAMTKDYxNUEyNTNFNzkxMTgyM0NGM0M2QUNCMzVBRTM0RkNDRTMxQUMzNDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBujeAbtTPsW0bg2sjXELlo9lA pTtTNn7ac1s5jWFM1bcd1Cfd2hSwOMgo5UAPCguiSdvUTvfvLmf3cPuxuKZeDXLV mmZe8M6nvzkC0OFD/1VDFlg1lejTvEWfv1M0BMndx5P12KrnpWmxPkqlhVDQjf0R CRXJezUt4ZFbMudYqadc6P1GpaxEfw1j7gmTGDQL4BvZ3ywYwY42psAEFBddTDpD mRYS6ZiwQIwBqSNoK5IZWsOgBDASld4+zrGT5ZdV8+EUbLmULah1/g7vcJvUJ8LC YZoDOarbxHSA2GQSh7kNE8mCUHtB33oic0SF4YdQ6rEA1lQjrEqTa4m8LgRJAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUYVolPnkRgjzzxqyzWuNPzOMaw0IwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAg/icRVv539Uasft6qQazfLdVMSTo7G0fTL i4R1NhR4EhxVkLMSFg6sD0OwIi4miiRadVjBrRdwaWSyiGa1xnwbj4+1eYbbhQ54 qh2u2ft1ZN1QwmUGHxQqiyCyHquWoXE6dCDSI4gJjgIcJSIBAAb2HtMfebQZKclH 8eO0WPb5rswMJwvHmzciFho/NeNFZ0ZpGt9kbvH/+5KkZpBz1OwjLVIUXeGOJobB Spaxe6i/QAJh2Gydeb1dV5SjOOBt4xeIXl2b2LWk1zhH7Z22STjhnv8GuGUNFUOa PNYBRvocgJqWvAz9lad2XvP9Z1AwFOL0agKgJph8y8+rq9+eX08= -----END CERTIFICATE-----Generated at Fri Apr 18 19:06:01 2025 by rpki-client