$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: /aChu/FjlxJP13yNKYNcsQslQ4/sQYSvGSx9A+KO5iM= Subject key identifier: A6:CF:31:9F:FE:36:ED:F8:F9:D9:BF:C3:58:4B:96:48:86:1B:74:F4 Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 666D21CA8C8C78778EFDDCBC24B00B8250F594F9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 04DB Signing time: Mon 02 Jun 2025 02:04:45 +0000 Manifest this update: Mon 02 Jun 2025 01:59:45 +0000 Manifest next update: Thu 05 Jun 2025 13:16:45 +0000 Files and hashes: 1: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: 5Fcbm8jFZRVATBZJQNk/LFKWPPKDwMrnL7ux6eXllfo=) 2: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) 3: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) 4: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) 5: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) 6: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: WP2a3mqmpHS88/eMPFKKdSw0yMT5X5wgEeVzGMtnjlw=) 7: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 8: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 13:16:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:6d:21:ca:8c:8c:78:77:8e:fd:dc:bc:24:b0:0b:82:50:f5:94:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Jun 2 01:59:45 2025 GMT Not After : Jun 5 13:16:45 2025 GMT Subject: CN=A6CF319FFE36EDF8F9D9BFC3584B9648861B74F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:a6:f0:ef:6e:de:9a:92:b6:8c:d0:51:49:fd: 18:66:45:5f:39:43:ac:f6:a5:85:27:cc:f5:99:8b: 7d:ed:d8:88:16:ea:9e:9c:f0:4c:8c:26:17:98:a9: aa:61:c5:61:42:bb:3a:e7:12:48:aa:02:78:18:fd: 99:56:41:9a:dc:5e:f4:d3:f4:72:1f:3b:19:4c:93: ba:8f:b2:f2:9a:51:27:de:6d:5a:15:91:5c:c5:0f: 1c:36:da:e7:43:fd:2c:bf:a8:71:91:7f:85:51:4a: ef:de:ee:64:11:f9:7b:8b:3b:ff:59:c7:30:94:2f: 4d:7b:55:e0:67:0a:c8:73:26:cd:ba:16:b1:35:fc: 27:ca:9b:6b:51:83:79:0e:73:b2:5b:7f:f7:63:a1: 48:a8:36:83:5a:73:5d:c4:30:fd:ac:61:d3:9d:f4: 4a:03:ef:70:30:bd:9c:99:fa:a7:58:45:2c:71:5e: 6b:5f:ba:e0:db:39:c2:e7:b3:a7:ce:b0:b5:ab:2a: f8:a7:d0:a5:15:7d:b3:06:2b:8c:44:ec:1e:78:70: 53:f1:de:71:d4:c9:15:ac:71:67:2e:65:38:1e:fa: 1f:88:9b:35:78:be:35:0b:2a:ae:88:fd:1e:51:af: 9a:fb:aa:28:88:59:d6:de:42:41:51:b9:ac:3d:c4: 28:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:CF:31:9F:FE:36:ED:F8:F9:D9:BF:C3:58:4B:96:48:86:1B:74:F4 X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:bf:64:03:83:73:d8:0d:5b:f0:66:27:8c:fd:76:9e:9d:23: 2e:f8:66:d4:3e:d0:e2:cb:aa:ac:b2:65:23:f8:dd:7a:5a:99: 04:1a:6a:a7:f5:9b:71:2c:bf:f0:59:9f:21:80:6d:27:1e:10: 37:5b:af:14:14:3e:ff:cd:99:a9:b1:ca:5e:64:4a:c7:a5:fd: 7c:11:c3:27:e3:bf:07:c1:5c:e2:da:91:e7:82:65:d2:da:75: aa:c3:24:24:a1:d6:c7:44:83:bd:de:9c:cf:07:5b:39:7a:f4: 73:8f:05:0f:09:b8:d8:8c:00:4a:72:c7:99:ba:77:7b:f8:23: cc:d9:79:21:32:37:8b:07:74:8b:b9:bf:23:bc:d3:92:67:11: cb:19:78:49:71:3b:db:3c:6a:92:00:c5:3b:49:2e:9c:af:37: 95:29:14:e2:7c:8d:af:9d:23:ef:5d:61:a3:0c:56:0f:cf:b6: 77:e7:c2:33:91:70:34:db:b5:4d:1a:68:42:aa:3b:86:40:90: 7c:4e:1a:33:50:31:16:4c:28:ae:03:30:8b:48:6a:67:99:93: 7a:70:fe:0f:29:27:36:54:45:e8:28:bc:3b:e4:38:30:cd:64: 0c:33:61:bc:2a:85:59:91:99:93:2f:07:90:34:0e:d7:54:e4: f9:a5:db:fb -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZm0hyoyMeHeO/dy8JLALglD1lPkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTA2MDIwMTU5NDVaFw0yNTA2MDUxMzE2NDVaMDMxMTAvBgNV BAMTKEE2Q0YzMTlGRkUzNkVERjhGOUQ5QkZDMzU4NEI5NjQ4ODYxQjc0RjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhpvDvbt6akraM0FFJ/RhmRV85 Q6z2pYUnzPWZi33t2IgW6p6c8EyMJheYqaphxWFCuzrnEkiqAngY/ZlWQZrcXvTT 9HIfOxlMk7qPsvKaUSfebVoVkVzFDxw22udD/Sy/qHGRf4VRSu/e7mQR+XuLO/9Z xzCUL017VeBnCshzJs26FrE1/CfKm2tRg3kOc7Jbf/djoUioNoNac13EMP2sYdOd 9EoD73AwvZyZ+qdYRSxxXmtfuuDbOcLns6fOsLWrKvin0KUVfbMGK4xE7B54cFPx 3nHUyRWscWcuZTge+h+ImzV4vjULKq6I/R5Rr5r7qiiIWdbeQkFRuaw9xChvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUps8xn/427fj52b/DWEuWSIYbdPQwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHK/ZAODc9gNW/BmJ4z9dp6dIy74ZtQ+0OLL qqyyZSP43XpamQQaaqf1m3Esv/BZnyGAbSceEDdbrxQUPv/Nmamxyl5kSsel/XwR wyfjvwfBXOLakeeCZdLadarDJCSh1sdEg73enM8HWzl69HOPBQ8JuNiMAEpyx5m6 d3v4I8zZeSEyN4sHdIu5vyO805JnEcsZeElxO9s8apIAxTtJLpyvN5UpFOJ8ja+d I+9dYaMMVg/PtnfnwjORcDTbtU0aaEKqO4ZAkHxOGjNQMRZMKK4DMItIameZk3pw /g8pJzZURegovDvkODDNZAwzYbwqhVmRmZMvB5A0DtdU5Pml2/s= -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:00 2025 by rpki-client