$ rpki-client -vvf repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft File: AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft (raw, json) Hash identifier: vfvxVkoPasd6nB9cuRBRO8Oo+/3jONQljqUi/vJe7rw= Subject key identifier: 56:A2:C9:99:3B:D2:2D:22:F8:76:E6:82:69:D8:61:B8:EB:FC:64:05 Authority key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Certificate issuer: /CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Certificate serial: 6949362A2F1C4BFA18932A6984EAEEB52232B7AB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject info access: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft Manifest number: AF Signing time: Sat 06 Sep 2025 07:51:39 +0000 Manifest this update: Sat 06 Sep 2025 07:46:39 +0000 Manifest next update: Tue 09 Sep 2025 13:08:39 +0000 Files and hashes: 1: AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl (hash: MIuIyAVvRv+tvn1ExNRokMSUp+C0ogL+LMMdSBElCIQ=) 2: 3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa (hash: okMulqCwmQrHdU+kO0nYzAvF/vvi8wTCEKi+VdDT9lQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 13:08:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:49:36:2a:2f:1c:4b:fa:18:93:2a:69:84:ea:ee:b5:22:32:b7:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Validity Not Before: Sep 6 07:46:39 2025 GMT Not After : Sep 9 13:08:39 2025 GMT Subject: CN=56A2C9993BD22D22F876E68269D861B8EBFC6405 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:63:61:8e:4d:ee:74:cc:0b:0e:a2:eb:0d:78: 9a:55:05:4b:c8:7b:75:1f:b9:e8:87:2b:13:4c:f7: 98:ea:ca:e2:5e:85:1d:39:c7:5d:c7:20:37:ad:5e: e5:fa:67:5b:17:17:b9:e8:99:57:17:ca:2c:d1:b0: fe:28:0d:ae:28:11:dd:86:e3:8b:df:21:a5:1c:7a: 55:41:7d:bc:42:ef:70:35:61:15:ab:7d:08:2c:0a: 17:b0:7f:e1:be:76:2d:6e:64:fe:8f:e3:a4:b4:af: d5:29:1f:d1:20:ac:7e:07:65:53:cc:2b:d8:3a:f3: 96:fa:65:e9:92:6c:03:58:74:69:64:5b:c9:e4:fd: 99:2f:14:46:a9:06:63:69:51:70:bd:e7:eb:f4:e6: a0:a3:04:21:3d:57:ca:aa:85:a3:67:c3:a3:ab:97: 7b:43:5f:a8:36:40:10:0e:75:14:e2:b7:e8:27:e3: fe:b9:97:ca:66:1c:c6:e6:2f:b5:6f:19:c5:66:b0: 33:da:8f:cb:a4:89:93:3e:21:3d:a0:d9:e0:78:43: 44:d4:5a:ff:b6:7e:f0:cb:a4:8f:1a:af:f9:a7:7d: 79:92:5a:a3:fa:3a:6d:bc:01:9b:de:08:41:af:54: ba:31:8f:e8:e1:d2:89:c1:ac:cb:04:27:8c:e9:bf: a1:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:A2:C9:99:3B:D2:2D:22:F8:76:E6:82:69:D8:61:B8:EB:FC:64:05 X509v3 Authority Key Identifier: keyid:AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:68:46:ac:43:6f:d1:e8:c5:7e:62:0b:74:99:ff:3e:03:0b: 2d:a4:01:e7:bd:cc:90:d1:d7:c4:7f:31:0d:0e:5c:79:fa:e9: 4d:4d:f6:bb:16:91:34:8c:95:4c:07:2b:33:f1:fb:8e:f5:f7: 73:24:75:5e:81:48:10:e8:00:e0:0d:c6:a2:60:cb:24:aa:c7: 1a:83:fe:50:18:1a:3f:da:d8:1b:c4:97:dc:d0:f0:ca:11:21: 71:b8:13:dc:b8:b8:24:99:c8:b1:d2:d8:41:ed:c3:98:c3:34: 74:9f:4a:87:18:bb:f0:4d:87:ea:45:0a:be:6a:38:e4:9d:a1: 39:92:73:93:ec:d5:cf:0c:a4:f5:67:52:8e:73:53:de:9b:3f: 0e:95:56:2f:a8:02:d2:59:b2:26:18:46:0b:e5:22:3f:c7:b8: 84:f9:0f:82:8f:28:1c:09:bc:57:e4:23:43:ea:a2:6c:84:1b: 6a:8e:5d:6b:16:5a:90:d3:df:c8:33:55:bc:46:87:b3:40:c4: 3f:f3:9c:c9:3b:2b:1d:0b:c8:dc:97:27:d0:12:e8:35:2a:ee: d9:0b:0a:c6:d1:cf:86:34:d0:09:e6:b6:54:ef:0e:59:72:00: fa:2a:99:08:06:43:92:41:dd:6b:f4:1a:12:97:44:eb:15:87: c9:89:85:b8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaUk2Ki8cS/oYkypphOrutSIyt6swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQw MkQ2QUYyMTAeFw0yNTA5MDYwNzQ2MzlaFw0yNTA5MDkxMzA4MzlaMDMxMTAvBgNV BAMTKDU2QTJDOTk5M0JEMjJEMjJGODc2RTY4MjY5RDg2MUI4RUJGQzY0MDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzY2GOTe50zAsOousNeJpVBUvI e3UfueiHKxNM95jqyuJehR05x13HIDetXuX6Z1sXF7nomVcXyizRsP4oDa4oEd2G 44vfIaUcelVBfbxC73A1YRWrfQgsChewf+G+di1uZP6P46S0r9UpH9EgrH4HZVPM K9g685b6ZemSbANYdGlkW8nk/ZkvFEapBmNpUXC95+v05qCjBCE9V8qqhaNnw6Or l3tDX6g2QBAOdRTit+gn4/65l8pmHMbmL7VvGcVmsDPaj8ukiZM+IT2g2eB4Q0TU Wv+2fvDLpI8ar/mnfXmSWqP6Om28AZveCEGvVLoxj+jh0onBrMsEJ4zpv6GFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUVqLJmTvSLSL4duaCadhhuOv8ZAUwHwYDVR0j BBgwFoAUqj1/UDyZwKtjDVTFKDg8NALWryEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMC9BQTNEN0Y1MDND OTlDMEFCNjMwRDU0QzUyODM4M0MzNDAyRDZBRjIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQwMkQ2 QUYyMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTZjZDAzMjUtMzFhZi00ZmZlLThi ZWItZTc3OTk3ZTZjM2UxLzAvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODND MzQwMkQ2QUYyMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHNoRqxDb9HoxX5iC3SZ/z4DCy2kAee9zJDR 18R/MQ0OXHn66U1N9rsWkTSMlUwHKzPx+47193MkdV6BSBDoAOANxqJgyySqxxqD /lAYGj/a2BvEl9zQ8MoRIXG4E9y4uCSZyLHS2EHtw5jDNHSfSocYu/BNh+pFCr5q OOSdoTmSc5Ps1c8MpPVnUo5zU96bPw6VVi+oAtJZsiYYRgvlIj/HuIT5D4KPKBwJ vFfkI0PqomyEG2qOXWsWWpDT38gzVbxGh7NAxD/znMk7Kx0LyNyXJ9AS6DUq7tkL CsbRz4Y00AnmtlTvDllyAPoqmQgGQ5JB3Wv0GhKXROsVh8mJhbg= -----END CERTIFICATE-----Generated at Mon Sep 8 05:09:38 2025 by rpki-client