$ rpki-client -vvf repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft File: AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft (raw, json) Hash identifier: gKX17KV/lPsBigUWpwFvCCK9C03V1/u98YLmEX178xk= Subject key identifier: 58:25:68:B6:54:67:C7:29:36:89:B1:5B:87:1A:A0:F0:DF:F5:00:1D Authority key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Certificate issuer: /CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Certificate serial: 648E5C7D87E887AC5030E8B6DFBA488B41CCA65C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject info access: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft Manifest number: 6C Signing time: Wed 09 Apr 2025 09:51:37 +0000 Manifest this update: Wed 09 Apr 2025 09:46:37 +0000 Manifest next update: Sat 12 Apr 2025 18:53:37 +0000 Files and hashes: 1: AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl (hash: +IJBA6Nbl2mkuLya8tUPfjriQHyjNQ0bO6lUYE54Ubw=) 2: 3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa (hash: cxXcs5+F77Lg7/Ojwbw2WUqjYrzsnoyA2M5AF3WeU8k=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 12:46:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:8e:5c:7d:87:e8:87:ac:50:30:e8:b6:df:ba:48:8b:41:cc:a6:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Validity Not Before: Apr 9 09:46:37 2025 GMT Not After : Apr 12 18:53:37 2025 GMT Subject: CN=582568B65467C7293689B15B871AA0F0DFF5001D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b5:66:b6:ca:8c:9f:ef:ea:7d:78:4f:4d:ed: 82:5c:a2:76:16:3b:ab:50:79:dd:8b:4a:b6:ca:99: d3:a3:02:56:34:26:02:0e:d9:e8:4a:e2:90:0a:4d: f5:75:34:39:33:ee:6c:ea:2d:46:a9:7c:8a:5a:18: d4:54:5f:af:ce:a7:47:7d:fc:31:71:3f:b8:98:d8: 67:3c:ae:3e:62:0e:0c:11:31:34:10:2b:ac:42:42: 58:6f:0c:85:48:0d:d6:98:d1:da:c7:d4:2e:70:78: a3:93:1f:8f:a3:65:b0:56:ac:26:d5:2e:57:be:d1: a5:67:8f:80:fe:3c:65:fd:b4:6d:31:1c:74:30:a8: 97:78:8f:6d:80:07:4c:3e:2a:f9:80:2b:64:b0:8f: b5:e0:ac:08:5c:b2:c4:b8:24:33:d7:7b:26:85:4a: b1:84:80:48:4e:bf:3c:f4:ff:85:46:72:32:18:7d: 57:1b:3d:c9:a9:32:35:79:bd:0e:1f:75:10:73:70: ab:50:cc:9a:9a:f6:89:e1:7c:a7:30:d0:8b:e6:d5: 10:5d:5b:b2:1b:25:18:00:22:a3:74:ca:c8:70:dd: c2:32:bb:9b:e4:30:5d:fa:9e:a6:e1:be:e5:8d:89: 5e:9b:c7:08:08:33:9e:20:77:41:d8:d7:26:4d:16: 40:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:25:68:B6:54:67:C7:29:36:89:B1:5B:87:1A:A0:F0:DF:F5:00:1D X509v3 Authority Key Identifier: keyid:AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:40:ab:d2:0c:b0:e4:51:18:60:22:08:c8:d5:07:03:c8:ad: ba:34:cb:80:af:a6:87:a8:84:7b:b1:c5:91:44:43:17:0c:f1: df:7c:97:54:7b:92:3e:dd:81:80:e5:94:15:be:a4:d7:c2:a7: 72:10:ef:07:3e:36:86:48:3f:de:6e:d5:dc:00:ef:e9:ad:69: aa:4d:89:6b:7b:9e:df:73:df:0b:8c:ce:06:35:06:d4:c3:4d: 3e:22:c1:25:0f:06:61:4d:5c:03:6d:36:4c:4e:c0:ae:4c:c3: 7e:3b:6c:c8:90:0f:85:f3:53:c3:81:69:0d:7d:e9:c4:23:0d: e3:51:cf:40:92:4e:a5:69:e6:77:9c:79:13:e7:eb:80:c5:fe: bc:52:53:e7:ff:1f:a6:95:d7:31:25:ea:a6:f2:56:47:13:89: 6f:75:8f:00:6c:db:27:39:51:09:86:a3:68:b5:bf:73:f8:08: d3:d7:af:dd:6b:8d:9e:77:55:45:3e:d2:05:6e:b7:cf:57:45: 9a:5e:ac:50:42:23:e9:26:2a:4f:22:62:ef:f0:1b:96:bc:83: 96:c3:43:7b:9d:26:c1:8c:fd:80:32:7d:04:b9:c2:bc:ea:ce: 64:b2:30:a8:ea:f7:8f:ab:05:df:c8:a2:be:ad:92:3b:e2:4a: e8:3b:b0:76 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZI5cfYfoh6xQMOi237pIi0HMplwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQw MkQ2QUYyMTAeFw0yNTA0MDkwOTQ2MzdaFw0yNTA0MTIxODUzMzdaMDMxMTAvBgNV BAMTKDU4MjU2OEI2NTQ2N0M3MjkzNjg5QjE1Qjg3MUFBMEYwREZGNTAwMUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqtWa2yoyf7+p9eE9N7YJconYW O6tQed2LSrbKmdOjAlY0JgIO2ehK4pAKTfV1NDkz7mzqLUapfIpaGNRUX6/Op0d9 /DFxP7iY2Gc8rj5iDgwRMTQQK6xCQlhvDIVIDdaY0drH1C5weKOTH4+jZbBWrCbV Lle+0aVnj4D+PGX9tG0xHHQwqJd4j22AB0w+KvmAK2Swj7XgrAhcssS4JDPXeyaF SrGEgEhOvzz0/4VGcjIYfVcbPcmpMjV5vQ4fdRBzcKtQzJqa9onhfKcw0Ivm1RBd W7IbJRgAIqN0yshw3cIyu5vkMF36nqbhvuWNiV6bxwgIM54gd0HY1yZNFkBdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUWCVotlRnxyk2ibFbhxqg8N/1AB0wHwYDVR0j BBgwFoAUqj1/UDyZwKtjDVTFKDg8NALWryEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMC9BQTNEN0Y1MDND OTlDMEFCNjMwRDU0QzUyODM4M0MzNDAyRDZBRjIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQwMkQ2 QUYyMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTZjZDAzMjUtMzFhZi00ZmZlLThi ZWItZTc3OTk3ZTZjM2UxLzAvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODND MzQwMkQ2QUYyMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAF5Aq9IMsORRGGAiCMjVBwPIrbo0y4Cvpoeo hHuxxZFEQxcM8d98l1R7kj7dgYDllBW+pNfCp3IQ7wc+NoZIP95u1dwA7+mtaapN iWt7nt9z3wuMzgY1BtTDTT4iwSUPBmFNXANtNkxOwK5Mw347bMiQD4XzU8OBaQ19 6cQjDeNRz0CSTqVp5neceRPn64DF/rxSU+f/H6aV1zEl6qbyVkcTiW91jwBs2yc5 UQmGo2i1v3P4CNPXr91rjZ53VUU+0gVut89XRZperFBCI+kmKk8iYu/wG5a8g5bD Q3udJsGM/YAyfQS5wrzqzmSyMKjq94+rBd/Ior6tkjviSug7sHY= -----END CERTIFICATE-----Generated at Wed Apr 9 15:49:23 2025 by rpki-client