$ rpki-client -vvf repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.mft File: FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.mft (raw, json) Hash identifier: 0yUDBABMKjiRC/fM4gvSnInkEJKYg1mA9yucR7eNgfg= Subject key identifier: 5F:CF:90:5A:AD:15:26:E3:C4:2F:E8:E6:60:E1:87:4A:4D:05:D4:D1 Authority key identifier: FD:7C:5A:44:A3:CA:AF:7C:D1:40:CF:D1:C6:16:22:BA:5E:A2:E6:23 Certificate issuer: /CN=FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623 Certificate serial: 138D2F071BEEF838AFDE95B018563D18DFF003E9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.mft Manifest number: D8 Signing time: Mon 21 Jul 2025 03:22:14 +0000 Manifest this update: Mon 21 Jul 2025 03:17:14 +0000 Manifest next update: Thu 24 Jul 2025 06:21:14 +0000 Files and hashes: 1: FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.crl (hash: ayTDAj/yctwr5wivD5I1gKftn/kDF+3qgg8ZFWHk0o4=) 2: 3135372e32302e3132362e302f32332d3234203d3e20313532343130.roa (hash: mIAtzNrfjeKiFzHKpCt4+yI3FhKtEfckYghfutbPb44=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.crl rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 06:21:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:8d:2f:07:1b:ee:f8:38:af:de:95:b0:18:56:3d:18:df:f0:03:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623 Validity Not Before: Jul 21 03:17:14 2025 GMT Not After : Jul 24 06:21:14 2025 GMT Subject: CN=5FCF905AAD1526E3C42FE8E660E1874A4D05D4D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5d:41:8b:54:ae:e5:b2:c9:f1:b4:2a:48:48: 8e:23:ea:a0:17:d2:05:c7:c3:11:d6:8a:a5:b3:af: fb:5d:29:b2:ba:96:65:ea:3d:44:a9:67:66:20:85: 23:45:b4:da:4d:71:2c:c2:50:ba:38:e3:2a:af:6c: ec:06:82:96:6c:e6:d5:e1:7a:5f:23:ab:18:24:ac: 3b:fa:26:a0:85:0e:2a:04:e7:47:81:1e:c4:fb:8c: 55:7c:26:a0:0c:85:cf:d9:34:da:47:cf:6a:00:a8: 3a:7e:78:48:8e:36:9d:32:8d:80:19:9b:84:df:c0: 0f:08:ba:b3:77:f2:66:db:aa:2d:40:35:a6:73:f5: 8e:1a:7c:81:60:7e:e6:c8:38:0e:fa:43:31:17:c2: 8e:fc:85:4c:4a:9c:f2:87:80:c9:83:fa:d4:3a:92: 28:18:0b:03:99:10:6d:17:ba:80:d9:d0:44:c4:42: 14:4a:a0:3a:64:a0:11:90:30:f3:cf:45:7c:bd:c2: 38:24:be:07:92:aa:71:e3:43:ba:36:db:71:b9:17: c5:c3:32:69:5f:ba:71:4e:ce:cf:01:29:4e:9b:34: c7:3d:57:a9:fa:47:1c:7b:b5:dd:81:98:d4:2d:30: 02:91:af:e2:b9:6a:14:85:02:81:56:7f:f9:61:75: fc:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:CF:90:5A:AD:15:26:E3:C4:2F:E8:E6:60:E1:87:4A:4D:05:D4:D1 X509v3 Authority Key Identifier: keyid:FD:7C:5A:44:A3:CA:AF:7C:D1:40:CF:D1:C6:16:22:BA:5E:A2:E6:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a0f78bd4-c19b-4d40-aa54-ed8d7bc772ca/0/FD7C5A44A3CAAF7CD140CFD1C61622BA5EA2E623.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:b3:64:2b:63:b7:b6:d9:a6:3a:d4:1b:52:ed:49:6c:b5:db: 5e:0c:d4:5b:e0:8e:e4:9b:0f:fe:d6:f0:5a:8d:52:07:d8:33: 06:f9:b6:79:f6:5b:fc:44:eb:14:43:3b:9d:4b:48:7a:a6:fa: c1:9a:28:c2:a7:25:de:67:d7:40:54:ae:58:b4:1f:db:f5:d6: 8f:2e:17:10:52:03:1d:cb:44:ec:a4:13:da:42:0f:77:ed:49: 72:32:e7:ec:ca:c9:ec:5b:17:1c:12:55:15:3e:92:cf:7c:56: 43:57:a1:e1:ab:65:e3:ae:d7:1b:97:5f:e8:00:9e:5a:a2:db: d5:a8:77:2b:e4:7a:f9:50:cf:37:e7:09:ce:42:20:92:1e:7f: 33:d0:84:14:77:ff:fa:f6:3f:2f:ea:c4:65:1b:6c:83:46:ef: ee:4e:e8:7e:52:97:d6:67:23:6b:80:84:ea:f3:65:b2:e5:0c: 83:96:70:a5:7c:82:1d:5e:84:58:9a:fc:c7:92:40:78:8a:64: 89:89:7c:1d:d0:cf:6b:0f:c1:5f:dc:a7:79:28:f1:f4:d6:53: 2a:fc:53:03:7d:ef:9c:af:ed:c7:4e:8d:2c:d4:af:28:74:1a: fc:e6:65:2d:04:b8:cc:ad:e0:3e:37:e9:27:8d:c3:72:d0:85: 79:09:10:ac -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUE40vBxvu+Div3pWwGFY9GN/wA+kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkQ3QzVBNDRBM0NBQUY3Q0QxNDBDRkQxQzYxNjIyQkE1 RUEyRTYyMzAeFw0yNTA3MjEwMzE3MTRaFw0yNTA3MjQwNjIxMTRaMDMxMTAvBgNV BAMTKDVGQ0Y5MDVBQUQxNTI2RTNDNDJGRThFNjYwRTE4NzRBNEQwNUQ0RDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDXUGLVK7lssnxtCpISI4j6qAX 0gXHwxHWiqWzr/tdKbK6lmXqPUSpZ2YghSNFtNpNcSzCULo44yqvbOwGgpZs5tXh el8jqxgkrDv6JqCFDioE50eBHsT7jFV8JqAMhc/ZNNpHz2oAqDp+eEiONp0yjYAZ m4TfwA8IurN38mbbqi1ANaZz9Y4afIFgfubIOA76QzEXwo78hUxKnPKHgMmD+tQ6 kigYCwOZEG0XuoDZ0ETEQhRKoDpkoBGQMPPPRXy9wjgkvgeSqnHjQ7o223G5F8XD MmlfunFOzs8BKU6bNMc9V6n6Rxx7td2BmNQtMAKRr+K5ahSFAoFWf/lhdfxrAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUX8+QWq0VJuPEL+jmYOGHSk0F1NEwHwYDVR0j BBgwFoAU/XxaRKPKr3zRQM/RxhYiul6i5iMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h MGY3OGJkNC1jMTliLTRkNDAtYWE1NC1lZDhkN2JjNzcyY2EvMC9GRDdDNUE0NEEz Q0FBRjdDRDE0MENGRDFDNjE2MjJCQTVFQTJFNjIzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRkQ3QzVBNDRBM0NBQUY3Q0QxNDBDRkQxQzYxNjIyQkE1RUEy RTYyMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTBmNzhiZDQtYzE5Yi00ZDQwLWFh NTQtZWQ4ZDdiYzc3MmNhLzAvRkQ3QzVBNDRBM0NBQUY3Q0QxNDBDRkQxQzYxNjIy QkE1RUEyRTYyMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGKzZCtjt7bZpjrUG1LtSWy1214M1FvgjuSb D/7W8FqNUgfYMwb5tnn2W/xE6xRDO51LSHqm+sGaKMKnJd5n10BUrli0H9v11o8u FxBSAx3LROykE9pCD3ftSXIy5+zKyexbFxwSVRU+ks98VkNXoeGrZeOu1xuXX+gA nlqi29WodyvkevlQzzfnCc5CIJIefzPQhBR3//r2Py/qxGUbbING7+5O6H5Sl9Zn I2uAhOrzZbLlDIOWcKV8gh1ehFia/MeSQHiKZImJfB3Qz2sPwV/cp3ko8fTWUyr8 UwN975yv7cdOjSzUryh0GvzmZS0EuMyt4D436SeNw3LQhXkJEKw= -----END CERTIFICATE-----Generated at Tue Jul 22 11:48:27 2025 by rpki-client