$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: sqDoIbIJ/jjWrOXEwNYrYw/ZFrHFsISSt1rGHpHC7SM= Subject key identifier: FF:9E:25:E8:A4:7B:11:B2:86:4E:6D:E6:A1:07:38:C7:93:DE:39:5F Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 590D5168755A7F4DD2D9C4D8531B8DA171E5A658 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 01C1 Signing time: Wed 04 Jun 2025 01:11:51 +0000 Manifest this update: Wed 04 Jun 2025 01:06:51 +0000 Manifest next update: Sat 07 Jun 2025 06:51:51 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: kg57hdlQ7pzELuGpm76mwUQRo6t/6dVurCYo0faXkCQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:51:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:0d:51:68:75:5a:7f:4d:d2:d9:c4:d8:53:1b:8d:a1:71:e5:a6:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Jun 4 01:06:51 2025 GMT Not After : Jun 7 06:51:51 2025 GMT Subject: CN=FF9E25E8A47B11B2864E6DE6A10738C793DE395F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:ce:ae:50:05:b7:11:44:95:59:b3:35:11:1f: d3:88:62:dd:0d:6b:fc:65:aa:8e:bb:75:a9:07:5a: 6d:94:f5:c8:d7:62:fc:76:ab:3e:d8:7b:c4:86:35: 8f:f6:a7:32:09:e8:62:55:c7:b0:31:f9:4d:08:b1: 6a:b4:65:d7:1a:85:37:01:f9:34:8e:6a:84:96:92: 01:8d:01:2e:1c:6d:a1:88:ca:92:2a:4f:46:4a:71: b9:15:89:34:96:72:67:37:c3:c1:d8:a1:08:bf:4c: ab:66:70:86:67:a9:00:92:d2:10:92:15:e9:d5:a5: 8f:bb:1d:0d:88:fc:d5:d7:74:0f:59:dd:b9:18:66: d3:68:1a:84:05:9f:c2:e1:a3:0f:db:09:1a:90:2b: 06:ef:1f:d7:05:05:e2:38:6b:d1:ed:97:c8:ed:08: d2:d4:e4:ad:88:9b:f3:e3:aa:9a:7d:29:e4:f1:a0: 20:e6:8f:72:81:ba:b2:92:42:bf:e4:97:e1:86:e7: 90:07:d9:fd:bb:ae:f8:5d:94:0f:6b:97:20:ff:82: f4:11:18:9f:a5:0f:40:ca:e5:3e:29:66:69:90:3e: f7:0e:1b:fd:7c:0c:6f:8d:fc:79:b0:d0:e0:59:12: 10:a1:fc:86:77:0d:1c:f6:43:21:e2:3f:d5:ea:75: db:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:9E:25:E8:A4:7B:11:B2:86:4E:6D:E6:A1:07:38:C7:93:DE:39:5F X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:d3:ac:f1:4d:93:a1:d7:f6:c2:d6:65:2f:a8:5b:6a:d0:25: 29:cb:32:d5:fd:b9:8f:f1:14:e3:30:a4:20:29:d7:5a:69:11: 54:13:cf:0b:f7:91:be:e4:2a:43:b5:6f:10:82:87:59:5a:6b: cb:fd:2f:90:6b:dd:1a:c1:2f:5c:4f:11:fb:7b:ca:76:98:f9: a4:ee:70:c5:16:5a:26:79:4d:ad:d7:fe:85:6c:2d:c4:f5:97: 6a:83:1d:6a:be:3a:d0:a4:fe:42:72:99:e9:48:11:86:d5:d6: f4:c6:18:f4:3a:91:33:45:5b:d6:37:eb:42:af:e3:b2:75:1f: b1:1a:f5:38:f4:fb:22:90:36:97:a0:1e:0d:8e:87:7e:11:d7: 2a:5a:eb:c0:9b:a9:e8:3e:a1:08:fb:10:c4:21:05:38:51:a1: e1:6e:b8:f2:fd:d2:ac:ff:63:e6:48:62:56:56:48:64:33:0b: 6f:7c:d9:eb:24:09:97:30:e5:e2:53:85:01:79:15:4d:bc:84: 3f:97:94:b3:96:e6:2a:d6:a7:fc:99:be:6d:ff:48:87:6c:c9: 03:f4:56:10:66:f9:f4:7f:22:82:e6:30:3d:f0:22:bd:11:70: 91:3e:5b:4f:c4:80:de:9b:d9:0b:08:45:be:fc:ec:7f:cc:b7: ec:1d:3b:61 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWQ1RaHVaf03S2cTYUxuNoXHlplgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTA2MDQwMTA2NTFaFw0yNTA2MDcwNjUxNTFaMDMxMTAvBgNV BAMTKEZGOUUyNUU4QTQ3QjExQjI4NjRFNkRFNkExMDczOEM3OTNERTM5NUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZzq5QBbcRRJVZszURH9OIYt0N a/xlqo67dakHWm2U9cjXYvx2qz7Ye8SGNY/2pzIJ6GJVx7Ax+U0IsWq0ZdcahTcB +TSOaoSWkgGNAS4cbaGIypIqT0ZKcbkViTSWcmc3w8HYoQi/TKtmcIZnqQCS0hCS FenVpY+7HQ2I/NXXdA9Z3bkYZtNoGoQFn8Lhow/bCRqQKwbvH9cFBeI4a9Htl8jt CNLU5K2Im/Pjqpp9KeTxoCDmj3KBurKSQr/kl+GG55AH2f27rvhdlA9rlyD/gvQR GJ+lD0DK5T4pZmmQPvcOG/18DG+N/Hmw0OBZEhCh/IZ3DRz2QyHiP9XqddubAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU/54l6KR7EbKGTm3moQc4x5PeOV8wHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHHTrPFNk6HX9sLWZS+oW2rQJSnLMtX9uY/x FOMwpCAp11ppEVQTzwv3kb7kKkO1bxCCh1laa8v9L5Br3RrBL1xPEft7ynaY+aTu cMUWWiZ5Ta3X/oVsLcT1l2qDHWq+OtCk/kJymelIEYbV1vTGGPQ6kTNFW9Y360Kv 47J1H7Ea9Tj0+yKQNpegHg2Oh34R1ypa68Cbqeg+oQj7EMQhBThRoeFuuPL90qz/ Y+ZIYlZWSGQzC2982eskCZcw5eJThQF5FU28hD+XlLOW5irWp/yZvm3/SIdsyQP0 VhBm+fR/IoLmMD3wIr0RcJE+W0/EgN6b2QsIRb787H/Mt+wdO2E= -----END CERTIFICATE-----Generated at Thu Jun 5 18:33:42 2025 by rpki-client