$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: csoBCJx9OiTM2LvVkxURDkoic8O164wVm8DfW0cCOZI= Subject key identifier: 87:D0:4D:EE:27:04:98:70:75:87:4C:48:BA:F0:67:51:CB:62:47:D7 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 21A1CA763C573101BFEA719EE78C88B47E7B2D36 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 0117 Signing time: Sat 18 May 2024 20:01:38 +0000 Manifest this update: Sat 18 May 2024 19:56:38 +0000 Manifest next update: Wed 22 May 2024 03:55:38 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: 9T/x7vlYYhq+Zeum3rEFeNozG0vI3zCPXd+k5nn2+1Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 20:59:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:a1:ca:76:3c:57:31:01:bf:ea:71:9e:e7:8c:88:b4:7e:7b:2d:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: May 18 19:56:38 2024 GMT Not After : May 22 03:55:38 2024 GMT Subject: CN=87D04DEE2704987075874C48BAF06751CB6247D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:9f:ea:c9:c3:d7:6a:97:e9:c2:3b:8b:94:ae: 70:70:89:fe:d8:a1:8e:7e:38:0a:97:df:ab:4c:e8: b7:ef:4f:b0:8a:29:09:e3:52:bc:2b:4e:86:1f:a1: bc:a2:d9:4e:9c:88:0a:c8:f5:bd:e9:32:de:d9:13: b7:4b:61:d5:11:3b:b0:4d:81:83:0c:b7:8c:56:e8: e8:ae:d3:5a:29:6f:ac:44:dd:12:37:84:19:5f:70: 71:88:74:ca:e0:c4:c6:2a:87:ee:87:c5:df:c5:03: b0:e4:d5:19:12:36:65:d0:42:69:52:52:30:72:62: 7f:a9:6b:cf:64:22:42:95:24:58:57:8a:c8:5e:fd: e7:0a:88:8c:89:ac:e1:b7:4a:73:8e:fc:37:01:4b: e1:3b:e1:05:59:c3:0e:c1:7a:a6:11:6d:09:12:93: 21:a0:de:ae:0d:e3:5c:64:65:be:46:da:e7:2d:8b: 9e:c9:51:16:12:43:e3:91:8a:4c:e2:58:ee:71:52: 6e:26:2f:87:c4:13:3f:1f:3f:b5:c5:9c:b8:65:40: 81:06:ad:61:23:7b:06:96:42:54:09:ce:a4:3b:24: bd:77:10:8d:f0:e2:a4:bc:63:99:5d:f6:12:31:4a: 40:7f:36:71:04:b6:1f:85:7e:97:1d:ef:3c:7b:cf: 7f:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:D0:4D:EE:27:04:98:70:75:87:4C:48:BA:F0:67:51:CB:62:47:D7 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:76:20:d7:f0:3d:25:78:82:f9:1e:8f:d1:3d:aa:b9:b4:1a: 36:09:b3:6d:ff:53:b3:f1:9e:e8:f0:1c:37:d5:13:5c:e1:4c: ac:df:29:db:1c:e5:53:b8:4a:5b:85:9d:48:27:12:1b:fe:18: c5:36:48:95:fe:48:45:5e:3c:41:e9:7a:5c:e7:52:12:57:23: 25:67:f1:5a:2e:1a:bc:e5:48:90:da:17:5c:91:8e:85:8b:89: 90:5e:9d:6e:f1:24:28:b1:91:a8:49:cb:ac:05:23:a3:07:c1: 3e:66:2b:88:ce:aa:6c:4b:44:cc:f7:89:e5:04:c8:bd:ca:21: 60:1a:c9:c8:5f:8f:e0:57:d1:c1:30:49:fb:c6:b3:16:a1:fc: c4:16:84:96:2a:2e:bf:f4:99:f3:f3:11:2b:52:4c:7d:41:d2: 62:06:70:ad:06:97:a5:b2:2b:d3:8e:3e:8c:64:bd:17:f3:99: 48:91:f8:dd:de:5f:7b:18:ca:68:9f:8b:24:9a:42:e5:94:2d: 3f:f0:b9:0a:b1:ce:3f:cc:2c:04:34:1d:9f:e1:bb:a0:6b:da: 5a:4a:c0:9f:d2:99:1e:ef:d5:2d:87:1c:bf:82:05:47:e8:10: fe:bd:c3:9a:bd:e0:a1:5c:71:91:65:f5:69:f9:bf:ac:a0:1a: 6f:c1:ee:0f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIaHKdjxXMQG/6nGe54yItH57LTYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNDA1MTgxOTU2MzhaFw0yNDA1MjIwMzU1MzhaMDMxMTAvBgNV BAMTKDg3RDA0REVFMjcwNDk4NzA3NTg3NEM0OEJBRjA2NzUxQ0I2MjQ3RDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqn+rJw9dql+nCO4uUrnBwif7Y oY5+OAqX36tM6LfvT7CKKQnjUrwrToYfobyi2U6ciArI9b3pMt7ZE7dLYdURO7BN gYMMt4xW6Oiu01opb6xE3RI3hBlfcHGIdMrgxMYqh+6Hxd/FA7Dk1RkSNmXQQmlS UjByYn+pa89kIkKVJFhXishe/ecKiIyJrOG3SnOO/DcBS+E74QVZww7BeqYRbQkS kyGg3q4N41xkZb5G2ucti57JURYSQ+ORikziWO5xUm4mL4fEEz8fP7XFnLhlQIEG rWEjewaWQlQJzqQ7JL13EI3w4qS8Y5ld9hIxSkB/NnEEth+Ffpcd7zx7z3+dAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUh9BN7icEmHB1h0xIuvBnUctiR9cwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIJ2INfwPSV4gvkej9E9qrm0GjYJs23/U7Px nujwHDfVE1zhTKzfKdsc5VO4SluFnUgnEhv+GMU2SJX+SEVePEHpelznUhJXIyVn 8VouGrzlSJDaF1yRjoWLiZBenW7xJCixkahJy6wFI6MHwT5mK4jOqmxLRMz3ieUE yL3KIWAaychfj+BX0cEwSfvGsxah/MQWhJYqLr/0mfPzEStSTH1B0mIGcK0Gl6Wy K9OOPoxkvRfzmUiR+N3eX3sYymifiySaQuWULT/wuQqxzj/MLAQ0HZ/hu6Br2lpK wJ/SmR7v1S2HHL+CBUfoEP69w5q94KFccZFl9Wn5v6ygGm/B7g8= -----END CERTIFICATE-----Generated at Sat May 18 21:30:46 2024 by rpki-client on console-ams.rpki-client.org