$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: DysbF1M6xNp42d3W+MhQhAqvgvLrbfii/Ta/s6X4dYQ= Subject key identifier: 13:C7:D2:2D:E0:4E:23:54:F6:7F:9B:8E:13:E9:5F:82:43:E5:B0:0D Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 0DCEF685CCAA313DFC9795DC0B1797441AB8A4E0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 01EA Signing time: Fri 05 Sep 2025 14:51:50 +0000 Manifest this update: Fri 05 Sep 2025 14:46:50 +0000 Manifest next update: Tue 09 Sep 2025 02:35:50 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: WujfW5wNZ+gbltkpEesJB+R+8l2qlC+cV3gXEpikx7U=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 02:35:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:ce:f6:85:cc:aa:31:3d:fc:97:95:dc:0b:17:97:44:1a:b8:a4:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Sep 5 14:46:50 2025 GMT Not After : Sep 9 02:35:50 2025 GMT Subject: CN=13C7D22DE04E2354F67F9B8E13E95F8243E5B00D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:72:e9:5b:9f:d3:69:7f:d7:88:34:b5:df:13: 0e:57:80:c2:9c:55:d6:d0:de:27:83:33:ac:c6:63: 3a:7e:29:5a:19:8a:5b:6f:7b:1d:2a:04:c6:f1:b0: 3f:4f:ce:2f:cd:fe:14:85:52:4f:a5:58:c3:ea:e2: 22:43:78:10:c2:75:af:f7:67:1b:7d:89:15:cb:f0: 33:d1:89:ce:5b:2d:f8:24:a9:3f:3b:ec:35:e3:d4: f7:c4:63:3d:b0:52:be:6d:9e:d3:d0:c2:ed:a2:09: 9c:de:51:d3:95:55:85:55:f8:e3:59:c3:b3:b8:df: ff:1c:5f:ca:61:99:9a:05:14:d1:6b:29:6f:38:3e: 19:c4:f0:dd:d9:86:0c:85:9e:ad:ec:dc:9b:fd:64: 31:ef:3c:4a:cf:eb:60:51:86:f5:36:7c:ee:6c:b4: 0e:b9:f5:0f:be:60:31:70:89:d7:30:13:a2:60:f7: a5:f3:3c:38:5f:72:c3:b9:cc:b5:0b:8e:5b:4f:84: 52:4b:84:42:51:dd:03:2e:ea:5b:53:70:7a:40:23: ab:e1:e6:64:52:a8:99:8d:6c:43:e5:e7:7d:67:39: 08:a1:7f:fb:1a:c0:ea:09:78:9e:81:f2:bf:7f:37: c4:8e:53:fa:a1:02:a7:0a:11:d1:4c:37:e5:7b:c2: 75:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:C7:D2:2D:E0:4E:23:54:F6:7F:9B:8E:13:E9:5F:82:43:E5:B0:0D X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:a8:ee:b3:fb:1c:96:35:0b:e3:e9:3a:7f:34:95:7e:53:b8: fd:d5:88:68:b5:bb:ea:1e:d3:9d:54:c5:23:21:c1:d6:2d:de: e4:f8:35:90:18:36:12:09:1c:71:4c:8f:55:ef:8f:35:b3:2c: d9:4a:f8:ab:46:3a:e3:44:32:60:6f:31:05:d1:34:cb:11:ec: 2a:ac:61:9e:8f:4b:6a:c7:8d:23:f4:6d:77:c9:14:b7:bd:21: f0:82:5d:e5:93:09:36:33:6a:9f:7e:19:1b:13:b1:6f:32:5c: bb:cb:15:e5:fa:1a:38:e1:bc:8d:ec:6c:27:50:df:32:b1:19: 60:c1:2d:a6:f9:35:96:13:5f:c2:9d:cb:f8:40:32:a1:e4:fa: cd:9b:29:88:42:2a:ba:8b:8c:05:13:57:69:0d:7e:c9:e8:f9: 0a:42:21:dc:10:08:e9:54:91:44:01:47:fd:d0:d1:de:07:1c: 8f:bf:a0:9b:69:d7:f0:7f:c1:12:23:9d:af:99:37:12:d2:1a: 3e:cc:82:e0:6e:6a:4b:77:2a:5f:52:82:55:83:55:db:a1:99: 2a:24:55:44:4c:bb:b6:f6:3e:77:39:5f:bd:f2:48:1d:9b:ff: 35:eb:59:2f:ff:4b:20:45:2a:43:8c:b9:b3:07:4f:4b:42:76: 57:e6:0c:9a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUDc72hcyqMT38l5XcCxeXRBq4pOAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTA5MDUxNDQ2NTBaFw0yNTA5MDkwMjM1NTBaMDMxMTAvBgNV BAMTKDEzQzdEMjJERTA0RTIzNTRGNjdGOUI4RTEzRTk1RjgyNDNFNUIwMEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5culbn9Npf9eINLXfEw5XgMKc VdbQ3ieDM6zGYzp+KVoZiltvex0qBMbxsD9Pzi/N/hSFUk+lWMPq4iJDeBDCda/3 Zxt9iRXL8DPRic5bLfgkqT877DXj1PfEYz2wUr5tntPQwu2iCZzeUdOVVYVV+ONZ w7O43/8cX8phmZoFFNFrKW84PhnE8N3ZhgyFnq3s3Jv9ZDHvPErP62BRhvU2fO5s tA659Q++YDFwidcwE6Jg96XzPDhfcsO5zLULjltPhFJLhEJR3QMu6ltTcHpAI6vh 5mRSqJmNbEPl531nOQihf/sawOoJeJ6B8r9/N8SOU/qhAqcKEdFMN+V7wnXLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUE8fSLeBOI1T2f5uOE+lfgkPlsA0wHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGao7rP7HJY1C+PpOn80lX5TuP3ViGi1u+oe 051UxSMhwdYt3uT4NZAYNhIJHHFMj1XvjzWzLNlK+KtGOuNEMmBvMQXRNMsR7Cqs YZ6PS2rHjSP0bXfJFLe9IfCCXeWTCTYzap9+GRsTsW8yXLvLFeX6GjjhvI3sbCdQ 3zKxGWDBLab5NZYTX8Kdy/hAMqHk+s2bKYhCKrqLjAUTV2kNfsno+QpCIdwQCOlU kUQBR/3Q0d4HHI+/oJtp1/B/wRIjna+ZNxLSGj7MguBuakt3Kl9SglWDVduhmSok VURMu7b2Pnc5X73ySB2b/zXrWS//SyBFKkOMubMHT0tCdlfmDJo= -----END CERTIFICATE-----Generated at Sun Sep 7 14:00:50 2025 by rpki-client