$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: 90ULr2CEyfyHGMaKAg9mJozmrT9RXtL4AdhC+D9sBxY= Subject key identifier: 7A:68:76:E2:69:72:AD:88:A7:38:6E:DA:5A:10:ED:E1:46:AC:01:F1 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 0AF8F02BBBC69ED40550A0475F956350D85BD262 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 016C Signing time: Fri 22 Nov 2024 17:21:54 +0000 Manifest this update: Fri 22 Nov 2024 17:16:54 +0000 Manifest next update: Mon 25 Nov 2024 22:37:54 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: 3iKuPzjbmQ4iR6IUh8e5l/smJvHApQa/70VtiAkMXCs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:f8:f0:2b:bb:c6:9e:d4:05:50:a0:47:5f:95:63:50:d8:5b:d2:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Nov 22 17:16:54 2024 GMT Not After : Nov 25 22:37:54 2024 GMT Subject: CN=7A6876E26972AD88A7386EDA5A10EDE146AC01F1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:7d:59:47:4f:49:8e:d4:68:22:a0:c3:96:ce: 35:35:d1:24:4b:a1:cc:86:db:83:77:fa:24:1d:18: 92:f4:c2:8d:8a:76:ee:5a:67:7e:82:db:41:a6:41: cf:da:c2:b0:cb:02:01:58:3a:e2:e6:88:c9:74:72: fa:fa:cb:a6:e0:ed:c5:e8:03:08:35:69:13:ce:49: c1:d5:46:2a:86:23:4a:32:da:15:0e:4d:00:07:00: d5:98:e7:99:6c:a2:83:b3:1a:49:0d:b3:68:ef:8e: f7:df:7a:61:54:43:35:8a:d1:24:3a:be:d0:fc:52: 68:41:2f:67:9c:5f:5d:e8:41:b0:00:ef:eb:b3:c8: 29:45:3c:56:5c:0b:77:35:fe:f7:00:b6:a3:18:cd: 77:66:02:60:a1:94:d5:05:71:07:0f:6a:94:bb:41: 06:e5:60:2d:cb:d7:79:d6:0c:08:be:41:37:8c:47: 38:c8:36:ac:89:5c:b5:14:04:62:f2:9f:9c:fa:59: a2:11:ad:f2:37:8c:b8:f5:ca:43:cd:4f:ca:3f:2e: 03:0b:d4:20:2c:76:f3:30:f6:15:4d:2a:89:06:39: 53:6e:d5:9d:76:29:da:90:07:56:d7:dc:1f:62:5f: b9:58:4f:de:f6:23:22:04:9b:65:30:96:ae:28:68: 97:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:68:76:E2:69:72:AD:88:A7:38:6E:DA:5A:10:ED:E1:46:AC:01:F1 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:2e:ca:c2:c4:8c:1c:d8:14:18:19:59:e6:a8:4a:06:75:34: 4a:cd:e0:1c:68:55:0b:e1:86:22:94:bc:04:f3:10:fe:c5:15: 4e:bf:20:aa:8f:8e:e9:ec:3e:b4:3c:d6:14:e1:ab:92:58:8e: e1:28:b1:e2:2c:f4:e0:2e:e4:a2:c0:d3:53:aa:62:b9:dd:b3: ce:96:db:94:97:3a:d0:c0:0e:5a:c9:2f:fb:18:21:a1:8b:43: 9d:fb:6a:fb:57:27:cf:80:b9:23:31:02:d3:3c:b3:5a:0e:0d: d8:37:93:53:d1:05:a0:b1:c4:61:29:a0:4a:c9:66:d9:4a:0e: 64:29:a8:d7:fb:87:d5:06:83:d7:50:ce:e2:33:51:2f:4c:ba: 37:f5:f6:6c:ec:70:df:2e:6d:e3:7c:9e:d0:77:3c:8f:e4:d1: c7:ac:bb:fa:90:66:b5:4c:00:fb:8c:88:0e:8f:6f:0a:d0:3e: b3:23:d2:e0:14:53:cb:a8:f9:f0:bd:ce:3e:18:75:9b:8d:ac: d5:d2:23:4d:0a:09:67:a9:5e:1b:23:32:e3:e6:dd:9c:87:98: 5a:ed:9a:22:6e:6b:02:cc:7b:57:12:e8:09:b4:06:88:73:ce: 63:36:24:1c:fe:5c:56:a6:d0:95:67:5b:32:19:48:87:b6:0f: df:64:9e:bb -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCvjwK7vGntQFUKBHX5VjUNhb0mIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNDExMjIxNzE2NTRaFw0yNDExMjUyMjM3NTRaMDMxMTAvBgNV BAMTKDdBNjg3NkUyNjk3MkFEODhBNzM4NkVEQTVBMTBFREUxNDZBQzAxRjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6fVlHT0mO1GgioMOWzjU10SRL ocyG24N3+iQdGJL0wo2Kdu5aZ36C20GmQc/awrDLAgFYOuLmiMl0cvr6y6bg7cXo Awg1aRPOScHVRiqGI0oy2hUOTQAHANWY55lsooOzGkkNs2jvjvffemFUQzWK0SQ6 vtD8UmhBL2ecX13oQbAA7+uzyClFPFZcC3c1/vcAtqMYzXdmAmChlNUFcQcPapS7 QQblYC3L13nWDAi+QTeMRzjINqyJXLUUBGLyn5z6WaIRrfI3jLj1ykPNT8o/LgML 1CAsdvMw9hVNKokGOVNu1Z12KdqQB1bX3B9iX7lYT972IyIEm2Uwlq4oaJcVAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUemh24mlyrYinOG7aWhDt4UasAfEwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIguysLEjBzYFBgZWeaoSgZ1NErN4BxoVQvh hiKUvATzEP7FFU6/IKqPjunsPrQ81hThq5JYjuEoseIs9OAu5KLA01OqYrnds86W 25SXOtDADlrJL/sYIaGLQ537avtXJ8+AuSMxAtM8s1oODdg3k1PRBaCxxGEpoErJ ZtlKDmQpqNf7h9UGg9dQzuIzUS9Mujf19mzscN8ubeN8ntB3PI/k0cesu/qQZrVM APuMiA6PbwrQPrMj0uAUU8uo+fC9zj4YdZuNrNXSI00KCWepXhsjMuPm3ZyHmFrt miJuawLMe1cS6Am0BohzzmM2JBz+XFam0JVnWzIZSIe2D99knrs= -----END CERTIFICATE-----Generated at Fri Nov 22 19:43:50 2024 by rpki-client on console-ams.rpki-client.org