$ rpki-client -vvf repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft File: BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft (raw, json) Hash identifier: khDc9Fge8tgkXsa2MP5Ap4sAmU/S7kbu3Flt+mw9cgM= Subject key identifier: 71:79:90:4C:43:C8:5B:03:67:D2:3E:65:81:56:D1:71:21:E2:CD:50 Authority key identifier: BD:9B:7A:89:C8:5E:0D:F6:78:6F:5B:D5:1D:4B:7D:96:36:18:23:1A Certificate issuer: /CN=BD9B7A89C85E0DF6786F5BD51D4B7D963618231A Certificate serial: 01C8E556D396B7690A19EA4CEF0B2BD3262249A4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft Manifest number: AA Signing time: Sat 07 Jun 2025 09:51:10 +0000 Manifest this update: Sat 07 Jun 2025 09:46:10 +0000 Manifest next update: Tue 10 Jun 2025 14:39:10 +0000 Files and hashes: 1: 3135372e32302e3137382e302f32332d3233203d3e20313532343138.roa (hash: Gr1mlE+rzWEpOTNh6WPoTj4w/1KCxiBabRIKttXDzDg=) 2: BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl (hash: Hvz9X4ZLcqZUS/0mltt7v9O0j69jmHPcuJ99Ap4vXgk=) 3: 3135372e32302e3137382e302f32342d3234203d3e20313532343138.roa (hash: t349gF8xh8M32UG8Ruer+VIkvNUKNNfdFe/xLjKGLjs=) 4: 3135372e32302e3137392e302f32342d3234203d3e20313532343138.roa (hash: Z2FYRByoR87CHEnziWjFnKQyuENb6OACYT6R1ULlqwE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 06:30:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:c8:e5:56:d3:96:b7:69:0a:19:ea:4c:ef:0b:2b:d3:26:22:49:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD9B7A89C85E0DF6786F5BD51D4B7D963618231A Validity Not Before: Jun 7 09:46:10 2025 GMT Not After : Jun 10 14:39:10 2025 GMT Subject: CN=7179904C43C85B0367D23E658156D17121E2CD50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:86:71:3c:5b:23:c6:70:7b:40:f0:3f:5b:1f: 29:ec:92:41:4e:f9:56:70:1d:fa:af:6c:79:6d:5e: 04:a8:0c:b0:3d:3f:cc:1b:06:de:df:48:b3:a3:f0: 81:b5:22:a6:72:55:69:b3:7a:24:7b:a4:85:1e:5c: f4:6b:e6:39:51:08:66:20:5b:94:69:b9:b3:ab:9b: f8:40:c8:1e:0b:a7:b9:4a:0c:39:e4:40:ca:a4:62: 45:7a:ee:c2:ba:06:53:bc:61:4a:57:4a:72:94:69: 72:d7:54:b8:f1:d8:54:02:a2:d6:d7:7c:5e:c5:8c: 10:89:2a:6e:7c:db:65:2b:4d:20:46:7e:9d:b2:fb: e4:a3:2f:43:92:dc:8f:ec:9e:0b:35:2a:3a:b5:91: b2:d8:bb:a1:99:73:0c:3c:3f:94:c2:7b:fa:df:0b: c3:02:de:ed:f6:28:bd:0f:75:2a:13:8d:98:f2:58: 0f:fa:69:96:91:ca:25:da:13:51:b4:4a:b7:87:d7: 76:25:b0:c2:e1:64:6a:db:ac:31:4d:b4:ee:ef:0a: d7:b3:21:81:62:21:6c:6f:dc:75:2a:d7:54:96:1a: 73:02:84:ca:4f:8d:5b:28:c5:3a:be:05:5f:23:38: 6a:19:57:ff:bf:29:c2:98:4d:80:76:b7:ae:14:36: 5d:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:79:90:4C:43:C8:5B:03:67:D2:3E:65:81:56:D1:71:21:E2:CD:50 X509v3 Authority Key Identifier: keyid:BD:9B:7A:89:C8:5E:0D:F6:78:6F:5B:D5:1D:4B:7D:96:36:18:23:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:8a:d3:55:d8:b7:3f:a5:a8:93:05:ea:73:49:05:00:72:05: ac:25:02:46:05:f8:e0:bd:90:df:2b:31:44:29:88:c4:df:53: 99:63:8b:cb:8b:a7:5c:a3:df:50:bb:0b:5a:27:62:92:fb:5c: 4c:75:34:d0:15:b0:db:97:81:7a:9c:d0:8d:fb:16:4e:aa:23: 76:36:9e:bd:5f:b3:2c:88:e7:20:15:c4:11:7f:ac:cb:6e:a7: 01:2d:28:fe:fe:15:ce:f4:60:dd:29:c4:1b:50:51:2b:5e:a6: f0:be:3d:13:28:c7:fd:fe:9a:22:b1:bd:13:4a:69:b4:1c:45: cb:37:20:42:43:79:e9:76:67:e9:c4:e1:12:6c:d0:fe:91:20: 2f:bc:5c:16:2e:42:ab:86:7b:d8:84:44:00:b0:5f:4a:ad:23: 8b:f6:ff:e6:da:fb:f9:de:36:f7:d3:3b:1d:12:14:af:b3:d3: 52:4c:f4:dd:06:3d:3f:7d:e6:2a:ce:5a:33:1d:42:ac:1d:67: a4:78:bf:b9:9c:54:8d:a8:e9:b9:f3:4a:9a:57:b4:e8:c9:b5: 69:6e:ab:ed:0c:52:31:8a:01:25:70:5b:d9:b1:45:93:f0:86: 68:8c:be:39:ed:01:f6:d4:5b:02:35:9c:e2:b7:c8:ed:54:c8: a5:25:80:81 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUAcjlVtOWt2kKGepM7wsr0yYiSaQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdEOTYz NjE4MjMxQTAeFw0yNTA2MDcwOTQ2MTBaFw0yNTA2MTAxNDM5MTBaMDMxMTAvBgNV BAMTKDcxNzk5MDRDNDNDODVCMDM2N0QyM0U2NTgxNTZEMTcxMjFFMkNENTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4hnE8WyPGcHtA8D9bHynskkFO +VZwHfqvbHltXgSoDLA9P8wbBt7fSLOj8IG1IqZyVWmzeiR7pIUeXPRr5jlRCGYg W5RpubOrm/hAyB4Lp7lKDDnkQMqkYkV67sK6BlO8YUpXSnKUaXLXVLjx2FQCotbX fF7FjBCJKm5822UrTSBGfp2y++SjL0OS3I/sngs1Kjq1kbLYu6GZcww8P5TCe/rf C8MC3u32KL0PdSoTjZjyWA/6aZaRyiXaE1G0SreH13YlsMLhZGrbrDFNtO7vCtez IYFiIWxv3HUq11SWGnMChMpPjVsoxTq+BV8jOGoZV/+/KcKYTYB2t64UNl2JAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUcXmQTEPIWwNn0j5lgVbRcSHizVAwHwYDVR0j BBgwFoAUvZt6icheDfZ4b1vVHUt9ljYYIxowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MzYwNjZlOC04ZTE5LTRkZTctOTQ3Yi05NGVlM2NkMDlmODUvMC9CRDlCN0E4OUM4 NUUwREY2Nzg2RjVCRDUxRDRCN0Q5NjM2MTgyMzFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdEOTYzNjE4 MjMxQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjM2MDY2ZTgtOGUxOS00ZGU3LTk0 N2ItOTRlZTNjZDA5Zjg1LzAvQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdE OTYzNjE4MjMxQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKyK01XYtz+lqJMF6nNJBQByBawlAkYF+OC9 kN8rMUQpiMTfU5lji8uLp1yj31C7C1onYpL7XEx1NNAVsNuXgXqc0I37Fk6qI3Y2 nr1fsyyI5yAVxBF/rMtupwEtKP7+Fc70YN0pxBtQUStepvC+PRMox/3+miKxvRNK abQcRcs3IEJDeel2Z+nE4RJs0P6RIC+8XBYuQquGe9iERACwX0qtI4v2/+ba+/ne NvfTOx0SFK+z01JM9N0GPT995irOWjMdQqwdZ6R4v7mcVI2o6bnzSppXtOjJtWlu q+0MUjGKASVwW9mxRZPwhmiMvjntAfbUWwI1nOK3yO1UyKUlgIE= -----END CERTIFICATE-----Generated at Sat Jun 7 17:34:09 2025 by rpki-client