$ rpki-client -vvf repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft File: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft (raw, json) Hash identifier: vAIINXWB5ML4GttHT6o2vJcgxlOZgqAX9oLON79Fkq4= Subject key identifier: 47:39:DB:FD:B2:A2:8B:D9:0A:20:B5:63:40:E6:CF:75:96:07:3A:F8 Authority key identifier: 3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 Certificate issuer: /CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Certificate serial: 43B5CEC1ABD79DFAF445CFDCBAC406C4C3903934 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft Manifest number: 0464 Signing time: Mon 02 Jun 2025 18:52:14 +0000 Manifest this update: Mon 02 Jun 2025 18:47:14 +0000 Manifest next update: Fri 06 Jun 2025 00:22:14 +0000 Files and hashes: 1: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: bPWP0OQUIp2Y9GGXuX0UNuWcLsy7WT1L06MXLwlNCSg=) 2: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: qMdSXe2z67bVJOmODSeb4BQMQ40LX9lF9FYmIAv+p7A=) 3: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: Y2PTe5fMMDYclXsLhLsiwjVncBgzuq5ROa1U1eOC/Wc=) 4: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl (hash: fKRZ4YURxBAp2jCk5XiVbhENXuXYG3WmeQd3fCVqodw=) 5: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: WgrIRzdaFJ0g4e27LMgAxhh+yicucERWndK+pSX36cg=) 6: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: 0GSE1PDB0X1nNRLhLL+YFIj25TLvzXb3P+1q7y2DYeY=) 7: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: yg0Ga2BI5N+zhlTssMp6B5+VROj1HXmBfDxoTWvqgpA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:22:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:b5:ce:c1:ab:d7:9d:fa:f4:45:cf:dc:ba:c4:06:c4:c3:90:39:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Validity Not Before: Jun 2 18:47:14 2025 GMT Not After : Jun 6 00:22:14 2025 GMT Subject: CN=4739DBFDB2A28BD90A20B56340E6CF7596073AF8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:72:00:9a:97:b8:cc:b7:e4:2c:72:b7:49:81: 1b:1a:0e:f8:61:10:3d:04:06:7c:37:20:57:81:63: a5:39:9c:22:23:48:1e:40:b3:f6:e3:53:55:32:52: 2a:d6:18:4a:44:94:47:9a:4e:83:71:10:b0:f4:c1: 5d:57:8e:77:9c:fa:92:48:0e:b1:a9:f8:57:87:5d: 36:97:ce:90:31:7c:80:5c:c7:45:d3:c4:0e:35:8d: 52:3a:1e:ac:dd:b4:f1:ee:83:96:42:8a:bc:9b:e7: 0d:da:9f:33:ad:27:25:24:74:1a:0a:4e:61:35:81: 08:3c:5f:b9:e8:90:80:34:99:60:4d:63:88:84:61: 60:df:bb:f3:16:8c:9a:7a:2c:1f:d3:4e:50:ef:75: f9:b6:24:96:ea:29:16:ff:37:a6:6e:b2:53:88:0d: 70:2b:1f:17:ae:e3:10:6f:06:2c:b4:5e:6c:6c:9e: c2:cc:66:eb:ff:04:83:1d:a2:80:92:71:93:07:39: d9:c7:a5:2a:38:23:93:6f:49:c9:db:34:dc:b7:3c: 20:1d:0c:d5:d3:e5:78:ab:ae:5e:ae:9c:c9:32:b2: f5:1b:c7:39:2a:a4:93:69:19:45:dc:50:f4:00:34: c9:1c:0c:39:91:1e:0c:07:33:61:4e:72:19:85:c2: 14:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:39:DB:FD:B2:A2:8B:D9:0A:20:B5:63:40:E6:CF:75:96:07:3A:F8 X509v3 Authority Key Identifier: keyid:3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:f7:ea:89:92:35:ba:b1:9f:95:c7:00:58:5a:d9:eb:cb:3a: d0:b0:5f:46:20:46:96:56:32:40:4e:fe:d9:a2:7d:44:4c:23: 23:4e:a7:fd:e2:e8:62:c9:5d:a9:46:6a:b0:88:61:d6:aa:f3: 89:65:ff:e0:55:1d:e6:f5:e3:0f:f8:08:4a:7f:ef:05:95:9e: c1:cc:80:ad:45:64:6c:97:de:0b:7b:4c:52:71:bb:e3:c4:4a: 64:12:fd:f2:77:d8:6c:9e:55:2f:ca:d6:a9:9e:7d:db:8c:3a: 5a:84:c4:f5:08:d0:9e:ea:18:73:08:64:3b:89:04:eb:71:44: 03:ee:e9:b0:0a:8a:c1:c2:08:e6:e2:90:64:39:3e:72:ed:e9: b0:e5:be:fa:4d:22:20:5b:0a:8c:77:59:e7:c7:a5:ea:c6:3b: 64:b4:e8:71:32:ea:b8:5f:d7:08:70:16:e1:c0:61:0a:6d:2c: 42:77:c5:30:bd:8c:79:de:48:54:03:42:8a:cd:e1:ce:e8:d2: e9:ba:da:79:0d:ec:b4:66:ef:3e:50:cb:d0:c1:24:a2:79:4d: 86:60:0f:ae:fe:c4:6e:ce:11:c2:99:04:a7:7e:44:24:46:f0: 41:cc:e4:4f:fb:2b:91:33:3f:49:e0:e9:8b:26:99:f2:16:6e: 48:84:0d:f5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQ7XOwavXnfr0Rc/cusQGxMOQOTQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFE QzlBMTI2OTAeFw0yNTA2MDIxODQ3MTRaFw0yNTA2MDYwMDIyMTRaMDMxMTAvBgNV BAMTKDQ3MzlEQkZEQjJBMjhCRDkwQTIwQjU2MzQwRTZDRjc1OTYwNzNBRjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCscgCal7jMt+QscrdJgRsaDvhh ED0EBnw3IFeBY6U5nCIjSB5As/bjU1UyUirWGEpElEeaToNxELD0wV1Xjnec+pJI DrGp+FeHXTaXzpAxfIBcx0XTxA41jVI6HqzdtPHug5ZCiryb5w3anzOtJyUkdBoK TmE1gQg8X7nokIA0mWBNY4iEYWDfu/MWjJp6LB/TTlDvdfm2JJbqKRb/N6ZuslOI DXArHxeu4xBvBiy0XmxsnsLMZuv/BIMdooCScZMHOdnHpSo4I5NvScnbNNy3PCAd DNXT5Xirrl6unMkysvUbxzkqpJNpGUXcUPQANMkcDDmRHgwHM2FOchmFwhRJAgMB AAGjggI8MIICODAdBgNVHQ4EFgQURznb/bKii9kKILVjQObPdZYHOvgwHwYDVR0j BBgwFoAUPRPG+52yLOE0cGMlNXwg4dyaEmkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZDFlZTVlMi0zMzhjLTRkMjAtODA3ZS1lNTBiNzU1ODNkYjgvMC8zRDEzQzZGQjlE QjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURDOUExMjY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFEQzlB MTI2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmQxZWU1ZTItMzM4Yy00ZDIwLTgw N2UtZTUwYjc1NTgzZGI4LzAvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIw RTFEQzlBMTI2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACP36omSNbqxn5XHAFha2evLOtCwX0YgRpZW MkBO/tmifURMIyNOp/3i6GLJXalGarCIYdaq84ll/+BVHeb14w/4CEp/7wWVnsHM gK1FZGyX3gt7TFJxu+PESmQS/fJ32GyeVS/K1qmefduMOlqExPUI0J7qGHMIZDuJ BOtxRAPu6bAKisHCCObikGQ5PnLt6bDlvvpNIiBbCox3WefHperGO2S06HEy6rhf 1whwFuHAYQptLEJ3xTC9jHneSFQDQorN4c7o0um62nkN7LRm7z5Qy9DBJKJ5TYZg D67+xG7OEcKZBKd+RCRG8EHM5E/7K5EzP0ng6YsmmfIWbkiEDfU= -----END CERTIFICATE-----Generated at Tue Jun 3 23:31:26 2025 by rpki-client