$ rpki-client -vvf repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft File: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft (raw, json) Hash identifier: baH9vaTCdGXzxw66pXfipFoGjwMG4m6AR3b/x6Vys+E= Subject key identifier: 8C:C1:9A:6F:0C:93:C9:F6:7C:B8:A2:2C:39:CE:9C:57:D9:C5:A4:FF Authority key identifier: 3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 Certificate issuer: /CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Certificate serial: 68691336D89FB13126F2CF695F56F11C69047A39 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft Manifest number: 044A Signing time: Sat 05 Apr 2025 00:22:12 +0000 Manifest this update: Sat 05 Apr 2025 00:17:12 +0000 Manifest next update: Tue 08 Apr 2025 00:37:12 +0000 Files and hashes: 1: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: WgrIRzdaFJ0g4e27LMgAxhh+yicucERWndK+pSX36cg=) 2: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: 0GSE1PDB0X1nNRLhLL+YFIj25TLvzXb3P+1q7y2DYeY=) 3: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: yg0Ga2BI5N+zhlTssMp6B5+VROj1HXmBfDxoTWvqgpA=) 4: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: bPWP0OQUIp2Y9GGXuX0UNuWcLsy7WT1L06MXLwlNCSg=) 5: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: qMdSXe2z67bVJOmODSeb4BQMQ40LX9lF9FYmIAv+p7A=) 6: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl (hash: +SESEORNRa9Y4ohIuLjjS1b0sOzx+/QTJfGuqX/YX1U=) 7: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: Y2PTe5fMMDYclXsLhLsiwjVncBgzuq5ROa1U1eOC/Wc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:69:13:36:d8:9f:b1:31:26:f2:cf:69:5f:56:f1:1c:69:04:7a:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Validity Not Before: Apr 5 00:17:12 2025 GMT Not After : Apr 8 00:37:12 2025 GMT Subject: CN=8CC19A6F0C93C9F67CB8A22C39CE9C57D9C5A4FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:36:5c:eb:a1:14:7b:47:21:38:d9:35:eb:2c: f9:67:91:09:8c:d9:00:a5:c5:2f:a8:5f:88:b5:75: 32:3c:7e:38:ad:49:f7:ef:ed:bc:76:75:cf:d1:d8: 7e:cd:32:50:18:c0:0a:7f:77:e6:ee:38:14:c9:68: ba:58:ac:65:62:ab:5a:02:11:50:35:c2:56:e4:cd: fe:c5:dc:6c:8c:40:c4:81:80:4c:9e:b0:e4:d6:c5: 65:ca:25:71:76:e0:ed:f2:fc:92:17:b6:80:d7:26: f4:ee:d4:c7:7a:45:67:9c:f9:ef:c1:cc:57:13:65: aa:01:44:0a:61:fe:10:eb:85:88:ca:e5:61:24:f7: 16:5b:f5:c5:cd:91:30:65:8f:42:78:4f:a3:73:7b: a3:d6:e1:76:2c:28:e9:07:59:21:dc:87:e6:ee:e8: 1d:df:e3:e0:e2:b9:09:60:da:65:ee:ea:02:51:f2: fd:94:74:4f:6f:45:28:f1:ad:61:04:f4:c6:44:f1: a8:89:b9:ee:06:3a:bb:2a:19:df:94:45:21:3f:84: 18:45:c3:6b:80:1f:72:76:8f:b3:2f:b0:5b:d3:e6: 25:23:25:4d:4c:c0:d0:e0:00:52:39:2e:47:d2:b5: cf:e9:c8:b2:52:86:c1:81:ac:d5:9f:2e:b2:9b:20: 5f:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:C1:9A:6F:0C:93:C9:F6:7C:B8:A2:2C:39:CE:9C:57:D9:C5:A4:FF X509v3 Authority Key Identifier: keyid:3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:67:ff:dd:2d:74:e8:6b:42:c4:78:27:2e:ea:63:17:d0:67: e1:12:64:52:92:a6:da:91:bd:f3:b0:c7:dc:41:02:71:b5:fc: 30:d4:28:6a:21:de:a2:42:f2:e5:bb:8d:da:4c:94:bb:bb:42: c6:84:f9:72:5b:d1:f5:22:4b:1d:5c:5c:d1:a4:08:5a:74:a7: 24:5f:41:55:bc:51:67:ae:5d:0b:1a:fb:3b:1c:75:18:88:83: 85:74:36:f7:e4:f8:8e:4e:1c:36:f4:f5:70:fc:82:99:70:72: 78:bd:40:1b:76:eb:d1:75:82:0b:46:41:27:91:bb:b3:29:36: 35:c3:81:c6:1b:3b:c9:33:a7:ba:3e:fd:35:11:47:b7:bc:35: 1e:36:86:8e:3d:a9:01:4b:24:b8:2a:1b:00:20:76:83:ef:60: 1b:76:6a:ac:aa:e8:5d:9e:0e:72:0e:7a:b5:c1:db:61:62:04: f6:97:62:a2:01:07:93:32:bd:e2:ee:0b:24:8b:4d:31:64:5d: 94:fd:ca:0a:d7:63:41:8e:c3:a5:c7:f5:92:89:c9:18:88:c3: 2f:61:79:33:18:5f:f1:85:0e:09:35:48:2b:eb:bc:78:20:24: 5e:f9:fd:fd:e7:04:aa:a1:20:94:5f:ce:b6:01:54:43:1e:1e: cd:64:91:36 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaGkTNtifsTEm8s9pX1bxHGkEejkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFE QzlBMTI2OTAeFw0yNTA0MDUwMDE3MTJaFw0yNTA0MDgwMDM3MTJaMDMxMTAvBgNV BAMTKDhDQzE5QTZGMEM5M0M5RjY3Q0I4QTIyQzM5Q0U5QzU3RDlDNUE0RkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPNlzroRR7RyE42TXrLPlnkQmM 2QClxS+oX4i1dTI8fjitSffv7bx2dc/R2H7NMlAYwAp/d+buOBTJaLpYrGViq1oC EVA1wlbkzf7F3GyMQMSBgEyesOTWxWXKJXF24O3y/JIXtoDXJvTu1Md6RWec+e/B zFcTZaoBRAph/hDrhYjK5WEk9xZb9cXNkTBlj0J4T6Nze6PW4XYsKOkHWSHch+bu 6B3f4+DiuQlg2mXu6gJR8v2UdE9vRSjxrWEE9MZE8aiJue4GOrsqGd+URSE/hBhF w2uAH3J2j7MvsFvT5iUjJU1MwNDgAFI5LkfStc/pyLJShsGBrNWfLrKbIF9HAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUjMGabwyTyfZ8uKIsOc6cV9nFpP8wHwYDVR0j BBgwFoAUPRPG+52yLOE0cGMlNXwg4dyaEmkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZDFlZTVlMi0zMzhjLTRkMjAtODA3ZS1lNTBiNzU1ODNkYjgvMC8zRDEzQzZGQjlE QjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURDOUExMjY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFEQzlB MTI2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmQxZWU1ZTItMzM4Yy00ZDIwLTgw N2UtZTUwYjc1NTgzZGI4LzAvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIw RTFEQzlBMTI2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAln/90tdOhrQsR4Jy7qYxfQZ+ESZFKSptqR vfOwx9xBAnG1/DDUKGoh3qJC8uW7jdpMlLu7QsaE+XJb0fUiSx1cXNGkCFp0pyRf QVW8UWeuXQsa+zscdRiIg4V0Nvfk+I5OHDb09XD8gplwcni9QBt269F1ggtGQSeR u7MpNjXDgcYbO8kzp7o+/TURR7e8NR42ho49qQFLJLgqGwAgdoPvYBt2aqyq6F2e DnIOerXB22FiBPaXYqIBB5MyveLuCySLTTFkXZT9ygrXY0GOw6XH9ZKJyRiIwy9h eTMYX/GFDgk1SCvrvHggJF75/f3nBKqhIJRfzrYBVEMeHs1kkTY= -----END CERTIFICATE-----Generated at Sun Apr 6 00:09:47 2025 by rpki-client