$ rpki-client -vvf repo-rpki.idnic.net/repo/c9de0c39-84d5-4405-954d-4d3d712693ce/0/AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6.mft File: AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6.mft (raw, json) Hash identifier: bmU+4Z3mwmxiLnJokjWWx1j9tIZI90AFtJkMZ8901ls= Subject key identifier: D4:5A:CC:03:B3:4B:E4:86:8B:BC:3C:F2:80:19:59:7A:3D:50:D0:52 Authority key identifier: AF:95:8D:E0:EC:E8:30:B2:C0:7C:1A:58:CE:91:5F:DB:82:C3:C2:F6 Certificate issuer: /CN=AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6 Certificate serial: 3B8A5B96E2835905A79B66306B737BC5FE71EBAC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6.cer Subject info access: rsync://repo-rpki.idnic.net/repo/c9de0c39-84d5-4405-954d-4d3d712693ce/0/AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6.mft Manifest number: 0241 Signing time: Thu 03 Apr 2025 16:52:00 +0000 Manifest this update: Thu 03 Apr 2025 16:47:00 +0000 Manifest next update: Sun 06 Apr 2025 20:35:00 +0000 Files and hashes: 1: 3130332e3137322e32332e302f32342d3234203d3e20313437313237.roa (hash: 8PoVgFfgdv0P+Y4Af6XkrWx9EOtSeERWvAdTwZHIcYM=) 2: AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6.crl (hash: hi1Nj05vShnjZIvxSwweJonUI4yGgXQwxCZpSCdiDiw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/c9de0c39-84d5-4405-954d-4d3d712693ce/0/AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6.crl rsync://repo-rpki.idnic.net/repo/c9de0c39-84d5-4405-954d-4d3d712693ce/0/AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 20:35:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:8a:5b:96:e2:83:59:05:a7:9b:66:30:6b:73:7b:c5:fe:71:eb:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6 Validity Not Before: Apr 3 16:47:00 2025 GMT Not After : Apr 6 20:35:00 2025 GMT Subject: CN=D45ACC03B34BE4868BBC3CF28019597A3D50D052 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:8f:66:15:f0:3f:dd:34:c1:26:e9:dc:be:a2: 6c:1b:d9:83:be:90:63:18:9a:d8:3c:8e:a3:ea:88: e1:8f:f7:cd:ce:db:d1:37:dd:37:d3:28:ea:f2:78: 84:4f:cb:a0:29:82:46:e5:fc:bf:68:a1:73:40:88: 56:5c:95:c3:e9:ff:9c:e4:e6:0d:b2:5d:0d:f7:f9: 73:06:80:b0:95:b9:09:ad:1c:eb:83:26:4c:81:41: 86:77:dc:2b:eb:e5:f7:84:06:06:a0:85:0d:83:89: 87:5c:c7:76:7b:97:a4:d3:17:c0:1e:1d:d7:c0:b7: bb:e6:8f:58:0e:17:83:44:56:bb:b2:44:2c:8a:9b: 53:ad:18:33:83:bb:dc:3b:79:2b:84:a5:8f:6d:15: 68:af:e0:83:80:e9:92:77:40:77:aa:4b:ad:bd:09: 9f:d4:6e:1f:db:12:7c:41:4e:a0:d5:35:6f:cd:15: e3:5f:ac:92:0e:fb:25:8b:65:29:04:02:a6:ef:c4: 7e:6d:df:76:74:4b:d6:42:20:a8:c4:1a:46:a3:f9: 9e:1a:08:2e:cd:0a:0e:ec:93:d6:c4:28:e0:d3:18: 40:24:89:9a:71:56:4b:30:da:ad:89:b3:d6:2d:7d: fa:66:b3:0b:ff:49:59:db:c8:6d:7a:14:3a:3f:8d: 19:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:5A:CC:03:B3:4B:E4:86:8B:BC:3C:F2:80:19:59:7A:3D:50:D0:52 X509v3 Authority Key Identifier: keyid:AF:95:8D:E0:EC:E8:30:B2:C0:7C:1A:58:CE:91:5F:DB:82:C3:C2:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/c9de0c39-84d5-4405-954d-4d3d712693ce/0/AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c9de0c39-84d5-4405-954d-4d3d712693ce/0/AF958DE0ECE830B2C07C1A58CE915FDB82C3C2F6.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:ef:35:c6:b4:0b:0c:ab:24:8c:76:73:fa:5e:8f:52:f0:44: 51:e8:04:ff:dd:22:d5:81:1b:d6:fe:59:8d:0d:c1:50:39:4f: 12:e2:ff:ee:ad:62:bc:ec:12:32:87:2d:f3:4b:67:5e:70:8a: 90:3d:7a:33:9c:7e:aa:6a:11:f6:b5:53:76:bd:c7:39:39:f7: 90:53:45:61:e4:63:79:6a:06:05:77:94:d6:a9:6e:ec:d8:71: 71:7c:fe:d6:49:53:88:e9:a6:07:5d:3b:c6:92:ac:a9:08:ca: 19:3d:26:3f:dd:f4:d6:b9:23:f3:72:ff:af:5a:a6:03:58:e7: 14:aa:b9:7e:e5:ff:c9:34:bb:ec:ff:1b:b7:43:61:06:7a:b5: 99:7f:1d:2d:37:fe:64:f5:60:4a:58:0e:35:18:2b:3f:6f:39: 05:81:68:a9:ed:8d:24:f6:c6:50:4c:dd:85:b8:c8:a3:8e:a8: 3c:10:9c:7d:e9:b6:a1:4b:b9:dc:3a:8a:73:17:ca:bb:3f:cc: 4d:b7:2b:ff:47:da:99:a5:75:db:23:ee:3d:20:15:22:e3:4b: 46:e3:ca:f5:bb:19:ed:9d:cd:c6:84:ee:26:d7:0f:5d:ac:f0: 7b:63:65:b4:51:23:f0:eb:63:ea:b6:7d:1f:42:fe:65:1f:07: 81:d7:0e:cf -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUO4pbluKDWQWnm2Ywa3N7xf5x66wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUY5NThERTBFQ0U4MzBCMkMwN0MxQTU4Q0U5MTVGREI4 MkMzQzJGNjAeFw0yNTA0MDMxNjQ3MDBaFw0yNTA0MDYyMDM1MDBaMDMxMTAvBgNV BAMTKEQ0NUFDQzAzQjM0QkU0ODY4QkJDM0NGMjgwMTk1OTdBM0Q1MEQwNTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLj2YV8D/dNMEm6dy+omwb2YO+ kGMYmtg8jqPqiOGP983O29E33TfTKOryeIRPy6Apgkbl/L9ooXNAiFZclcPp/5zk 5g2yXQ33+XMGgLCVuQmtHOuDJkyBQYZ33Cvr5feEBgaghQ2DiYdcx3Z7l6TTF8Ae HdfAt7vmj1gOF4NEVruyRCyKm1OtGDODu9w7eSuEpY9tFWiv4IOA6ZJ3QHeqS629 CZ/Ubh/bEnxBTqDVNW/NFeNfrJIO+yWLZSkEAqbvxH5t33Z0S9ZCIKjEGkaj+Z4a CC7NCg7sk9bEKODTGEAkiZpxVksw2q2Js9Ytffpmswv/SVnbyG16FDo/jRkTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU1FrMA7NL5IaLvDzygBlZej1Q0FIwHwYDVR0j BBgwFoAUr5WN4OzoMLLAfBpYzpFf24LDwvYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j OWRlMGMzOS04NGQ1LTQ0MDUtOTU0ZC00ZDNkNzEyNjkzY2UvMC9BRjk1OERFMEVD RTgzMEIyQzA3QzFBNThDRTkxNUZEQjgyQzNDMkY2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQUY5NThERTBFQ0U4MzBCMkMwN0MxQTU4Q0U5MTVGREI4MkMz QzJGNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYzlkZTBjMzktODRkNS00NDA1LTk1 NGQtNGQzZDcxMjY5M2NlLzAvQUY5NThERTBFQ0U4MzBCMkMwN0MxQTU4Q0U5MTVG REI4MkMzQzJGNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJ/vNca0CwyrJIx2c/pej1LwRFHoBP/dItWB G9b+WY0NwVA5TxLi/+6tYrzsEjKHLfNLZ15wipA9ejOcfqpqEfa1U3a9xzk595BT RWHkY3lqBgV3lNapbuzYcXF8/tZJU4jppgddO8aSrKkIyhk9Jj/d9Na5I/Ny/69a pgNY5xSquX7l/8k0u+z/G7dDYQZ6tZl/HS03/mT1YEpYDjUYKz9vOQWBaKntjST2 xlBM3YW4yKOOqDwQnH3ptqFLudw6inMXyrs/zE23K/9H2pmlddsj7j0gFSLjS0bj yvW7Ge2dzcaE7ibXD12s8HtjZbRRI/DrY+q2fR9C/mUfB4HXDs8= -----END CERTIFICATE-----Generated at Sat Apr 5 17:52:07 2025 by rpki-client