$ rpki-client -vvf repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.mft File: 4443E43239D3F5B9674F2F5B5A37711434C48AF2.mft (raw, json) Hash identifier: IQ5QA+cfWm7TNYwXKiBYy/YwcXeK+gMf0cvnEmPo1Ec= Subject key identifier: B5:7B:97:39:7E:3E:AC:AC:97:A5:94:EF:8E:21:61:A0:F0:D5:CE:7A Authority key identifier: 44:43:E4:32:39:D3:F5:B9:67:4F:2F:5B:5A:37:71:14:34:C4:8A:F2 Certificate issuer: /CN=4443E43239D3F5B9674F2F5B5A37711434C48AF2 Certificate serial: 21DEDEB6AF0E2CABA65F1AAFF796FEFE32AD7F60 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4443E43239D3F5B9674F2F5B5A37711434C48AF2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.mft Manifest number: 63 Signing time: Mon 07 Apr 2025 12:31:53 +0000 Manifest this update: Mon 07 Apr 2025 12:26:53 +0000 Manifest next update: Thu 10 Apr 2025 13:23:53 +0000 Files and hashes: 1: 3130332e3134332e3233322e302f32332d3233203d3e20313339343038.roa (hash: ABcl7hjRsw3Xa0yDPigEjdLuUfujbY1jm15mYQSG+s4=) 2: 3130332e3134332e3233322e302f32342d3234203d3e20313339343038.roa (hash: TD2xB1HLXamIjjFpw2dotgVlnTzLq7PRhXP0sb7oneE=) 3: 323430353a356534303a3a2f33322d3332203d3e20313339343038.roa (hash: iiMZJOJE0I/AUErV1vyRCE+uPLpfCmgdzT+r6epJErs=) 4: 4443E43239D3F5B9674F2F5B5A37711434C48AF2.crl (hash: P4t+gRF/Lkf40U99wyhSFfG/BxtDMs5o4dM+Eiu8WwA=) 5: 3130332e3134332e3233332e302f32342d3234203d3e20313339343038.roa (hash: xB/XqJ5dJTYe2nf2B7toQua0M24fdekoYi8o2PugdP4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.crl rsync://repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4443E43239D3F5B9674F2F5B5A37711434C48AF2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 13:23:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:de:de:b6:af:0e:2c:ab:a6:5f:1a:af:f7:96:fe:fe:32:ad:7f:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4443E43239D3F5B9674F2F5B5A37711434C48AF2 Validity Not Before: Apr 7 12:26:53 2025 GMT Not After : Apr 10 13:23:53 2025 GMT Subject: CN=B57B97397E3EACAC97A594EF8E2161A0F0D5CE7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:5c:79:c5:4f:3f:ad:88:21:f5:d8:1d:16:d9: 61:3a:7f:d5:3b:d6:c0:d2:5a:ac:42:54:79:7a:2b: 5e:20:94:2c:60:54:db:c8:a1:bb:ab:c6:56:3a:aa: e3:4e:62:61:c3:9c:b6:80:30:ea:a0:28:5b:74:74: 24:b8:85:43:d6:84:29:55:e2:35:ed:94:fc:85:10: 6e:00:8c:81:75:52:1a:34:be:d5:89:f0:1b:21:89: 37:c7:1a:d7:aa:5a:3a:15:cb:ab:b2:02:47:0b:5d: 0c:4c:da:5f:51:ed:87:91:96:46:4c:26:d3:2d:8e: 78:92:2e:dd:b9:87:63:7b:e6:f8:01:57:82:2c:7c: 85:79:13:54:bf:c1:d6:a5:78:f2:0c:65:b4:f0:ef: 04:64:cd:89:12:84:75:d4:0f:ef:c7:da:f2:dd:9c: 19:78:c7:c3:29:07:72:ad:33:68:df:5b:ee:1d:f9: 5d:db:5b:cb:01:03:89:df:86:83:ad:50:43:9b:6a: 90:cc:fe:ce:db:c0:aa:26:cf:c0:9b:27:3e:d5:70: aa:d9:6c:5c:fe:02:19:0f:02:50:6f:e1:65:74:3a: fa:80:3d:0d:b5:82:24:04:37:4b:d3:8a:2a:20:eb: c8:47:d2:3e:26:36:95:b0:cf:09:ab:a4:95:85:72: 93:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:7B:97:39:7E:3E:AC:AC:97:A5:94:EF:8E:21:61:A0:F0:D5:CE:7A X509v3 Authority Key Identifier: keyid:44:43:E4:32:39:D3:F5:B9:67:4F:2F:5B:5A:37:71:14:34:C4:8A:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4443E43239D3F5B9674F2F5B5A37711434C48AF2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d6c8b3a9-4eff-460d-b01d-6ba5d99dadb9/0/4443E43239D3F5B9674F2F5B5A37711434C48AF2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:cc:ba:db:a9:e2:f4:2c:8a:eb:9b:a6:ad:0e:4d:95:f8:f0: 24:17:3c:38:9e:b3:bb:d0:e0:8e:29:25:12:4f:86:d7:0f:07: 88:73:01:83:bc:ec:93:f4:5d:6c:5a:23:b8:de:1b:ba:c1:97: ea:95:96:3d:f5:ce:cb:02:ec:23:5e:d1:5e:a9:7d:a3:08:b2: b5:ac:fd:8a:55:f4:2b:cb:8b:7e:82:6c:5f:1c:6d:4e:5d:0c: 4a:db:21:d0:8a:53:96:ec:4f:ed:ad:20:8d:64:84:9f:99:9f: 6c:79:6c:44:62:e4:b9:9a:86:4a:06:2d:ff:a2:af:6c:97:6c: e6:6e:5c:36:26:e4:23:c5:a0:90:82:da:b0:b5:8e:6b:42:5a: 16:53:fa:87:6a:e3:6a:99:fd:b2:92:15:11:97:a9:b1:52:f4: 9f:e3:c5:13:43:16:50:06:e5:ee:24:bd:08:d3:6c:d5:1d:bf: 16:a1:83:30:2f:1f:64:01:48:01:9f:57:e4:73:6a:66:4e:86: da:f7:71:6f:9b:87:da:87:3b:6f:83:21:3d:af:69:56:95:09: 9e:4f:9f:08:de:3d:e8:4b:72:88:6e:9a:f2:ab:51:42:c5:8e: ab:ec:eb:f4:34:54:3d:fe:bc:11:5d:f0:01:52:c7:4b:7c:83: 1b:05:1a:15 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUId7etq8OLKumXxqv95b+/jKtf2AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDQ0M0U0MzIzOUQzRjVCOTY3NEYyRjVCNUEzNzcxMTQz NEM0OEFGMjAeFw0yNTA0MDcxMjI2NTNaFw0yNTA0MTAxMzIzNTNaMDMxMTAvBgNV BAMTKEI1N0I5NzM5N0UzRUFDQUM5N0E1OTRFRjhFMjE2MUEwRjBENUNFN0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNXHnFTz+tiCH12B0W2WE6f9U7 1sDSWqxCVHl6K14glCxgVNvIoburxlY6quNOYmHDnLaAMOqgKFt0dCS4hUPWhClV 4jXtlPyFEG4AjIF1Uho0vtWJ8BshiTfHGteqWjoVy6uyAkcLXQxM2l9R7YeRlkZM JtMtjniSLt25h2N75vgBV4IsfIV5E1S/wdalePIMZbTw7wRkzYkShHXUD+/H2vLd nBl4x8MpB3KtM2jfW+4d+V3bW8sBA4nfhoOtUEObapDM/s7bwKomz8CbJz7VcKrZ bFz+AhkPAlBv4WV0OvqAPQ21giQEN0vTiiog68hH0j4mNpWwzwmrpJWFcpMxAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUtXuXOX4+rKyXpZTvjiFhoPDVznowHwYDVR0j BBgwFoAUREPkMjnT9blnTy9bWjdxFDTEivIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k NmM4YjNhOS00ZWZmLTQ2MGQtYjAxZC02YmE1ZDk5ZGFkYjkvMC80NDQzRTQzMjM5 RDNGNUI5Njc0RjJGNUI1QTM3NzExNDM0QzQ4QUYyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDQ0M0U0MzIzOUQzRjVCOTY3NEYyRjVCNUEzNzcxMTQzNEM0 OEFGMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDZjOGIzYTktNGVmZi00NjBkLWIw MWQtNmJhNWQ5OWRhZGI5LzAvNDQ0M0U0MzIzOUQzRjVCOTY3NEYyRjVCNUEzNzcx MTQzNEM0OEFGMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADLMutup4vQsiuubpq0OTZX48CQXPDies7vQ 4I4pJRJPhtcPB4hzAYO87JP0XWxaI7jeG7rBl+qVlj31zssC7CNe0V6pfaMIsrWs /YpV9CvLi36CbF8cbU5dDErbIdCKU5bsT+2tII1khJ+Zn2x5bERi5LmahkoGLf+i r2yXbOZuXDYm5CPFoJCC2rC1jmtCWhZT+odq42qZ/bKSFRGXqbFS9J/jxRNDFlAG 5e4kvQjTbNUdvxahgzAvH2QBSAGfV+RzamZOhtr3cW+bh9qHO2+DIT2vaVaVCZ5P nwjePehLcohumvKrUULFjqvs6/Q0VD3+vBFd8AFSx0t8gxsFGhU= -----END CERTIFICATE-----Generated at Wed Apr 9 01:00:18 2025 by rpki-client