$ rpki-client -vvf repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.mft File: 2B90BB17E78B62C15179029C6583E42BD7E18277.mft (raw, json) Hash identifier: P60ezDdOnstGv/+9ORC0Ir20OMbHsbS7SysayF73AnM= Subject key identifier: 2A:E9:BC:F0:95:B1:5E:D3:8E:42:5F:2E:29:5F:7E:7A:15:B9:75:92 Authority key identifier: 2B:90:BB:17:E7:8B:62:C1:51:79:02:9C:65:83:E4:2B:D7:E1:82:77 Certificate issuer: /CN=2B90BB17E78B62C15179029C6583E42BD7E18277 Certificate serial: 02614D24A0A547BC6AEF894D17F1BB5DC45E7537 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B90BB17E78B62C15179029C6583E42BD7E18277.cer Subject info access: rsync://repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.mft Manifest number: 3A Signing time: Fri 04 Apr 2025 21:30:36 +0000 Manifest this update: Fri 04 Apr 2025 21:25:36 +0000 Manifest next update: Tue 08 Apr 2025 09:14:36 +0000 Files and hashes: 1: 2B90BB17E78B62C15179029C6583E42BD7E18277.crl (hash: ALQ5HnNeDS6gVzJMgw4gNavXKkq07Yu3dqI/qimyu84=) 2: 3130332e38302e3231342e302f32342d3234203d3e20313533303932.roa (hash: xGHUucKhH5kmQ+65YZMYfuYlyW3kJ8ie5abut/yqhlk=) 3: 3130332e38302e3231352e302f32342d3234203d3e20313533303932.roa (hash: 4Y5Ddm6yUymC+qHSs8fVActMjjMDZEcHLdC59v78BoQ=) 4: 3130332e38302e3231342e302f32332d3233203d3e20313533303932.roa (hash: kTHvzmqB/2veUohEP9ZdbxC595Rgd4EACGX8AypsPpY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.crl rsync://repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B90BB17E78B62C15179029C6583E42BD7E18277.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:61:4d:24:a0:a5:47:bc:6a:ef:89:4d:17:f1:bb:5d:c4:5e:75:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B90BB17E78B62C15179029C6583E42BD7E18277 Validity Not Before: Apr 4 21:25:36 2025 GMT Not After : Apr 8 09:14:36 2025 GMT Subject: CN=2AE9BCF095B15ED38E425F2E295F7E7A15B97592 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:35:c6:63:96:35:2e:2b:1f:1a:9c:54:1c:cc: a1:90:67:6e:5c:87:58:f1:97:f7:31:4d:01:ba:9e: ea:00:f4:66:07:aa:28:35:4a:09:94:a8:69:eb:55: bf:86:37:f6:08:18:0b:52:60:74:66:22:bb:e4:f6: 50:8f:07:c7:ea:98:82:4a:f1:02:62:f0:4c:0d:da: 66:a2:9c:d7:8c:dd:e4:ec:23:7d:e7:58:ab:25:42: 08:ca:21:89:06:a4:9f:37:ba:81:31:e7:3d:fc:c2: 9c:45:74:4d:cc:6f:06:75:e7:77:ed:e0:2c:99:bd: 43:c6:7a:fa:af:3c:1b:ea:b2:0d:a4:59:7b:4f:1e: 74:e9:b9:fe:e5:be:b5:f8:f2:a7:b9:d4:ee:c4:2b: 7e:5c:b5:82:8e:a9:cf:78:11:92:aa:10:64:2a:e5: 66:55:8d:45:0b:f9:b0:df:ab:fd:08:8f:67:79:70: 65:df:61:9a:4d:e8:e2:b9:82:74:9e:8f:ab:b4:25: 24:f1:ee:13:19:cd:3e:2e:6c:79:15:cf:35:5d:53: 19:1d:1f:4f:66:7c:a8:cf:9d:5f:57:d2:03:67:dc: 60:b7:0c:55:01:c8:13:0e:94:9b:99:45:c2:e3:7a: 72:9e:15:fc:26:a8:52:6d:8b:42:56:ee:12:dc:1e: da:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:E9:BC:F0:95:B1:5E:D3:8E:42:5F:2E:29:5F:7E:7A:15:B9:75:92 X509v3 Authority Key Identifier: keyid:2B:90:BB:17:E7:8B:62:C1:51:79:02:9C:65:83:E4:2B:D7:E1:82:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B90BB17E78B62C15179029C6583E42BD7E18277.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:52:db:6a:1f:77:ea:a5:90:f8:74:a7:84:fb:4e:15:fe:a0: 1d:d0:a8:d6:0c:44:e6:73:d5:dd:d1:d8:ad:aa:83:d8:19:5b: eb:74:3e:8e:cc:48:d5:c9:0c:34:2c:2b:71:ad:91:7f:34:15: 18:e5:58:00:64:78:d3:73:51:a1:6e:62:83:88:69:5e:c5:73: c2:38:a3:ec:1c:ae:55:e9:4f:c2:04:d1:35:c9:3c:bf:af:26: 81:0c:fe:b6:c4:80:e0:4f:75:a3:3d:79:29:c8:4d:aa:8e:b6: 9b:c9:7f:8f:a6:39:10:9d:97:42:d6:85:12:7b:85:66:46:f5: f8:18:06:8a:36:72:49:55:cc:a3:2d:aa:d9:f3:3b:0e:aa:56: 1c:0b:b8:69:e0:96:92:d7:8c:d0:78:26:c6:13:0f:b5:a0:2f: 2c:cd:14:16:92:b1:b4:39:46:9e:66:22:1d:f3:87:3f:0c:7f: 6f:61:47:c4:7c:ce:8f:2f:df:8c:f7:b1:5e:4f:30:b5:4f:16: a8:80:b7:c3:12:99:3e:52:70:6b:0d:8b:fb:f2:f7:ab:67:85: b7:76:cd:f2:de:2b:df:4e:d3:a7:d5:f7:55:8d:79:98:9e:2c: 6e:cd:57:10:e7:3a:b7:08:ba:18:04:f0:09:55:7c:e9:3c:96: 92:2e:62:31 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUAmFNJKClR7xq74lNF/G7XcRedTcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkI5MEJCMTdFNzhCNjJDMTUxNzkwMjlDNjU4M0U0MkJE N0UxODI3NzAeFw0yNTA0MDQyMTI1MzZaFw0yNTA0MDgwOTE0MzZaMDMxMTAvBgNV BAMTKDJBRTlCQ0YwOTVCMTVFRDM4RTQyNUYyRTI5NUY3RTdBMTVCOTc1OTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfNcZjljUuKx8anFQczKGQZ25c h1jxl/cxTQG6nuoA9GYHqig1SgmUqGnrVb+GN/YIGAtSYHRmIrvk9lCPB8fqmIJK 8QJi8EwN2mainNeM3eTsI33nWKslQgjKIYkGpJ83uoEx5z38wpxFdE3MbwZ153ft 4CyZvUPGevqvPBvqsg2kWXtPHnTpuf7lvrX48qe51O7EK35ctYKOqc94EZKqEGQq 5WZVjUUL+bDfq/0Ij2d5cGXfYZpN6OK5gnSej6u0JSTx7hMZzT4ubHkVzzVdUxkd H09mfKjPnV9X0gNn3GC3DFUByBMOlJuZRcLjenKeFfwmqFJti0JW7hLcHtoVAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUKum88JWxXtOOQl8uKV9+ehW5dZIwHwYDVR0j BBgwFoAUK5C7F+eLYsFReQKcZYPkK9fhgncwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k ZTVhNWU2ZC05MWVlLTQ0OTctYjQxNy04ZDMyZjY1M2U0YjAvMC8yQjkwQkIxN0U3 OEI2MkMxNTE3OTAyOUM2NTgzRTQyQkQ3RTE4Mjc3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkI5MEJCMTdFNzhCNjJDMTUxNzkwMjlDNjU4M0U0MkJEN0Ux ODI3Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGU1YTVlNmQtOTFlZS00NDk3LWI0 MTctOGQzMmY2NTNlNGIwLzAvMkI5MEJCMTdFNzhCNjJDMTUxNzkwMjlDNjU4M0U0 MkJEN0UxODI3Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKpS22ofd+qlkPh0p4T7ThX+oB3QqNYMROZz 1d3R2K2qg9gZW+t0Po7MSNXJDDQsK3GtkX80FRjlWABkeNNzUaFuYoOIaV7Fc8I4 o+wcrlXpT8IE0TXJPL+vJoEM/rbEgOBPdaM9eSnITaqOtpvJf4+mORCdl0LWhRJ7 hWZG9fgYBoo2cklVzKMtqtnzOw6qVhwLuGnglpLXjNB4JsYTD7WgLyzNFBaSsbQ5 Rp5mIh3zhz8Mf29hR8R8zo8v34z3sV5PMLVPFqiAt8MSmT5ScGsNi/vy96tnhbd2 zfLeK99O06fV91WNeZieLG7NVxDnOrcIuhgE8AlVfOk8lpIuYjE= -----END CERTIFICATE-----Generated at Sat Apr 5 21:44:23 2025 by rpki-client