$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft File: C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft (raw, json) Hash identifier: LApH9rjG23UG/GhvZLfs4cYrv4xH6+Hbx/AcWPCrP/Q= Subject key identifier: 41:7D:2D:9C:E2:92:7F:28:67:0C:1D:5A:DF:AD:2E:FA:95:BA:0A:EF Authority key identifier: C4:E6:C3:DA:EB:74:BE:45:20:7E:B8:0D:ED:F1:FF:D5:4B:C0:01:9E Certificate issuer: /CN=A91443440000/serialNumber=C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E Certificate serial: 1EEA625047DBC4FC5FED21E162BB69027265356B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xObD2ut0vkUgfrgN7fH_1UvAAZ4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft Manifest number: 0191 Signing time: Sun 20 Jul 2025 17:12:26 +0000 Manifest this update: Sun 20 Jul 2025 17:07:26 +0000 Manifest next update: Mon 21 Jul 2025 17:24:26 +0000 Files and hashes: 1: 3136302e33302e32352e302f32342d3234203d3e20313533313736.roa (hash: sWQMzSPI6Bg4G4IKisjp9DHougwIrJ9n/xHdiIfWjWY=) 2: C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.crl (hash: co9IHcTNiWrY8tAtERDxet6oO3+uScTZMXyRUZ7at5E=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.crl rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xObD2ut0vkUgfrgN7fH_1UvAAZ4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 21 Jul 2025 17:24:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:ea:62:50:47:db:c4:fc:5f:ed:21:e1:62:bb:69:02:72:65:35:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91443440000, serialNumber=C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E Validity Not Before: Jul 20 17:07:26 2025 GMT Not After : Jul 21 17:24:26 2025 GMT Subject: CN=417D2D9CE2927F28670C1D5ADFAD2EFA95BA0AEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:54:8b:f4:06:f9:df:20:8b:9d:c0:c9:e5:ed: 95:56:51:36:d3:5d:fc:9e:80:22:56:6a:f3:a3:a3: 9a:46:36:81:bc:02:01:ca:1b:06:c6:22:25:e9:0d: c8:6a:9e:39:ba:cb:d8:91:f5:b4:80:77:d2:7b:28: d8:33:cc:70:81:41:c3:01:5f:d0:01:1a:63:d5:33: 2f:d5:43:61:30:72:82:50:8a:ac:e1:20:14:f7:94: c0:9e:85:e8:eb:cb:3f:5b:a3:41:68:01:7a:54:ff: ca:1a:5a:c3:72:fe:ce:98:69:32:c7:17:89:85:49: d0:0b:0d:94:63:83:48:e9:9b:03:31:ec:3d:2a:ab: d5:02:69:e8:b3:dd:37:a3:5b:a1:c3:30:7c:64:cf: 28:fb:23:a4:46:71:93:d0:ee:f8:96:51:2d:ff:ec: 7e:c1:30:9f:81:74:ba:c9:ed:67:6f:e9:20:f5:be: 3f:06:83:16:78:5d:59:e4:6f:9d:1d:e1:63:81:e1: 90:b7:34:ee:14:1c:57:68:3b:17:41:40:d1:6b:a1: de:91:d9:b3:4b:b4:61:c6:2b:c9:9d:67:f8:8c:c9: 63:87:4f:e0:11:58:8c:6a:0b:e2:60:d5:2b:db:01: cf:a4:68:8a:6c:4d:51:f9:52:9f:e7:7a:be:ab:45: 55:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:7D:2D:9C:E2:92:7F:28:67:0C:1D:5A:DF:AD:2E:FA:95:BA:0A:EF X509v3 Authority Key Identifier: keyid:C4:E6:C3:DA:EB:74:BE:45:20:7E:B8:0D:ED:F1:FF:D5:4B:C0:01:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xObD2ut0vkUgfrgN7fH_1UvAAZ4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:a0:7b:0f:48:e5:23:2d:2d:4f:85:87:1e:d1:82:9f:d0:f0: 94:f4:1e:e8:9f:a6:56:9d:49:4a:fe:6f:d1:4a:d0:fc:9c:23: 10:a3:79:8d:cb:0b:03:5c:b0:92:6f:d5:7e:cf:97:3d:9d:1a: ad:80:12:4c:6c:cb:56:a0:42:17:a2:5a:11:f5:70:e5:aa:e7: 3c:8b:04:99:f0:78:89:b3:64:57:15:a4:67:48:fa:9b:fe:8b: 53:d6:08:45:31:07:2c:85:9b:41:66:ef:45:37:a2:8c:de:ba: a9:07:5c:5e:21:dd:45:24:04:d6:dc:c0:2e:9d:eb:51:c6:f5: f1:eb:a6:4c:14:bd:d9:c9:c4:04:8a:e5:33:d3:98:cb:b3:67: d8:35:d0:ce:28:a0:a3:21:47:69:65:e3:54:60:c3:84:b4:ae: 49:a0:11:a3:3e:44:44:fa:76:0a:f3:4b:ec:4a:00:a5:bf:66: 5c:47:9a:1b:52:9a:19:34:e5:fb:18:ad:4e:6a:aa:1d:e0:5a: c6:81:f0:f6:fc:e3:00:e1:8f:8f:fe:89:e0:c5:8a:47:22:bb: ba:a6:8d:bd:60:04:ae:0b:4d:c1:be:6a:50:ef:66:ba:3d:70: 6a:cc:f8:5c:13:20:38:85:bb:46:4f:6b:2e:fa:d2:52:03:d0: cb:5f:0f:b4 -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgIUHupiUEfbxPxf7SHhYrtpAnJlNWswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNDQzNDQwMDAwMTEwLwYDVQQFEyhDNEU2QzNEQUVC NzRCRTQ1MjA3RUI4MERFREYxRkZENTRCQzAwMTlFMB4XDTI1MDcyMDE3MDcyNloX DTI1MDcyMTE3MjQyNlowMzExMC8GA1UEAxMoNDE3RDJEOUNFMjkyN0YyODY3MEMx RDVBREZBRDJFRkE5NUJBMEFFRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFUi/QG+d8gi53AyeXtlVZRNtNd/J6AIlZq86OjmkY2gbwCAcobBsYiJekN yGqeObrL2JH1tIB30nso2DPMcIFBwwFf0AEaY9UzL9VDYTByglCKrOEgFPeUwJ6F 6OvLP1ujQWgBelT/yhpaw3L+zphpMscXiYVJ0AsNlGODSOmbAzHsPSqr1QJp6LPd N6NbocMwfGTPKPsjpEZxk9Du+JZRLf/sfsEwn4F0usntZ2/pIPW+PwaDFnhdWeRv nR3hY4HhkLc07hQcV2g7F0FA0Wuh3pHZs0u0YcYryZ1n+IzJY4dP4BFYjGoL4mDV K9sBz6RoimxNUflSn+d6vqtFVcsCAwEAAaOCAmEwggJdMB0GA1UdDgQWBBRBfS2c 4pJ/KGcMHVrfrS76lboK7zAfBgNVHSMEGDAWgBTE5sPa63S+RSB+uA3t8f/VS8AB njAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84ZDVjZDE0ZS01 ZjYzLTRmMWMtOTRlMy0yNzA1MGMyNjY0ODAvMi9DNEU2QzNEQUVCNzRCRTQ1MjA3 RUI4MERFREYxRkZENTRCQzAwMTlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYB BQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0EyNEYy MDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi94T2JEMnV0MHZrVWdmcmdON2ZIXzFV dkFBWjQuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGQ1Y2QxNGUt NWY2My00ZjFjLTk0ZTMtMjcwNTBjMjY2NDgwLzIvQzRFNkMzREFFQjc0QkU0NTIw N0VCODBERURGMUZGRDU0QkMwMDE5RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUF BwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAB2gew9I5SMtLU+Fhx7R gp/Q8JT0HuifpladSUr+b9FK0PycIxCjeY3LCwNcsJJv1X7Plz2dGq2AEkxsy1ag QheiWhH1cOWq5zyLBJnweImzZFcVpGdI+pv+i1PWCEUxByyFm0Fm70U3oozeuqkH XF4h3UUkBNbcwC6d61HG9fHrpkwUvdnJxASK5TPTmMuzZ9g10M4ooKMhR2ll41Rg w4S0rkmgEaM+RET6dgrzS+xKAKW/ZlxHmhtSmhk05fsYrU5qqh3gWsaB8Pb84wDh j4/+ieDFikciu7qmjb1gBK4LTcG+alDvZro9cGrM+FwTIDiFu0ZPay760lID0Mtf D7Q= -----END CERTIFICATE-----Generated at Sun Jul 20 21:55:14 2025 by rpki-client