$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft File: C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft (raw, json) Hash identifier: MaT1RvMbf4yFtZfRzNstQVctSEqX1szNS7S1kGifwI4= Subject key identifier: B7:C1:2B:E9:91:1E:DC:0D:DC:95:97:C2:DB:6E:B9:6C:CE:60:A5:5A Authority key identifier: C4:E6:C3:DA:EB:74:BE:45:20:7E:B8:0D:ED:F1:FF:D5:4B:C0:01:9E Certificate issuer: /CN=A91443440000/serialNumber=C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E Certificate serial: 5112A02761E065F6E7DC0745181AEAE90FAC20DE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xObD2ut0vkUgfrgN7fH_1UvAAZ4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft Manifest number: 0136 Signing time: Thu 03 Apr 2025 16:49:08 +0000 Manifest this update: Thu 03 Apr 2025 16:44:08 +0000 Manifest next update: Fri 04 Apr 2025 18:22:08 +0000 Files and hashes: 1: 3136302e33302e32352e302f32342d3234203d3e20313533313736.roa (hash: dQX8k3kIeqGp3P2icN5/lEkgJizu7NVM5zOKZXx0I5g=) 2: C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.crl (hash: n4jhjETE/Q2exNTqVTX0ABZYNtwI100yGKiqKIgoQgI=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.crl rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xObD2ut0vkUgfrgN7fH_1UvAAZ4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 18:22:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:12:a0:27:61:e0:65:f6:e7:dc:07:45:18:1a:ea:e9:0f:ac:20:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91443440000 Validity Not Before: Apr 3 16:44:08 2025 GMT Not After : Apr 4 18:22:08 2025 GMT Subject: CN=B7C12BE9911EDC0DDC9597C2DB6EB96CCE60A55A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b9:f9:f3:38:f8:0b:2f:70:f3:d4:a7:59:33: 0d:d4:44:ba:a3:74:b5:2f:f8:b2:e5:9e:67:26:ce: 30:a0:ae:b5:c7:a3:33:38:2d:5a:7e:99:4a:89:b5: 89:38:22:00:1c:e2:99:00:80:3d:7f:11:7a:cb:ba: 17:9e:e6:fc:a0:5d:09:c7:eb:26:49:d0:1f:cf:b0: 75:c2:f3:5c:e2:67:63:71:8e:d7:ad:25:cd:38:40: 71:08:18:9c:05:fe:88:56:be:3f:c7:a3:a8:41:e1: af:6d:c7:41:6a:98:9d:1a:a6:5c:38:a2:05:b2:d0: 93:09:4a:40:00:9e:0e:83:cb:f4:94:af:c9:ea:2e: 88:9a:e0:99:86:01:f4:70:d7:f3:58:fb:a1:b3:f1: ef:f5:ba:84:43:0a:f7:05:17:5b:fd:82:d0:a9:65: f7:e1:bf:52:a6:54:ff:78:ee:c8:b8:e9:a2:80:a4: 5b:76:a1:fb:02:ec:5a:61:fa:e1:cd:fb:71:1a:02: 0c:26:e7:bf:91:69:68:e1:c0:67:0b:ba:5f:09:90: a9:c6:55:ca:09:0d:1b:e5:8e:06:ec:5e:c7:7e:bb: c3:e4:2c:72:6a:30:bc:57:3f:8f:69:0a:64:5c:85: f4:21:02:c5:92:5e:ad:49:02:f2:26:88:a9:92:06: 84:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:C1:2B:E9:91:1E:DC:0D:DC:95:97:C2:DB:6E:B9:6C:CE:60:A5:5A X509v3 Authority Key Identifier: keyid:C4:E6:C3:DA:EB:74:BE:45:20:7E:B8:0D:ED:F1:FF:D5:4B:C0:01:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xObD2ut0vkUgfrgN7fH_1UvAAZ4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/2/C4E6C3DAEB74BE45207EB80DEDF1FFD54BC0019E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:73:e5:b7:60:8b:48:ab:9b:52:9a:a1:ec:3d:55:ea:55:19: bd:a3:55:89:e1:d9:64:b0:71:1f:f2:10:37:b8:84:9f:80:a0: f0:dc:35:a5:1b:b3:b6:76:d0:33:41:1e:90:b5:ab:0e:5f:6b: 05:68:f9:0c:9a:96:47:66:d3:ae:3e:67:9f:29:9e:6f:c8:0d: 08:a3:eb:15:ba:2a:0a:93:d7:0a:e4:bb:c4:27:ee:a4:8f:82: c2:03:1b:89:be:ec:78:aa:b8:0a:c1:cf:b0:db:2b:a4:a6:dc: 57:02:cc:ba:77:4b:fb:f2:a8:06:88:20:85:c6:b5:93:06:a5: 3f:b9:ab:4f:06:f3:a0:3c:26:39:49:d5:18:71:24:db:c6:34: c3:db:d2:cf:91:5f:d2:44:a6:bb:c3:cf:b6:f2:9d:c1:28:e4: 91:91:7c:af:a3:73:58:f9:73:d6:5f:02:f5:46:30:d1:52:14: 91:7d:98:09:d9:e7:67:aa:65:10:24:45:e1:2a:33:c8:bc:a5: 6e:18:f3:a8:f6:62:24:08:1a:61:94:13:bb:d1:8e:27:42:19: 4c:97:9b:f6:39:8b:ea:68:02:8c:d1:8d:e2:f0:6b:cf:32:7d: 2f:ca:79:9c:22:0c:56:1a:50:cf:5b:21:aa:6b:3b:36:b2:0b: 1c:9f:04:35 -----BEGIN CERTIFICATE----- MIIFbjCCBFagAwIBAgIUURKgJ2HgZfbn3AdFGBrq6Q+sIN4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNDQzNDQwMDAwMTEwLwYDVQQFEyhDNEU2QzNEQUVC NzRCRTQ1MjA3RUI4MERFREYxRkZENTRCQzAwMTlFMB4XDTI1MDQwMzE2NDQwOFoX DTI1MDQwNDE4MjIwOFowMzExMC8GA1UEAxMoQjdDMTJCRTk5MTFFREMwRERDOTU5 N0MyREI2RUI5NkNDRTYwQTU1QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMq5+fM4+AsvcPPUp1kzDdREuqN0tS/4suWeZybOMKCutcejMzgtWn6ZSom1 iTgiABzimQCAPX8Resu6F57m/KBdCcfrJknQH8+wdcLzXOJnY3GO160lzThAcQgY nAX+iFa+P8ejqEHhr23HQWqYnRqmXDiiBbLQkwlKQACeDoPL9JSvyeouiJrgmYYB 9HDX81j7obPx7/W6hEMK9wUXW/2C0Kll9+G/UqZU/3juyLjpooCkW3ah+wLsWmH6 4c37cRoCDCbnv5FpaOHAZwu6XwmQqcZVygkNG+WOBuxex367w+QscmowvFc/j2kK ZFyF9CECxZJerUkC8iaIqZIGhK0CAwEAAaOCAmEwggJdMB0GA1UdDgQWBBS3wSvp kR7cDdyVl8LbbrlszmClWjAfBgNVHSMEGDAWgBTE5sPa63S+RSB+uA3t8f/VS8AB njAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84ZDVjZDE0ZS01 ZjYzLTRmMWMtOTRlMy0yNzA1MGMyNjY0ODAvMi9DNEU2QzNEQUVCNzRCRTQ1MjA3 RUI4MERFREYxRkZENTRCQzAwMTlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYB BQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0EyNEYy MDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi94T2JEMnV0MHZrVWdmcmdON2ZIXzFV dkFBWjQuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGQ1Y2QxNGUt NWY2My00ZjFjLTk0ZTMtMjcwNTBjMjY2NDgwLzIvQzRFNkMzREFFQjc0QkU0NTIw N0VCODBERURGMUZGRDU0QkMwMDE5RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUF BwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEBAGVz5bdgi0irm1Kaoew9 VepVGb2jVYnh2WSwcR/yEDe4hJ+AoPDcNaUbs7Z20DNBHpC1qw5fawVo+Qyalkdm 064+Z58pnm/IDQij6xW6KgqT1wrku8Qn7qSPgsIDG4m+7HiquArBz7DbK6Sm3FcC zLp3S/vyqAaIIIXGtZMGpT+5q08G86A8JjlJ1RhxJNvGNMPb0s+RX9JEprvDz7by ncEo5JGRfK+jc1j5c9ZfAvVGMNFSFJF9mAnZ52eqZRAkReEqM8i8pW4Y86j2YiQI GmGUE7vRjidCGUyXm/Y5i+poAozRjeLwa88yfS/KeZwiDFYaUM9bIaprOzayCxyf BDU= -----END CERTIFICATE-----Generated at Fri Apr 4 01:06:12 2025 by rpki-client