$ rpki-client -vvf repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft File: 25D788BD2A450C01354B9AB70826895FDFF56208.mft (raw, json) Hash identifier: 2KTXVt0O//n3utAGy09vMt53W6ggQ04uTFl9BHEfF9U= Subject key identifier: A9:82:C0:CC:87:81:AD:BB:90:9F:A2:4F:B5:AB:D1:B4:07:48:CB:40 Authority key identifier: 25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08 Certificate issuer: /CN=25D788BD2A450C01354B9AB70826895FDFF56208 Certificate serial: 7B22AA05AFA173DDA9986058AE6E228471F68657 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer Subject info access: rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft Manifest number: 036F Signing time: Mon 03 Nov 2025 16:51:03 +0000 Manifest this update: Mon 03 Nov 2025 16:46:03 +0000 Manifest next update: Fri 07 Nov 2025 04:39:03 +0000 Files and hashes: 1: 3132332e3235332e3234382e302f32332d3234203d3e20313336383235.roa (hash: g29pf8GRD5KEsQ3xMiXcjqqLaCsv5cRFguqUqUNSeQU=) 2: 323030313a6466303a663530303a3a2f34382d3438203d3e20313432333739.roa (hash: BfvR/So226bitOLhPr9CHxhxgb1Q7qOXOhbe2UXDXlU=) 3: 3130332e39312e32342e302f32322d3234203d3e20313432333739.roa (hash: AU2BjjxLKOB7x1afsJypIVoDqfBt5Pa++/i1Uy3JBXs=) 4: 3132332e3235332e3234382e302f32332d3234203d3e20313432333739.roa (hash: T9vPzFVrVbtfkOIbIR0gBtReDHG4KgAtDeHT2T3EGwQ=) 5: 25D788BD2A450C01354B9AB70826895FDFF56208.crl (hash: L1JDbgAnyhu/dMudfBrIlNVFppRWq3CS1ISbKaGkglo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 04:39:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:22:aa:05:af:a1:73:dd:a9:98:60:58:ae:6e:22:84:71:f6:86:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25D788BD2A450C01354B9AB70826895FDFF56208 Validity Not Before: Nov 3 16:46:03 2025 GMT Not After : Nov 7 04:39:03 2025 GMT Subject: CN=A982C0CC8781ADBB909FA24FB5ABD1B40748CB40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:a7:3a:39:21:f6:33:c2:6f:b5:c5:7c:94:b7: a5:5c:31:eb:22:ab:3b:34:3d:5a:5b:aa:43:a1:23: 17:a6:7d:6c:9d:af:5d:fa:f6:df:c4:12:c7:b4:d9: d3:1c:21:95:3d:42:e1:5b:d9:a5:48:ed:e8:2f:ca: 0d:a3:13:2c:cb:29:9d:13:f6:7c:45:2d:40:cc:da: 9d:4d:1b:0c:84:30:d9:da:7a:fc:82:00:50:26:5b: ed:96:a5:06:13:00:9b:1e:ec:f2:1c:c8:cc:e4:e4: b9:00:c9:73:41:6d:14:51:d9:12:26:82:d0:f1:7b: 6f:d2:c0:7b:e7:b4:3f:86:09:96:02:6e:ce:db:19: c0:a0:78:f2:ad:f1:4b:c5:bc:f8:5d:8c:05:0a:d8: fa:17:37:6c:c2:f8:16:b5:57:e2:93:65:08:30:88: 30:fc:c5:e1:3b:f3:f9:83:67:01:69:e2:d6:41:33: df:22:30:de:f4:cc:d9:88:e1:83:6e:46:57:54:84: ae:de:2e:80:4e:da:a0:67:aa:f1:ff:9d:60:7c:f4: 5b:4c:33:e1:8a:7a:f4:a3:ee:e7:5f:85:42:8f:ff: 0f:29:ee:1b:08:72:ab:64:07:3a:79:e3:d1:c4:e3: 79:ea:b9:1f:9e:76:b7:20:76:54:5d:d1:9f:ec:72: 8e:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:82:C0:CC:87:81:AD:BB:90:9F:A2:4F:B5:AB:D1:B4:07:48:CB:40 X509v3 Authority Key Identifier: keyid:25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:c6:50:aa:24:1b:3c:2c:03:12:f3:91:01:77:1e:a9:a4:c9: 09:34:b5:f8:bf:4b:2b:ea:2d:9d:70:49:16:ab:98:94:60:02: bc:66:72:ec:6c:f4:45:fc:54:ef:ac:86:80:c0:45:ba:cd:41: 9c:8d:e8:a2:d8:d1:c5:1d:a2:e2:39:1c:b6:1b:7d:70:27:85: 62:9d:72:32:57:8d:40:7f:e9:53:71:d3:dc:af:4f:9d:f3:9f: a4:4a:77:c1:1d:3f:76:27:e5:eb:10:18:88:03:a8:59:ae:ae: 35:cb:3c:3f:35:fe:b6:4d:60:31:3f:bb:bb:c1:c2:b6:a0:53: 4c:a9:0d:3a:f5:f8:d0:e2:2d:c5:f1:72:56:99:5d:80:d7:f6: b1:93:5a:e5:25:bd:7d:c9:da:47:4d:96:4d:1a:cf:ac:67:c2: e0:5f:f4:c8:a8:97:62:05:f2:bc:ee:82:91:e5:63:4c:3e:c8: 20:ff:97:10:af:19:3a:64:ab:cc:ed:d1:c4:d2:23:42:e3:0a: 1f:43:fa:26:a0:24:3e:75:ac:de:22:a1:da:56:51:6d:3b:eb: 9d:54:83:f8:f4:62:4c:44:0c:61:df:c9:37:ea:44:5a:64:7c: 0e:3d:c6:df:8b:f6:de:61:f1:c5:39:7c:53:b3:d1:02:ae:44: f5:9e:aa:98 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUeyKqBa+hc92pmGBYrm4ihHH2hlcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZE RkY1NjIwODAeFw0yNTExMDMxNjQ2MDNaFw0yNTExMDcwNDM5MDNaMDMxMTAvBgNV BAMTKEE5ODJDMENDODc4MUFEQkI5MDlGQTI0RkI1QUJEMUI0MDc0OENCNDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDepzo5IfYzwm+1xXyUt6VcMesi qzs0PVpbqkOhIxemfWydr1369t/EEse02dMcIZU9QuFb2aVI7egvyg2jEyzLKZ0T 9nxFLUDM2p1NGwyEMNnaevyCAFAmW+2WpQYTAJse7PIcyMzk5LkAyXNBbRRR2RIm gtDxe2/SwHvntD+GCZYCbs7bGcCgePKt8UvFvPhdjAUK2PoXN2zC+Ba1V+KTZQgw iDD8xeE78/mDZwFp4tZBM98iMN70zNmI4YNuRldUhK7eLoBO2qBnqvH/nWB89FtM M+GKevSj7udfhUKP/w8p7hsIcqtkBzp549HE43nquR+edrcgdlRd0Z/sco5LAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUqYLAzIeBrbuQn6JPtavRtAdIy0AwHwYDVR0j BBgwFoAUJdeIvSpFDAE1S5q3CCaJX9/1YggwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NmE3NjY1YS1iNTBiLTRhNDUtYThmOS0wZDY5YmQ3ZDc0M2QvMC8yNUQ3ODhCRDJB NDUwQzAxMzU0QjlBQjcwODI2ODk1RkRGRjU2MjA4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZERkY1 NjIwOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDZhNzY2NWEtYjUwYi00YTQ1LWE4 ZjktMGQ2OWJkN2Q3NDNkLzAvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5 NUZERkY1NjIwOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACzGUKokGzwsAxLzkQF3HqmkyQk0tfi/Syvq LZ1wSRarmJRgArxmcuxs9EX8VO+shoDARbrNQZyN6KLY0cUdouI5HLYbfXAnhWKd cjJXjUB/6VNx09yvT53zn6RKd8EdP3Yn5esQGIgDqFmurjXLPD81/rZNYDE/u7vB wragU0ypDTr1+NDiLcXxclaZXYDX9rGTWuUlvX3J2kdNlk0az6xnwuBf9Miol2IF 8rzugpHlY0w+yCD/lxCvGTpkq8zt0cTSI0LjCh9D+iagJD51rN4iodpWUW07651U g/j0YkxEDGHfyTfqRFpkfA49xt+L9t5h8cU5fFOz0QKuRPWeqpg= -----END CERTIFICATE-----Generated at Wed Nov 5 00:27:37 2025 by rpki-client