$ rpki-client -vvf repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft File: 645C9D445B2796662EE98A03E50C124F3E962CAB.mft (raw, json) Hash identifier: bBM+NCdpKJK44tSIyMpSeOAqinNaccCsDzF9Dag6IXA= Subject key identifier: E9:9B:4C:66:B6:95:C8:10:CC:59:59:0D:00:9E:1D:3F:6C:D6:74:99 Authority key identifier: 64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB Certificate issuer: /CN=645C9D445B2796662EE98A03E50C124F3E962CAB Certificate serial: 6124C387996531E46A75FF12E692DA0492FF8D25 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft Manifest number: 03C1 Signing time: Tue 04 Nov 2025 16:01:06 +0000 Manifest this update: Tue 04 Nov 2025 15:56:06 +0000 Manifest next update: Fri 07 Nov 2025 16:29:06 +0000 Files and hashes: 1: 3130332e3130302e3137322e302f32342d3234203d3e20313336383431.roa (hash: ehP408+CXUe13X4F5TvwPj6ddCoH7T+4InUUhWjVyGw=) 2: 3130332e3130302e3137342e302f32342d3234203d3e20313336383431.roa (hash: pfMM3/ygiEY34vdGoVOYeg8tWN4ZaCnJmX0NJOGEX00=) 3: 3130332e3130302e3137332e302f32342d3234203d3e20313336383431.roa (hash: Yo/r10NdHpCyWdp4iTpRbnPv2TKKyCyVTnBiO8AmbDc=) 4: 323430313a626534303a3a2f33322d3332203d3e20313336383431.roa (hash: UnpWLg0+2SsmnDXBrwzCKp1VDUDBelXMewYvLJ0BJ+c=) 5: 645C9D445B2796662EE98A03E50C124F3E962CAB.crl (hash: K3Ii9s8gguJu6gpgBqUcNLBKHta8xQkK0UQ/q6FgOcY=) 6: 3130332e3130302e3137352e302f32342d3234203d3e20313336383431.roa (hash: qbkH1qedbuL2nkb9oW2AlysgwJB8XaNgGrzurioAZP0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 13:50:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:24:c3:87:99:65:31:e4:6a:75:ff:12:e6:92:da:04:92:ff:8d:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=645C9D445B2796662EE98A03E50C124F3E962CAB Validity Not Before: Nov 4 15:56:06 2025 GMT Not After : Nov 7 16:29:06 2025 GMT Subject: CN=E99B4C66B695C810CC59590D009E1D3F6CD67499 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:38:9e:1a:85:9a:4a:f7:65:5c:2c:6d:65:31: 7c:61:f2:ba:b1:c2:d1:08:02:22:b8:51:1c:c5:2a: a8:57:69:1c:4c:b5:6e:cf:19:b1:5c:f3:b3:6c:cc: 4d:db:25:98:c2:03:fa:40:c3:cf:c4:22:5d:49:ec: fb:57:91:e5:d1:8b:8e:81:c6:b2:00:c6:e9:d3:79: 2b:81:62:f7:6f:5d:63:c1:e1:14:05:fb:a6:ee:34: 35:d0:3f:5a:d3:42:9c:60:92:79:fd:e0:65:31:14: 9f:c9:42:b7:b8:42:e4:f3:70:d7:23:5b:a4:00:a0: 21:95:9b:78:7a:09:08:13:1c:bf:fe:77:e4:d7:9d: 3c:41:66:67:08:9f:8a:c7:31:c4:40:3b:e3:1b:56: 5d:c6:9c:81:c8:14:69:af:10:14:70:f2:30:13:ce: f2:fa:06:49:95:0d:68:f7:4a:b8:f7:06:33:2b:9e: ec:bb:05:6d:c3:f3:dd:e9:e6:5e:57:2c:0e:42:6d: 67:9a:c0:f0:54:3e:fd:e8:bd:b3:b0:8a:05:8b:93: ad:ac:c2:4e:7e:20:76:09:d3:a8:16:e6:2a:a7:0e: 6d:f5:f9:95:90:6f:42:c2:1f:10:24:b7:27:96:72: 5c:53:51:e1:41:73:a4:59:ef:70:a3:d1:8e:58:66: 44:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:9B:4C:66:B6:95:C8:10:CC:59:59:0D:00:9E:1D:3F:6C:D6:74:99 X509v3 Authority Key Identifier: keyid:64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:e2:d6:20:ab:45:37:3e:fc:48:76:42:11:3d:5a:00:37:89: 77:b1:61:6f:df:df:97:11:97:c2:df:98:51:76:32:1e:c4:16: 9b:d1:a5:f8:b1:5b:7d:be:33:1a:88:4b:83:6f:48:81:fd:8c: 34:fa:68:c8:7a:e1:98:96:12:af:bc:03:af:80:9c:ec:c3:cb: 91:68:a0:f7:7b:78:66:e0:11:91:4f:df:f4:67:92:16:33:10: fe:14:d4:6c:84:45:c2:c1:24:4e:30:15:df:06:ba:77:72:61: 9b:f9:3a:94:ea:4f:ad:99:59:56:f5:8c:67:fb:44:d4:5f:1e: 73:ae:6d:70:54:db:30:fb:a3:cc:36:87:07:04:13:25:4e:40: 2f:94:11:f6:8e:17:7f:a9:13:1e:03:71:1b:7f:0b:d0:49:37: fa:88:9e:6c:cc:aa:67:e2:2a:9e:dd:4f:89:de:25:8a:4c:3f: f4:d8:58:71:28:c5:ab:51:c9:6f:18:ec:a2:a2:0e:20:d1:56: 2d:42:fa:8c:ce:d9:b7:5b:91:30:d5:dd:94:b2:dd:d4:cc:f2: 3a:bb:53:e5:16:60:c0:46:66:85:4a:cd:6c:98:4d:a2:ef:01: 81:e0:bc:b3:34:32:92:26:49:22:2a:2d:ce:e9:1e:39:08:92: 50:51:b1:56 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYSTDh5llMeRqdf8S5pLaBJL/jSUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYz RTk2MkNBQjAeFw0yNTExMDQxNTU2MDZaFw0yNTExMDcxNjI5MDZaMDMxMTAvBgNV BAMTKEU5OUI0QzY2QjY5NUM4MTBDQzU5NTkwRDAwOUUxRDNGNkNENjc0OTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDOJ4ahZpK92VcLG1lMXxh8rqx wtEIAiK4URzFKqhXaRxMtW7PGbFc87NszE3bJZjCA/pAw8/EIl1J7PtXkeXRi46B xrIAxunTeSuBYvdvXWPB4RQF+6buNDXQP1rTQpxgknn94GUxFJ/JQre4QuTzcNcj W6QAoCGVm3h6CQgTHL/+d+TXnTxBZmcIn4rHMcRAO+MbVl3GnIHIFGmvEBRw8jAT zvL6BkmVDWj3Srj3BjMrnuy7BW3D893p5l5XLA5CbWeawPBUPv3ovbOwigWLk62s wk5+IHYJ06gW5iqnDm31+ZWQb0LCHxAktyeWclxTUeFBc6RZ73Cj0Y5YZkTVAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU6ZtMZraVyBDMWVkNAJ4dP2zWdJkwHwYDVR0j BBgwFoAUZFydRFsnlmYu6YoD5QwSTz6WLKswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NzMwNGI4My0zMGFhLTRiYmYtOWZkNy0yZmNlYWRiZjAwMzAvMC82NDVDOUQ0NDVC Mjc5NjY2MkVFOThBMDNFNTBDMTI0RjNFOTYyQ0FCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYzRTk2 MkNBQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDczMDRiODMtMzBhYS00YmJmLTlm ZDctMmZjZWFkYmYwMDMwLzAvNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEy NEYzRTk2MkNBQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHbi1iCrRTc+/Eh2QhE9WgA3iXexYW/f35cR l8LfmFF2Mh7EFpvRpfixW32+MxqIS4NvSIH9jDT6aMh64ZiWEq+8A6+AnOzDy5Fo oPd7eGbgEZFP3/RnkhYzEP4U1GyERcLBJE4wFd8GundyYZv5OpTqT62ZWVb1jGf7 RNRfHnOubXBU2zD7o8w2hwcEEyVOQC+UEfaOF3+pEx4DcRt/C9BJN/qInmzMqmfi Kp7dT4neJYpMP/TYWHEoxatRyW8Y7KKiDiDRVi1C+ozO2bdbkTDV3ZSy3dTM8jq7 U+UWYMBGZoVKzWyYTaLvAYHgvLM0MpImSSIqLc7pHjkIklBRsVY= -----END CERTIFICATE-----Generated at Tue Nov 4 21:26:27 2025 by rpki-client