$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: Wk4/K6JbOEl4oXIItzlEfyXatbge9T2CpNmNV8r6EPc= Subject key identifier: 1E:A4:4B:4A:D6:A4:8D:71:46:27:F2:BC:22:1A:6E:AD:BF:A3:0B:87 Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 41F85A2DB15B1C1987E3A8F134740C687D7367B7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 051E Signing time: Sun 02 Nov 2025 17:20:58 +0000 Manifest this update: Sun 02 Nov 2025 17:15:58 +0000 Manifest next update: Thu 06 Nov 2025 03:48:58 +0000 Files and hashes: 1: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) 2: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: 43ScMK1xGJHkc43OYqRAxNw2Nmb59FaJi1G0FFtsD2M=) 3: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) 4: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: RhvLh1GHgTZoEczcn+MwfSH9p5JTHWMjik3e9C7Hq00=) 5: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 03:48:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:f8:5a:2d:b1:5b:1c:19:87:e3:a8:f1:34:74:0c:68:7d:73:67:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Nov 2 17:15:58 2025 GMT Not After : Nov 6 03:48:58 2025 GMT Subject: CN=1EA44B4AD6A48D714627F2BC221A6EADBFA30B87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:79:8e:4b:b9:cf:52:cb:64:3f:c5:55:c6:d4: 41:51:24:2c:c7:12:16:a6:d9:9e:d3:be:6d:8c:65: 93:89:38:ee:9d:66:b6:d2:e5:9e:a5:8b:fe:3a:5e: 52:c4:c0:8a:37:8f:da:ee:cb:37:3d:16:9e:65:45: 6f:5e:f8:5f:e0:7e:4f:77:92:09:58:22:f6:4c:88: dd:8c:62:43:66:7a:31:6a:9e:08:42:f0:86:3f:6a: b7:09:59:22:b5:54:60:0c:bf:e0:0b:98:5b:da:92: 00:e0:1b:07:70:9f:c1:64:ec:08:31:cf:38:c3:d3: 3b:ce:b8:a9:8c:d0:70:71:e6:b7:c5:e7:4a:54:88: 89:6e:9f:1b:34:4a:d4:88:59:08:a9:26:d4:f0:77: d8:75:8b:6e:55:aa:ff:74:0c:0f:cc:97:5b:07:c1: 21:91:3f:27:20:51:27:ac:c4:e6:6e:8c:23:de:03: df:54:e7:a8:f4:61:3c:a9:5e:c1:6b:dd:5f:bf:09: 6a:e4:94:1a:5b:6d:19:f7:e0:f8:67:38:98:d6:8d: 8a:d0:d1:91:09:72:c4:0e:f6:fa:78:34:92:af:6c: 22:c0:5b:c4:e5:85:cf:a6:62:91:cc:d5:8a:32:15: 9a:ea:28:4d:f3:6f:55:50:eb:39:25:6d:63:0a:e6: 21:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:A4:4B:4A:D6:A4:8D:71:46:27:F2:BC:22:1A:6E:AD:BF:A3:0B:87 X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:ce:10:76:b4:b4:f8:a8:a6:dc:70:c1:ab:a9:ab:84:7d:a7: 3d:d0:58:7a:f1:8a:13:b3:00:54:6a:23:9e:96:03:5f:c7:7c: 00:0e:85:01:c9:de:76:17:4f:04:e1:4d:22:3e:30:d6:17:03: 01:ee:1a:1b:0b:d0:08:cf:d8:5d:15:b1:03:92:f0:64:61:e5: 9d:5d:22:fc:a8:1c:26:e8:64:f7:cf:1c:7f:6e:3b:fa:04:27: 2a:df:c6:27:c5:2d:c2:22:f2:ce:d2:8d:ec:41:ad:bb:46:f5: 30:1e:0a:30:e4:8d:a3:43:69:32:54:19:5d:4c:16:fb:29:29: 07:7e:82:60:62:d5:9c:04:94:84:16:71:8b:b0:f2:36:1e:e5: 49:c7:a7:07:88:3e:55:65:83:7a:32:3b:97:7d:87:d4:de:83: e4:b3:d7:b1:a1:c8:2b:af:ea:45:07:eb:84:f7:eb:8d:78:96: b5:8b:28:15:76:66:7a:93:29:23:c9:cf:c4:ab:91:b1:a0:1a: 73:4b:8d:ab:6f:73:67:5f:15:38:b3:c9:32:92:3c:0d:b0:78: e4:16:39:37:34:83:4c:56:67:79:df:9e:2f:9d:61:fe:33:82: 8e:66:36:f6:b1:42:80:9d:f1:14:bc:95:74:5e:65:4c:e1:cd: 9d:24:4d:a8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQfhaLbFbHBmH46jxNHQMaH1zZ7cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTExMDIxNzE1NThaFw0yNTExMDYwMzQ4NThaMDMxMTAvBgNV BAMTKDFFQTQ0QjRBRDZBNDhENzE0NjI3RjJCQzIyMUE2RUFEQkZBMzBCODcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7eY5Luc9Sy2Q/xVXG1EFRJCzH Eham2Z7Tvm2MZZOJOO6dZrbS5Z6li/46XlLEwIo3j9ruyzc9Fp5lRW9e+F/gfk93 kglYIvZMiN2MYkNmejFqnghC8IY/arcJWSK1VGAMv+ALmFvakgDgGwdwn8Fk7Agx zzjD0zvOuKmM0HBx5rfF50pUiIlunxs0StSIWQipJtTwd9h1i25Vqv90DA/Ml1sH wSGRPycgUSesxOZujCPeA99U56j0YTypXsFr3V+/CWrklBpbbRn34PhnOJjWjYrQ 0ZEJcsQO9vp4NJKvbCLAW8Tlhc+mYpHM1YoyFZrqKE3zb1VQ6zklbWMK5iHDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUHqRLStakjXFGJ/K8Ihpurb+jC4cwHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFDOEHa0tPioptxwwaupq4R9pz3QWHrxihOz AFRqI56WA1/HfAAOhQHJ3nYXTwThTSI+MNYXAwHuGhsL0AjP2F0VsQOS8GRh5Z1d IvyoHCboZPfPHH9uO/oEJyrfxifFLcIi8s7SjexBrbtG9TAeCjDkjaNDaTJUGV1M FvspKQd+gmBi1ZwElIQWcYuw8jYe5UnHpweIPlVlg3oyO5d9h9Teg+Sz17GhyCuv 6kUH64T36414lrWLKBV2ZnqTKSPJz8SrkbGgGnNLjatvc2dfFTizyTKSPA2weOQW OTc0g0xWZ3nfni+dYf4zgo5mNvaxQoCd8RS8lXReZUzhzZ0kTag= -----END CERTIFICATE-----Generated at Tue Nov 4 12:54:34 2025 by rpki-client