$ rpki-client -vvf repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft File: D68CA7C6F514D7168C00790717FB869AF68B125E.mft (raw, json) Hash identifier: yukMNC+q4jrAyueWkfG3BeqQUcftm75YHMucRk16lV0= Subject key identifier: 42:7F:7A:D0:AA:7F:11:DB:4F:50:55:A6:73:B8:43:3C:48:F1:E6:B5 Authority key identifier: D6:8C:A7:C6:F5:14:D7:16:8C:00:79:07:17:FB:86:9A:F6:8B:12:5E Certificate issuer: /CN=D68CA7C6F514D7168C00790717FB869AF68B125E Certificate serial: 39857EA4080E6C078A8110131A4CCADE7974E47C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft Manifest number: 0265 Signing time: Tue 04 Nov 2025 07:00:53 +0000 Manifest this update: Tue 04 Nov 2025 06:55:53 +0000 Manifest next update: Fri 07 Nov 2025 14:14:53 +0000 Files and hashes: 1: 3130332e3134322e3235352e302f32342d3234203d3e203435333035.roa (hash: fW5qne1R9fTa45nGDciUROmSkAV8mbUeGR9m/oXMOAw=) 2: 3130332e3134322e3235342e302f32342d3234203d3e203435333035.roa (hash: ebXS+Tyb8iuyOHa8yQE2FE8hZAgaawDNcd7a/TUN4jY=) 3: 323030313a6466313a363338303a3a2f34382d3438203d3e20313339333831.roa (hash: vuTTJNURLP5vgJImsWTQOQLshtByIl8yIWAQC+TExAY=) 4: 323030313a6466313a363338303a3a2f34382d3438203d3e203435333035.roa (hash: G7BNKn0aQeDATXJ1JamzPIxZOqsRSSDm9xJMQAbHt5c=) 5: 3130332e3134322e3235342e302f32332d3234203d3e20313339333831.roa (hash: gV2Q8xF8XiWikE1+w9yu7jENKeKHaDELW9P6oOlSzDE=) 6: 3130332e3134322e3235352e302f32342d3234203d3e20313339333831.roa (hash: tArDMQ0CljWlxInpOnDNWhLbYH4HF1sjePzkXRXnEac=) 7: D68CA7C6F514D7168C00790717FB869AF68B125E.crl (hash: +NoE1vgcqhafJEBnUA2tuIhs9h76sTZFwmMi4c2kWu8=) 8: 3130332e3134322e3235342e302f32342d3234203d3e20313339333831.roa (hash: xpJYN2koDz6242yH404bncg8zalibRwq73KpJsJcVB8=) 9: 3130332e3134322e3235342e302f32332d3234203d3e203435333035.roa (hash: 09EcthFcc0U294qSUk1qjMUpfEmQzlaHp9ePt/3ow3Q=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.crl rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 13:50:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:85:7e:a4:08:0e:6c:07:8a:81:10:13:1a:4c:ca:de:79:74:e4:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D68CA7C6F514D7168C00790717FB869AF68B125E Validity Not Before: Nov 4 06:55:53 2025 GMT Not After : Nov 7 14:14:53 2025 GMT Subject: CN=427F7AD0AA7F11DB4F5055A673B8433C48F1E6B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:e8:c9:0d:3b:26:fd:62:0b:4e:30:af:b2:90: 9b:20:f4:cb:20:88:13:43:26:2d:f7:cf:40:23:94: 38:e4:cc:ea:d9:e9:5c:7d:0a:53:e8:86:26:a9:cd: 53:68:a9:18:24:e3:e6:db:8c:ed:e7:ff:19:56:5c: 2a:e1:ec:4f:f7:cc:1c:16:d2:bc:5e:1f:3c:71:42: 52:38:e6:b0:18:a1:08:7c:d5:73:db:6d:8f:98:6d: e9:5d:69:a9:5f:46:23:91:49:b0:1b:07:7c:12:09: 67:7c:f0:6d:5e:a5:a3:27:29:0c:dd:e6:4f:fe:cb: 36:97:2c:5d:ce:32:bc:91:67:09:95:eb:07:c2:e2: 8d:d6:a0:73:29:9e:01:67:f9:04:f6:4c:a4:8a:69: e7:72:d8:05:19:53:a5:0f:7b:d3:57:87:a7:c3:9f: 4a:de:11:59:b0:31:b8:c7:07:17:31:cf:67:6d:6c: 64:05:34:f0:ab:b5:63:33:eb:93:ca:b3:ce:38:af: 33:0e:39:19:bc:35:42:05:23:22:8c:13:76:f9:16: 0f:11:42:8d:28:7e:4c:b6:90:48:3a:97:ae:a8:3b: b6:08:a2:91:6c:e6:05:dc:32:6b:4d:15:36:d8:b9: c5:f4:64:64:d9:d8:42:b3:2d:04:d3:8c:e2:f0:07: 71:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:7F:7A:D0:AA:7F:11:DB:4F:50:55:A6:73:B8:43:3C:48:F1:E6:B5 X509v3 Authority Key Identifier: keyid:D6:8C:A7:C6:F5:14:D7:16:8C:00:79:07:17:FB:86:9A:F6:8B:12:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D68CA7C6F514D7168C00790717FB869AF68B125E.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1ddc1dd8-6d25-47c7-aaa4-bddf1b9d677e/0/D68CA7C6F514D7168C00790717FB869AF68B125E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:07:09:e2:37:1a:56:6d:4d:7a:32:29:c5:a3:90:98:5c:c3: 69:67:32:71:22:7c:f3:b7:25:a3:4c:3e:51:a2:b4:31:9f:e5: e9:63:7a:1f:98:bc:1d:dd:21:7f:d8:fa:8b:e1:e6:4f:14:59: 51:64:2d:d5:15:f3:a2:7b:3b:74:f6:23:b7:23:36:62:cd:77: bc:d8:41:82:61:85:35:64:31:1a:46:f9:28:db:24:dc:d0:1e: 19:e7:98:2f:8d:fc:7e:4f:69:87:23:0a:ff:59:c5:dd:5e:1b: 87:09:ed:0b:17:22:c2:bb:e7:95:f8:27:41:8c:f8:35:2b:a2: db:64:13:14:ae:1c:7c:ea:32:b5:8b:d8:93:2c:e2:84:8b:96: 76:6a:14:1d:aa:b3:ac:f0:5a:c9:e0:74:71:e2:cd:bc:6b:49: db:47:55:b5:d4:c3:59:b3:70:1e:3b:79:aa:df:23:1f:84:d8: 63:97:26:e5:a6:14:f5:70:e4:64:68:31:a2:f2:13:a5:12:70: 4d:8c:37:45:8a:76:44:cd:8a:23:d2:25:9f:78:1f:64:68:6a: d3:d3:95:16:2d:11:a8:b4:f9:c6:40:c4:03:e4:5f:4b:ee:41: c1:2e:2a:0e:72:a1:ef:e3:c2:2e:af:9f:33:08:5f:af:bb:a9: c7:fc:ee:c6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOYV+pAgObAeKgRATGkzK3nl05HwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDY4Q0E3QzZGNTE0RDcxNjhDMDA3OTA3MTdGQjg2OUFG NjhCMTI1RTAeFw0yNTExMDQwNjU1NTNaFw0yNTExMDcxNDE0NTNaMDMxMTAvBgNV BAMTKDQyN0Y3QUQwQUE3RjExREI0RjUwNTVBNjczQjg0MzNDNDhGMUU2QjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH6MkNOyb9YgtOMK+ykJsg9Msg iBNDJi33z0AjlDjkzOrZ6Vx9ClPohiapzVNoqRgk4+bbjO3n/xlWXCrh7E/3zBwW 0rxeHzxxQlI45rAYoQh81XPbbY+YbeldaalfRiORSbAbB3wSCWd88G1epaMnKQzd 5k/+yzaXLF3OMryRZwmV6wfC4o3WoHMpngFn+QT2TKSKaedy2AUZU6UPe9NXh6fD n0reEVmwMbjHBxcxz2dtbGQFNPCrtWMz65PKs844rzMOORm8NUIFIyKME3b5Fg8R Qo0ofky2kEg6l66oO7YIopFs5gXcMmtNFTbYucX0ZGTZ2EKzLQTTjOLwB3HjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUQn960Kp/EdtPUFWmc7hDPEjx5rUwHwYDVR0j BBgwFoAU1oynxvUU1xaMAHkHF/uGmvaLEl4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ZGRjMWRkOC02ZDI1LTQ3YzctYWFhNC1iZGRmMWI5ZDY3N2UvMC9ENjhDQTdDNkY1 MTRENzE2OEMwMDc5MDcxN0ZCODY5QUY2OEIxMjVFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDY4Q0E3QzZGNTE0RDcxNjhDMDA3OTA3MTdGQjg2OUFGNjhC MTI1RS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWRkYzFkZDgtNmQyNS00N2M3LWFh YTQtYmRkZjFiOWQ2NzdlLzAvRDY4Q0E3QzZGNTE0RDcxNjhDMDA3OTA3MTdGQjg2 OUFGNjhCMTI1RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJIHCeI3GlZtTXoyKcWjkJhcw2lnMnEifPO3 JaNMPlGitDGf5eljeh+YvB3dIX/Y+ovh5k8UWVFkLdUV86J7O3T2I7cjNmLNd7zY QYJhhTVkMRpG+SjbJNzQHhnnmC+N/H5PaYcjCv9Zxd1eG4cJ7QsXIsK755X4J0GM +DUrottkExSuHHzqMrWL2JMs4oSLlnZqFB2qs6zwWsngdHHizbxrSdtHVbXUw1mz cB47earfIx+E2GOXJuWmFPVw5GRoMaLyE6UScE2MN0WKdkTNiiPSJZ94H2RoatPT lRYtEai0+cZAxAPkX0vuQcEuKg5yoe/jwi6vnzMIX6+7qcf87sY= -----END CERTIFICATE-----Generated at Tue Nov 4 18:51:16 2025 by rpki-client