$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: JMnIEeMP1FzGkSkbzOObexGdNyUPaHUkXJ12XzpY0DU= Subject key identifier: 37:25:18:DA:42:F0:F4:82:66:12:65:5D:21:91:52:3A:50:B5:B5:66 Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 5F93541EC0393108CE1866A00E1A0C844CA9CAD4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: 8D Signing time: Wed 06 Aug 2025 06:12:23 +0000 Manifest this update: Wed 06 Aug 2025 06:07:23 +0000 Manifest next update: Sat 09 Aug 2025 14:55:23 +0000 Files and hashes: 1: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: LDJv6wYx3HsP5pbUhXvKMJKGJv2fMd2X2nhqPoeeYwE=) 2: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: zda1KTRw+YOT5Gu8BuqKz3+S5QtvBWeBihl2dq8qu6U=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 09:26:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:93:54:1e:c0:39:31:08:ce:18:66:a0:0e:1a:0c:84:4c:a9:ca:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Aug 6 06:07:23 2025 GMT Not After : Aug 9 14:55:23 2025 GMT Subject: CN=372518DA42F0F4826612655D2191523A50B5B566 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:06:54:6b:e1:10:61:d9:8a:d2:32:4b:bc:60: 8c:3b:7a:63:e6:db:db:f5:44:76:4d:39:27:f4:bd: 79:ee:45:d6:25:53:37:8e:6f:7c:6e:84:25:3f:9f: b0:56:a0:59:e2:4a:73:df:ef:26:a3:54:ae:ec:03: 21:65:b3:42:e7:36:a9:1c:88:38:2c:c0:bf:64:68: d2:83:af:fb:53:d7:d7:89:22:38:72:bb:fc:11:bb: 69:f8:89:42:ab:63:97:7d:eb:76:84:c4:80:06:63: 39:b6:67:88:99:b5:5a:cb:87:a4:9d:ed:36:b2:d4: b5:50:e8:d3:86:66:55:0c:ae:b2:7b:16:80:7e:f8: cf:85:a6:7b:a5:34:38:55:61:a5:26:dc:c7:90:d1: 11:0f:5b:f5:60:14:28:e6:24:10:67:c4:1a:7f:48: 4e:4b:2a:83:42:42:b8:0a:16:59:44:ec:8c:86:b9: 66:15:27:bb:56:2c:8a:45:9e:fd:a3:fd:13:f8:66: 3a:66:c5:fb:11:f6:7f:a1:1e:12:93:f5:1c:75:01: 54:b0:75:97:c0:5c:83:55:92:ab:1a:21:ad:a0:75: 90:28:42:1d:8b:b5:c7:b1:eb:bd:20:3f:a4:64:4e: 39:10:1a:c7:dd:0e:fa:fe:a6:f7:93:33:ce:db:82: 41:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:25:18:DA:42:F0:F4:82:66:12:65:5D:21:91:52:3A:50:B5:B5:66 X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:84:76:c4:bb:b2:fa:dd:8c:23:d7:7a:af:00:46:28:65:51: 51:4f:92:44:3a:21:96:86:f9:4c:c9:42:60:d1:0f:5a:07:33: bc:5a:a7:9e:75:d0:82:cd:73:5b:b1:da:79:b2:57:57:49:45: 4a:ca:ac:c2:da:8b:20:e4:15:c1:8a:5e:b8:49:22:0e:68:de: 49:22:96:4a:62:03:4f:1e:d5:07:7a:37:02:1e:39:ad:67:35: 5e:d1:ff:6b:e1:80:29:e0:b6:93:5e:23:a2:a5:c3:45:62:f3: 55:1d:b3:e3:83:ca:59:29:07:32:69:fd:9b:a9:74:f5:fd:af: 4a:a9:13:fe:7f:2d:b6:a5:50:9f:32:d7:d0:87:3c:42:d0:15: 12:23:f4:db:79:6b:75:a0:49:14:93:12:29:11:0c:f2:42:78: 2b:56:55:1d:ed:dd:b2:cb:50:57:f9:29:4e:e8:0f:c1:d9:d1: a9:f5:a9:6c:d4:d8:c6:d3:4c:d2:bc:2e:48:af:89:86:25:40: 1c:d2:bc:53:f7:e3:a4:fa:eb:44:cb:5c:e1:84:89:3f:4f:74: bb:a8:d6:e7:dd:ec:c1:87:ab:48:c5:7c:66:b0:21:f2:5b:5a: b8:a3:15:06:dd:c6:1a:a4:93:91:c2:fc:7a:57:72:b3:72:ef: 68:06:18:3f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUX5NUHsA5MQjOGGagDhoMhEypytQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNTA4MDYwNjA3MjNaFw0yNTA4MDkxNDU1MjNaMDMxMTAvBgNV BAMTKDM3MjUxOERBNDJGMEY0ODI2NjEyNjU1RDIxOTE1MjNBNTBCNUI1NjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmBlRr4RBh2YrSMku8YIw7emPm 29v1RHZNOSf0vXnuRdYlUzeOb3xuhCU/n7BWoFniSnPf7yajVK7sAyFls0LnNqkc iDgswL9kaNKDr/tT19eJIjhyu/wRu2n4iUKrY5d963aExIAGYzm2Z4iZtVrLh6Sd 7Tay1LVQ6NOGZlUMrrJ7FoB++M+FpnulNDhVYaUm3MeQ0REPW/VgFCjmJBBnxBp/ SE5LKoNCQrgKFllE7IyGuWYVJ7tWLIpFnv2j/RP4ZjpmxfsR9n+hHhKT9Rx1AVSw dZfAXINVkqsaIa2gdZAoQh2Ltcex670gP6RkTjkQGsfdDvr+pveTM87bgkEdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUNyUY2kLw9IJmEmVdIZFSOlC1tWYwHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADaEdsS7svrdjCPXeq8ARihlUVFPkkQ6IZaG +UzJQmDRD1oHM7xap5510ILNc1ux2nmyV1dJRUrKrMLaiyDkFcGKXrhJIg5o3kki lkpiA08e1Qd6NwIeOa1nNV7R/2vhgCngtpNeI6Klw0Vi81Uds+ODylkpBzJp/Zup dPX9r0qpE/5/LbalUJ8y19CHPELQFRIj9Nt5a3WgSRSTEikRDPJCeCtWVR3t3bLL UFf5KU7oD8HZ0an1qWzU2MbTTNK8LkiviYYlQBzSvFP346T660TLXOGEiT9PdLuo 1ufd7MGHq0jFfGawIfJbWrijFQbdxhqkk5HC/HpXcrNy72gGGD8= -----END CERTIFICATE-----Generated at Thu Aug 7 00:38:25 2025 by rpki-client