$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: RLQrf0S7Z6QEcrsr5C7ecYTR1V38J0yx1yWKeK1HMVk= Subject key identifier: 4B:19:5C:23:EB:BC:9D:CD:84:04:C9:12:34:BA:4A:B6:41:E2:B1:67 Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 1BC1635918FF887C821BB4432844649365909943 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: B5 Signing time: Sun 02 Nov 2025 11:42:31 +0000 Manifest this update: Sun 02 Nov 2025 11:37:31 +0000 Manifest next update: Wed 05 Nov 2025 21:57:31 +0000 Files and hashes: 1: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: YQdIGBNpLTB1fcWPoY3DSnezCVkD3Z17QMjzC7fGgQE=) 2: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: I98r/YvoKJnqIbKebXKfBKywu1BzE/FQD60HTUreMMU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 21:57:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:c1:63:59:18:ff:88:7c:82:1b:b4:43:28:44:64:93:65:90:99:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Nov 2 11:37:31 2025 GMT Not After : Nov 5 21:57:31 2025 GMT Subject: CN=4B195C23EBBC9DCD8404C91234BA4AB641E2B167 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:b5:0c:e2:bd:b7:a8:9c:56:2b:76:34:a1:7a: 68:86:5c:e7:1a:9b:0b:41:58:93:ba:c6:bb:f6:58: cb:cf:f0:01:ee:2e:9a:09:c9:6c:65:a0:04:4d:a1: 82:d1:85:9c:c1:28:c2:6d:09:02:6b:32:70:f4:08: 8b:7e:1a:56:6b:4e:fe:c6:70:d1:a9:e1:e1:b9:e5: 1f:8f:29:f5:60:b2:2e:fe:be:c8:ac:3f:cc:87:74: f5:c4:4a:e8:27:85:5e:3f:ee:23:2c:b2:14:ff:1b: 93:65:ef:75:ae:2b:0f:a6:4e:75:b7:3d:d0:ac:15: df:b6:c6:f8:ce:aa:ab:7e:67:3f:d4:25:08:f4:5f: 2f:92:1e:8e:66:87:73:a3:79:70:dd:8f:51:3d:e4: 03:33:c2:74:fb:f2:72:cf:ec:ee:fd:fb:ec:af:ff: 79:45:b8:d0:e2:53:46:c5:65:4d:1a:7a:9d:29:ae: 0e:ea:6d:4d:6f:0c:a8:a9:42:0c:27:e0:9c:8c:49: e4:49:f1:a5:9f:53:d1:e6:d8:15:8a:92:c3:47:61: ce:4a:fe:1c:ca:9b:63:f1:fc:0c:3c:ad:4a:9e:96: c0:b1:1a:c2:f1:b4:a2:9f:aa:29:31:bc:0e:e4:09: 85:57:27:bb:7c:65:7b:ff:6a:fe:fb:47:8f:ee:70: 4c:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:19:5C:23:EB:BC:9D:CD:84:04:C9:12:34:BA:4A:B6:41:E2:B1:67 X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:f0:ea:7e:f9:17:5b:a7:ac:3d:cf:dd:e9:04:5f:4d:8f:e3: 24:df:0f:78:40:85:89:3c:05:fe:6a:16:66:d7:82:b4:33:5e: 09:c2:71:fd:ff:74:14:c4:aa:f8:ae:1f:5d:b2:02:a9:bd:ba: 4b:3e:cf:77:8d:81:76:63:54:86:5e:38:d7:5e:1d:c8:87:5b: f5:f6:b4:ad:b6:c3:60:ab:1d:34:d5:6b:ef:15:ce:7d:ab:8a: b1:69:61:3c:d3:49:f9:72:40:0f:52:35:c8:99:e2:8d:61:03: 87:68:5e:2e:18:40:2e:a8:92:1e:29:1d:96:fd:29:fa:01:c1: b0:e8:4d:77:e2:f1:e0:62:e3:44:b9:8b:f1:05:a8:47:6e:a1: fe:6a:15:56:ae:76:ce:e4:69:fb:2f:0a:5f:fe:e5:2c:2d:e3: c6:ce:b0:21:ec:4b:eb:08:fc:51:a1:e2:0e:c0:89:b0:d0:37: fb:4d:87:a4:e2:25:0d:d3:f5:5f:d6:bd:b5:fa:7d:64:27:ba: 42:fb:8b:da:95:3a:b0:66:ea:68:a0:19:93:6d:81:a3:8b:3e: 6e:44:ce:1b:5b:1a:c2:ac:c9:bc:f6:cb:20:d6:8e:2f:5a:18: 8c:0e:13:6c:01:21:8e:46:2c:2b:0f:38:ba:e3:a7:18:77:ad: bf:48:4d:4b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUG8FjWRj/iHyCG7RDKERkk2WQmUMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNTExMDIxMTM3MzFaFw0yNTExMDUyMTU3MzFaMDMxMTAvBgNV BAMTKDRCMTk1QzIzRUJCQzlEQ0Q4NDA0QzkxMjM0QkE0QUI2NDFFMkIxNjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDitQzivbeonFYrdjShemiGXOca mwtBWJO6xrv2WMvP8AHuLpoJyWxloARNoYLRhZzBKMJtCQJrMnD0CIt+GlZrTv7G cNGp4eG55R+PKfVgsi7+vsisP8yHdPXESugnhV4/7iMsshT/G5Nl73WuKw+mTnW3 PdCsFd+2xvjOqqt+Zz/UJQj0Xy+SHo5mh3OjeXDdj1E95AMzwnT78nLP7O79++yv /3lFuNDiU0bFZU0aep0prg7qbU1vDKipQgwn4JyMSeRJ8aWfU9Hm2BWKksNHYc5K /hzKm2Px/Aw8rUqelsCxGsLxtKKfqikxvA7kCYVXJ7t8ZXv/av77R4/ucExnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUSxlcI+u8nc2EBMkSNLpKtkHisWcwHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEzw6n75F1unrD3P3ekEX02P4yTfD3hAhYk8 Bf5qFmbXgrQzXgnCcf3/dBTEqviuH12yAqm9uks+z3eNgXZjVIZeONdeHciHW/X2 tK22w2CrHTTVa+8Vzn2rirFpYTzTSflyQA9SNciZ4o1hA4doXi4YQC6okh4pHZb9 KfoBwbDoTXfi8eBi40S5i/EFqEduof5qFVauds7kafsvCl/+5Swt48bOsCHsS+sI /FGh4g7AibDQN/tNh6TiJQ3T9V/WvbX6fWQnukL7i9qVOrBm6migGZNtgaOLPm5E zhtbGsKsybz2yyDWji9aGIwOE2wBIY5GLCsPOLrjpxh3rb9ITUs= -----END CERTIFICATE-----Generated at Tue Nov 4 18:59:51 2025 by rpki-client