$ rpki-client -vvf repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft File: D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft (raw, json) Hash identifier: LvmhC0fgUQJlZV7R0dfu7mGOAYDMc+mHSktNG5kEQAw= Subject key identifier: 3A:B7:16:5D:EA:F1:E2:E0:8C:F9:82:81:F5:2F:9F:A3:CB:53:2E:D3 Authority key identifier: D0:F7:9D:82:6E:43:EA:B6:1A:7A:83:4E:6A:27:77:C5:EC:82:1F:FD Certificate issuer: /CN=D0F79D826E43EAB61A7A834E6A2777C5EC821FFD Certificate serial: 0BB5CC0C19959C87B24BB42B1197AEB459F3284F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft Manifest number: 01D8 Signing time: Tue 04 Nov 2025 00:02:26 +0000 Manifest this update: Mon 03 Nov 2025 23:57:26 +0000 Manifest next update: Fri 07 Nov 2025 09:04:26 +0000 Files and hashes: 1: 3130332e37352e3133362e302f32342d3234203d3e20313530353233.roa (hash: uNA/yO7Jurn3EZm3l95rlsLVpHCEIuUhUwihJjKDdLE=) 2: 3130332e37352e3133372e302f32342d3234203d3e20313530353233.roa (hash: 1yTR12zVNlgV/3lhF5YF8WQX2wlBuTs2UGOXRfg1gpk=) 3: D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.crl (hash: EnNfncUig7MzS8DJKG3lUWNrB5w2jAp2+qT8CFtLcVw=) 4: 323030313a6466313a646663303a3a2f34382d3438203d3e20313530353233.roa (hash: bKAiHhmlEj4IgvE00Lo3377sGcryUEP8JoeR2a9n6WM=) 5: 3130332e37352e3133362e302f32332d3233203d3e20313530353233.roa (hash: Hj/Oe+Radw8pbluCv/VN2XxQ+sX4+0STYPYTyYPvjyc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.crl rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 09:04:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:b5:cc:0c:19:95:9c:87:b2:4b:b4:2b:11:97:ae:b4:59:f3:28:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D0F79D826E43EAB61A7A834E6A2777C5EC821FFD Validity Not Before: Nov 3 23:57:26 2025 GMT Not After : Nov 7 09:04:26 2025 GMT Subject: CN=3AB7165DEAF1E2E08CF98281F52F9FA3CB532ED3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:76:1a:e6:d8:36:4a:25:95:ab:65:f6:7e:ac: 73:ce:8f:c7:0c:e5:e0:04:32:65:5b:e7:15:88:f2: a2:ea:ac:8c:c2:b7:86:f2:5b:cb:04:ab:d7:0d:28: 51:c7:cc:5e:02:16:ea:e8:b0:c4:52:5f:b5:27:75: 29:82:65:f6:03:f9:1b:2f:b9:a8:97:44:cb:c5:27: a8:e4:a3:e3:87:84:27:51:48:3b:bd:8b:6f:83:6f: a4:58:ea:6a:be:d7:a3:d1:b7:e2:dd:83:99:40:9b: da:c6:69:e2:56:65:25:98:9f:76:d2:7b:8c:7a:df: 62:97:ea:2d:72:16:e6:4e:fc:4f:29:56:f8:eb:42: 3a:8a:09:85:d3:10:2f:10:bf:08:7a:ad:ca:7f:25: 80:0d:a7:fa:d8:da:76:20:fd:e9:39:4f:3e:98:71: 21:2e:67:d4:f9:f4:1a:12:2c:04:9f:16:c0:10:61: 2b:e6:df:a1:f1:82:63:d2:e7:68:be:29:7f:cd:05: d5:53:86:e8:77:a6:90:bb:a9:57:1e:76:bb:21:a3: c7:89:a8:d4:de:94:35:55:24:32:b4:dc:79:41:ac: 7a:6c:65:d4:fc:a1:69:31:85:da:1b:5e:56:95:ee: 27:32:10:f8:b8:b2:6e:80:aa:80:d6:c8:aa:0a:7c: 5f:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:B7:16:5D:EA:F1:E2:E0:8C:F9:82:81:F5:2F:9F:A3:CB:53:2E:D3 X509v3 Authority Key Identifier: keyid:D0:F7:9D:82:6E:43:EA:B6:1A:7A:83:4E:6A:27:77:C5:EC:82:1F:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:03:14:23:7a:c9:95:7a:fe:5c:dd:fd:38:40:df:81:ed:3a: e2:c4:c3:76:ad:da:b8:e3:d6:05:e9:37:45:16:30:e4:a7:c2: 8e:b3:57:e3:9d:5e:3b:db:90:bc:99:a0:f8:64:86:f1:8b:e2: 3d:3a:ac:9e:9a:b4:78:65:91:04:aa:bf:07:62:79:8c:86:82: e1:68:c3:f3:ba:97:71:2c:b2:52:f2:13:d3:3d:90:f7:a9:c4: 75:eb:a6:26:bb:5d:18:96:80:e9:8e:23:80:90:f1:bc:14:64: b3:81:b9:85:a4:96:6c:aa:bc:61:43:8b:6b:e2:b1:f4:d7:92: dd:d8:95:29:04:22:63:a0:d6:45:8e:dd:f9:19:62:b6:b1:c6: 2f:65:0f:42:91:ef:af:cd:71:b0:8e:50:81:e9:f0:29:70:1f: e9:4e:57:44:2b:f8:b9:34:4c:fb:d9:82:19:86:4b:6c:05:ea: 6f:12:36:9d:b8:23:fc:1d:c1:7e:9a:d5:57:79:a6:74:85:83: 64:02:16:92:2d:9a:01:51:ed:ee:8a:fa:e6:12:90:33:86:08: 94:a1:37:35:80:5d:57:e5:c7:4a:83:21:21:72:4d:17:fc:b7: 25:6a:db:ec:b1:53:78:51:24:98:f4:79:84:69:eb:9f:fe:0f: b7:0f:61:7a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUC7XMDBmVnIeyS7QrEZeutFnzKE8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDBGNzlEODI2RTQzRUFCNjFBN0E4MzRFNkEyNzc3QzVF QzgyMUZGRDAeFw0yNTExMDMyMzU3MjZaFw0yNTExMDcwOTA0MjZaMDMxMTAvBgNV BAMTKDNBQjcxNjVERUFGMUUyRTA4Q0Y5ODI4MUY1MkY5RkEzQ0I1MzJFRDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDedhrm2DZKJZWrZfZ+rHPOj8cM 5eAEMmVb5xWI8qLqrIzCt4byW8sEq9cNKFHHzF4CFurosMRSX7UndSmCZfYD+Rsv uaiXRMvFJ6jko+OHhCdRSDu9i2+Db6RY6mq+16PRt+Ldg5lAm9rGaeJWZSWYn3bS e4x632KX6i1yFuZO/E8pVvjrQjqKCYXTEC8Qvwh6rcp/JYANp/rY2nYg/ek5Tz6Y cSEuZ9T59BoSLASfFsAQYSvm36HxgmPS52i+KX/NBdVThuh3ppC7qVcedrsho8eJ qNTelDVVJDK03HlBrHpsZdT8oWkxhdobXlaV7icyEPi4sm6AqoDWyKoKfF/TAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUOrcWXerx4uCM+YKB9S+fo8tTLtMwHwYDVR0j BBgwFoAU0Pedgm5D6rYaeoNOaid3xeyCH/0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ODQ2MzI4NS03YzI4LTQzNWEtODJiYi1mY2MzMmQ1ODAyMGUvMC9EMEY3OUQ4MjZF NDNFQUI2MUE3QTgzNEU2QTI3NzdDNUVDODIxRkZELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDBGNzlEODI2RTQzRUFCNjFBN0E4MzRFNkEyNzc3QzVFQzgy MUZGRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjg0NjMyODUtN2MyOC00MzVhLTgy YmItZmNjMzJkNTgwMjBlLzAvRDBGNzlEODI2RTQzRUFCNjFBN0E4MzRFNkEyNzc3 QzVFQzgyMUZGRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACcDFCN6yZV6/lzd/ThA34HtOuLEw3at2rjj 1gXpN0UWMOSnwo6zV+OdXjvbkLyZoPhkhvGL4j06rJ6atHhlkQSqvwdieYyGguFo w/O6l3EsslLyE9M9kPepxHXrpia7XRiWgOmOI4CQ8bwUZLOBuYWklmyqvGFDi2vi sfTXkt3YlSkEImOg1kWO3fkZYraxxi9lD0KR76/NcbCOUIHp8ClwH+lOV0Qr+Lk0 TPvZghmGS2wF6m8SNp24I/wdwX6a1Vd5pnSFg2QCFpItmgFR7e6K+uYSkDOGCJSh NzWAXVflx0qDISFyTRf8tyVq2+yxU3hRJJj0eYRp65/+D7cPYXo= -----END CERTIFICATE-----Generated at Wed Nov 5 01:59:39 2025 by rpki-client