$ rpki-client -vvf repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft File: CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft (raw, json) Hash identifier: 06+DSIKY0TVQ5nEOculoECsqX+E6ZzVSsQelxOVf9hg= Subject key identifier: B6:AD:40:1F:A7:FD:96:B4:87:1B:DD:02:91:A7:F9:E5:81:A2:F0:C8 Authority key identifier: CE:A0:3A:07:98:91:07:F5:47:A2:B2:AB:AA:6A:D4:E7:03:12:AD:5C Certificate issuer: /CN=CEA03A07989107F547A2B2ABAA6AD4E70312AD5C Certificate serial: 5B9A3819E1F2B95B47C18709A8D8660A9AE4E233 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft Manifest number: 051F Signing time: Mon 03 Nov 2025 05:01:26 +0000 Manifest this update: Mon 03 Nov 2025 04:56:26 +0000 Manifest next update: Thu 06 Nov 2025 14:09:26 +0000 Files and hashes: 1: CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl (hash: PW1YG5tFC3ZP1D8zvt/PGpd9lLb/+XSer3IHiOdyQsc=) 2: 3130332e3133302e3133362e302f32322d3234203d3e20313333383135.roa (hash: gDwS3CZNot9PKNbXfgVaxRg3XKEAojqRRjZmWUnIieM=) 3: 323430333a626163303a3a2f33322d3438203d3e20313333383135.roa (hash: bj03wSoaB1PZHhqBBV4Wr4Sjs0onXCgWYauPl2mcWtw=) 4: 323430333a353763303a3a2f33322d3438203d3e20313333383135.roa (hash: qJMxf0aJqdHPfbLPNvUiMxKhq3U6DmyX3ZCQXdLa44w=) 5: 3130332e35322e34342e302f32322d3234203d3e20313333383135.roa (hash: +hHtMHqrRgOxnxPgQ1JDtVaqmRcnzLdlLvloLKvOcZA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 14:09:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:9a:38:19:e1:f2:b9:5b:47:c1:87:09:a8:d8:66:0a:9a:e4:e2:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CEA03A07989107F547A2B2ABAA6AD4E70312AD5C Validity Not Before: Nov 3 04:56:26 2025 GMT Not After : Nov 6 14:09:26 2025 GMT Subject: CN=B6AD401FA7FD96B4871BDD0291A7F9E581A2F0C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5c:06:ca:fc:bd:33:22:13:c3:a4:75:dd:d7: 7f:13:75:3d:66:b9:22:fc:1f:55:5c:fd:f7:78:9a: 63:63:42:86:69:c8:5d:ab:61:ab:25:3a:1d:c3:a6: cf:54:12:fb:2e:2e:79:dc:79:77:32:2c:46:c3:78: f3:6c:d3:29:52:97:b4:4e:85:da:83:87:0f:fb:63: eb:ec:a3:4c:8f:28:cc:08:92:ae:76:92:20:a0:ea: 06:aa:e4:4f:fc:13:ec:4c:40:fb:23:75:65:54:85: 4e:70:a3:f0:56:3d:78:e1:52:df:9c:6d:4d:f1:a6: 7a:0c:e9:f5:ec:3d:0d:71:02:4f:ce:9d:5c:4e:6d: 32:2b:54:a2:f3:c4:73:7e:eb:92:17:73:8c:b1:12: b2:37:af:6b:bd:8f:c7:56:d9:86:98:c3:98:c5:08: 1d:d6:cc:73:a5:53:70:d8:e2:50:eb:0c:c8:95:a6: fa:3b:46:36:e0:08:b6:b6:94:c6:6a:c6:63:09:8a: c2:8b:42:4d:de:59:d0:ce:4b:8a:71:8d:7a:98:a9: da:62:07:26:58:eb:f2:ca:4b:44:10:f9:0c:71:9c: 9a:00:f2:7e:ff:2d:a7:de:5a:f4:b6:30:87:36:a1: 90:bd:b1:1e:9e:6e:68:dd:39:8f:89:c1:7e:7c:5e: fa:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:AD:40:1F:A7:FD:96:B4:87:1B:DD:02:91:A7:F9:E5:81:A2:F0:C8 X509v3 Authority Key Identifier: keyid:CE:A0:3A:07:98:91:07:F5:47:A2:B2:AB:AA:6A:D4:E7:03:12:AD:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2a3ae485-a658-4c5c-abe2-1e7fd8b038a0/0/CEA03A07989107F547A2B2ABAA6AD4E70312AD5C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption dc:3a:6e:7f:ec:c2:b9:da:3b:81:10:4d:95:d9:ba:4a:31:65: f3:a1:a7:1b:59:7b:57:67:6c:f1:95:71:a9:1b:91:24:80:66: c1:0a:20:57:af:bd:0f:cc:d2:98:92:4a:b6:51:99:5c:e0:fe: 65:c4:f3:fe:fe:c2:d3:d0:d3:99:45:b7:cb:d6:cc:3e:28:56: bb:7f:f6:1a:e2:e4:8b:df:a4:34:10:08:c7:28:68:ea:de:f4: df:54:30:4b:18:e1:4b:24:fe:6f:88:67:86:71:6d:e2:cc:2b: 61:0e:1a:0c:50:15:7d:fe:0c:c4:cc:44:54:19:da:49:39:42: 92:39:dd:45:fc:f4:83:f0:b2:c2:47:08:db:9b:86:99:de:ec: c6:60:55:fc:71:9c:6e:c5:fd:79:e2:cf:82:94:cb:82:79:4b: 30:c6:3a:00:2a:05:dc:d2:43:88:f9:a7:37:11:a9:81:83:fa: 5d:3f:f1:81:fd:bb:bc:b2:61:ad:41:6e:32:38:7d:f7:6f:e3: e1:0d:b3:da:3d:d8:05:87:be:50:9e:ae:e9:82:2b:c6:7c:e9: f6:31:26:71:28:9a:21:10:d1:ce:01:d5:07:c7:c8:b2:98:de: 5f:6d:fd:ab:f6:d4:5e:d2:8f:2c:18:d5:e7:de:86:2a:e8:ce: 3c:c6:87:e9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUW5o4GeHyuVtHwYcJqNhmCprk4jMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0RTcw MzEyQUQ1QzAeFw0yNTExMDMwNDU2MjZaFw0yNTExMDYxNDA5MjZaMDMxMTAvBgNV BAMTKEI2QUQ0MDFGQTdGRDk2QjQ4NzFCREQwMjkxQTdGOUU1ODFBMkYwQzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDXAbK/L0zIhPDpHXd138TdT1m uSL8H1Vc/fd4mmNjQoZpyF2rYaslOh3Dps9UEvsuLnnceXcyLEbDePNs0ylSl7RO hdqDhw/7Y+vso0yPKMwIkq52kiCg6gaq5E/8E+xMQPsjdWVUhU5wo/BWPXjhUt+c bU3xpnoM6fXsPQ1xAk/OnVxObTIrVKLzxHN+65IXc4yxErI3r2u9j8dW2YaYw5jF CB3WzHOlU3DY4lDrDMiVpvo7RjbgCLa2lMZqxmMJisKLQk3eWdDOS4pxjXqYqdpi ByZY6/LKS0QQ+QxxnJoA8n7/LafeWvS2MIc2oZC9sR6ebmjdOY+JwX58Xvq3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUtq1AH6f9lrSHG90Ckaf55YGi8MgwHwYDVR0j BBgwFoAUzqA6B5iRB/VHorKrqmrU5wMSrVwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YTNhZTQ4NS1hNjU4LTRjNWMtYWJlMi0xZTdmZDhiMDM4YTAvMC9DRUEwM0EwNzk4 OTEwN0Y1NDdBMkIyQUJBQTZBRDRFNzAzMTJBRDVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0RTcwMzEy QUQ1Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmEzYWU0ODUtYTY1OC00YzVjLWFi ZTItMWU3ZmQ4YjAzOGEwLzAvQ0VBMDNBMDc5ODkxMDdGNTQ3QTJCMkFCQUE2QUQ0 RTcwMzEyQUQ1Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBANw6bn/swrnaO4EQTZXZukoxZfOhpxtZe1dn bPGVcakbkSSAZsEKIFevvQ/M0piSSrZRmVzg/mXE8/7+wtPQ05lFt8vWzD4oVrt/ 9hri5IvfpDQQCMcoaOre9N9UMEsY4Usk/m+IZ4ZxbeLMK2EOGgxQFX3+DMTMRFQZ 2kk5QpI53UX89IPwssJHCNubhpne7MZgVfxxnG7F/Xniz4KUy4J5SzDGOgAqBdzS Q4j5pzcRqYGD+l0/8YH9u7yyYa1BbjI4ffdv4+ENs9o92AWHvlCerumCK8Z86fYx JnEomiEQ0c4B1QfHyLKY3l9t/av21F7SjywY1efehirozjzGh+k= -----END CERTIFICATE-----Generated at Wed Nov 5 12:56:29 2025 by rpki-client