$ rpki-client -vvf repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft File: 3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft (raw, json) Hash identifier: FdNQM5wuhOX4L7IMKkOZWA47Ps52EJ4u1jOP5Er5f2M= Subject key identifier: 22:2B:16:C2:F7:B9:1E:6D:E0:0D:24:72:CF:D6:DC:0A:98:50:7C:A5 Authority key identifier: 3B:2B:A9:E8:D5:35:7A:BD:77:6B:6E:C4:CA:F7:C1:C5:9E:18:20:74 Certificate issuer: /CN=3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074 Certificate serial: 443A24248EAF92E10A59D06F00BCB724A61605D2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft Manifest number: 0209 Signing time: Mon 03 Nov 2025 03:02:20 +0000 Manifest this update: Mon 03 Nov 2025 02:57:20 +0000 Manifest next update: Thu 06 Nov 2025 14:15:20 +0000 Files and hashes: 1: 3130332e3235342e3137312e302f32342d3234203d3e203539313439.roa (hash: j7/0o24Y/Dntb2SDxDz2B+Eis79rWFB0ghqmTnU55LQ=) 2: 3130332e3235342e3137302e302f32342d3234203d3e203539313439.roa (hash: Htm5ahdXQHhKpRzE/h5i9KHcwL0XsZbOLaHTHLcsMN8=) 3: 3130332e3235342e3136382e302f32342d3234203d3e203539313439.roa (hash: mvmoi8dcnfPzFCUL4IZOH3T40kp0yAQpvbAqzxB1zYc=) 4: 3130332e3235342e3136392e302f32342d3234203d3e203539313439.roa (hash: sJUN/+XYslzThounXZW+MFwCm1lc8VEvrGvUm5/WqYY=) 5: 3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.crl (hash: pzT0Z36AGXMPCH3hv3hm0bFYTVnUr/yQqtZKkLDwnSU=) 6: 3130332e3235342e3136382e302f32322d3232203d3e203539313439.roa (hash: wNLC96dZ0hf5g5SQzM5GoaCW4xx90rlAQngevEb0OMg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.crl rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 14:15:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:3a:24:24:8e:af:92:e1:0a:59:d0:6f:00:bc:b7:24:a6:16:05:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074 Validity Not Before: Nov 3 02:57:20 2025 GMT Not After : Nov 6 14:15:20 2025 GMT Subject: CN=222B16C2F7B91E6DE00D2472CFD6DC0A98507CA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:41:03:64:c2:55:5c:4f:67:3d:67:04:48:fa: 6d:b4:2b:c2:c6:7e:55:0e:34:81:bf:fe:7f:cc:bd: c7:d2:f3:7a:9b:5d:85:96:a5:16:09:ce:9b:63:ee: a5:68:5a:35:1c:a3:70:e6:55:68:bd:38:cf:2b:d7: 58:1c:40:1f:61:e3:45:e7:dd:dd:5e:86:cd:c1:58: 86:36:73:49:4a:90:d4:d1:d4:4d:c1:1b:7f:f4:23: 13:5a:bd:97:33:ed:da:27:06:12:50:0e:af:e4:23: 31:58:7f:a6:39:4a:1c:67:4b:cf:c2:7b:33:36:34: 75:6b:93:e6:13:0a:5b:ec:0b:b7:20:40:64:76:21: f1:a8:8f:62:01:65:91:2a:01:2e:ad:64:c3:22:c1: 0e:08:01:37:f5:ca:00:39:59:77:76:53:81:f4:01: f7:5a:97:b3:77:9e:8a:92:07:15:a2:bc:84:14:40: be:e9:12:ca:bc:9c:55:5f:17:d4:29:12:8c:fb:72: 9b:6d:44:08:f4:a3:a2:48:44:ac:bf:34:b4:12:74: e0:b8:c4:aa:ce:ed:5a:a2:50:06:95:84:ed:5a:6e: 8e:76:4c:97:3b:53:20:2a:c1:bf:ec:b6:f5:4f:d4: d0:62:f4:67:9d:a2:c6:48:87:2b:b1:b4:6f:36:ff: aa:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:2B:16:C2:F7:B9:1E:6D:E0:0D:24:72:CF:D6:DC:0A:98:50:7C:A5 X509v3 Authority Key Identifier: keyid:3B:2B:A9:E8:D5:35:7A:BD:77:6B:6E:C4:CA:F7:C1:C5:9E:18:20:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d0:52:23:0f:2c:e2:41:de:70:20:7f:ac:5e:9f:f8:87:dc:fc: 0f:df:99:7a:d5:28:94:64:cf:a8:1e:0c:80:01:43:a8:d1:4c: 41:ff:2d:1b:72:d3:46:b6:c7:fb:50:c8:52:27:ec:4d:6f:45: a5:0c:fa:ce:5e:19:d4:06:a4:b6:d7:75:cd:f3:03:2d:6a:a3: 65:ca:31:06:04:26:c7:46:db:30:6a:8f:aa:28:3a:68:9c:75: b3:7b:01:23:c4:80:79:3c:d7:a7:43:36:c2:c9:6a:f6:90:10: 68:b2:1f:93:46:ac:65:26:ae:0a:07:4e:96:34:ef:f0:e7:62: fd:c7:e0:aa:a4:14:b0:dc:8e:33:ee:77:42:7b:bc:39:af:22: 5d:d7:46:6a:4d:1f:ba:01:7e:99:c2:f2:e7:07:3c:b4:12:d5: d5:79:51:d5:62:55:b1:bd:f3:8a:a6:d4:6c:20:87:ae:86:26: 31:d9:c1:49:1a:14:22:f0:5c:28:c0:1a:15:d4:70:c8:8e:4c: ac:56:02:64:52:92:2c:69:2c:53:9d:e6:11:73:9b:bc:b2:0c: 9a:a2:17:ba:30:13:43:17:a8:ec:11:b2:e5:49:ab:d4:b3:e5: 76:a6:09:a9:f3:4c:62:88:02:39:31:65:c7:43:e6:82:e5:e2: 97:cc:f8:2c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURDokJI6vkuEKWdBvALy3JKYWBdIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0IyQkE5RThENTM1N0FCRDc3NkI2RUM0Q0FGN0MxQzU5 RTE4MjA3NDAeFw0yNTExMDMwMjU3MjBaFw0yNTExMDYxNDE1MjBaMDMxMTAvBgNV BAMTKDIyMkIxNkMyRjdCOTFFNkRFMDBEMjQ3MkNGRDZEQzBBOTg1MDdDQTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5QQNkwlVcT2c9ZwRI+m20K8LG flUONIG//n/MvcfS83qbXYWWpRYJzptj7qVoWjUco3DmVWi9OM8r11gcQB9h40Xn 3d1ehs3BWIY2c0lKkNTR1E3BG3/0IxNavZcz7donBhJQDq/kIzFYf6Y5ShxnS8/C ezM2NHVrk+YTClvsC7cgQGR2IfGoj2IBZZEqAS6tZMMiwQ4IATf1ygA5WXd2U4H0 Afdal7N3noqSBxWivIQUQL7pEsq8nFVfF9QpEoz7cpttRAj0o6JIRKy/NLQSdOC4 xKrO7VqiUAaVhO1abo52TJc7UyAqwb/stvVP1NBi9GedosZIhyuxtG82/6rTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIisWwve5Hm3gDSRyz9bcCphQfKUwHwYDVR0j BBgwFoAUOyup6NU1er13a27EyvfBxZ4YIHQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YWU3ZDQ2MS0wZTMyLTRlNjUtYmI4OC1kNzI0MDViMjQ0NTEvMC8zQjJCQTlFOEQ1 MzU3QUJENzc2QjZFQzRDQUY3QzFDNTlFMTgyMDc0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0IyQkE5RThENTM1N0FCRDc3NkI2RUM0Q0FGN0MxQzU5RTE4 MjA3NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmFlN2Q0NjEtMGUzMi00ZTY1LWJi ODgtZDcyNDA1YjI0NDUxLzAvM0IyQkE5RThENTM1N0FCRDc3NkI2RUM0Q0FGN0Mx QzU5RTE4MjA3NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBANBSIw8s4kHecCB/rF6f+Ifc/A/fmXrVKJRk z6geDIABQ6jRTEH/LRty00a2x/tQyFIn7E1vRaUM+s5eGdQGpLbXdc3zAy1qo2XK MQYEJsdG2zBqj6ooOmicdbN7ASPEgHk816dDNsLJavaQEGiyH5NGrGUmrgoHTpY0 7/DnYv3H4KqkFLDcjjPud0J7vDmvIl3XRmpNH7oBfpnC8ucHPLQS1dV5UdViVbG9 84qm1Gwgh66GJjHZwUkaFCLwXCjAGhXUcMiOTKxWAmRSkixpLFOd5hFzm7yyDJqi F7owE0MXqOwRsuVJq9Sz5XamCanzTGKIAjkxZcdD5oLl4pfM+Cw= -----END CERTIFICATE-----Generated at Tue Nov 4 16:38:04 2025 by rpki-client