$ rpki-client -vvf repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.mft File: D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.mft (raw, json) Hash identifier: 7uhRQtmnFhLn1w9MU5b5TEccgHHnF3VD8ChXztZw1Pw= Subject key identifier: 2E:3D:9A:62:44:12:25:78:C3:A2:28:70:D2:4D:6E:46:D1:FA:B8:48 Authority key identifier: D2:5A:04:A0:E4:E5:2F:F4:22:D9:D8:FB:85:7D:23:DC:61:42:E5:FD Certificate issuer: /CN=D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD Certificate serial: 17CD69DA86B7933194834C67654F5C4356B8E9E3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.mft Manifest number: 0521 Signing time: Sun 02 Nov 2025 22:30:44 +0000 Manifest this update: Sun 02 Nov 2025 22:25:44 +0000 Manifest next update: Thu 06 Nov 2025 10:03:44 +0000 Files and hashes: 1: 3132342e34302e3235332e302f32342d3234203d3e20313432333237.roa (hash: ZeQ/G35c/J7hJXCvQZ6ieAUy4NBWFOv66XK2TZxgUwU=) 2: 34332e3235322e3130342e302f32342d3234203d3e20313432333237.roa (hash: lR3gX6Bwr4ANHz1p/BofTqPyE1vSZC884k0IFEXkQqw=) 3: 34332e3235322e3130342e302f32322d3234203d3e203435333035.roa (hash: PKIt6KT96DVg2otgI4L6Lbo6X1IxxuQSsidS83qyqJk=) 4: 323030313a6466303a61333a3a2f34382d3438203d3e203435333035.roa (hash: hlUw25q5eNWFZZoKL6XJ7rDIzMv9Ha/qCoX1PFqE3P4=) 5: 3230322e35362e3136342e302f32322d3234203d3e203435333035.roa (hash: Ks6djmjYrG5U+knwJmAadX8Vs5do9/GjSatcKmwDXgM=) 6: 3132342e34302e3234382e302f32342d3234203d3e20313432333237.roa (hash: C0CDuWEVU0SX0hds00E1HGuGHRio6g8DwzULftVgj6I=) 7: 3132342e34302e3234382e302f32312d3234203d3e203435333035.roa (hash: VtiYvCa1bjH6ANhQ1ZiFk2JkSbje5+lBzE3EKLizBTk=) 8: 3130332e32382e3131322e302f32322d3234203d3e203435333035.roa (hash: qTnm5CGA/RYtoBdoUqEMNKhCi+L95N248VCqrGjA3NM=) 9: D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.crl (hash: /ZhtQOTH4uU6Lj5XUffis6X/53xxQOqxhbDMHB/lvtQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.crl rsync://repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 10:03:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:cd:69:da:86:b7:93:31:94:83:4c:67:65:4f:5c:43:56:b8:e9:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD Validity Not Before: Nov 2 22:25:44 2025 GMT Not After : Nov 6 10:03:44 2025 GMT Subject: CN=2E3D9A6244122578C3A22870D24D6E46D1FAB848 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:51:2f:9f:0f:db:30:d8:00:07:17:67:8d:9e: df:9d:49:2e:f4:06:92:73:66:82:e2:44:e3:84:2a: d8:04:9a:ff:09:c4:c3:c2:9c:43:f6:f8:94:f1:f9: 60:aa:92:2a:88:ea:63:f3:ee:b0:47:1b:3b:61:2a: 03:67:73:64:79:99:31:be:bf:f1:1d:45:29:9f:35: f2:3a:4a:11:69:51:4a:ec:2d:ad:b5:ac:85:56:a2: bb:dc:0e:d3:b5:f3:06:f3:8e:a7:33:f9:d7:43:d9: 94:10:d4:26:fb:c5:2d:61:ae:26:2f:e2:50:e0:58: 2e:65:bf:f5:3f:c1:43:a6:dd:4f:50:ae:8e:c4:0b: ff:8d:08:3c:9c:ef:11:9c:c7:b6:5a:90:eb:e7:4b: 11:37:9d:a5:b7:af:8b:aa:ca:47:de:1d:cc:03:b2: 21:35:ff:0d:de:66:51:85:17:90:81:4d:57:e7:7f: d2:c2:40:bc:e3:6d:12:6a:a5:a0:7f:17:36:ee:b6: f0:17:c4:30:48:4f:2a:4e:58:5c:35:e8:25:99:74: ca:21:ac:e5:3f:ff:db:5c:a2:8e:06:e8:0e:ae:4e: 75:6d:7c:c9:fa:33:b2:1d:e2:51:89:88:02:26:9b: f4:ec:3c:5e:95:f6:64:6e:f9:a6:6b:a2:06:c6:d0: 42:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:3D:9A:62:44:12:25:78:C3:A2:28:70:D2:4D:6E:46:D1:FA:B8:48 X509v3 Authority Key Identifier: keyid:D2:5A:04:A0:E4:E5:2F:F4:22:D9:D8:FB:85:7D:23:DC:61:42:E5:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/D25A04A0E4E52FF422D9D8FB857D23DC6142E5FD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:ec:b0:6e:0d:88:e4:40:cc:c7:a7:f1:f8:2c:5a:d9:d4:00: 46:f6:e0:30:2c:b2:48:65:55:83:b1:18:b2:ae:1b:e2:11:0a: 6c:4d:17:7d:5e:1d:c4:20:f6:9f:7f:ee:26:34:67:d6:88:a4: 8c:fe:3a:51:05:ed:0f:f0:e0:bd:27:fc:00:ad:af:1e:76:3f: ca:df:26:7b:22:6c:0f:e8:76:0f:26:a0:b6:cd:f9:e3:79:2c: e8:73:ab:68:40:c9:7d:ec:b0:08:8a:0f:67:91:a1:b7:60:e3: 67:2c:90:fe:c5:e5:72:67:9f:83:c3:91:32:24:ff:b8:47:7d: e3:48:5a:a3:c7:83:dc:21:37:fa:06:d1:fe:6c:28:71:4b:31: 00:54:9f:80:4d:79:f4:8d:de:bd:02:48:a7:68:fe:15:ad:d7: e7:6a:e7:c3:d2:57:d6:8b:c8:91:94:6a:a0:13:cf:14:d4:b6: 92:54:84:8c:a6:58:1d:4a:8a:49:dd:0f:ac:b3:2f:b8:6d:33: a5:37:d3:d8:18:ed:8c:e7:6d:12:e1:5d:e6:35:7a:84:99:1a: 39:8a:c7:a3:a6:23:85:0e:9a:3b:7b:e0:f1:b3:f4:ec:44:38: e1:79:22:26:e6:02:d7:9d:4a:27:9d:b1:2e:fb:83:e0:df:7b: c8:74:35:38 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUF81p2oa3kzGUg0xnZU9cQ1a46eMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDI1QTA0QTBFNEU1MkZGNDIyRDlEOEZCODU3RDIzREM2 MTQyRTVGRDAeFw0yNTExMDIyMjI1NDRaFw0yNTExMDYxMDAzNDRaMDMxMTAvBgNV BAMTKDJFM0Q5QTYyNDQxMjI1NzhDM0EyMjg3MEQyNEQ2RTQ2RDFGQUI4NDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUUS+fD9sw2AAHF2eNnt+dSS70 BpJzZoLiROOEKtgEmv8JxMPCnEP2+JTx+WCqkiqI6mPz7rBHGzthKgNnc2R5mTG+ v/EdRSmfNfI6ShFpUUrsLa21rIVWorvcDtO18wbzjqcz+ddD2ZQQ1Cb7xS1hriYv 4lDgWC5lv/U/wUOm3U9Qro7EC/+NCDyc7xGcx7ZakOvnSxE3naW3r4uqykfeHcwD siE1/w3eZlGFF5CBTVfnf9LCQLzjbRJqpaB/FzbutvAXxDBITypOWFw16CWZdMoh rOU//9tcoo4G6A6uTnVtfMn6M7Id4lGJiAImm/TsPF6V9mRu+aZrogbG0EKhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQULj2aYkQSJXjDoihw0k1uRtH6uEgwHwYDVR0j BBgwFoAU0loEoOTlL/Qi2dj7hX0j3GFC5f0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ZDk1YzE5Yy0zMjYyLTQ4YzctYWYwMi0zN2E4MzVkMGE3NzkvMC9EMjVBMDRBMEU0 RTUyRkY0MjJEOUQ4RkI4NTdEMjNEQzYxNDJFNUZELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDI1QTA0QTBFNEU1MkZGNDIyRDlEOEZCODU3RDIzREM2MTQy RTVGRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmQ5NWMxOWMtMzI2Mi00OGM3LWFm MDItMzdhODM1ZDBhNzc5LzAvRDI1QTA0QTBFNEU1MkZGNDIyRDlEOEZCODU3RDIz REM2MTQyRTVGRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIbssG4NiORAzMen8fgsWtnUAEb24DAsskhl VYOxGLKuG+IRCmxNF31eHcQg9p9/7iY0Z9aIpIz+OlEF7Q/w4L0n/ACtrx52P8rf JnsibA/odg8moLbN+eN5LOhzq2hAyX3ssAiKD2eRobdg42cskP7F5XJnn4PDkTIk /7hHfeNIWqPHg9whN/oG0f5sKHFLMQBUn4BNefSN3r0CSKdo/hWt1+dq58PSV9aL yJGUaqATzxTUtpJUhIymWB1KikndD6yzL7htM6U309gY7YznbRLhXeY1eoSZGjmK x6OmI4UOmjt74PGz9OxEOOF5IibmAtedSiedsS77g+Dfe8h0NTg= -----END CERTIFICATE-----Generated at Wed Nov 5 02:29:47 2025 by rpki-client