$ rpki-client -vvf repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.mft File: 2CCC85BF6CCD365701EFA75EE416D234F861385B.mft (raw, json) Hash identifier: MEyCCTg+ULEEgaSYNZNTT3tFygALcnVpMb9E/GgRyuk= Subject key identifier: 55:CB:5E:DF:E1:94:13:E4:09:0F:55:BE:53:42:13:0F:D9:43:60:63 Authority key identifier: 2C:CC:85:BF:6C:CD:36:57:01:EF:A7:5E:E4:16:D2:34:F8:61:38:5B Certificate issuer: /CN=2CCC85BF6CCD365701EFA75EE416D234F861385B Certificate serial: 21A8E74173FE11CC962CCC0BECB7C62CA4B4EA20 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2CCC85BF6CCD365701EFA75EE416D234F861385B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.mft Manifest number: D2 Signing time: Tue 04 Nov 2025 12:52:14 +0000 Manifest this update: Tue 04 Nov 2025 12:47:14 +0000 Manifest next update: Fri 07 Nov 2025 17:02:14 +0000 Files and hashes: 1: 3136302e32352e3231382e302f32342d3234203d3e20313533303836.roa (hash: 8n7ggoSZj8jJnFz6/yug05Kf9QPxel8FaCv3JxdKJhk=) 2: 2CCC85BF6CCD365701EFA75EE416D234F861385B.crl (hash: 4k96s1y20F6jD2knHft+Bbys3lVZCcrswoqe21siNe0=) 3: 3136302e32352e3231392e302f32342d3234203d3e20313533303836.roa (hash: uxK7UAyx9SPI/sYZC+vqWCKSgnZeXgqAqFmQ+2Jnazc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.crl rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2CCC85BF6CCD365701EFA75EE416D234F861385B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:a8:e7:41:73:fe:11:cc:96:2c:cc:0b:ec:b7:c6:2c:a4:b4:ea:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CCC85BF6CCD365701EFA75EE416D234F861385B Validity Not Before: Nov 4 12:47:14 2025 GMT Not After : Nov 7 17:02:14 2025 GMT Subject: CN=55CB5EDFE19413E4090F55BE5342130FD9436063 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:af:46:52:01:38:2c:0c:48:93:11:f0:7b:9d: 60:ef:81:ec:48:cd:3b:b4:43:1b:37:a3:95:22:9e: f1:94:c8:fe:59:81:05:94:dd:a7:c9:05:3c:36:aa: d7:5f:b7:b5:52:bf:60:89:50:8b:2d:7d:c9:e3:74: 96:3b:74:2f:0f:6a:c1:ff:6b:07:55:0f:a8:e6:27: ca:38:03:f5:4c:08:55:33:fc:0b:b0:e2:88:95:83: 34:3b:48:34:ea:e4:a4:ed:18:7b:9b:93:8c:97:f1: 60:e9:c6:eb:43:42:d8:6d:20:35:74:29:0c:01:8d: f2:9b:11:7e:cb:71:ee:b4:61:05:77:59:01:e2:94: 9a:47:7c:35:99:f0:79:eb:bf:0a:1d:57:e2:c6:c0: 70:ff:da:2c:72:1b:07:ab:b5:a6:31:e4:46:1a:e0: 87:2e:61:bf:49:c0:b6:73:b3:74:36:f9:2b:38:c5: 06:55:ad:35:c9:d6:9d:d4:49:dc:55:01:76:52:18: 93:95:e0:35:f7:88:51:49:8b:6d:08:2e:1d:c8:dc: 25:9e:d7:3b:6c:ea:50:30:a0:00:86:18:da:e2:34: 71:9e:ab:66:57:2d:ed:1a:0a:3e:e7:77:73:c4:11: d7:ac:57:0c:fb:15:0c:cc:1d:09:32:81:59:a5:62: 50:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:CB:5E:DF:E1:94:13:E4:09:0F:55:BE:53:42:13:0F:D9:43:60:63 X509v3 Authority Key Identifier: keyid:2C:CC:85:BF:6C:CD:36:57:01:EF:A7:5E:E4:16:D2:34:F8:61:38:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2CCC85BF6CCD365701EFA75EE416D234F861385B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bb:5c:62:e3:02:9f:5a:f3:43:56:1c:a0:49:28:79:8f:cd:1a: 03:f1:7f:9c:b5:7c:ee:c3:0c:c9:c6:0d:43:a4:78:ab:1d:48: 51:eb:5f:c0:66:68:45:3f:17:8a:b9:24:7b:7e:63:04:7b:52: 26:85:c3:99:59:02:4a:fa:e5:bf:b7:82:66:74:e1:f8:58:7f: 8b:77:be:ac:e2:37:51:7d:a7:43:27:5a:4a:4f:49:a4:db:33: 23:47:ce:86:5e:58:fd:3b:c2:c4:2e:ba:28:84:a0:b4:73:0e: 99:64:17:3c:1d:52:81:40:d9:28:db:4a:d8:fe:fe:49:1f:0f: 3c:a1:da:8a:d8:55:eb:2a:88:45:3a:99:64:53:da:b2:bc:cb: 3c:a6:f6:1d:0e:a0:8f:76:80:e4:f6:89:b0:7d:3a:51:19:fa: 42:25:6a:68:cf:5e:a0:f3:bc:c9:fb:dc:1a:6e:c6:83:d4:81: ec:b4:fe:fe:8a:84:25:ba:94:b6:43:db:5e:f4:f7:90:f5:7a: 5f:11:37:3f:18:3d:83:32:51:ef:fa:48:97:ac:39:38:72:e2: fb:d0:b3:90:1a:e1:da:91:21:02:3c:51:f2:d9:50:d4:68:c5: d9:34:60:a1:04:fc:17:ff:a4:b2:e1:d2:fc:98:a0:9f:b9:6a: fe:9a:1b:3d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIajnQXP+EcyWLMwL7LfGLKS06iAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkNDQzg1QkY2Q0NEMzY1NzAxRUZBNzVFRTQxNkQyMzRG ODYxMzg1QjAeFw0yNTExMDQxMjQ3MTRaFw0yNTExMDcxNzAyMTRaMDMxMTAvBgNV BAMTKDU1Q0I1RURGRTE5NDEzRTQwOTBGNTVCRTUzNDIxMzBGRDk0MzYwNjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkr0ZSATgsDEiTEfB7nWDvgexI zTu0Qxs3o5UinvGUyP5ZgQWU3afJBTw2qtdft7VSv2CJUIstfcnjdJY7dC8PasH/ awdVD6jmJ8o4A/VMCFUz/Auw4oiVgzQ7SDTq5KTtGHubk4yX8WDpxutDQthtIDV0 KQwBjfKbEX7Lce60YQV3WQHilJpHfDWZ8HnrvwodV+LGwHD/2ixyGwertaYx5EYa 4IcuYb9JwLZzs3Q2+Ss4xQZVrTXJ1p3USdxVAXZSGJOV4DX3iFFJi20ILh3I3CWe 1zts6lAwoACGGNriNHGeq2ZXLe0aCj7nd3PEEdesVwz7FQzMHQkygVmlYlB9AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUVcte3+GUE+QJD1W+U0ITD9lDYGMwHwYDVR0j BBgwFoAULMyFv2zNNlcB76de5BbSNPhhOFswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YWYwN2YxOC01YzQ5LTQxMjktYWE1My03MDg1Y2NkNTdiNjMvMC8yQ0NDODVCRjZD Q0QzNjU3MDFFRkE3NUVFNDE2RDIzNEY4NjEzODVCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMkNDQzg1QkY2Q0NEMzY1NzAxRUZBNzVFRTQxNkQyMzRGODYx Mzg1Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2FmMDdmMTgtNWM0OS00MTI5LWFh NTMtNzA4NWNjZDU3YjYzLzAvMkNDQzg1QkY2Q0NEMzY1NzAxRUZBNzVFRTQxNkQy MzRGODYxMzg1Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALtcYuMCn1rzQ1YcoEkoeY/NGgPxf5y1fO7D DMnGDUOkeKsdSFHrX8BmaEU/F4q5JHt+YwR7UiaFw5lZAkr65b+3gmZ04fhYf4t3 vqziN1F9p0MnWkpPSaTbMyNHzoZeWP07wsQuuiiEoLRzDplkFzwdUoFA2SjbStj+ /kkfDzyh2orYVesqiEU6mWRT2rK8yzym9h0OoI92gOT2ibB9OlEZ+kIlamjPXqDz vMn73BpuxoPUgey0/v6KhCW6lLZD217095D1el8RNz8YPYMyUe/6SJesOThy4vvQ s5Aa4dqRIQI8UfLZUNRoxdk0YKEE/Bf/pLLh0vyYoJ+5av6aGz0= -----END CERTIFICATE-----Generated at Wed Nov 5 04:45:57 2025 by rpki-client