$ rpki-client -vvf repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft File: 2D18956397FA6055A44153CABF07303FD6E55E44.mft (raw, json) Hash identifier: dyCQNX2FXgGAZwKNvD42JxIkPEKMS5kh3raUZv0ZwXM= Subject key identifier: 8F:20:1A:BF:7E:CF:63:57:B8:D9:8B:9A:0C:39:60:29:76:BA:99:A7 Authority key identifier: 2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 Certificate issuer: /CN=2D18956397FA6055A44153CABF07303FD6E55E44 Certificate serial: 0A9491AEA0A2408247FFE23D29672970D6F51B6D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft Manifest number: 052A Signing time: Mon 03 Nov 2025 13:42:04 +0000 Manifest this update: Mon 03 Nov 2025 13:37:04 +0000 Manifest next update: Thu 06 Nov 2025 22:22:04 +0000 Files and hashes: 1: 3130332e3135352e3230302e302f32332d3234203d3e20313431303733.roa (hash: LMlg0YtMMAZTGP6EzKXImD6a6ZjUtLMQ+VabkB5A5lc=) 2: 3130332e3135352e3230302e302f32332d3233203d3e20313431303733.roa (hash: 1cZaLW2bYSVuCFR3p6/QnCg+KIF2tEt9ZDlyjUYN2tI=) 3: 2D18956397FA6055A44153CABF07303FD6E55E44.crl (hash: ZA4YeR43Hm1eySCAlUCiMm8OhcC5Q8D/rf2PxCudlJc=) 4: 323430363a373734303a3a2f33322d3332203d3e20313431303733.roa (hash: BilMX6PAfP77Q5Ze/r2bseAvAFYgHI4D9c4hoNAPY/0=) 5: 323430363a373734303a3a2f33322d3438203d3e20313431303733.roa (hash: 9pt7JLtOWMCBsJXp8H1J28V9N/OUvx5VflNai/uQZgc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 22:22:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:94:91:ae:a0:a2:40:82:47:ff:e2:3d:29:67:29:70:d6:f5:1b:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D18956397FA6055A44153CABF07303FD6E55E44 Validity Not Before: Nov 3 13:37:04 2025 GMT Not After : Nov 6 22:22:04 2025 GMT Subject: CN=8F201ABF7ECF6357B8D98B9A0C39602976BA99A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:d9:3c:32:b3:f2:e4:ea:e8:c0:2f:90:a1:7d: 19:2a:df:01:5f:07:9c:b5:f0:7b:c5:f8:a4:53:b4: d9:ac:57:17:7d:2a:80:51:3d:a3:27:c3:bd:aa:7e: c9:53:fa:4f:07:23:79:9f:95:6d:4c:b3:25:49:5e: d0:25:0a:ff:5d:25:31:87:df:12:ce:75:f7:f6:fd: be:eb:a9:24:9b:78:65:c4:8a:83:59:d6:f9:f0:1d: 54:eb:8b:ce:d7:8a:b7:c7:7d:aa:dc:62:12:6a:bf: 53:f0:12:3b:ff:d0:e8:4b:b8:2d:26:45:95:3d:03: c5:6c:20:cd:49:32:b8:8f:ba:42:dd:63:a8:83:87: 23:ba:74:e9:a8:90:6a:1b:2d:8e:f3:7c:e1:a0:b2: 99:13:b2:0a:2b:ce:6f:f6:1a:36:d1:36:58:e9:12: f1:99:80:b4:81:ea:11:ab:b0:ba:ff:bf:8e:fc:68: 4a:8c:69:a2:ee:c7:4d:04:58:b4:64:9a:ee:59:f0: 98:6d:13:f7:43:3e:d4:58:5e:6e:84:67:97:b1:a7: 33:8d:f8:16:90:a9:dc:40:9c:4c:9d:24:3f:aa:50: 72:14:2c:9f:6c:b3:18:42:8e:52:fa:7f:f7:03:5f: 29:a1:50:94:aa:6b:a9:32:34:fc:9b:39:e9:79:b8: 14:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:20:1A:BF:7E:CF:63:57:B8:D9:8B:9A:0C:39:60:29:76:BA:99:A7 X509v3 Authority Key Identifier: keyid:2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:c0:63:2a:fc:00:98:ad:a8:81:a9:d9:c6:b2:f9:7b:a4:b9: 93:39:b0:8a:40:be:d7:a7:4f:05:59:14:25:c7:63:7b:e5:4e: 0b:ee:9c:c7:f9:43:2e:e6:e6:3c:93:ec:47:bb:f4:ab:76:28: b1:c5:17:1a:90:97:65:f4:c8:09:f3:18:e4:64:93:87:2e:e4: 6f:d0:16:60:32:a4:1e:42:4e:00:82:2f:84:e1:86:5a:4c:ba: 97:32:33:f7:df:22:a2:d2:ef:2f:d0:8f:3a:95:0c:82:0d:8a: 09:db:eb:53:00:3f:98:dd:9f:ca:ad:d6:ca:a1:3b:0b:cb:b9: 54:b8:7e:d5:48:8f:ed:81:f2:22:4c:ec:ed:2c:56:7f:7e:55: 59:6d:6f:49:ff:b8:ed:95:af:83:da:85:08:22:37:87:cb:76: ce:2b:b0:37:2e:d0:f0:a0:b0:4f:a7:b6:e6:24:fa:84:5a:c3: 36:0d:c8:16:99:a8:56:9c:bd:9f:23:54:04:86:83:5b:74:f7: 56:39:d3:90:62:e5:62:c2:bb:2f:ff:3b:f7:73:2d:7a:ba:89: 7b:4f:8b:77:f3:39:77:59:6a:49:81:3f:29:f1:fe:67:ef:17: ae:0a:25:67:58:f3:73:22:69:20:ce:fb:11:bf:73:1f:79:c5: a0:fd:78:b5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCpSRrqCiQIJH/+I9KWcpcNb1G20wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZE NkU1NUU0NDAeFw0yNTExMDMxMzM3MDRaFw0yNTExMDYyMjIyMDRaMDMxMTAvBgNV BAMTKDhGMjAxQUJGN0VDRjYzNTdCOEQ5OEI5QTBDMzk2MDI5NzZCQTk5QTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT2Twys/Lk6ujAL5ChfRkq3wFf B5y18HvF+KRTtNmsVxd9KoBRPaMnw72qfslT+k8HI3mflW1MsyVJXtAlCv9dJTGH 3xLOdff2/b7rqSSbeGXEioNZ1vnwHVTri87XirfHfarcYhJqv1PwEjv/0OhLuC0m RZU9A8VsIM1JMriPukLdY6iDhyO6dOmokGobLY7zfOGgspkTsgorzm/2GjbRNljp EvGZgLSB6hGrsLr/v478aEqMaaLux00EWLRkmu5Z8JhtE/dDPtRYXm6EZ5expzON +BaQqdxAnEydJD+qUHIULJ9ssxhCjlL6f/cDXymhUJSqa6kyNPybOel5uBQFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUjyAav37PY1e42YuaDDlgKXa6macwHwYDVR0j BBgwFoAULRiVY5f6YFWkQVPKvwcwP9blXkQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ODU4Zjg1Yy1hNDU4LTRhNTgtYmJkZS00YmZiMzQzZGM0YjAvMC8yRDE4OTU2Mzk3 RkE2MDU1QTQ0MTUzQ0FCRjA3MzAzRkQ2RTU1RTQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZENkU1 NUU0NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDg1OGY4NWMtYTQ1OC00YTU4LWJi ZGUtNGJmYjM0M2RjNGIwLzAvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMw M0ZENkU1NUU0NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHnAYyr8AJitqIGp2cay+XukuZM5sIpAvten TwVZFCXHY3vlTgvunMf5Qy7m5jyT7Ee79Kt2KLHFFxqQl2X0yAnzGORkk4cu5G/Q FmAypB5CTgCCL4ThhlpMupcyM/ffIqLS7y/QjzqVDIINignb61MAP5jdn8qt1sqh OwvLuVS4ftVIj+2B8iJM7O0sVn9+VVltb0n/uO2Vr4PahQgiN4fLds4rsDcu0PCg sE+ntuYk+oRawzYNyBaZqFacvZ8jVASGg1t091Y505Bi5WLCuy//O/dzLXq6iXtP i3fzOXdZakmBPynx/mfvF64KJWdY83MiaSDO+xG/cx95xaD9eLU= -----END CERTIFICATE-----Generated at Tue Nov 4 08:12:34 2025 by rpki-client