$ rpki-client -vvf repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.mft File: 28351380A86044778274FC7CEC0F116CF3B3CA39.mft (raw, json) Hash identifier: 8Y2WYIM9kNV6Ou0eWV4uCG9QV37mwlD0aVvNRKBn/wQ= Subject key identifier: A0:E3:40:6E:1F:95:D7:C6:DA:3B:E2:C4:AE:B5:AE:10:D9:A4:BB:9B Authority key identifier: 28:35:13:80:A8:60:44:77:82:74:FC:7C:EC:0F:11:6C:F3:B3:CA:39 Certificate issuer: /CN=28351380A86044778274FC7CEC0F116CF3B3CA39 Certificate serial: 3E60195363B7AB271E233D9F7B8D3A6CA8D95E59 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28351380A86044778274FC7CEC0F116CF3B3CA39.cer Subject info access: rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.mft Manifest number: 0520 Signing time: Tue 04 Nov 2025 17:30:45 +0000 Manifest this update: Tue 04 Nov 2025 17:25:45 +0000 Manifest next update: Fri 07 Nov 2025 22:33:45 +0000 Files and hashes: 1: 3230332e38302e31322e302f32342d3234203d3e203234323034.roa (hash: iP5DwSyfUL5exxyNjMDQ+1fcb6ngK3/LzByJJLI9xyw=) 2: 3230332e38302e31332e302f32342d3234203d3e203234323034.roa (hash: OqfsOYg/HuhRheOY7XtpBvVh7Zqp58h+Rj/M/YaFZNI=) 3: 3230332e38302e31342e302f32342d3234203d3e203234323034.roa (hash: meqQFV3Ai00Xi6pHJ24Fpc5SOLYd2Ucdi8hBuOG/mOI=) 4: 3230332e38302e31312e302f32342d3234203d3e203234323034.roa (hash: wP5JcTumZVhD5RKTIHW84jMQLqPiyj2qPNYzd9k1ZOs=) 5: 3230332e38302e31352e302f32342d3234203d3e203234323034.roa (hash: +tRBG8B/+C8vTbXJTWqe0liAiPTh4alenhwEBf60dxs=) 6: 3230332e38302e382e302f32342d3234203d3e203234323034.roa (hash: WygMqvrzr917+KMa/vGo8fQyT0ctkaWPjHAmxb/T5Js=) 7: 28351380A86044778274FC7CEC0F116CF3B3CA39.crl (hash: /EslmPhc4bDMLZMYVf1T545JC9kzJIpk5S5PZPVUxMo=) 8: 323430353a386530303a3a2f33322d3332203d3e203234323034.roa (hash: qKSq3uz3mAbrZSzfHP44tJYlF6gqnOloWG4wyUGOKH8=) 9: 3230332e38302e392e302f32342d3234203d3e203234323034.roa (hash: D4SmgWinw2uDnNDHY1kT9jgep4MItUVn6E6KY3uTDIU=) 10: 3230332e38302e31302e302f32342d3234203d3e203234323034.roa (hash: GDVJSN1CaQCPhQqR3FRWg5swzCjmjmNit8vMHebzfag=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.crl rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28351380A86044778274FC7CEC0F116CF3B3CA39.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 13:50:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:60:19:53:63:b7:ab:27:1e:23:3d:9f:7b:8d:3a:6c:a8:d9:5e:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28351380A86044778274FC7CEC0F116CF3B3CA39 Validity Not Before: Nov 4 17:25:45 2025 GMT Not After : Nov 7 22:33:45 2025 GMT Subject: CN=A0E3406E1F95D7C6DA3BE2C4AEB5AE10D9A4BB9B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:62:11:01:5a:73:84:fe:93:50:b7:04:dc:83: 57:c3:aa:59:1f:2f:a7:80:0f:14:33:d5:40:d4:a0: 35:4e:8e:21:26:d8:de:9f:39:df:7e:dc:76:42:cf: e3:08:d3:60:8a:cb:f4:1a:a5:f1:56:e5:1d:a0:1d: b0:6b:6f:a1:0b:7a:5b:42:b8:cb:16:2a:fb:24:4e: 50:54:b6:d2:f2:8d:c0:da:da:60:17:21:95:6a:83: 34:b2:04:55:48:8b:89:99:c3:02:f8:e9:60:90:9b: 1c:68:c6:2d:08:91:23:00:63:6b:2c:7a:66:7d:2a: 7a:ae:d0:ec:d3:27:c9:a1:c6:26:c9:a9:c1:ed:44: ff:f1:91:fb:c5:44:46:a6:36:1a:d1:d6:d8:97:80: e0:9d:ac:f2:53:de:10:8d:7e:8c:94:b0:b1:8b:6b: 9a:2f:f5:23:a0:83:52:65:95:82:eb:51:e4:2c:be: 95:57:0d:3e:39:26:1c:de:d1:cf:92:63:53:1b:4b: 53:5d:08:05:a0:68:d5:11:d8:86:8b:f2:81:83:d7: aa:97:c0:71:d0:d8:90:69:f5:b7:e2:cd:47:5c:45: 2c:89:cf:12:3b:16:d3:25:c4:83:79:d9:00:43:d9: 91:cc:e6:bb:72:21:eb:44:33:a2:ee:5c:7a:03:3b: 2b:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:E3:40:6E:1F:95:D7:C6:DA:3B:E2:C4:AE:B5:AE:10:D9:A4:BB:9B X509v3 Authority Key Identifier: keyid:28:35:13:80:A8:60:44:77:82:74:FC:7C:EC:0F:11:6C:F3:B3:CA:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28351380A86044778274FC7CEC0F116CF3B3CA39.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:b0:ae:94:11:3b:15:5f:dc:1d:ea:e1:21:ac:d1:2a:a0:b2: 55:84:a8:29:e6:34:26:c8:e0:22:e2:53:b6:78:72:c7:ba:51: 47:83:05:a5:88:92:24:7f:98:4b:fc:e9:48:ea:d4:49:a4:66: 0d:f7:f6:d0:a2:28:dc:52:ed:b0:ae:14:c0:ed:c9:7c:53:76: 94:b5:9f:86:05:9a:dd:70:dd:c6:9d:f1:f0:b4:9e:82:de:7c: ef:2c:a0:6b:89:26:b0:18:0b:2e:da:12:2e:fd:ac:7d:1e:e6: 97:83:71:10:18:89:f2:50:93:a3:cf:2e:34:9a:54:1f:44:f1: f4:36:0e:a7:c8:f0:f1:33:80:eb:ac:9a:c5:b6:cc:49:21:7c: 62:c9:9f:15:5f:1a:51:73:59:c3:6c:d2:68:b0:9d:7b:8b:72: b7:34:26:ac:23:c4:46:7f:bd:91:73:d9:d4:4d:46:b3:ea:de: 3b:b7:78:39:22:46:5a:90:3c:1d:2f:f0:5d:c9:c1:47:7e:1e: 7b:23:99:e7:d5:b3:69:68:1f:d8:59:30:c8:56:72:75:f7:71: cd:50:0a:45:b6:34:39:0c:ef:5f:1b:fe:6a:1c:19:b5:3a:97: cb:57:65:61:46:ec:64:2e:dd:2b:60:fa:b3:b0:e7:6d:39:46: a6:2e:54:a6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPmAZU2O3qyceIz2fe406bKjZXlkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjgzNTEzODBBODYwNDQ3NzgyNzRGQzdDRUMwRjExNkNG M0IzQ0EzOTAeFw0yNTExMDQxNzI1NDVaFw0yNTExMDcyMjMzNDVaMDMxMTAvBgNV BAMTKEEwRTM0MDZFMUY5NUQ3QzZEQTNCRTJDNEFFQjVBRTEwRDlBNEJCOUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZYhEBWnOE/pNQtwTcg1fDqlkf L6eADxQz1UDUoDVOjiEm2N6fOd9+3HZCz+MI02CKy/QapfFW5R2gHbBrb6ELeltC uMsWKvskTlBUttLyjcDa2mAXIZVqgzSyBFVIi4mZwwL46WCQmxxoxi0IkSMAY2ss emZ9Knqu0OzTJ8mhxibJqcHtRP/xkfvFREamNhrR1tiXgOCdrPJT3hCNfoyUsLGL a5ov9SOgg1JllYLrUeQsvpVXDT45Jhze0c+SY1MbS1NdCAWgaNUR2IaL8oGD16qX wHHQ2JBp9bfizUdcRSyJzxI7FtMlxIN52QBD2ZHM5rtyIetEM6LuXHoDOyspAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUoONAbh+V18baO+LErrWuENmku5swHwYDVR0j BBgwFoAUKDUTgKhgRHeCdPx87A8RbPOzyjkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 MjRhOTEwNS04ZDJhLTRiMzgtYTZhZS0wNWVhZDY5NzE5YTMvMC8yODM1MTM4MEE4 NjA0NDc3ODI3NEZDN0NFQzBGMTE2Q0YzQjNDQTM5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjgzNTEzODBBODYwNDQ3NzgyNzRGQzdDRUMwRjExNkNGM0Iz Q0EzOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTI0YTkxMDUtOGQyYS00YjM4LWE2 YWUtMDVlYWQ2OTcxOWEzLzAvMjgzNTEzODBBODYwNDQ3NzgyNzRGQzdDRUMwRjEx NkNGM0IzQ0EzOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAE+wrpQROxVf3B3q4SGs0SqgslWEqCnmNCbI 4CLiU7Z4cse6UUeDBaWIkiR/mEv86Ujq1EmkZg339tCiKNxS7bCuFMDtyXxTdpS1 n4YFmt1w3cad8fC0noLefO8soGuJJrAYCy7aEi79rH0e5peDcRAYifJQk6PPLjSa VB9E8fQ2DqfI8PEzgOusmsW2zEkhfGLJnxVfGlFzWcNs0miwnXuLcrc0JqwjxEZ/ vZFz2dRNRrPq3ju3eDkiRlqQPB0v8F3JwUd+HnsjmefVs2loH9hZMMhWcnX3cc1Q CkW2NDkM718b/mocGbU6l8tXZWFG7GQu3Stg+rOw5205RqYuVKY= -----END CERTIFICATE-----Generated at Wed Nov 5 00:21:53 2025 by rpki-client