$ rpki-client -vvf repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft File: 2858C74CC23A557C73F59051B7FE8638AA491C94.mft (raw, json) Hash identifier: 8HZZTGHn2ofxR576RenWQNxOKA9JZh9X+vqnAlnjTv4= Subject key identifier: 5E:F5:98:E7:2B:E7:5A:C3:70:F2:C3:1D:03:89:77:72:B1:45:B4:05 Authority key identifier: 28:58:C7:4C:C2:3A:55:7C:73:F5:90:51:B7:FE:86:38:AA:49:1C:94 Certificate issuer: /CN=2858C74CC23A557C73F59051B7FE8638AA491C94 Certificate serial: 406C2833C96A0FDCCB215DB19AD8ACA6C62E881B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer Subject info access: rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft Manifest number: 33 Signing time: Thu 06 Nov 2025 19:21:27 +0000 Manifest this update: Thu 06 Nov 2025 19:16:27 +0000 Manifest next update: Mon 10 Nov 2025 01:56:27 +0000 Files and hashes: 1: 2858C74CC23A557C73F59051B7FE8638AA491C94.crl (hash: 6AFQwJHxCLqymAyA0M4v7aZ+2fmfxcQYLF1YyqMO0/I=) 2: 323430303a366632303a353a3a2f34382d3438203d3e20313333383039.roa (hash: KGGUUPJetYRovMai9BvuYsEqHu8TgW6bYg4Sm8JWJcg=) 3: 323430303a366632303a3a2f33322d3438203d3e20313333383039.roa (hash: 8MTe8KcDcB0X2kj+3dmF5RSp4lHPV4hialaox1IdvHk=) 4: 3130332e35302e3132382e302f32322d3234203d3e20313333383039.roa (hash: IB02l7aeS1Ctr7m+n8ymFsmUvTLgjo3obFTTz15X/C8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.crl rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:56:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:6c:28:33:c9:6a:0f:dc:cb:21:5d:b1:9a:d8:ac:a6:c6:2e:88:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2858C74CC23A557C73F59051B7FE8638AA491C94 Validity Not Before: Nov 6 19:16:27 2025 GMT Not After : Nov 10 01:56:27 2025 GMT Subject: CN=5EF598E72BE75AC370F2C31D03897772B145B405 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:9d:e2:2d:64:4c:58:63:a1:b1:d9:43:26:8f: 20:2a:84:52:34:3f:df:f1:a8:23:36:a8:3b:d7:3e: 84:2a:d4:32:57:3e:c7:02:1e:98:81:ff:00:7f:34: 47:9d:bf:0d:3f:55:b0:79:07:32:e8:31:36:be:fd: 5b:c5:d5:18:cc:2c:c3:87:ca:d0:e2:44:f9:20:45: 14:cc:2f:62:56:e5:54:54:5a:98:64:fb:8c:f9:fc: 73:5f:37:00:4e:37:84:ab:bf:eb:bd:d5:2b:49:3b: 50:8d:43:9b:aa:2b:72:f6:80:38:cf:84:9f:51:1c: 9e:20:99:74:94:e4:74:0e:d9:2a:0c:5f:00:f6:3f: ad:7c:6f:29:23:1a:9a:64:f1:36:e4:78:44:94:04: e0:27:6c:1b:2b:60:3f:27:13:5c:a7:d8:10:92:a9: 38:0b:8e:b5:4d:72:da:4e:be:cc:33:6f:9f:81:1e: 72:94:d3:34:2d:01:58:45:05:ba:06:d5:ea:a4:50: aa:58:4c:80:1f:3f:d9:ff:d8:b4:7a:66:b9:66:9c: 2f:9d:0f:d9:37:f4:d3:7a:46:3e:1d:5f:ff:5f:34: 49:a0:0f:a7:98:0e:5b:d9:ef:f1:2d:60:c6:b9:e2: 37:d6:a9:ce:98:76:6e:b4:1c:92:0c:77:98:3a:ec: a3:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:F5:98:E7:2B:E7:5A:C3:70:F2:C3:1D:03:89:77:72:B1:45:B4:05 X509v3 Authority Key Identifier: keyid:28:58:C7:4C:C2:3A:55:7C:73:F5:90:51:B7:FE:86:38:AA:49:1C:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:36:cb:2b:be:8f:9b:0b:5c:dd:c1:af:b2:bf:08:f3:39:0e: 7f:c0:18:00:fa:14:e2:d3:57:c5:c0:c4:e2:69:1d:f3:25:41: 80:13:d0:e4:3a:2b:2b:15:7d:d8:15:d4:a4:1a:86:f7:f4:12: 12:14:9f:29:51:5f:c7:48:91:64:79:a0:1e:af:24:db:be:4a: b9:e7:1d:12:22:ed:d0:92:35:32:12:78:35:c7:b2:a2:54:99: 83:35:a3:3c:16:03:16:5b:63:43:5f:79:5d:aa:7b:e2:e9:3f: b4:e3:34:11:60:58:10:f9:d9:b9:f3:9e:d0:a2:9e:83:0d:9e: 12:24:2c:2a:41:4c:fc:0e:26:46:77:66:03:8c:43:f0:e3:f4: c9:14:f7:67:36:10:b4:e7:df:1e:18:a3:26:47:d7:6b:f1:28: c7:ef:e1:6f:e3:48:2e:9a:4b:8b:04:93:1f:67:ae:d7:c2:69: 9f:3d:2e:cb:bd:97:51:94:ee:2d:64:19:05:21:16:7a:2b:58: ab:fb:dd:b9:58:d4:56:e0:aa:7f:c5:8c:bb:bb:b4:57:16:c4: 6b:a5:1a:d9:0f:24:17:58:94:94:0a:35:6f:43:c9:56:11:15: 8a:b8:bc:e9:cb:c5:5e:a7:a3:7e:68:02:59:6a:b3:39:4b:d4: 2f:ae:69:c7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQGwoM8lqD9zLIV2xmtispsYuiBswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2MzhB QTQ5MUM5NDAeFw0yNTExMDYxOTE2MjdaFw0yNTExMTAwMTU2MjdaMDMxMTAvBgNV BAMTKDVFRjU5OEU3MkJFNzVBQzM3MEYyQzMxRDAzODk3NzcyQjE0NUI0MDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsneItZExYY6Gx2UMmjyAqhFI0 P9/xqCM2qDvXPoQq1DJXPscCHpiB/wB/NEedvw0/VbB5BzLoMTa+/VvF1RjMLMOH ytDiRPkgRRTML2JW5VRUWphk+4z5/HNfNwBON4Srv+u91StJO1CNQ5uqK3L2gDjP hJ9RHJ4gmXSU5HQO2SoMXwD2P618bykjGppk8TbkeESUBOAnbBsrYD8nE1yn2BCS qTgLjrVNctpOvswzb5+BHnKU0zQtAVhFBboG1eqkUKpYTIAfP9n/2LR6ZrlmnC+d D9k39NN6Rj4dX/9fNEmgD6eYDlvZ7/EtYMa54jfWqc6Ydm60HJIMd5g67KOTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUXvWY5yvnWsNw8sMdA4l3crFFtAUwHwYDVR0j BBgwFoAUKFjHTMI6VXxz9ZBRt/6GOKpJHJQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 OWNlZjhiMC1iYTY0LTRjMGMtOGRlOC0xZjUwYTg1ZDVmZGUvMC8yODU4Qzc0Q0My M0E1NTdDNzNGNTkwNTFCN0ZFODYzOEFBNDkxQzk0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2MzhBQTQ5 MUM5NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTljZWY4YjAtYmE2NC00YzBjLThk ZTgtMWY1MGE4NWQ1ZmRlLzAvMjg1OEM3NENDMjNBNTU3QzczRjU5MDUxQjdGRTg2 MzhBQTQ5MUM5NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADc2yyu+j5sLXN3Br7K/CPM5Dn/AGAD6FOLT V8XAxOJpHfMlQYAT0OQ6KysVfdgV1KQahvf0EhIUnylRX8dIkWR5oB6vJNu+Srnn HRIi7dCSNTISeDXHsqJUmYM1ozwWAxZbY0NfeV2qe+LpP7TjNBFgWBD52bnzntCi noMNnhIkLCpBTPwOJkZ3ZgOMQ/Dj9MkU92c2ELTn3x4YoyZH12vxKMfv4W/jSC6a S4sEkx9nrtfCaZ89Lsu9l1GU7i1kGQUhFnorWKv73blY1Fbgqn/FjLu7tFcWxGul GtkPJBdYlJQKNW9DyVYRFYq4vOnLxV6no35oAllqszlL1C+uacc= -----END CERTIFICATE-----Generated at Fri Nov 7 16:44:36 2025 by rpki-client