$ rpki-client -vvf repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft File: 4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft (raw, json) Hash identifier: TxVG+8HFqS+XHNaC2+bfOwSPRYA/MZbYu21etoKXzDM= Subject key identifier: 6A:EC:8D:85:AB:26:4D:8C:D5:58:BD:92:7B:FF:5E:2C:C3:60:4A:D3 Authority key identifier: 43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57 Certificate issuer: /CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657 Certificate serial: 1DC9CF7ACB9EDEA67CCE033CF01C50D605462971 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft Manifest number: 02F3 Signing time: Mon 03 Nov 2025 17:51:12 +0000 Manifest this update: Mon 03 Nov 2025 17:46:12 +0000 Manifest next update: Fri 07 Nov 2025 01:08:12 +0000 Files and hashes: 1: 3130332e3137362e39362e302f32332d3233203d3e20313437313331.roa (hash: RvlNgfW0J+bVY7d2yjeoXrc2sRB1/6Dnvn34DHTz4kU=) 2: 3130332e3137362e39362e302f32342d3234203d3e20313437313331.roa (hash: omt0on/osncWzWrbGIk75aVtn8fXGKFlF84iedQ76S8=) 3: 4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl (hash: cMVH0f/tkYbtcvtmqFSMRsLXUD1MCXAIEf/cE9wjmd0=) 4: 3130332e3137362e39372e302f32342d3234203d3e20313437313331.roa (hash: gcQbwwcsgWLto/MeqdtpULkQCdJ/hBMpFsyWHdzWTU8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 01:08:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:c9:cf:7a:cb:9e:de:a6:7c:ce:03:3c:f0:1c:50:d6:05:46:29:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657 Validity Not Before: Nov 3 17:46:12 2025 GMT Not After : Nov 7 01:08:12 2025 GMT Subject: CN=6AEC8D85AB264D8CD558BD927BFF5E2CC3604AD3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:5d:54:7f:d9:04:ba:72:f2:05:39:c6:6f:87: 34:92:6e:06:bf:59:47:92:d9:c7:ed:30:fe:f9:00: 00:97:f0:cf:eb:da:de:9a:d3:90:10:a0:8b:2c:0b: 15:f2:8d:b4:d9:b0:ff:d8:35:14:30:35:f0:f3:1c: d6:94:bd:00:a8:d7:d6:4f:63:cf:e3:45:26:62:1e: 3a:66:bc:8f:8a:08:df:86:aa:b5:d4:f4:f6:75:66: 22:c5:2c:06:ac:05:01:4c:12:ea:ab:9c:fc:44:6d: 5d:8b:e1:32:56:a7:f6:01:4b:9e:0e:f3:8e:a8:77: 6f:b5:a4:07:c7:58:59:f4:7d:51:52:3f:76:83:3c: 4e:ca:a9:5f:99:d6:6d:50:c9:22:b6:31:12:c3:1b: 49:a3:b1:48:b2:29:46:1f:c9:f8:79:44:f2:27:65: 94:e0:aa:bd:e9:3a:5b:b2:10:45:00:ea:b4:54:ae: 24:59:88:fe:b6:ff:4c:13:4d:41:6a:1b:9f:07:93: 15:a5:5e:78:d5:17:fe:1e:6d:b1:35:d9:e6:13:ef: dc:60:59:42:f3:5c:09:d0:71:9d:0c:c9:58:be:dc: 76:46:0f:a2:bf:f1:aa:9c:90:f1:aa:7d:a9:43:2e: 78:ca:34:bc:54:3f:24:13:9c:3c:1b:c4:37:57:e1: 56:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:EC:8D:85:AB:26:4D:8C:D5:58:BD:92:7B:FF:5E:2C:C3:60:4A:D3 X509v3 Authority Key Identifier: keyid:43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:89:8e:d5:67:80:d5:0a:60:29:ff:0e:35:ee:ca:88:55:ee: ad:d9:2e:15:9d:75:13:e5:e0:fe:fa:30:79:d7:06:ff:88:02: e8:ba:e5:70:2d:2c:ca:e8:bd:03:44:b1:7e:25:dd:96:5d:c0: f0:a6:d8:e2:ad:4f:ab:a1:37:b4:cd:19:c4:31:26:64:f2:b9: fa:4d:1a:5a:38:39:89:07:27:9a:b6:a4:e3:ca:99:22:2b:2f: b0:f7:c2:04:50:a7:89:0d:ec:5b:13:56:a0:64:4a:12:04:0d: ea:e3:1e:9a:46:5d:11:c8:6f:37:43:30:74:96:46:8e:81:bb: 0e:02:65:07:d5:d0:69:40:e4:ae:ee:8c:8e:f8:54:59:e0:55: 9a:b6:3c:84:b2:52:8d:8c:96:91:6e:04:2e:16:04:3e:06:12: 06:33:97:77:e0:8d:8f:ad:5e:6a:6c:ae:c8:f6:50:94:de:41: 34:d4:09:a2:88:7d:94:3b:f9:a7:06:45:b2:92:d3:e2:c9:94: d6:ad:67:48:e8:30:31:71:3f:91:03:aa:5f:1f:1c:e1:42:eb: 64:b7:63:bc:57:36:59:3c:21:90:ae:bb:4f:be:77:ab:ea:65: 82:d4:62:0e:0b:16:fc:ff:28:c6:0c:9f:a0:dd:aa:ea:6b:17: ab:0b:45:9b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUHcnPesue3qZ8zgM88BxQ1gVGKXEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVF MzdCQjY1NzAeFw0yNTExMDMxNzQ2MTJaFw0yNTExMDcwMTA4MTJaMDMxMTAvBgNV BAMTKDZBRUM4RDg1QUIyNjREOENENTU4QkQ5MjdCRkY1RTJDQzM2MDRBRDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdXVR/2QS6cvIFOcZvhzSSbga/ WUeS2cftMP75AACX8M/r2t6a05AQoIssCxXyjbTZsP/YNRQwNfDzHNaUvQCo19ZP Y8/jRSZiHjpmvI+KCN+GqrXU9PZ1ZiLFLAasBQFMEuqrnPxEbV2L4TJWp/YBS54O 846od2+1pAfHWFn0fVFSP3aDPE7KqV+Z1m1QySK2MRLDG0mjsUiyKUYfyfh5RPIn ZZTgqr3pOluyEEUA6rRUriRZiP62/0wTTUFqG58HkxWlXnjVF/4ebbE12eYT79xg WULzXAnQcZ0MyVi+3HZGD6K/8aqckPGqfalDLnjKNLxUPyQTnDwbxDdX4VZjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUauyNhasmTYzVWL2Se/9eLMNgStMwHwYDVR0j BBgwFoAUQzfp/5Ggy2XOHrj662EI9eN7tlcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 YzM0ZGMzZi0zMDhmLTRkZTEtYTM2NS03MDFiZDljZjEwMDQvMC80MzM3RTlGRjkx QTBDQjY1Q0UxRUI4RkFFQjYxMDhGNUUzN0JCNjU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVFMzdC QjY1Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWMzNGRjM2YtMzA4Zi00ZGUxLWEz NjUtNzAxYmQ5Y2YxMDA0LzAvNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4 RjVFMzdCQjY1Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGOJjtVngNUKYCn/DjXuyohV7q3ZLhWddRPl 4P76MHnXBv+IAui65XAtLMrovQNEsX4l3ZZdwPCm2OKtT6uhN7TNGcQxJmTyufpN Glo4OYkHJ5q2pOPKmSIrL7D3wgRQp4kN7FsTVqBkShIEDerjHppGXRHIbzdDMHSW Ro6Buw4CZQfV0GlA5K7ujI74VFngVZq2PISyUo2MlpFuBC4WBD4GEgYzl3fgjY+t Xmpsrsj2UJTeQTTUCaKIfZQ7+acGRbKS0+LJlNatZ0joMDFxP5EDql8fHOFC62S3 Y7xXNlk8IZCuu0++d6vqZYLUYg4LFvz/KMYMn6DdquprF6sLRZs= -----END CERTIFICATE-----Generated at Wed Nov 5 09:35:32 2025 by rpki-client