$ rpki-client -vvf repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft File: D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft (raw, json) Hash identifier: PvOUQUNnu3OjHttA0Tld6M3zDJx5PKkCQRKmi5MRX+Y= Subject key identifier: 74:0C:C9:17:98:52:68:A1:D8:F7:9C:98:A8:AE:DB:B5:7E:0D:E7:EF Authority key identifier: D0:FF:6F:09:3D:0D:EA:FB:5C:B4:2A:93:43:3F:A2:39:C9:03:EA:C0 Certificate issuer: /CN=D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0 Certificate serial: 6D724AECE69518BD3C985E62EAAAB8483986B480 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft Manifest number: 021A Signing time: Mon 03 Nov 2025 18:41:52 +0000 Manifest this update: Mon 03 Nov 2025 18:36:52 +0000 Manifest next update: Fri 07 Nov 2025 02:53:52 +0000 Files and hashes: 1: 3130332e3136312e3230322e302f32332d3234203d3e203338333230.roa (hash: BdsS4s7jPHig7lZYR1kjJB8vTutisx05tJ8qnuC/vHI=) 2: D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.crl (hash: KuBKpo53iWByGYUf2pWUtVhQbqDPEzglfeNKCsI3FZo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.crl rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 02:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:72:4a:ec:e6:95:18:bd:3c:98:5e:62:ea:aa:b8:48:39:86:b4:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0 Validity Not Before: Nov 3 18:36:52 2025 GMT Not After : Nov 7 02:53:52 2025 GMT Subject: CN=740CC917985268A1D8F79C98A8AEDBB57E0DE7EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:aa:b3:46:6c:3e:f1:4c:56:4b:8a:52:86:27: 9c:1c:5c:4a:4f:ba:a4:e2:39:4a:37:92:35:fa:0b: b4:fd:10:e9:6a:8b:27:77:12:c6:e9:b8:ff:c0:b4: 88:b5:3c:1c:ee:85:0a:20:0d:b2:32:58:f1:97:cb: b7:04:f8:02:86:b6:17:c1:82:c9:30:6f:43:8a:e7: b6:b9:6a:f1:5c:29:2a:fd:38:0b:af:1a:d7:32:1b: ea:ac:c6:0e:d1:50:9f:86:50:e0:86:34:1f:b1:22: e2:9a:e2:76:e6:54:ae:e7:45:bb:dd:ee:53:0b:11: 94:1e:94:a7:71:4f:8c:9a:83:30:2b:77:ec:14:07: c5:c1:fc:f8:db:25:3d:9e:d8:d9:d0:72:cd:db:46: 8a:bb:99:87:72:40:ad:7d:4e:04:db:e3:58:7f:62: 70:31:be:de:48:9f:52:e9:bb:43:0f:6c:e9:bd:49: 5b:4a:e4:1a:1b:7b:34:15:94:ec:f0:80:b0:7f:52: 7e:8e:05:1e:a3:b9:a5:aa:ba:2c:a2:f8:10:f9:bf: 51:fd:ef:5d:d0:dd:f1:5c:c7:ec:59:55:26:d8:17: f8:f0:35:1b:d8:1c:4e:1c:20:1f:63:af:fb:df:6e: df:30:0c:02:1f:42:fb:18:32:31:fc:30:78:2e:67: 21:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:0C:C9:17:98:52:68:A1:D8:F7:9C:98:A8:AE:DB:B5:7E:0D:E7:EF X509v3 Authority Key Identifier: keyid:D0:FF:6F:09:3D:0D:EA:FB:5C:B4:2A:93:43:3F:A2:39:C9:03:EA:C0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:b1:a1:9c:1a:a6:bc:c6:43:75:fa:43:57:bb:95:b4:9c:7c: 41:81:c7:e7:39:e0:a1:a8:0a:4e:91:7c:5b:d6:4e:7d:c1:ae: 0e:c1:3c:3d:38:e8:47:c7:b4:32:9e:b1:9f:21:d8:55:0e:72: 3c:3c:d4:3c:c4:71:87:22:8b:3e:68:01:d2:25:91:ca:95:e2: cd:d1:7a:27:51:2d:4e:81:af:46:ff:c1:4b:81:6d:c3:d7:5d: 5f:45:d1:38:5e:2d:6a:13:46:7f:3f:1d:ee:e5:51:73:d9:6d: b9:f1:b3:43:fc:99:b6:28:0d:86:e6:5d:12:2a:fc:17:30:fd: ed:f5:fa:56:a8:63:02:18:1d:e5:28:e0:54:a4:a6:01:62:31: ca:0f:77:de:4c:9e:5c:96:4b:ce:71:37:e3:f5:04:f6:39:e7: 53:24:c9:c0:9d:15:1d:3b:ba:d6:44:a5:ff:ac:38:b7:41:13: 00:28:99:f8:c3:72:59:fd:16:45:70:61:33:2f:3b:48:76:4b: e7:1b:a6:1e:ed:a6:ec:7b:da:bc:17:1e:b3:35:87:34:14:20: 0f:86:99:91:ef:8f:fe:98:29:01:90:4d:f4:85:da:40:7a:72: f1:67:8c:f5:a6:3a:4e:66:64:56:04:04:e6:49:71:12:bd:02: 20:2e:fa:4e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUbXJK7OaVGL08mF5i6qq4SDmGtIAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDBGRjZGMDkzRDBERUFGQjVDQjQyQTkzNDMzRkEyMzlD OTAzRUFDMDAeFw0yNTExMDMxODM2NTJaFw0yNTExMDcwMjUzNTJaMDMxMTAvBgNV BAMTKDc0MENDOTE3OTg1MjY4QTFEOEY3OUM5OEE4QUVEQkI1N0UwREU3RUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwqrNGbD7xTFZLilKGJ5wcXEpP uqTiOUo3kjX6C7T9EOlqiyd3EsbpuP/AtIi1PBzuhQogDbIyWPGXy7cE+AKGthfB gskwb0OK57a5avFcKSr9OAuvGtcyG+qsxg7RUJ+GUOCGNB+xIuKa4nbmVK7nRbvd 7lMLEZQelKdxT4yagzArd+wUB8XB/PjbJT2e2NnQcs3bRoq7mYdyQK19TgTb41h/ YnAxvt5In1Lpu0MPbOm9SVtK5BobezQVlOzwgLB/Un6OBR6juaWquiyi+BD5v1H9 713Q3fFcx+xZVSbYF/jwNRvYHE4cIB9jr/vfbt8wDAIfQvsYMjH8MHguZyERAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUdAzJF5hSaKHY95yYqK7btX4N5+8wHwYDVR0j BBgwFoAU0P9vCT0N6vtctCqTQz+iOckD6sAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 N2Y5ZjU2Mi03MjkyLTQ0ZjEtOGUyYy00NDBhMDUzMWMzOTYvMC9EMEZGNkYwOTNE MERFQUZCNUNCNDJBOTM0MzNGQTIzOUM5MDNFQUMwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDBGRjZGMDkzRDBERUFGQjVDQjQyQTkzNDMzRkEyMzlDOTAz RUFDMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNjdmOWY1NjItNzI5Mi00NGYxLThl MmMtNDQwYTA1MzFjMzk2LzAvRDBGRjZGMDkzRDBERUFGQjVDQjQyQTkzNDMzRkEy MzlDOTAzRUFDMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADSxoZwaprzGQ3X6Q1e7lbScfEGBx+c54KGo Ck6RfFvWTn3Brg7BPD046EfHtDKesZ8h2FUOcjw81DzEcYciiz5oAdIlkcqV4s3R eidRLU6Br0b/wUuBbcPXXV9F0TheLWoTRn8/He7lUXPZbbnxs0P8mbYoDYbmXRIq /Bcw/e31+laoYwIYHeUo4FSkpgFiMcoPd95MnlyWS85xN+P1BPY551MkycCdFR07 utZEpf+sOLdBEwAomfjDcln9FkVwYTMvO0h2S+cbph7tpux72rwXHrM1hzQUIA+G mZHvj/6YKQGQTfSF2kB6cvFnjPWmOk5mZFYEBOZJcRK9AiAu+k4= -----END CERTIFICATE-----Generated at Tue Nov 4 01:58:35 2025 by rpki-client