$ rpki-client -vvf repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.mft File: AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.mft (raw, json) Hash identifier: rN1FoYKDWYbXRyQbvp7CrNjhMzEEkIQYBMb4lN+RDOY= Subject key identifier: 1F:E5:99:D4:CF:EC:A5:11:A8:38:7E:8D:66:2C:47:34:E4:79:71:E8 Authority key identifier: AF:68:71:CA:FD:05:C6:F6:25:9C:DC:9B:3F:E8:65:6F:CE:DE:C3:D5 Certificate issuer: /CN=AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5 Certificate serial: 3DD883FBA8A6B04FD76187773C308E02F1FEEF97 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.mft Manifest number: A7 Signing time: Tue 04 Nov 2025 00:00:01 +0000 Manifest this update: Mon 03 Nov 2025 23:55:01 +0000 Manifest next update: Fri 07 Nov 2025 01:29:01 +0000 Files and hashes: 1: 3135372e36362e34302e302f32342d3234203d3e20313532373934.roa (hash: llbK8JVFmbrLSSzLv9Ovv2C1Mqs66Yxl6xm9VnsVOAw=) 2: AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.crl (hash: 8F4aTtBVI/DNjy+/yBflIPDNfgzs0b0uRg/DYO7DHeg=) 3: 3135372e36362e34312e302f32342d3234203d3e20313532373934.roa (hash: 3Egq3cRo6EJ7UqcOfpeiiHWc5fNhn+xEtBo+/Cw0jbA=) 4: 3135372e36362e34302e302f32332d3233203d3e20313532373934.roa (hash: 9Rk+bLwCtN8F40lqmzQmjy2Qn3pf5qNIMJVV2njhbNk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.crl rsync://repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 01:29:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:d8:83:fb:a8:a6:b0:4f:d7:61:87:77:3c:30:8e:02:f1:fe:ef:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5 Validity Not Before: Nov 3 23:55:01 2025 GMT Not After : Nov 7 01:29:01 2025 GMT Subject: CN=1FE599D4CFECA511A8387E8D662C4734E47971E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b8:45:4c:28:40:85:2f:53:08:31:5d:f6:e1: 33:1e:f8:61:62:55:f9:04:7b:7c:23:49:76:06:d3: 48:ce:bf:01:de:bd:6f:bd:e6:ae:6e:e3:00:f2:2d: 4e:27:9c:d4:e2:27:ce:18:e6:6a:2c:81:4a:70:45: 45:02:4f:da:e0:09:9b:b3:f5:dd:86:5a:14:e2:c8: 00:30:84:6f:9b:1b:0b:a5:9c:59:a0:9d:a5:02:b9: bd:2c:ad:dd:61:b4:4f:db:ef:da:40:01:16:aa:a6: e4:76:90:7d:a9:85:69:bd:c9:80:3e:19:2f:ab:16: a7:3e:b3:65:d6:1c:dd:cd:50:35:7f:49:68:de:31: 96:ed:b4:30:89:9e:9d:eb:42:22:b9:21:9e:8f:ef: ff:63:89:be:17:20:b5:a8:63:42:7c:91:20:5a:30: 63:e3:be:68:ac:ec:04:24:d0:0b:db:6a:48:33:0d: 50:65:05:f4:b4:af:05:0f:83:c2:d6:af:4e:b8:83: 5f:2e:3b:12:7f:64:a5:06:3a:12:74:6e:13:35:fd: 95:80:a5:f9:dc:e1:3f:c8:f8:6b:b8:1d:19:40:be: 8c:45:ab:81:c6:dd:ea:43:5d:3b:45:96:f7:82:43: b3:dd:61:f3:44:a3:64:63:38:82:6f:58:c7:b1:57: dc:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:E5:99:D4:CF:EC:A5:11:A8:38:7E:8D:66:2C:47:34:E4:79:71:E8 X509v3 Authority Key Identifier: keyid:AF:68:71:CA:FD:05:C6:F6:25:9C:DC:9B:3F:E8:65:6F:CE:DE:C3:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/77f2c190-30f5-4f19-bfca-0b987a52fd55/0/AF6871CAFD05C6F6259CDC9B3FE8656FCEDEC3D5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:78:99:94:98:27:b4:e9:e6:91:8c:53:59:f6:f6:e8:ba:3f: 0a:09:b3:3b:7a:3c:74:55:fb:9d:b9:98:f4:38:f8:c3:4d:01: 1a:4e:62:d0:d7:b2:5b:3d:57:48:ed:e7:64:f1:90:66:f4:30: ee:f5:06:29:c9:4f:8a:54:50:05:35:d0:59:a3:99:b1:6b:3c: 43:26:7c:63:70:a6:3e:42:6f:c8:ec:55:dc:10:ea:ef:06:51: 33:35:ba:56:e2:e5:7b:82:51:c9:a3:c4:9c:77:1d:88:15:b2: 9e:67:40:9a:35:60:cc:f0:2c:c3:3b:6b:d4:5c:7a:30:7f:7a: f6:e6:40:cd:c3:6a:94:25:f9:39:ca:99:cd:97:e5:f9:f1:32: 3d:ad:03:8f:0c:19:5e:73:c8:2d:ea:82:db:ea:55:a8:2d:67: 7a:6b:83:dd:f6:de:fd:19:5f:ff:45:31:a5:80:0b:dd:22:c7: 89:6f:49:e4:42:5e:4a:3f:60:ad:bf:6b:d3:8e:bf:7d:48:34: 36:e4:5c:74:ac:48:02:f0:15:c2:ce:f3:92:bc:74:f0:ac:a8: 0f:9c:d3:fb:f8:8b:14:d4:c6:e5:12:89:eb:97:e4:a6:1d:23: c2:f5:9c:2b:b9:1b:a0:11:02:e7:8b:02:36:45:cd:78:84:a3: db:68:e8:70 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPdiD+6imsE/XYYd3PDCOAvH+75cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUY2ODcxQ0FGRDA1QzZGNjI1OUNEQzlCM0ZFODY1NkZD RURFQzNENTAeFw0yNTExMDMyMzU1MDFaFw0yNTExMDcwMTI5MDFaMDMxMTAvBgNV BAMTKDFGRTU5OUQ0Q0ZFQ0E1MTFBODM4N0U4RDY2MkM0NzM0RTQ3OTcxRTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCouEVMKECFL1MIMV324TMe+GFi VfkEe3wjSXYG00jOvwHevW+95q5u4wDyLU4nnNTiJ84Y5mosgUpwRUUCT9rgCZuz 9d2GWhTiyAAwhG+bGwulnFmgnaUCub0srd1htE/b79pAARaqpuR2kH2phWm9yYA+ GS+rFqc+s2XWHN3NUDV/SWjeMZbttDCJnp3rQiK5IZ6P7/9jib4XILWoY0J8kSBa MGPjvmis7AQk0AvbakgzDVBlBfS0rwUPg8LWr064g18uOxJ/ZKUGOhJ0bhM1/ZWA pfnc4T/I+Gu4HRlAvoxFq4HG3epDXTtFlveCQ7PdYfNEo2RjOIJvWMexV9xdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUH+WZ1M/spRGoOH6NZixHNOR5cegwHwYDVR0j BBgwFoAUr2hxyv0FxvYlnNybP+hlb87ew9UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 N2YyYzE5MC0zMGY1LTRmMTktYmZjYS0wYjk4N2E1MmZkNTUvMC9BRjY4NzFDQUZE MDVDNkY2MjU5Q0RDOUIzRkU4NjU2RkNFREVDM0Q1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUY2ODcxQ0FGRDA1QzZGNjI1OUNEQzlCM0ZFODY1NkZDRURF QzNENS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNzdmMmMxOTAtMzBmNS00ZjE5LWJm Y2EtMGI5ODdhNTJmZDU1LzAvQUY2ODcxQ0FGRDA1QzZGNjI1OUNEQzlCM0ZFODY1 NkZDRURFQzNENS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEF4mZSYJ7Tp5pGMU1n29ui6PwoJszt6PHRV +525mPQ4+MNNARpOYtDXsls9V0jt52TxkGb0MO71BinJT4pUUAU10FmjmbFrPEMm fGNwpj5Cb8jsVdwQ6u8GUTM1ulbi5XuCUcmjxJx3HYgVsp5nQJo1YMzwLMM7a9Rc ejB/evbmQM3DapQl+TnKmc2X5fnxMj2tA48MGV5zyC3qgtvqVagtZ3prg9323v0Z X/9FMaWAC90ix4lvSeRCXko/YK2/a9OOv31INDbkXHSsSALwFcLO85K8dPCsqA+c 0/v4ixTUxuUSieuX5KYdI8L1nCu5G6ARAueLAjZFzXiEo9to6HA= -----END CERTIFICATE-----Generated at Tue Nov 4 21:23:41 2025 by rpki-client