$ rpki-client -vvf repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.mft File: 749E8F6C5F22D18A70B682F86C65ECD3EA27635C.mft (raw, json) Hash identifier: KlOOSKxHrzXOcNlN2FPVC/nOFh17TOyc9z9OFNEW+cI= Subject key identifier: 21:E5:C2:0D:D5:B2:3F:43:5C:C2:C0:A8:06:5D:4F:EB:C1:81:AD:A1 Authority key identifier: 74:9E:8F:6C:5F:22:D1:8A:70:B6:82:F8:6C:65:EC:D3:EA:27:63:5C Certificate issuer: /CN=749E8F6C5F22D18A70B682F86C65ECD3EA27635C Certificate serial: 570A4406F85BE7B85D34579AEFA986F7E3D90AE9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.mft Manifest number: 021F Signing time: Tue 04 Nov 2025 11:51:57 +0000 Manifest this update: Tue 04 Nov 2025 11:46:57 +0000 Manifest next update: Fri 07 Nov 2025 13:39:57 +0000 Files and hashes: 1: 3130332e3134392e3137362e302f32342d3234203d3e20313430343433.roa (hash: u/HGXTKlzUVzN3BHvIbNac6O5D491LLOLOhh0HKRChM=) 2: 323030313a6466333a333438303a3a2f34382d3438203d3e20313430343433.roa (hash: VaGZ2rtQiVhlvvEqhey8VuIsjUW/H1CymqkYlv2nCyM=) 3: 749E8F6C5F22D18A70B682F86C65ECD3EA27635C.crl (hash: dDUFV13rBcx9wBumhh69vwITsh7WYPSvn8M3OGJIZNI=) 4: 3130332e3134392e3137362e302f32332d3233203d3e20313430343433.roa (hash: D6ZQ1Nszopc+tjvvlk9LxeInARJoQa1nF2ZqxR2uBQM=) 5: 3130332e3134392e3137372e302f32342d3234203d3e20313430343433.roa (hash: q3nnfuFQ9fllwu5vaDMWKT58tFIU7r2iWutM+FFs7uM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.crl rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 13:39:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:0a:44:06:f8:5b:e7:b8:5d:34:57:9a:ef:a9:86:f7:e3:d9:0a:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=749E8F6C5F22D18A70B682F86C65ECD3EA27635C Validity Not Before: Nov 4 11:46:57 2025 GMT Not After : Nov 7 13:39:57 2025 GMT Subject: CN=21E5C20DD5B23F435CC2C0A8065D4FEBC181ADA1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:75:14:06:11:f8:8c:a1:78:bc:56:4b:3f:e2: 3c:b6:f2:b8:54:dd:de:4e:2f:6c:b4:85:7f:98:3d: 07:64:28:14:be:3b:4a:c3:9a:82:52:04:e8:b7:98: 7a:4a:b2:35:8e:03:b0:bf:c4:20:6d:b4:ab:27:89: 57:1a:00:b5:a7:8a:90:8e:d3:0f:da:6e:87:19:bd: 1c:3e:72:6d:9d:f6:8e:3f:db:32:b1:6c:37:20:28: f3:48:52:41:ce:bc:3e:99:02:22:40:e4:0a:e8:91: 28:7b:c7:d6:ab:5a:bf:10:24:24:9f:66:bf:b4:0f: cc:d7:d3:5d:fb:2e:7a:db:e3:8f:3c:46:77:ff:72: f1:e7:48:87:f2:1c:a5:7f:d2:70:6c:cf:08:c1:ea: 1f:08:7e:a3:12:0d:b1:ed:31:a1:63:61:34:3f:c0: 39:ef:fd:5e:3b:33:26:52:81:0a:64:0d:c5:66:96: dd:fa:00:01:23:fd:08:38:a4:0f:92:b5:c4:6f:67: 29:2f:c3:28:ad:32:56:5a:0b:7c:cf:5a:ff:7e:0a: 46:3c:83:12:47:25:2c:1c:ae:58:62:ef:ae:0c:d8: 97:ae:e0:f0:b7:08:c4:c9:1d:d1:1f:34:42:31:56: a9:d4:27:65:f5:c8:e5:0f:30:ae:85:cb:62:19:51: 4a:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:E5:C2:0D:D5:B2:3F:43:5C:C2:C0:A8:06:5D:4F:EB:C1:81:AD:A1 X509v3 Authority Key Identifier: keyid:74:9E:8F:6C:5F:22:D1:8A:70:B6:82:F8:6C:65:EC:D3:EA:27:63:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:e7:fc:c8:97:47:90:6b:fb:b4:36:77:08:83:10:9c:8d:10: 83:55:71:28:5f:76:f9:0c:fa:ea:32:df:de:44:17:8e:6e:ad: 3b:0e:f8:44:d1:d8:4d:d6:4f:07:2e:40:ba:7e:81:64:df:a4: b0:25:3a:5e:18:63:43:a3:ba:2f:db:9b:b5:03:0e:7e:b3:13: 99:f2:eb:21:e1:e1:d2:c0:8f:d9:9b:db:5b:4b:5e:54:6d:57: 50:02:07:7b:f6:e2:af:0a:eb:63:56:8e:eb:af:0b:7f:84:c7: 72:08:b7:e3:e3:cd:d0:0e:bb:b1:c8:a3:19:27:df:44:18:e6: 29:cf:4b:25:c5:45:0c:95:41:21:c4:8e:ab:46:a6:31:6d:fe: 6d:50:75:7f:09:e0:c6:b0:e8:5f:88:27:85:2f:07:72:9c:11: 8c:75:30:ca:19:a2:8c:89:b1:fc:00:14:fe:76:2c:37:f0:25: c3:7d:d7:70:57:a7:85:5c:85:c2:44:a1:b7:c2:2c:ed:ad:0a: f5:11:fa:af:7a:37:cb:0d:2a:2c:10:4e:4a:8e:e3:5e:99:e2: 85:34:99:69:1f:8e:b4:ec:ea:b5:fa:5c:fa:5e:22:75:18:b3: 6f:f8:92:69:73:42:02:c3:c7:36:9e:e4:71:f2:78:05:a2:a0: 43:d2:ee:5e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUVwpEBvhb57hdNFea76mG9+PZCukwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzQ5RThGNkM1RjIyRDE4QTcwQjY4MkY4NkM2NUVDRDNF QTI3NjM1QzAeFw0yNTExMDQxMTQ2NTdaFw0yNTExMDcxMzM5NTdaMDMxMTAvBgNV BAMTKDIxRTVDMjBERDVCMjNGNDM1Q0MyQzBBODA2NUQ0RkVCQzE4MUFEQTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxdRQGEfiMoXi8Vks/4jy28rhU 3d5OL2y0hX+YPQdkKBS+O0rDmoJSBOi3mHpKsjWOA7C/xCBttKsniVcaALWnipCO 0w/abocZvRw+cm2d9o4/2zKxbDcgKPNIUkHOvD6ZAiJA5ArokSh7x9arWr8QJCSf Zr+0D8zX0137Lnrb4488Rnf/cvHnSIfyHKV/0nBszwjB6h8IfqMSDbHtMaFjYTQ/ wDnv/V47MyZSgQpkDcVmlt36AAEj/Qg4pA+StcRvZykvwyitMlZaC3zPWv9+CkY8 gxJHJSwcrlhi764M2Jeu4PC3CMTJHdEfNEIxVqnUJ2X1yOUPMK6Fy2IZUUqNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIeXCDdWyP0NcwsCoBl1P68GBraEwHwYDVR0j BBgwFoAUdJ6PbF8i0YpwtoL4bGXs0+onY1wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YWU4ZGIzOC02M2E4LTQxM2MtYTlmNi1jYzIyM2FmYTRhNzUvMC83NDlFOEY2QzVG MjJEMThBNzBCNjgyRjg2QzY1RUNEM0VBMjc2MzVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNzQ5RThGNkM1RjIyRDE4QTcwQjY4MkY4NkM2NUVDRDNFQTI3 NjM1Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGFlOGRiMzgtNjNhOC00MTNjLWE5 ZjYtY2MyMjNhZmE0YTc1LzAvNzQ5RThGNkM1RjIyRDE4QTcwQjY4MkY4NkM2NUVD RDNFQTI3NjM1Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACnn/MiXR5Br+7Q2dwiDEJyNEINVcShfdvkM +uoy395EF45urTsO+ETR2E3WTwcuQLp+gWTfpLAlOl4YY0Ojui/bm7UDDn6zE5ny 6yHh4dLAj9mb21tLXlRtV1ACB3v24q8K62NWjuuvC3+Ex3IIt+PjzdAOu7HIoxkn 30QY5inPSyXFRQyVQSHEjqtGpjFt/m1QdX8J4Maw6F+IJ4UvB3KcEYx1MMoZooyJ sfwAFP52LDfwJcN913BXp4VchcJEobfCLO2tCvUR+q96N8sNKiwQTkqO416Z4oU0 mWkfjrTs6rX6XPpeInUYs2/4kmlzQgLDxzae5HHyeAWioEPS7l4= -----END CERTIFICATE-----Generated at Wed Nov 5 14:24:11 2025 by rpki-client