$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: HruyOg6yCdRyhkV6u2qCzEHEoUGWhxuAH+xhsb90gK8= Subject key identifier: A1:EE:3C:FB:22:4A:E5:91:FD:2A:54:84:AE:CE:F5:1A:17:40:ED:09 Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 50551ABA9A8EF40F9C269336E454B1CEC2B99725 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 051F Signing time: Mon 03 Nov 2025 09:12:02 +0000 Manifest this update: Mon 03 Nov 2025 09:07:02 +0000 Manifest next update: Thu 06 Nov 2025 10:35:02 +0000 Files and hashes: 1: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: Rmwa8I7NE7bWL+SEb+lbp4SN6dOmfVTG2CxaG7PZbU0=) 2: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) 3: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) 4: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) 5: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 6: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) 7: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) 8: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: JY5X7Ni0FqjOLHL/IBAcPoDotTFSEzReZjChPfIbLws=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 10:35:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:55:1a:ba:9a:8e:f4:0f:9c:26:93:36:e4:54:b1:ce:c2:b9:97:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Nov 3 09:07:02 2025 GMT Not After : Nov 6 10:35:02 2025 GMT Subject: CN=A1EE3CFB224AE591FD2A5484AECEF51A1740ED09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:8e:01:b6:af:68:d8:51:b8:bd:14:5e:47:09: a1:29:06:c4:d7:45:d3:17:cc:5f:45:18:1f:03:70: e6:75:c8:c5:31:e5:0e:f1:f3:e4:a1:a2:53:ce:c5: 9a:6e:42:be:26:fb:23:a4:56:bd:e7:3e:54:02:ad: 91:2e:05:91:0f:77:7e:de:2f:1c:30:3f:ec:74:b2: d9:c1:a3:34:f5:49:62:e5:a4:d9:92:16:18:bb:0b: 51:e5:e6:dd:ce:47:6f:72:23:f1:5e:f5:30:45:9b: 09:f7:4e:1c:d1:d7:18:05:c5:4d:83:30:a5:0a:84: 03:3d:fa:e3:87:0d:9b:19:54:f8:e0:91:37:a4:97: 99:f7:38:d0:f2:a4:f8:6d:3b:66:a0:28:b3:b7:1e: 95:6d:3c:c9:d5:9f:4a:9d:74:eb:48:90:33:a7:d3: a5:38:99:b3:34:65:30:4f:e9:02:80:13:b0:9b:73: aa:02:84:59:19:4c:98:bc:37:30:c5:e1:b1:98:ac: 0c:c6:4b:54:d8:5d:7e:c7:90:fc:d0:2c:c0:66:91: af:9b:70:5c:e3:7d:9c:e5:d4:56:c3:3e:fa:8d:c6: 27:fe:8d:71:12:32:f5:66:14:e0:35:56:26:e9:9f: a0:93:ab:2e:0e:89:ba:9c:20:fd:8d:93:ac:5c:23: a8:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:EE:3C:FB:22:4A:E5:91:FD:2A:54:84:AE:CE:F5:1A:17:40:ED:09 X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:78:89:8f:76:1f:eb:1b:f8:3c:b3:2c:29:9d:36:78:11:3a: 3d:af:9a:bc:f0:66:9c:dc:cc:91:1e:9d:d8:5a:0b:cf:4c:e5: 3b:e5:fb:6d:7c:a6:a0:c8:30:ef:36:09:9c:08:9c:f1:ae:65: 35:d2:8d:b0:4f:1c:07:9d:66:6e:d5:08:55:e9:08:f8:4b:73: 6c:6d:38:33:4b:dc:a8:a8:2d:cf:81:a5:7a:12:ad:68:4b:a0: 8c:18:e7:70:8c:af:43:80:f3:1c:9a:31:98:f9:a0:0a:59:84: 5f:2b:5b:33:35:4a:55:0a:80:c4:16:c0:87:3a:82:65:33:76: 1d:90:36:da:fc:09:45:50:eb:5c:57:7b:ce:26:2b:04:af:6d: c3:52:b7:8a:8c:32:1d:59:91:cc:47:09:cc:2a:55:82:e7:d8: 4f:26:e8:d7:62:3f:2d:d2:fa:2d:e5:1a:32:95:d3:3a:0a:b0: 9b:11:4d:22:8f:8b:7a:10:5e:ed:c1:e6:c1:49:03:cb:ad:a1: 23:2f:6f:c5:34:85:1f:99:89:3c:c9:aa:42:8a:00:99:42:db: f9:23:79:86:46:d7:1c:c8:5a:01:bc:b1:aa:20:fa:a9:5d:15: 1a:81:5d:c5:49:0d:ea:2f:44:4a:72:74:18:ee:2d:9c:54:77: 04:00:6b:3f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUUFUaupqO9A+cJpM25FSxzsK5lyUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTExMDMwOTA3MDJaFw0yNTExMDYxMDM1MDJaMDMxMTAvBgNV BAMTKEExRUUzQ0ZCMjI0QUU1OTFGRDJBNTQ4NEFFQ0VGNTFBMTc0MEVEMDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUjgG2r2jYUbi9FF5HCaEpBsTX RdMXzF9FGB8DcOZ1yMUx5Q7x8+SholPOxZpuQr4m+yOkVr3nPlQCrZEuBZEPd37e LxwwP+x0stnBozT1SWLlpNmSFhi7C1Hl5t3OR29yI/Fe9TBFmwn3ThzR1xgFxU2D MKUKhAM9+uOHDZsZVPjgkTekl5n3ONDypPhtO2agKLO3HpVtPMnVn0qddOtIkDOn 06U4mbM0ZTBP6QKAE7Cbc6oChFkZTJi8NzDF4bGYrAzGS1TYXX7HkPzQLMBmka+b cFzjfZzl1FbDPvqNxif+jXESMvVmFOA1Vibpn6CTqy4OibqcIP2Nk6xcI6h3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUoe48+yJK5ZH9KlSErs71GhdA7QkwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAK14iY92H+sb+DyzLCmdNngROj2vmrzwZpzc zJEendhaC89M5Tvl+218pqDIMO82CZwInPGuZTXSjbBPHAedZm7VCFXpCPhLc2xt ODNL3KioLc+BpXoSrWhLoIwY53CMr0OA8xyaMZj5oApZhF8rWzM1SlUKgMQWwIc6 gmUzdh2QNtr8CUVQ61xXe84mKwSvbcNSt4qMMh1ZkcxHCcwqVYLn2E8m6NdiPy3S +i3lGjKV0zoKsJsRTSKPi3oQXu3B5sFJA8utoSMvb8U0hR+ZiTzJqkKKAJlC2/kj eYZG1xzIWgG8saog+qldFRqBXcVJDeovREpydBjuLZxUdwQAaz8= -----END CERTIFICATE-----Generated at Tue Nov 4 08:12:37 2025 by rpki-client