$ rpki-client -vvf repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft File: AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft (raw, json) Hash identifier: bAc0Bixwb+nkCHXK4pC+AP/OLZXhV40x+BxgAuBbp6s= Subject key identifier: 84:AB:3C:74:1A:49:82:F4:C4:56:0A:D9:3A:A4:90:6E:78:7D:2C:D0 Authority key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Certificate issuer: /CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Certificate serial: 64C1257B04A8ACC36AB550B5AB4963A41E10F55C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject info access: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft Manifest number: CA Signing time: Tue 04 Nov 2025 19:31:43 +0000 Manifest this update: Tue 04 Nov 2025 19:26:43 +0000 Manifest next update: Sat 08 Nov 2025 05:26:43 +0000 Files and hashes: 1: 3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa (hash: okMulqCwmQrHdU+kO0nYzAvF/vvi8wTCEKi+VdDT9lQ=) 2: AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl (hash: RSCgo083kldiqBBkyUn2OHN/kCs2Q8O4dXgYLVTjMWk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:c1:25:7b:04:a8:ac:c3:6a:b5:50:b5:ab:49:63:a4:1e:10:f5:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Validity Not Before: Nov 4 19:26:43 2025 GMT Not After : Nov 8 05:26:43 2025 GMT Subject: CN=84AB3C741A4982F4C4560AD93AA4906E787D2CD0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:74:8a:df:23:95:53:01:69:6b:a8:12:07:db: 49:36:c0:c0:6a:50:ff:56:a8:73:32:df:f0:7f:20: f0:fd:b7:3a:5a:73:b6:65:30:73:56:e2:21:ba:a2: ff:2f:f9:c6:52:02:ae:4a:da:e2:62:d7:05:ff:fb: e6:ae:26:3a:ac:6f:82:ac:3d:b0:da:1a:35:49:e7: e6:1f:f9:93:f9:34:a7:22:28:68:99:90:bf:ce:df: 36:76:25:53:c2:ec:df:39:3b:8e:2d:84:a4:64:1b: b0:43:de:96:7b:39:e8:7e:74:03:9c:39:08:46:fc: 4a:ed:e4:f7:7f:ba:b2:f0:10:3a:ca:94:0c:05:81: 55:58:9c:a3:40:a9:c1:49:a2:16:e2:26:54:eb:f4: 5f:9f:b7:1d:85:9d:4c:4d:43:5f:6b:40:b6:be:85: 93:c5:1e:a9:20:6d:06:41:5d:d5:89:ea:fb:c4:de: 20:32:5b:3d:10:a8:7f:2e:1b:53:78:c4:4f:69:bc: 56:12:22:14:32:3a:d0:e2:8e:eb:59:06:0a:c5:0c: 8a:e5:92:81:e4:2c:f3:c9:a9:2e:0d:3f:e1:5e:e1: 5e:08:ca:ad:71:c7:05:35:56:90:0b:5d:7d:da:a2: 82:3e:52:01:20:cf:e0:fe:b1:5e:f3:5f:c8:7a:54: e3:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:AB:3C:74:1A:49:82:F4:C4:56:0A:D9:3A:A4:90:6E:78:7D:2C:D0 X509v3 Authority Key Identifier: keyid:AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:89:d9:37:1d:7d:75:f2:8f:57:7e:27:7d:62:41:c4:5a:fd: ca:18:57:b9:ea:4e:48:f8:ae:bb:11:9f:27:d7:e3:c9:58:0d: c2:c8:47:61:ec:86:77:f4:21:f1:60:67:51:6d:6c:a7:a8:82: 65:11:50:a3:97:c1:0b:fd:b8:3a:be:20:37:a3:61:92:51:ac: 82:e2:1c:c8:f6:09:52:c2:9a:83:7e:0c:11:30:11:46:48:2c: 30:bf:40:2e:a8:ae:aa:e3:87:b0:12:f3:31:27:18:34:33:2e: 6c:86:54:7a:4c:94:a7:6d:d8:27:a1:23:de:6d:4a:04:4e:d4: 6d:e9:71:c2:f7:cd:94:d6:84:6a:b1:7b:3f:ab:5a:73:8d:78: 82:8e:c1:7d:90:32:b3:91:7f:1d:b3:58:43:4d:54:3d:97:02: 85:bd:a6:67:2b:4e:7d:fb:7c:8e:d8:f6:82:70:43:40:69:12: 96:74:9c:51:4a:f7:a7:73:f9:38:08:82:b2:ca:87:2e:3d:f9: 12:28:1c:e0:0e:eb:33:53:45:09:82:81:11:23:16:87:ce:4f: a9:1c:49:92:9f:0f:ab:a1:56:2d:a8:43:2d:52:d4:4f:73:fb: 9b:1e:99:54:4e:64:4c:30:a1:0b:e3:b5:9a:37:23:52:b9:85: 21:f3:3d:9f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZMElewSorMNqtVC1q0ljpB4Q9VwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQw MkQ2QUYyMTAeFw0yNTExMDQxOTI2NDNaFw0yNTExMDgwNTI2NDNaMDMxMTAvBgNV BAMTKDg0QUIzQzc0MUE0OTgyRjRDNDU2MEFEOTNBQTQ5MDZFNzg3RDJDRDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBdIrfI5VTAWlrqBIH20k2wMBq UP9WqHMy3/B/IPD9tzpac7ZlMHNW4iG6ov8v+cZSAq5K2uJi1wX/++auJjqsb4Ks PbDaGjVJ5+Yf+ZP5NKciKGiZkL/O3zZ2JVPC7N85O44thKRkG7BD3pZ7Oeh+dAOc OQhG/Ert5Pd/urLwEDrKlAwFgVVYnKNAqcFJohbiJlTr9F+ftx2FnUxNQ19rQLa+ hZPFHqkgbQZBXdWJ6vvE3iAyWz0QqH8uG1N4xE9pvFYSIhQyOtDijutZBgrFDIrl koHkLPPJqS4NP+Fe4V4Iyq1xxwU1VpALXX3aooI+UgEgz+D+sV7zX8h6VONTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhKs8dBpJgvTEVgrZOqSQbnh9LNAwHwYDVR0j BBgwFoAUqj1/UDyZwKtjDVTFKDg8NALWryEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMC9BQTNEN0Y1MDND OTlDMEFCNjMwRDU0QzUyODM4M0MzNDAyRDZBRjIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQwMkQ2 QUYyMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTZjZDAzMjUtMzFhZi00ZmZlLThi ZWItZTc3OTk3ZTZjM2UxLzAvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODND MzQwMkQ2QUYyMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAmJ2TcdfXXyj1d+J31iQcRa/coYV7nqTkj4 rrsRnyfX48lYDcLIR2Hshnf0IfFgZ1FtbKeogmURUKOXwQv9uDq+IDejYZJRrILi HMj2CVLCmoN+DBEwEUZILDC/QC6orqrjh7AS8zEnGDQzLmyGVHpMlKdt2CehI95t SgRO1G3pccL3zZTWhGqxez+rWnONeIKOwX2QMrORfx2zWENNVD2XAoW9pmcrTn37 fI7Y9oJwQ0BpEpZ0nFFK96dz+TgIgrLKhy49+RIoHOAO6zNTRQmCgREjFofOT6kc SZKfD6uhVi2oQy1S1E9z+5semVROZEwwoQvjtZo3I1K5hSHzPZ8= -----END CERTIFICATE-----Generated at Tue Nov 4 21:21:28 2025 by rpki-client