$ rpki-client -vvf repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.mft File: BA3C6E8206951343A970BD80B8DC3351252A9719.mft (raw, json) Hash identifier: EwoNPCTdRQfhYCE+ngKLxARihRssBJlQYSVuFP1f66w= Subject key identifier: 3F:34:22:A1:60:99:4A:7F:6F:96:E3:C0:75:15:72:C3:D5:BD:AC:BE Authority key identifier: BA:3C:6E:82:06:95:13:43:A9:70:BD:80:B8:DC:33:51:25:2A:97:19 Certificate issuer: /CN=BA3C6E8206951343A970BD80B8DC3351252A9719 Certificate serial: 103E40257BF08BCF26552D581CA1803F94DA5327 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BA3C6E8206951343A970BD80B8DC3351252A9719.cer Subject info access: rsync://repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.mft Manifest number: BA Signing time: Sun 02 Nov 2025 10:01:22 +0000 Manifest this update: Sun 02 Nov 2025 09:56:22 +0000 Manifest next update: Wed 05 Nov 2025 21:59:22 +0000 Files and hashes: 1: BA3C6E8206951343A970BD80B8DC3351252A9719.crl (hash: V5lmJCWCWmL3rWoPT3LAiTrBD7iqC55qIkD4pP6YGrY=) 2: 3136302e32352e3135362e302f32342d3234203d3e20313533303838.roa (hash: mhfAph5jHpIIQpADW/6z0VmmK6WaOWV9si8/hgfO+jQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.crl rsync://repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BA3C6E8206951343A970BD80B8DC3351252A9719.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 21:59:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:3e:40:25:7b:f0:8b:cf:26:55:2d:58:1c:a1:80:3f:94:da:53:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BA3C6E8206951343A970BD80B8DC3351252A9719 Validity Not Before: Nov 2 09:56:22 2025 GMT Not After : Nov 5 21:59:22 2025 GMT Subject: CN=3F3422A160994A7F6F96E3C0751572C3D5BDACBE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:2e:e8:d0:0c:30:46:70:1b:47:3f:45:72:e5: e0:4c:95:df:0f:54:c3:17:25:b5:f1:42:00:13:60: ff:f8:d6:40:2f:32:66:f3:0e:a9:12:57:eb:c3:2d: f0:a0:b5:5a:4b:5e:bf:73:2f:7e:8a:38:a2:b2:43: 06:7a:f6:38:52:11:3b:ce:52:db:16:66:a1:c2:44: 10:36:0f:63:74:45:ae:39:8e:33:fa:c8:04:d0:96: 98:c4:41:21:19:b9:33:ef:9a:4a:35:a0:74:10:b9: 43:24:30:3f:cb:71:29:b8:77:da:88:a8:15:fe:cb: 4f:d7:ff:ea:56:c7:ea:aa:0f:b5:27:b6:91:f1:f8: 2e:86:4a:d9:38:3a:95:a2:96:5e:0d:7b:fd:13:b2: d6:5f:66:5d:5c:66:6c:31:9c:dd:0e:2a:b0:b0:85: dd:2b:18:2b:8d:97:36:46:38:1a:33:b7:77:1e:c2: 01:c4:ff:4f:41:bd:e6:01:92:a4:1e:1e:e6:bc:7e: 96:4a:89:4c:fb:93:9b:23:5f:5a:b4:d7:a0:86:f5: 78:3f:7c:7e:f6:3b:10:7b:56:84:bf:5d:66:ce:30: 2d:d2:e7:d2:0c:7d:9e:6b:ec:00:c1:16:40:a6:45: fb:ba:e8:9e:6d:91:99:8c:18:20:d5:39:ba:70:95: 95:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:34:22:A1:60:99:4A:7F:6F:96:E3:C0:75:15:72:C3:D5:BD:AC:BE X509v3 Authority Key Identifier: keyid:BA:3C:6E:82:06:95:13:43:A9:70:BD:80:B8:DC:33:51:25:2A:97:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BA3C6E8206951343A970BD80B8DC3351252A9719.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/BA3C6E8206951343A970BD80B8DC3351252A9719.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:45:9c:04:63:39:f7:f5:72:7c:3c:94:3e:d2:19:2b:7b:d0: 61:0d:25:b1:9e:25:78:c4:d5:c1:e3:d3:59:76:19:25:78:c4: 08:27:49:2a:9b:35:4e:67:8b:fe:a3:96:89:1b:74:d1:a7:0e: 8a:a4:a8:e2:62:34:7a:10:5a:60:c7:73:ed:27:4c:ac:96:55: 2c:c7:50:a6:f6:76:de:4f:7b:e6:ea:13:90:8c:87:36:19:b1: d9:ad:34:05:53:13:12:86:ec:cf:43:2d:ba:14:82:e3:b9:7b: 64:53:0d:bb:7e:2b:c4:8b:9a:29:6b:e0:fb:d0:55:f9:24:ae: b7:52:69:c5:d0:5f:e7:18:89:2c:df:fd:53:1b:d7:13:0b:23: 91:df:ce:10:22:77:a4:84:ea:e0:5c:1e:ee:5c:9a:46:dd:37: 6d:0d:9e:f9:47:83:b6:74:39:f6:85:6e:6a:75:1a:7f:da:3e: 8b:20:98:2e:c0:92:9b:59:0f:66:0e:8e:03:17:f2:f6:7c:ae: 5f:9d:33:91:4c:7d:80:92:ed:f7:c0:57:92:0e:a6:c1:76:36: e7:73:89:88:63:34:f8:1c:52:8e:1b:a4:dc:3a:53:a3:a5:d7: c5:c8:6c:3e:9e:37:da:3d:e9:a7:4d:b2:e8:d7:bc:85:f7:60: aa:4a:1c:2d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUED5AJXvwi88mVS1YHKGAP5TaUycwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkEzQzZFODIwNjk1MTM0M0E5NzBCRDgwQjhEQzMzNTEy NTJBOTcxOTAeFw0yNTExMDIwOTU2MjJaFw0yNTExMDUyMTU5MjJaMDMxMTAvBgNV BAMTKDNGMzQyMkExNjA5OTRBN0Y2Rjk2RTNDMDc1MTU3MkMzRDVCREFDQkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWLujQDDBGcBtHP0Vy5eBMld8P VMMXJbXxQgATYP/41kAvMmbzDqkSV+vDLfCgtVpLXr9zL36KOKKyQwZ69jhSETvO UtsWZqHCRBA2D2N0Ra45jjP6yATQlpjEQSEZuTPvmko1oHQQuUMkMD/LcSm4d9qI qBX+y0/X/+pWx+qqD7UntpHx+C6GStk4OpWill4Ne/0TstZfZl1cZmwxnN0OKrCw hd0rGCuNlzZGOBozt3cewgHE/09BveYBkqQeHua8fpZKiUz7k5sjX1q016CG9Xg/ fH72OxB7VoS/XWbOMC3S59IMfZ5r7ADBFkCmRfu66J5tkZmMGCDVObpwlZXLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUPzQioWCZSn9vluPAdRVyw9W9rL4wHwYDVR0j BBgwFoAUujxuggaVE0OpcL2AuNwzUSUqlxkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h YWZkZDZmOS1iNzk5LTRhOTYtOWUyYS0xZmVmNjliZmE1OTcvMC9CQTNDNkU4MjA2 OTUxMzQzQTk3MEJEODBCOERDMzM1MTI1MkE5NzE5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQkEzQzZFODIwNjk1MTM0M0E5NzBCRDgwQjhEQzMzNTEyNTJB OTcxOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYWFmZGQ2ZjktYjc5OS00YTk2LTll MmEtMWZlZjY5YmZhNTk3LzAvQkEzQzZFODIwNjk1MTM0M0E5NzBCRDgwQjhEQzMz NTEyNTJBOTcxOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFlFnARjOff1cnw8lD7SGSt70GENJbGeJXjE 1cHj01l2GSV4xAgnSSqbNU5ni/6jlokbdNGnDoqkqOJiNHoQWmDHc+0nTKyWVSzH UKb2dt5Pe+bqE5CMhzYZsdmtNAVTExKG7M9DLboUguO5e2RTDbt+K8SLmilr4PvQ VfkkrrdSacXQX+cYiSzf/VMb1xMLI5HfzhAid6SE6uBcHu5cmkbdN20NnvlHg7Z0 OfaFbmp1Gn/aPosgmC7AkptZD2YOjgMX8vZ8rl+dM5FMfYCS7ffAV5IOpsF2Nudz iYhjNPgcUo4bpNw6U6Ol18XIbD6eN9o96adNsujXvIX3YKpKHC0= -----END CERTIFICATE-----Generated at Tue Nov 4 21:21:42 2025 by rpki-client