$ rpki-client -vvf repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft File: 2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft (raw, json) Hash identifier: NNUYU654wR983+OY6KNEHuh7YJO8HdkcnamqtHY7XEk= Subject key identifier: 81:1C:4C:8E:03:21:83:6D:27:65:3A:A4:91:9C:49:26:54:71:7D:70 Authority key identifier: 2D:23:11:F5:63:DF:0A:F8:EB:EF:DA:21:87:16:26:B5:DD:78:C5:BD Certificate issuer: /CN=2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD Certificate serial: 5C96A6B5EA59ECD4509FD11D420E79E5174252C4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft Manifest number: 04F2 Signing time: Mon 03 Nov 2025 09:32:02 +0000 Manifest this update: Mon 03 Nov 2025 09:27:02 +0000 Manifest next update: Thu 06 Nov 2025 14:53:02 +0000 Files and hashes: 1: 323430323a363938303a323030303a3a2f34382d3438203d3e203539323738.roa (hash: D6GCo3ceVvJhAX1b+afxEUHTBD9rmTcpfSp7SCURViA=) 2: 323430323a363938303a3a2f33322d3438203d3e203539323738.roa (hash: KRbdEJvKURW+VgG7P6m8/xbRP6/xVRqHAh+GE/ZxmJg=) 3: 323430323a363938303a343030303a3a2f34382d3438203d3e203539323738.roa (hash: LrRa5/YbMQIirnwavEqQmjlSXIv4GPDAL8XSH/RPz2k=) 4: 2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.crl (hash: zxVndqDWMBlewfLLKdlCWBF8OuwVsZ5cQU+e5AMjocM=) 5: 3130332e35382e3136302e302f32322d3234203d3e203539323738.roa (hash: 3p6KpA6/uKsXu1iiVTHxP1H1aKBvRxURT7LJ3HzRuNw=) 6: 323430323a363938303a313030303a3a2f34382d3438203d3e203539323738.roa (hash: Cf4F1dHsLMAEwRXj/sLvggNAyN9aUktmarNyz8vl8uk=) 7: 323430323a363938303a333030303a3a2f34382d3438203d3e203539323738.roa (hash: 1MuWl4R2LfAc9czxG6/QjtCE9g5QKK5BETiXC4FMLHs=) 8: 3130332e3232372e3234302e302f32322d3234203d3e203539323738.roa (hash: pAsXLpsnvtFY9CiLQfO4MgBTQXdXjfq9fjmjjZL7V7Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.crl rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 14:53:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:96:a6:b5:ea:59:ec:d4:50:9f:d1:1d:42:0e:79:e5:17:42:52:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD Validity Not Before: Nov 3 09:27:02 2025 GMT Not After : Nov 6 14:53:02 2025 GMT Subject: CN=811C4C8E0321836D27653AA4919C492654717D70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:72:74:5c:df:d5:b0:61:d7:8f:85:41:f9:83: ce:36:98:02:46:06:fe:5d:bc:63:11:06:ed:15:50: e2:93:68:69:df:89:eb:a6:ca:a1:d6:b7:ec:30:04: 01:cc:b0:9f:59:f5:89:75:b9:ad:7c:f8:78:cf:a1: db:69:96:f5:52:92:ef:b5:78:d9:3d:52:0e:f3:e1: 0f:df:81:39:b8:60:a2:1d:fd:71:3c:46:63:4f:79: 69:7e:8e:79:0d:53:dd:6f:75:ee:7c:9c:59:ba:e2: 1c:ea:fa:1d:2c:89:be:4d:6f:22:82:bf:25:23:ae: df:69:cd:6f:bf:62:d1:e4:00:c5:4d:b0:9a:f1:21: 47:0e:74:e6:74:29:cf:f6:a5:25:ae:64:fc:3f:60: 3a:b3:c6:fc:54:b3:0d:7d:e9:a2:66:9e:15:49:1a: 83:4c:a0:cf:bb:65:2d:43:89:23:6f:48:4b:80:24: ed:9e:12:72:98:b5:a8:59:41:0c:e6:47:50:53:e4: b7:a8:a9:27:8c:b1:61:d8:08:d8:52:e9:28:ea:dd: 97:ac:01:a0:f7:56:54:ae:6d:0d:ec:a3:0d:56:9d: 7a:f4:ec:cf:bf:15:96:da:43:4b:20:5c:3c:ef:fc: 63:ff:0a:94:b1:0f:39:e6:f0:63:49:0b:aa:1e:57: 0c:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:1C:4C:8E:03:21:83:6D:27:65:3A:A4:91:9C:49:26:54:71:7D:70 X509v3 Authority Key Identifier: keyid:2D:23:11:F5:63:DF:0A:F8:EB:EF:DA:21:87:16:26:B5:DD:78:C5:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/af1c79f1-264e-423f-9e08-0b2900da6949/0/2D2311F563DF0AF8EBEFDA21871626B5DD78C5BD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:0c:74:d2:78:ea:36:1b:19:ad:85:eb:7e:c0:33:71:70:8c: 91:54:2e:77:79:e8:6c:de:68:ba:6e:6e:b7:69:83:9e:b2:76: a2:30:36:2c:80:fa:18:fe:cc:38:34:3e:30:18:c5:e8:47:61: 7a:a3:13:8b:3b:92:b1:f2:db:05:88:ee:8d:d0:ff:50:fe:fb: 27:0d:00:cd:c2:47:79:e6:c2:3c:c9:b5:7b:6d:80:e5:93:34: 83:9a:de:39:0c:77:09:da:4b:3b:cc:b6:03:3c:ef:1b:bc:61: f6:f3:70:3e:cb:e8:29:e0:5d:fe:7b:b2:ea:69:c1:68:30:05: c7:6e:fb:fb:5e:db:66:b0:09:22:c0:39:4e:08:ce:54:b8:a7: 97:38:93:2e:61:0f:43:8c:ae:79:8c:78:c8:77:f1:65:36:3b: 55:6b:84:6c:b7:1e:c3:a5:94:9c:0d:8d:14:4f:ad:64:af:a0: 6a:97:fb:05:8e:08:26:77:4b:d1:ba:dc:ac:d3:71:c5:de:31: b3:87:8f:f8:e1:ad:f1:d5:ef:43:62:88:11:53:b8:ae:31:20: fa:86:c0:35:bd:c5:1e:15:eb:fc:fe:e9:b3:94:5d:07:97:0e: 36:9c:5a:a0:9c:99:a5:f9:07:b6:44:ca:8a:77:a2:1b:0c:c2: 77:28:6d:d8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXJamtepZ7NRQn9EdQg555RdCUsQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQyMzExRjU2M0RGMEFGOEVCRUZEQTIxODcxNjI2QjVE RDc4QzVCRDAeFw0yNTExMDMwOTI3MDJaFw0yNTExMDYxNDUzMDJaMDMxMTAvBgNV BAMTKDgxMUM0QzhFMDMyMTgzNkQyNzY1M0FBNDkxOUM0OTI2NTQ3MTdENzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChcnRc39WwYdePhUH5g842mAJG Bv5dvGMRBu0VUOKTaGnfieumyqHWt+wwBAHMsJ9Z9Yl1ua18+HjPodtplvVSku+1 eNk9Ug7z4Q/fgTm4YKId/XE8RmNPeWl+jnkNU91vde58nFm64hzq+h0sib5NbyKC vyUjrt9pzW+/YtHkAMVNsJrxIUcOdOZ0Kc/2pSWuZPw/YDqzxvxUsw196aJmnhVJ GoNMoM+7ZS1DiSNvSEuAJO2eEnKYtahZQQzmR1BT5LeoqSeMsWHYCNhS6Sjq3Zes AaD3VlSubQ3sow1WnXr07M+/FZbaQ0sgXDzv/GP/CpSxDznm8GNJC6oeVwxDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUgRxMjgMhg20nZTqkkZxJJlRxfXAwHwYDVR0j BBgwFoAULSMR9WPfCvjr79ohhxYmtd14xb0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h ZjFjNzlmMS0yNjRlLTQyM2YtOWUwOC0wYjI5MDBkYTY5NDkvMC8yRDIzMTFGNTYz REYwQUY4RUJFRkRBMjE4NzE2MjZCNURENzhDNUJELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQyMzExRjU2M0RGMEFGOEVCRUZEQTIxODcxNjI2QjVERDc4 QzVCRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYWYxYzc5ZjEtMjY0ZS00MjNmLTll MDgtMGIyOTAwZGE2OTQ5LzAvMkQyMzExRjU2M0RGMEFGOEVCRUZEQTIxODcxNjI2 QjVERDc4QzVCRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADwMdNJ46jYbGa2F637AM3FwjJFULnd56Gze aLpubrdpg56ydqIwNiyA+hj+zDg0PjAYxehHYXqjE4s7krHy2wWI7o3Q/1D++ycN AM3CR3nmwjzJtXttgOWTNIOa3jkMdwnaSzvMtgM87xu8YfbzcD7L6CngXf57supp wWgwBcdu+/te22awCSLAOU4IzlS4p5c4ky5hD0OMrnmMeMh38WU2O1VrhGy3HsOl lJwNjRRPrWSvoGqX+wWOCCZ3S9G63KzTccXeMbOHj/jhrfHV70NiiBFTuK4xIPqG wDW9xR4V6/z+6bOUXQeXDjacWqCcmaX5B7ZEyop3ohsMwncobdg= -----END CERTIFICATE-----Generated at Wed Nov 5 13:17:08 2025 by rpki-client