$ rpki-client -vvf repo-rpki.idnic.net/repo/b25c7e1d-82e8-4100-b435-9954272fb7a8/0/CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1.mft File: CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1.mft (raw, json) Hash identifier: EXkWkaYPdp6CV4LRhFPtwIT/FifRVwiDHjfS5G00nPo= Subject key identifier: FB:3C:30:26:2B:15:78:CF:46:B5:BF:1A:D7:36:80:85:6C:61:9F:AE Authority key identifier: CF:E5:9D:4C:7A:61:3A:B4:3F:C8:F6:8E:89:74:AB:C8:27:7B:99:D1 Certificate issuer: /CN=CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1 Certificate serial: 5E6AB28213F2289E2EB4D3B29CF9B6754ACDCB3B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b25c7e1d-82e8-4100-b435-9954272fb7a8/0/CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1.mft Manifest number: 022D Signing time: Tue 04 Nov 2025 01:41:08 +0000 Manifest this update: Tue 04 Nov 2025 01:36:08 +0000 Manifest next update: Fri 07 Nov 2025 04:29:08 +0000 Files and hashes: 1: 3130332e3138372e3136322e302f32342d3234203d3e20313439373434.roa (hash: Tv+weNKfZV3vLvtIURyDMLx5ol7dILJ4RL8AQ9yiukI=) 2: CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1.crl (hash: 87nuYpeaZR5xHj4gemyT5UYDfiDba8c1wk6RG1IniN0=) 3: 3130332e3138372e3136332e302f32342d3234203d3e20313439373434.roa (hash: xhHGbTeP6u0WbPe8ByZkxSsIh3tMuqCvY/m/R9Bd6uM=) 4: 3130332e3138372e3136322e302f32332d3233203d3e20313439373434.roa (hash: NBMvMFdbSgV8YLztOs5et7qKnLsGThNMzle3TvV2a2Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b25c7e1d-82e8-4100-b435-9954272fb7a8/0/CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1.crl rsync://repo-rpki.idnic.net/repo/b25c7e1d-82e8-4100-b435-9954272fb7a8/0/CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 04:29:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:6a:b2:82:13:f2:28:9e:2e:b4:d3:b2:9c:f9:b6:75:4a:cd:cb:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1 Validity Not Before: Nov 4 01:36:08 2025 GMT Not After : Nov 7 04:29:08 2025 GMT Subject: CN=FB3C30262B1578CF46B5BF1AD73680856C619FAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:fe:e4:5c:dc:f3:39:73:ed:a0:bc:4c:61:9c: 87:fa:ba:d8:72:8d:cf:08:6e:bc:51:42:f3:48:b3: f1:2a:9d:ed:d3:ec:e7:2c:2c:d9:61:bc:7f:d8:41: fc:30:71:2c:e3:66:32:e8:c3:ef:04:5b:8c:84:e8: cb:26:eb:6a:f8:87:d6:52:bd:5d:25:5b:f7:16:b8: f8:b4:73:83:80:3c:5f:94:ca:30:2d:da:fc:b4:a9: 22:46:5a:99:09:a3:9a:40:5c:2c:7e:ef:b7:29:89: 7b:ec:90:cf:19:e4:9d:3c:8b:fd:9e:07:3a:43:08: 13:5b:a7:b7:40:b6:b7:b2:f2:33:dd:a1:72:ff:83: 9c:f4:05:8a:95:0c:9d:f0:9c:60:8b:56:c2:c2:a2: 10:a5:e3:f3:2f:72:b5:79:7a:86:3e:51:e6:c5:73: 4d:25:3b:b5:4d:60:4a:af:dd:0e:be:0f:0d:75:97: f7:ba:24:6b:83:af:af:92:e5:dc:05:97:71:0b:5a: 88:aa:e9:6f:f5:df:0e:32:57:0b:13:08:2e:8d:a1: 2a:d8:55:07:b9:d2:2c:e7:ef:ad:42:e1:af:44:d3: 27:62:62:72:0d:3b:3a:a2:eb:6e:4d:06:41:a6:c6: 39:ea:76:77:e0:bf:10:ae:a3:6b:0a:c5:1a:33:1b: dc:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:3C:30:26:2B:15:78:CF:46:B5:BF:1A:D7:36:80:85:6C:61:9F:AE X509v3 Authority Key Identifier: keyid:CF:E5:9D:4C:7A:61:3A:B4:3F:C8:F6:8E:89:74:AB:C8:27:7B:99:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b25c7e1d-82e8-4100-b435-9954272fb7a8/0/CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b25c7e1d-82e8-4100-b435-9954272fb7a8/0/CFE59D4C7A613AB43FC8F68E8974ABC8277B99D1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:f2:bb:52:d1:2c:a8:b6:21:63:db:99:a4:11:c0:d9:af:56: cc:0b:54:66:05:6e:9d:b9:87:66:ed:82:ed:71:5f:2f:5c:6e: b9:aa:d0:1d:33:bc:2e:74:ac:1b:e6:57:be:80:b7:e9:60:e0: c3:33:ec:9d:8d:45:89:a9:8e:d3:31:65:bd:19:30:6d:82:03: 0c:c1:ad:ac:44:7e:99:1c:8d:bb:b0:ee:ec:6d:ed:f5:a4:60: fb:f0:fe:f3:45:f0:77:36:34:34:2b:9c:4d:82:af:60:17:bb: a7:75:10:fb:cd:cd:cf:22:72:f1:86:1f:24:b5:6f:d1:58:69: 1b:66:8b:8c:9f:dd:b3:1c:1f:26:a7:b0:41:54:e9:e2:92:37: d8:9c:3d:20:e2:8f:8d:9a:1f:00:2f:fe:45:c8:ed:f9:4b:77: 3e:44:a6:6f:dd:f0:3f:ac:4f:fd:70:81:96:8e:04:9d:ee:e1: ac:d0:ed:2b:76:1a:31:ce:a0:29:1d:21:27:b0:7f:35:ba:53: 3a:c0:6c:5c:c1:02:6f:f8:84:8d:5e:8e:80:b4:3c:34:17:88: 92:1a:17:12:79:2f:bd:19:a3:93:2b:a7:3b:50:7b:b4:d6:75: 73:ed:3c:86:b9:68:ce:b4:03:30:d6:ef:a2:3c:2d:e7:1e:d4: 77:e0:4b:07 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXmqyghPyKJ4utNOynPm2dUrNyzswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0ZFNTlENEM3QTYxM0FCNDNGQzhGNjhFODk3NEFCQzgy NzdCOTlEMTAeFw0yNTExMDQwMTM2MDhaFw0yNTExMDcwNDI5MDhaMDMxMTAvBgNV BAMTKEZCM0MzMDI2MkIxNTc4Q0Y0NkI1QkYxQUQ3MzY4MDg1NkM2MTlGQUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDs/uRc3PM5c+2gvExhnIf6uthy jc8IbrxRQvNIs/Eqne3T7OcsLNlhvH/YQfwwcSzjZjLow+8EW4yE6Msm62r4h9ZS vV0lW/cWuPi0c4OAPF+UyjAt2vy0qSJGWpkJo5pAXCx+77cpiXvskM8Z5J08i/2e BzpDCBNbp7dAtrey8jPdoXL/g5z0BYqVDJ3wnGCLVsLCohCl4/MvcrV5eoY+UebF c00lO7VNYEqv3Q6+Dw11l/e6JGuDr6+S5dwFl3ELWoiq6W/13w4yVwsTCC6NoSrY VQe50izn761C4a9E0ydiYnINOzqi625NBkGmxjnqdnfgvxCuo2sKxRozG9xVAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU+zwwJisVeM9Gtb8a1zaAhWxhn64wHwYDVR0j BBgwFoAUz+WdTHphOrQ/yPaOiXSryCd7mdEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MjVjN2UxZC04MmU4LTQxMDAtYjQzNS05OTU0MjcyZmI3YTgvMC9DRkU1OUQ0QzdB NjEzQUI0M0ZDOEY2OEU4OTc0QUJDODI3N0I5OUQxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0ZFNTlENEM3QTYxM0FCNDNGQzhGNjhFODk3NEFCQzgyNzdC OTlEMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjI1YzdlMWQtODJlOC00MTAwLWI0 MzUtOTk1NDI3MmZiN2E4LzAvQ0ZFNTlENEM3QTYxM0FCNDNGQzhGNjhFODk3NEFC QzgyNzdCOTlEMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGHyu1LRLKi2IWPbmaQRwNmvVswLVGYFbp25 h2btgu1xXy9cbrmq0B0zvC50rBvmV76At+lg4MMz7J2NRYmpjtMxZb0ZMG2CAwzB raxEfpkcjbuw7uxt7fWkYPvw/vNF8Hc2NDQrnE2Cr2AXu6d1EPvNzc8icvGGHyS1 b9FYaRtmi4yf3bMcHyansEFU6eKSN9icPSDij42aHwAv/kXI7flLdz5Epm/d8D+s T/1wgZaOBJ3u4azQ7St2GjHOoCkdISewfzW6UzrAbFzBAm/4hI1ejoC0PDQXiJIa FxJ5L70Zo5MrpztQe7TWdXPtPIa5aM60AzDW76I8Lece1HfgSwc= -----END CERTIFICATE-----Generated at Wed Nov 5 23:42:36 2025 by rpki-client