$ rpki-client -vvf repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.mft File: 2CB21EF336B6AB4640E4619601E0F6488CB8FD52.mft (raw, json) Hash identifier: XHL2/CE3iZPi6aUFKJonb7MG9/m8/q4BkxAQall37FM= Subject key identifier: D3:9A:89:9D:5E:61:85:22:68:6B:D4:A3:06:F8:C9:ED:89:11:D9:18 Authority key identifier: 2C:B2:1E:F3:36:B6:AB:46:40:E4:61:96:01:E0:F6:48:8C:B8:FD:52 Certificate issuer: /CN=2CB21EF336B6AB4640E4619601E0F6488CB8FD52 Certificate serial: 47A971DA4C17ADC1DD6043872D73D7EB05F44DE6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.mft Manifest number: 034F Signing time: Mon 03 Nov 2025 09:32:00 +0000 Manifest this update: Mon 03 Nov 2025 09:27:00 +0000 Manifest next update: Thu 06 Nov 2025 16:16:00 +0000 Files and hashes: 1: 3130332e3136302e31322e302f32332d3234203d3e20313331313131.roa (hash: 2TjUbAwclmvFhuQfA5b8APF/xfL7qfTm8NzkksHu4ng=) 2: 2CB21EF336B6AB4640E4619601E0F6488CB8FD52.crl (hash: 6DgEj+Xwr//Ql4RTMv2foIRiOYDlQY4RcvyyqzY3wUE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.crl rsync://repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 16:16:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:a9:71:da:4c:17:ad:c1:dd:60:43:87:2d:73:d7:eb:05:f4:4d:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CB21EF336B6AB4640E4619601E0F6488CB8FD52 Validity Not Before: Nov 3 09:27:00 2025 GMT Not After : Nov 6 16:16:00 2025 GMT Subject: CN=D39A899D5E618522686BD4A306F8C9ED8911D918 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:6c:e0:16:48:ef:7f:fb:60:b3:00:6a:fb:8a: 8b:6d:8e:c9:8d:10:b8:55:4b:b5:70:d1:32:f9:98: 5b:77:58:61:2d:06:6a:95:00:5b:53:d5:dc:17:e0: f4:89:f7:d3:5e:b6:f9:a6:06:79:7e:94:80:e4:d5: 77:34:90:fd:2f:4d:8d:a9:14:ef:f8:2d:06:43:82: 98:32:fe:0d:ca:09:a7:e7:ad:ab:fa:93:05:a6:1a: e3:7b:20:6b:b4:07:41:70:08:92:bb:b2:8b:9d:e7: c3:cd:e8:5d:bc:46:e9:65:d6:e4:5c:b2:99:b2:71: 07:90:d6:6e:9c:58:26:64:93:23:ab:c1:75:e6:74: bf:c5:95:97:64:4f:6d:90:c3:a6:57:1c:e9:99:6a: ea:e2:0f:1c:14:c4:11:b6:ca:52:4e:a7:d0:43:64: 57:91:49:28:27:56:d8:e2:83:65:01:32:2b:32:e4: ce:ca:83:20:2d:e5:f9:33:9e:bd:f3:d4:10:86:51: 33:1d:18:95:1f:9c:1e:67:6a:53:47:b7:59:99:35: 79:d8:ac:bb:33:f7:17:d4:1c:c8:00:63:b6:b9:a8: 20:9b:d8:89:f5:cc:d4:fb:9a:99:6b:a1:66:62:d1: 16:b5:1f:dd:f5:70:4d:cb:13:28:73:8e:7d:c0:57: c0:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:9A:89:9D:5E:61:85:22:68:6B:D4:A3:06:F8:C9:ED:89:11:D9:18 X509v3 Authority Key Identifier: keyid:2C:B2:1E:F3:36:B6:AB:46:40:E4:61:96:01:E0:F6:48:8C:B8:FD:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b4c6f770-686a-45ef-8dfb-0c3a87d3d8da/0/2CB21EF336B6AB4640E4619601E0F6488CB8FD52.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:71:6d:86:33:5e:7a:be:9f:bf:51:5e:65:e5:25:53:27:65: 96:d9:79:2d:73:c2:c5:22:14:05:24:c7:b6:9f:14:f1:58:f0: f3:97:3a:63:51:ed:13:c3:ea:92:72:b9:66:43:53:ad:5c:17: 20:60:f2:3b:b7:92:52:e5:80:07:18:b9:11:ae:53:69:c7:b3: d7:65:78:94:55:b5:c1:f3:75:ce:4b:3b:df:13:58:c4:f4:db: 9d:6b:b1:dd:b7:c2:bf:8c:70:1e:8b:95:bb:f4:13:89:38:91: dd:59:4f:87:b5:b3:0d:f4:52:b1:8c:ac:74:f5:51:31:74:18: 20:72:d3:92:ec:0f:be:25:84:46:6f:eb:d1:bd:1b:8e:c6:ac: 51:12:5a:1d:b0:f9:e7:6d:3a:b1:60:86:da:13:5a:da:cb:b3: fd:17:cf:66:ae:75:57:0d:5a:44:32:5f:6b:68:c1:7a:bd:51: 59:be:9d:ee:11:76:33:d5:5a:de:ef:d6:ec:fd:a7:fc:4e:89: 34:3d:3c:ab:de:20:09:42:12:45:d8:af:42:17:2c:6c:df:f6: 32:0c:7f:66:97:9c:b5:37:ea:de:db:02:36:31:d3:3a:77:fc: 76:75:a7:9f:42:05:84:b9:4f:20:b3:b1:8c:8e:fc:d4:7f:53: b0:85:89:dc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUR6lx2kwXrcHdYEOHLXPX6wX0TeYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkNCMjFFRjMzNkI2QUI0NjQwRTQ2MTk2MDFFMEY2NDg4 Q0I4RkQ1MjAeFw0yNTExMDMwOTI3MDBaFw0yNTExMDYxNjE2MDBaMDMxMTAvBgNV BAMTKEQzOUE4OTlENUU2MTg1MjI2ODZCRDRBMzA2RjhDOUVEODkxMUQ5MTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRbOAWSO9/+2CzAGr7iottjsmN ELhVS7Vw0TL5mFt3WGEtBmqVAFtT1dwX4PSJ99NetvmmBnl+lIDk1Xc0kP0vTY2p FO/4LQZDgpgy/g3KCafnrav6kwWmGuN7IGu0B0FwCJK7soud58PN6F28Rull1uRc spmycQeQ1m6cWCZkkyOrwXXmdL/FlZdkT22Qw6ZXHOmZauriDxwUxBG2ylJOp9BD ZFeRSSgnVtjig2UBMisy5M7KgyAt5fkznr3z1BCGUTMdGJUfnB5nalNHt1mZNXnY rLsz9xfUHMgAY7a5qCCb2In1zNT7mplroWZi0Ra1H931cE3LEyhzjn3AV8DrAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU05qJnV5hhSJoa9SjBvjJ7YkR2RgwHwYDVR0j BBgwFoAULLIe8za2q0ZA5GGWAeD2SIy4/VIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i NGM2Zjc3MC02ODZhLTQ1ZWYtOGRmYi0wYzNhODdkM2Q4ZGEvMC8yQ0IyMUVGMzM2 QjZBQjQ2NDBFNDYxOTYwMUUwRjY0ODhDQjhGRDUyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkNCMjFFRjMzNkI2QUI0NjQwRTQ2MTk2MDFFMEY2NDg4Q0I4 RkQ1Mi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjRjNmY3NzAtNjg2YS00NWVmLThk ZmItMGMzYTg3ZDNkOGRhLzAvMkNCMjFFRjMzNkI2QUI0NjQwRTQ2MTk2MDFFMEY2 NDg4Q0I4RkQ1Mi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEpxbYYzXnq+n79RXmXlJVMnZZbZeS1zwsUi FAUkx7afFPFY8POXOmNR7RPD6pJyuWZDU61cFyBg8ju3klLlgAcYuRGuU2nHs9dl eJRVtcHzdc5LO98TWMT0251rsd23wr+McB6Llbv0E4k4kd1ZT4e1sw30UrGMrHT1 UTF0GCBy05LsD74lhEZv69G9G47GrFESWh2w+edtOrFghtoTWtrLs/0Xz2audVcN WkQyX2towXq9UVm+ne4RdjPVWt7v1uz9p/xOiTQ9PKveIAlCEkXYr0IXLGzf9jIM f2aXnLU36t7bAjYx0zp3/HZ1p59CBYS5TyCzsYyO/NR/U7CFidw= -----END CERTIFICATE-----Generated at Tue Nov 4 21:41:57 2025 by rpki-client