$ rpki-client -vvf repo-rpki.idnic.net/repo/d05e5a30-0802-4c5c-947e-98ef285f4f6b/0/20EF9BB996F984E995F9FF0658F0B90CB903B897.mft File: 20EF9BB996F984E995F9FF0658F0B90CB903B897.mft (raw, json) Hash identifier: UYXRSX09JKTUL+jqYlpHA9FsnyQ11WtDsvVBCIcCyAU= Subject key identifier: 4A:AB:B0:B7:7A:85:63:B9:84:57:13:DA:7A:7F:1A:8B:1A:2B:A4:24 Authority key identifier: 20:EF:9B:B9:96:F9:84:E9:95:F9:FF:06:58:F0:B9:0C:B9:03:B8:97 Certificate issuer: /CN=20EF9BB996F984E995F9FF0658F0B90CB903B897 Certificate serial: 2EC239AEB146BD4E95ED8457543D7D7B83FB0EC9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20EF9BB996F984E995F9FF0658F0B90CB903B897.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d05e5a30-0802-4c5c-947e-98ef285f4f6b/0/20EF9BB996F984E995F9FF0658F0B90CB903B897.mft Manifest number: 022A Signing time: Mon 03 Nov 2025 05:01:55 +0000 Manifest this update: Mon 03 Nov 2025 04:56:55 +0000 Manifest next update: Thu 06 Nov 2025 11:41:55 +0000 Files and hashes: 1: 3130332e3138392e3131302e302f32332d3233203d3e20313439373439.roa (hash: iDioe3jjxT7o8WJUfZMX4dcAtJo9aoi+lZoEhp66IbU=) 2: 20EF9BB996F984E995F9FF0658F0B90CB903B897.crl (hash: ZCRJX4IhgcujIKXLU5jN2JQ3gwqLsjekOuBUDqi7VAw=) 3: 3130332e3138392e3131312e302f32342d3234203d3e20313439373439.roa (hash: gtfNgouP3xqwRZMc2rLq5YYKkcJUcC8NmXsS5NHSV5Y=) 4: 3130332e3138392e3131302e302f32342d3234203d3e20313439373439.roa (hash: vEIWSBdkXeXYMMZ1JkgEqdYq9VUkjPtTYb4B2b9jIwo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d05e5a30-0802-4c5c-947e-98ef285f4f6b/0/20EF9BB996F984E995F9FF0658F0B90CB903B897.crl rsync://repo-rpki.idnic.net/repo/d05e5a30-0802-4c5c-947e-98ef285f4f6b/0/20EF9BB996F984E995F9FF0658F0B90CB903B897.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20EF9BB996F984E995F9FF0658F0B90CB903B897.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 11:41:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:c2:39:ae:b1:46:bd:4e:95:ed:84:57:54:3d:7d:7b:83:fb:0e:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20EF9BB996F984E995F9FF0658F0B90CB903B897 Validity Not Before: Nov 3 04:56:55 2025 GMT Not After : Nov 6 11:41:55 2025 GMT Subject: CN=4AABB0B77A8563B9845713DA7A7F1A8B1A2BA424 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:cb:2c:b6:18:03:96:c9:89:81:c4:5e:2e:6a: 0c:37:26:3c:ae:a2:ea:e2:7e:75:81:6d:62:b5:fa: 21:af:f4:74:ef:6c:d0:f0:c8:76:dd:da:54:93:83: 5b:2b:18:1e:b6:6b:e3:79:2e:66:a6:be:06:68:41: 93:67:21:c0:d9:a3:da:c4:7c:44:e5:54:fa:1b:f1: 7b:ab:ae:3d:e8:8d:52:7f:cf:27:74:8a:8b:06:53: 3b:18:55:1f:ca:a7:be:e4:a2:37:76:de:73:9a:e7: 9f:10:68:68:95:31:28:c5:1c:f9:7a:ce:af:92:d3: e0:0a:b6:39:fe:0a:f8:96:61:0e:a9:1f:1e:0b:c7: 69:b2:fc:56:b3:8d:f0:22:1e:28:3b:e7:30:d5:2a: 69:a0:13:69:13:dd:02:d5:ff:5a:fc:d8:32:e4:7e: bb:c0:a4:87:c2:6b:03:b4:17:12:77:58:51:f3:93: 42:83:94:d9:86:69:ac:e4:39:2b:e9:ea:30:28:08: 61:aa:a3:4b:e9:6a:5d:c0:39:e3:d2:ce:82:17:fa: b4:6b:fb:c9:4c:dd:31:bf:8b:1a:0c:30:aa:19:2a: c0:1e:0e:70:20:40:c9:2f:a2:2b:fd:94:31:7a:bc: ae:10:70:c6:c4:82:60:92:e9:80:84:72:48:8d:61: 25:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:AB:B0:B7:7A:85:63:B9:84:57:13:DA:7A:7F:1A:8B:1A:2B:A4:24 X509v3 Authority Key Identifier: keyid:20:EF:9B:B9:96:F9:84:E9:95:F9:FF:06:58:F0:B9:0C:B9:03:B8:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d05e5a30-0802-4c5c-947e-98ef285f4f6b/0/20EF9BB996F984E995F9FF0658F0B90CB903B897.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20EF9BB996F984E995F9FF0658F0B90CB903B897.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d05e5a30-0802-4c5c-947e-98ef285f4f6b/0/20EF9BB996F984E995F9FF0658F0B90CB903B897.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:c7:bb:90:70:05:fa:e3:2b:64:7a:d3:c1:59:fa:2c:29:83: d1:66:1a:a8:34:af:d9:cd:88:2c:a0:ca:5c:93:6f:a4:ac:a9: 0d:96:2d:46:27:9e:b2:37:ef:04:a5:84:a5:93:89:ce:3e:07: 5c:d6:a4:70:f1:08:97:bf:75:7a:a7:db:eb:38:2d:62:1c:0a: 80:ab:04:3b:bb:e3:27:34:85:ec:a4:91:43:86:ac:3e:39:fd: 68:c6:b3:d9:0b:e4:6d:98:46:5f:48:15:16:a8:b6:ce:98:4e: a3:2d:cb:e8:2a:ad:1b:b5:41:4f:06:be:93:9e:3d:4d:d8:ec: 49:ea:f0:aa:ef:ec:1a:b7:95:54:ac:f0:e8:83:dc:e2:ec:ff: a8:aa:40:be:9e:83:b0:5f:95:09:78:6b:56:39:46:2c:5b:ff: cc:8d:40:d4:f5:6b:56:4f:64:11:62:40:ac:53:c1:ea:da:9b: 17:d5:45:85:c1:3a:61:d6:7a:79:17:95:cf:be:e1:cb:56:c0: cf:83:6f:1a:73:43:8b:c5:4d:2a:db:69:64:7c:8f:b5:a2:d2: 1f:20:e9:1e:13:82:6e:b6:23:3e:7f:ff:c1:f0:03:43:cf:ce: 99:f0:b5:e9:b6:21:8d:64:fa:02:08:a1:a9:09:4b:5e:55:e2: 87:dd:c3:23 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULsI5rrFGvU6V7YRXVD19e4P7DskwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBFRjlCQjk5NkY5ODRFOTk1RjlGRjA2NThGMEI5MENC OTAzQjg5NzAeFw0yNTExMDMwNDU2NTVaFw0yNTExMDYxMTQxNTVaMDMxMTAvBgNV BAMTKDRBQUJCMEI3N0E4NTYzQjk4NDU3MTNEQTdBN0YxQThCMUEyQkE0MjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuyyy2GAOWyYmBxF4uagw3Jjyu ourifnWBbWK1+iGv9HTvbNDwyHbd2lSTg1srGB62a+N5LmamvgZoQZNnIcDZo9rE fETlVPob8Xurrj3ojVJ/zyd0iosGUzsYVR/Kp77kojd23nOa558QaGiVMSjFHPl6 zq+S0+AKtjn+CviWYQ6pHx4Lx2my/FazjfAiHig75zDVKmmgE2kT3QLV/1r82DLk frvApIfCawO0FxJ3WFHzk0KDlNmGaazkOSvp6jAoCGGqo0vpal3AOePSzoIX+rRr +8lM3TG/ixoMMKoZKsAeDnAgQMkvoiv9lDF6vK4QcMbEgmCS6YCEckiNYSUDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUSquwt3qFY7mEVxPaen8aixorpCQwHwYDVR0j BBgwFoAUIO+buZb5hOmV+f8GWPC5DLkDuJcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MDVlNWEzMC0wODAyLTRjNWMtOTQ3ZS05OGVmMjg1ZjRmNmIvMC8yMEVGOUJCOTk2 Rjk4NEU5OTVGOUZGMDY1OEYwQjkwQ0I5MDNCODk3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjBFRjlCQjk5NkY5ODRFOTk1RjlGRjA2NThGMEI5MENCOTAz Qjg5Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDA1ZTVhMzAtMDgwMi00YzVjLTk0 N2UtOThlZjI4NWY0ZjZiLzAvMjBFRjlCQjk5NkY5ODRFOTk1RjlGRjA2NThGMEI5 MENCOTAzQjg5Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADzHu5BwBfrjK2R608FZ+iwpg9FmGqg0r9nN iCygylyTb6SsqQ2WLUYnnrI37wSlhKWTic4+B1zWpHDxCJe/dXqn2+s4LWIcCoCr BDu74yc0heykkUOGrD45/WjGs9kL5G2YRl9IFRaots6YTqMty+gqrRu1QU8GvpOe PU3Y7Enq8Krv7Bq3lVSs8OiD3OLs/6iqQL6eg7BflQl4a1Y5Rixb/8yNQNT1a1ZP ZBFiQKxTweramxfVRYXBOmHWenkXlc++4ctWwM+DbxpzQ4vFTSrbaWR8j7Wi0h8g 6R4Tgm62Iz5//8HwA0PPzpnwtem2IY1k+gIIoakJS15V4ofdwyM= -----END CERTIFICATE-----Generated at Tue Nov 4 12:55:18 2025 by rpki-client