$ rpki-client -vvf repo-rpki.idnic.net/repo/d231e6b1-1841-476d-b46b-b44b9cb968b0/0/D2EF21DBD545255BED30EEC34623F204A3E12D23.mft File: D2EF21DBD545255BED30EEC34623F204A3E12D23.mft (raw, json) Hash identifier: m+Rw/FqGJDV1NUQn+4U7goTrzQW2uaIRsMpeHc1PiQU= Subject key identifier: 85:FD:96:B8:09:69:96:A7:4E:A5:08:E5:35:B9:3D:EE:D0:77:57:9A Authority key identifier: D2:EF:21:DB:D5:45:25:5B:ED:30:EE:C3:46:23:F2:04:A3:E1:2D:23 Certificate issuer: /CN=D2EF21DBD545255BED30EEC34623F204A3E12D23 Certificate serial: 25B5248E1146FAC2581584AAB6089A3202C64AF5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2EF21DBD545255BED30EEC34623F204A3E12D23.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d231e6b1-1841-476d-b46b-b44b9cb968b0/0/D2EF21DBD545255BED30EEC34623F204A3E12D23.mft Manifest number: 051B Signing time: Mon 03 Nov 2025 02:41:12 +0000 Manifest this update: Mon 03 Nov 2025 02:36:12 +0000 Manifest next update: Thu 06 Nov 2025 06:22:12 +0000 Files and hashes: 1: 3130332e3130342e3230362e302f32342d3234203d3e20313336383639.roa (hash: W2IYXy+JkbGpp85/sS2UKLUazxQpNz2N8iZifbHeJpI=) 2: 323430323a316134303a3a2f33322d3332203d3e20313336383639.roa (hash: HI0hJJXTQDhzD7pTczCRmyIdw4yYJFsaIwjzSTbxsrY=) 3: 3130332e3130342e3230342e302f32342d3234203d3e20313336383639.roa (hash: w7Chi4gZxBYt1ZeGb/YO7tH8OTI2H/0aS5PoiZEPc/Y=) 4: 3130332e3130342e3230352e302f32342d3234203d3e20313336383639.roa (hash: iReeweCReiVdyDxdcHaFTjeSzHc3cSR3SFaF6DPJP8s=) 5: 3130332e3130342e3230372e302f32342d3234203d3e20313336383639.roa (hash: 2COjLCJ4YEuRoqvYvSrj9dQC5huF+G+dAbpMe2HpJLo=) 6: D2EF21DBD545255BED30EEC34623F204A3E12D23.crl (hash: sUVqykv8o5LvVA8j6FXd8xEN71vGUPu8MFZYkDS7edI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d231e6b1-1841-476d-b46b-b44b9cb968b0/0/D2EF21DBD545255BED30EEC34623F204A3E12D23.crl rsync://repo-rpki.idnic.net/repo/d231e6b1-1841-476d-b46b-b44b9cb968b0/0/D2EF21DBD545255BED30EEC34623F204A3E12D23.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2EF21DBD545255BED30EEC34623F204A3E12D23.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 06:22:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:b5:24:8e:11:46:fa:c2:58:15:84:aa:b6:08:9a:32:02:c6:4a:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2EF21DBD545255BED30EEC34623F204A3E12D23 Validity Not Before: Nov 3 02:36:12 2025 GMT Not After : Nov 6 06:22:12 2025 GMT Subject: CN=85FD96B8096996A74EA508E535B93DEED077579A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:5f:09:79:db:88:23:38:66:d9:91:96:f3:20: 6b:c4:4e:5a:b2:2a:1a:1f:6e:44:d2:66:e6:e4:09: 94:c2:2e:a2:a7:36:b7:34:e0:46:aa:b6:a4:ea:93: 6c:5c:47:90:08:16:79:ee:ee:61:e8:46:e2:dc:96: bb:6a:67:3e:87:f1:95:34:4b:87:17:44:9a:3a:e4: f9:9e:89:05:ff:f8:81:fc:63:93:e9:99:8f:d2:72: 01:f9:73:44:ff:48:26:b3:e0:73:4e:fe:de:45:06: fb:cc:e7:75:52:3f:11:fd:68:f9:df:6e:73:50:31: fc:f7:13:96:22:48:d1:21:f2:61:e5:f1:33:2c:c7: 9b:52:87:c8:cf:eb:a9:9d:a5:e1:72:a2:2e:2d:15: a6:7b:f7:1b:ca:24:13:8e:e0:c2:15:96:5a:2b:aa: f0:f6:5c:58:35:2c:80:27:6a:12:1d:3c:7c:ca:b8: c6:65:c4:f2:66:09:2d:7f:52:e3:34:b9:99:92:9e: 24:dc:59:50:c0:66:27:5c:bd:10:43:cf:07:1c:fd: f1:d0:0d:17:03:e5:f0:fb:b8:33:0f:f5:4e:d4:f6: ce:d2:9a:a6:e4:b1:18:93:f2:f7:11:d8:ca:fb:fd: 40:22:1b:1c:26:33:97:42:7d:a5:3b:18:94:13:cb: 3d:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:FD:96:B8:09:69:96:A7:4E:A5:08:E5:35:B9:3D:EE:D0:77:57:9A X509v3 Authority Key Identifier: keyid:D2:EF:21:DB:D5:45:25:5B:ED:30:EE:C3:46:23:F2:04:A3:E1:2D:23 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d231e6b1-1841-476d-b46b-b44b9cb968b0/0/D2EF21DBD545255BED30EEC34623F204A3E12D23.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D2EF21DBD545255BED30EEC34623F204A3E12D23.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d231e6b1-1841-476d-b46b-b44b9cb968b0/0/D2EF21DBD545255BED30EEC34623F204A3E12D23.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c5:f6:75:d2:68:e2:a7:3c:54:56:45:68:fa:a2:a0:9b:48:98: 98:9e:14:f0:7b:1c:46:b1:2b:76:36:73:d1:73:ec:10:9f:f0: e4:ce:56:95:3f:07:23:24:27:fd:1f:31:22:7a:0b:34:56:23: 44:9d:ec:07:de:63:a4:03:51:6f:b5:52:6a:8b:31:cc:cb:5c: 33:fe:d6:6f:c1:b1:10:06:b4:20:e5:ad:4a:91:bf:e1:a5:0c: 8a:56:c8:95:b3:24:81:3c:0e:9a:12:fe:3b:57:08:96:c8:5b: a4:fa:8a:d9:18:0e:da:72:99:ce:4f:b6:29:4f:3d:dc:06:67: 6c:ec:80:4d:d8:fd:10:d1:fa:8e:6f:5d:9a:88:bf:16:f1:61: 46:bf:82:ba:7b:f7:a9:a7:34:9c:08:8b:53:ff:94:e4:55:8d: b0:b3:e0:a5:94:4e:f1:71:62:e5:21:79:7a:77:77:54:e5:84: 82:a1:b8:4c:8d:86:54:79:93:48:8d:bf:82:f1:71:78:5c:1c: c8:38:85:ba:13:ae:6b:81:15:ba:ae:b8:79:e5:cd:c6:ff:21: 2e:58:a4:02:85:6a:2f:e0:00:57:c5:96:78:6c:bc:a3:92:fd: dd:ab:f5:8e:c8:65:9a:8e:a1:75:f9:d3:7b:4d:dc:f8:08:e9: db:34:a5:ed -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJbUkjhFG+sJYFYSqtgiaMgLGSvUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDJFRjIxREJENTQ1MjU1QkVEMzBFRUMzNDYyM0YyMDRB M0UxMkQyMzAeFw0yNTExMDMwMjM2MTJaFw0yNTExMDYwNjIyMTJaMDMxMTAvBgNV BAMTKDg1RkQ5NkI4MDk2OTk2QTc0RUE1MDhFNTM1QjkzREVFRDA3NzU3OUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIXwl524gjOGbZkZbzIGvETlqy KhofbkTSZubkCZTCLqKnNrc04EaqtqTqk2xcR5AIFnnu7mHoRuLclrtqZz6H8ZU0 S4cXRJo65PmeiQX/+IH8Y5PpmY/ScgH5c0T/SCaz4HNO/t5FBvvM53VSPxH9aPnf bnNQMfz3E5YiSNEh8mHl8TMsx5tSh8jP66mdpeFyoi4tFaZ79xvKJBOO4MIVllor qvD2XFg1LIAnahIdPHzKuMZlxPJmCS1/UuM0uZmSniTcWVDAZidcvRBDzwcc/fHQ DRcD5fD7uDMP9U7U9s7SmqbksRiT8vcR2Mr7/UAiGxwmM5dCfaU7GJQTyz2vAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhf2WuAlplqdOpQjlNbk97tB3V5owHwYDVR0j BBgwFoAU0u8h29VFJVvtMO7DRiPyBKPhLSMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MjMxZTZiMS0xODQxLTQ3NmQtYjQ2Yi1iNDRiOWNiOTY4YjAvMC9EMkVGMjFEQkQ1 NDUyNTVCRUQzMEVFQzM0NjIzRjIwNEEzRTEyRDIzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDJFRjIxREJENTQ1MjU1QkVEMzBFRUMzNDYyM0YyMDRBM0Ux MkQyMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDIzMWU2YjEtMTg0MS00NzZkLWI0 NmItYjQ0YjljYjk2OGIwLzAvRDJFRjIxREJENTQ1MjU1QkVEMzBFRUMzNDYyM0Yy MDRBM0UxMkQyMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMX2ddJo4qc8VFZFaPqioJtImJieFPB7HEax K3Y2c9Fz7BCf8OTOVpU/ByMkJ/0fMSJ6CzRWI0Sd7AfeY6QDUW+1UmqLMczLXDP+ 1m/BsRAGtCDlrUqRv+GlDIpWyJWzJIE8DpoS/jtXCJbIW6T6itkYDtpymc5PtilP PdwGZ2zsgE3Y/RDR+o5vXZqIvxbxYUa/grp796mnNJwIi1P/lORVjbCz4KWUTvFx YuUheXp3d1TlhIKhuEyNhlR5k0iNv4LxcXhcHMg4hboTrmuBFbquuHnlzcb/IS5Y pAKFai/gAFfFlnhsvKOS/d2r9Y7IZZqOoXX503tN3PgI6ds0pe0= -----END CERTIFICATE-----Generated at Tue Nov 4 08:12:43 2025 by rpki-client