$ rpki-client -vvf repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.mft File: BD809D8A065DB595DC069383736A1A9C4A96B267.mft (raw, json) Hash identifier: blaCx2sq/CJQJMv1BWvX5xrx9fta7EjP9j77SPiJyQM= Subject key identifier: 85:46:BA:75:A0:0B:9D:53:1D:88:77:74:05:60:6D:CD:4D:22:5F:72 Authority key identifier: BD:80:9D:8A:06:5D:B5:95:DC:06:93:83:73:6A:1A:9C:4A:96:B2:67 Certificate issuer: /CN=BD809D8A065DB595DC069383736A1A9C4A96B267 Certificate serial: 22D2488CF2960737541B23BC7428459FD531E63C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD809D8A065DB595DC069383736A1A9C4A96B267.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.mft Manifest number: 0521 Signing time: Sun 02 Nov 2025 14:22:07 +0000 Manifest this update: Sun 02 Nov 2025 14:17:07 +0000 Manifest next update: Wed 05 Nov 2025 22:49:07 +0000 Files and hashes: 1: BD809D8A065DB595DC069383736A1A9C4A96B267.crl (hash: st+tgRpGcgdldIprxGAg2Abnkhz5p90RwScSJdZaOE8=) 2: 34352e3132372e3133352e302f32342d3234203d3e20313335333630.roa (hash: lOPyN4jlxJmDfUm1Z5usitGLtQdiU+flslurwWQqLwM=) 3: 34352e3132372e3133322e302f32342d3234203d3e203538343737.roa (hash: 6P/MnisWmadZujdf0MdzBBem1MXVl8xw/vKYXqNcxoU=) 4: 3130332e35362e3230362e302f32342d3234203d3e203538343737.roa (hash: ctlL63La/nA2o80IyG4Gn5yERO9Svxh3VS6Tj8PS2Bk=) 5: 3130332e35362e3230352e302f32342d3234203d3e203538343737.roa (hash: Y6tvd+1XtHiukr4Lnc++EG2e4/MBcfeHFg9Xd0kGFMg=) 6: 34352e3132372e3133342e302f32342d3234203d3e203538343737.roa (hash: mAHS4RhjFlyuuj4wSTCANOzW1BtppaUwbd4+LpgqV3A=) 7: 3130332e35362e3230342e302f32342d3234203d3e203538343737.roa (hash: GQLjyzqSeaPMpwbmMG+hHOVIX1kxT3fObGtrds/C+9M=) 8: 3130332e35362e3230372e302f32342d3234203d3e203538343737.roa (hash: +FaWxeyMSXTm1A2YbWkKpjjxd9ODF5R6bPfmYjsvC3c=) 9: 34352e3132372e3133332e302f32342d3234203d3e203538343737.roa (hash: m1RDFs81kJe7cLkzIuvESdF6lsbsj7FMYtNBuW0nGcE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.crl rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD809D8A065DB595DC069383736A1A9C4A96B267.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 22:49:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:d2:48:8c:f2:96:07:37:54:1b:23:bc:74:28:45:9f:d5:31:e6:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD809D8A065DB595DC069383736A1A9C4A96B267 Validity Not Before: Nov 2 14:17:07 2025 GMT Not After : Nov 5 22:49:07 2025 GMT Subject: CN=8546BA75A00B9D531D88777405606DCD4D225F72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:b3:d4:f0:a4:bb:9c:99:32:02:4f:43:70:fb: d1:f7:ab:3c:9b:0d:d0:5a:d2:b0:be:50:b0:9a:91: b4:9b:43:ec:19:14:a5:9d:69:08:35:44:85:ed:a7: 87:87:c4:ce:6b:29:ab:de:72:76:df:e7:64:fc:26: 31:1b:36:93:cb:4a:fa:95:d0:c3:f9:d6:da:78:f8: 7d:86:e5:8b:75:0b:6a:7e:78:c5:d3:df:64:1e:4e: c4:c3:9b:26:80:08:60:72:4b:04:ff:a4:76:df:0e: c0:e2:8e:43:c1:65:aa:24:7d:7e:5e:d1:a1:0f:0a: b7:d3:04:de:fa:2e:ce:e7:9d:e7:fb:3c:e7:a5:62: 4e:7d:7c:83:a1:27:e1:20:99:f4:4d:c6:f1:90:2f: 28:3f:56:b1:c8:ae:81:0c:d8:57:8d:93:82:19:67: 4b:ee:c3:e6:5a:c2:37:ee:ca:5b:ea:a3:fc:2f:11: b3:30:48:92:56:89:ad:c5:1c:d2:ee:6f:fa:cd:df: 3c:2b:f1:d3:83:79:a9:e6:26:69:fa:ad:7f:e7:b0: 6a:f2:b0:4a:39:30:73:24:86:4d:84:6e:07:dd:cc: 50:b5:9d:38:80:ad:7e:a5:30:87:43:2d:59:b7:98: 15:7d:66:2b:13:7a:51:2b:ba:e3:78:aa:f3:d5:74: 1f:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:46:BA:75:A0:0B:9D:53:1D:88:77:74:05:60:6D:CD:4D:22:5F:72 X509v3 Authority Key Identifier: keyid:BD:80:9D:8A:06:5D:B5:95:DC:06:93:83:73:6A:1A:9C:4A:96:B2:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD809D8A065DB595DC069383736A1A9C4A96B267.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:75:f3:e5:c6:39:24:55:0b:d7:08:b8:e2:e0:c9:be:2c:07: 13:af:81:51:9e:0c:5d:86:1b:24:8b:ec:85:cd:f9:d6:5b:bf: 44:bb:6a:82:29:f5:1d:7b:95:dd:78:1c:47:89:88:7e:f2:70: cf:e6:a3:90:63:ea:d5:2e:64:92:d1:ae:d9:d2:1a:32:68:12: 97:d8:a6:b6:5c:14:fb:a0:55:f1:45:1c:b2:4d:cd:9d:02:b5: 87:08:d0:8e:97:cf:d1:6e:2c:96:1e:4c:48:66:09:02:d5:70: 3b:3b:ae:72:83:a0:23:c3:26:57:9a:0b:ff:92:70:c6:57:5c: 75:d1:0c:e7:98:99:4c:a1:a3:af:19:b1:d9:a0:fc:1b:22:ef: b7:ad:c5:31:40:5b:7f:05:65:13:80:de:7b:9d:6d:ea:4a:68: 7e:c4:78:14:c3:4b:4a:d4:e7:e6:6d:5e:08:0d:10:09:a9:0c: e0:26:e2:df:b1:76:74:bc:52:b7:7b:46:33:fc:af:84:d1:e4: 02:9b:48:27:5b:05:7b:7c:d7:fb:dd:58:85:9d:55:ac:33:be: a1:ab:00:b4:29:7e:85:68:f6:df:88:04:53:92:86:c5:f7:c0: d5:fc:d5:a1:74:8e:c8:71:f1:c4:35:ce:df:3e:65:d5:22:53: c7:16:13:c9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUItJIjPKWBzdUGyO8dChFn9Ux5jwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQ4MDlEOEEwNjVEQjU5NURDMDY5MzgzNzM2QTFBOUM0 QTk2QjI2NzAeFw0yNTExMDIxNDE3MDdaFw0yNTExMDUyMjQ5MDdaMDMxMTAvBgNV BAMTKDg1NDZCQTc1QTAwQjlENTMxRDg4Nzc3NDA1NjA2RENENEQyMjVGNzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChs9TwpLucmTICT0Nw+9H3qzyb DdBa0rC+ULCakbSbQ+wZFKWdaQg1RIXtp4eHxM5rKavecnbf52T8JjEbNpPLSvqV 0MP51tp4+H2G5Yt1C2p+eMXT32QeTsTDmyaACGBySwT/pHbfDsDijkPBZaokfX5e 0aEPCrfTBN76Ls7nnef7POelYk59fIOhJ+EgmfRNxvGQLyg/VrHIroEM2FeNk4IZ Z0vuw+Zawjfuylvqo/wvEbMwSJJWia3FHNLub/rN3zwr8dODeanmJmn6rX/nsGry sEo5MHMkhk2EbgfdzFC1nTiArX6lMIdDLVm3mBV9ZisTelEruuN4qvPVdB/NAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhUa6daALnVMdiHd0BWBtzU0iX3IwHwYDVR0j BBgwFoAUvYCdigZdtZXcBpODc2oanEqWsmcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k M2Y4ZjU1Yy05ZTM1LTRjZTItODkwZi0wZGUzZTI0MDQ2MTEvMC9CRDgwOUQ4QTA2 NURCNTk1REMwNjkzODM3MzZBMUE5QzRBOTZCMjY3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkQ4MDlEOEEwNjVEQjU5NURDMDY5MzgzNzM2QTFBOUM0QTk2 QjI2Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDNmOGY1NWMtOWUzNS00Y2UyLTg5 MGYtMGRlM2UyNDA0NjExLzAvQkQ4MDlEOEEwNjVEQjU5NURDMDY5MzgzNzM2QTFB OUM0QTk2QjI2Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGJ18+XGOSRVC9cIuOLgyb4sBxOvgVGeDF2G GySL7IXN+dZbv0S7aoIp9R17ld14HEeJiH7ycM/mo5Bj6tUuZJLRrtnSGjJoEpfY prZcFPugVfFFHLJNzZ0CtYcI0I6Xz9FuLJYeTEhmCQLVcDs7rnKDoCPDJleaC/+S cMZXXHXRDOeYmUyho68Zsdmg/Bsi77etxTFAW38FZROA3nudbepKaH7EeBTDS0rU 5+ZtXggNEAmpDOAm4t+xdnS8Urd7RjP8r4TR5AKbSCdbBXt81/vdWIWdVawzvqGr ALQpfoVo9t+IBFOShsX3wNX81aF0jshx8cQ1zt8+ZdUiU8cWE8k= -----END CERTIFICATE-----Generated at Tue Nov 4 19:00:13 2025 by rpki-client