$ rpki-client -vvf repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft File: 3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft (raw, json) Hash identifier: 5WN9Mdf7ZHWYFOyJik4Cq64Ouyik3INABwbD38ULoWI= Subject key identifier: A8:CA:C0:F9:CA:B7:B6:AE:70:3F:CE:59:2C:2D:82:77:84:3A:B9:4F Authority key identifier: 3E:CE:7D:2E:9C:2F:F3:D5:D3:0D:29:4D:74:92:C3:FE:F6:51:BA:AA Certificate issuer: /CN=3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA Certificate serial: 32CB4ADCBC6E15FA2C42DF55598CC09ED5E15A5F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft Manifest number: 036B Signing time: Tue 04 Nov 2025 14:21:55 +0000 Manifest this update: Tue 04 Nov 2025 14:16:55 +0000 Manifest next update: Fri 07 Nov 2025 20:25:55 +0000 Files and hashes: 1: 3130332e3137312e3138332e302f32342d3234203d3e20313432333735.roa (hash: DCgYEPaVukPuYmvO5a2cczC4OgprkfQ5HG76ulQS39Q=) 2: 3130332e3137312e3138322e302f32342d3234203d3e20313432333735.roa (hash: YYGVRYPBp9IPNMR5VwzW826x/acetE+4Oj6LGMt7tPU=) 3: 3130332e3137312e3138322e302f32332d3233203d3e20313432333735.roa (hash: aihSJuIZjlYbfPjvBLdvafMIwZ5NASIBmOuqn4SEmM0=) 4: 3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.crl (hash: p7xjH0/2c6XHYF7G8v1lrnuQ5tiLgrUuFbkovXVvnHY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.crl rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 13:50:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:cb:4a:dc:bc:6e:15:fa:2c:42:df:55:59:8c:c0:9e:d5:e1:5a:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA Validity Not Before: Nov 4 14:16:55 2025 GMT Not After : Nov 7 20:25:55 2025 GMT Subject: CN=A8CAC0F9CAB7B6AE703FCE592C2D8277843AB94F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:b4:eb:5d:51:a1:82:2a:89:69:4f:5b:d4:34: 51:2c:4b:61:18:5a:5b:7a:8a:16:22:56:bc:f0:1b: f5:a2:2c:66:89:07:24:d3:cf:e8:59:f6:af:97:56: ed:43:81:e8:05:d7:42:1c:ca:ea:74:a7:42:ea:e6: 7d:a7:91:8f:c0:aa:35:b7:67:d8:7d:ee:a5:aa:c9: ce:23:be:83:c1:a3:f2:2d:e0:51:7e:f3:4c:a5:16: 15:5b:1d:d2:af:80:b4:5d:18:a2:f6:24:25:bf:43: 80:26:c8:c5:9b:b3:d3:8f:5d:71:21:db:a7:2d:e8: be:42:25:89:f4:16:a4:9f:d2:17:76:d0:e0:b9:db: ff:38:89:26:72:86:4f:cc:be:98:4f:dc:3e:cb:34: 59:ff:52:ac:4d:7a:1f:1b:19:83:e8:4e:ab:33:87: 52:8d:ad:8c:38:9f:1a:fc:17:fa:a2:d6:71:5d:0c: 27:81:ea:9b:59:17:0b:f6:4a:03:b3:7a:60:e2:c0: 51:4e:fd:c5:10:c7:09:b2:9f:03:a3:06:84:60:67: 69:ad:17:cb:df:02:85:81:c8:35:a3:1e:e7:c0:ab: 6e:f2:f1:c4:65:fb:48:13:a9:e9:49:ec:28:1f:d1: d8:dd:ea:75:58:52:fd:6e:b4:a3:42:32:db:6f:2c: 28:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:CA:C0:F9:CA:B7:B6:AE:70:3F:CE:59:2C:2D:82:77:84:3A:B9:4F X509v3 Authority Key Identifier: keyid:3E:CE:7D:2E:9C:2F:F3:D5:D3:0D:29:4D:74:92:C3:FE:F6:51:BA:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e3505cb3-b55e-40e4-ac79-6365606f4ef9/0/3ECE7D2E9C2FF3D5D30D294D7492C3FEF651BAAA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c6:33:6f:2a:52:21:b0:9d:4f:6b:cf:39:d6:6e:8a:29:4c:89: 54:c8:e4:64:69:43:52:e2:64:4f:16:d8:7d:a0:fd:0d:d8:d5: 7d:d6:09:d5:e7:1b:2f:1e:06:27:3c:47:24:02:6f:5f:de:d6: d6:34:27:bf:5f:4b:75:b6:86:e4:6e:d6:ba:a9:cf:05:bf:8e: b7:2f:72:b9:35:46:fc:68:6a:a4:93:4f:d2:a3:b5:e4:8e:e0: 95:23:0b:e4:65:0f:93:7c:0c:9b:a6:1f:17:1d:a7:c4:b4:b4: 08:8c:d5:d3:c7:92:df:b9:96:05:98:6c:4c:a3:7a:29:4b:72: c6:8b:88:07:bd:3e:fa:d0:d4:db:61:57:6c:c5:28:47:a8:4a: 25:c2:7f:ca:d3:79:e0:d9:4a:9e:b2:33:64:bf:b8:50:83:1b: d5:02:f3:7f:ce:cf:02:ec:db:a3:ed:f2:9a:82:c3:c2:74:f7: 9a:18:a2:d8:0d:41:f8:ab:6a:bf:b1:17:d9:d7:ac:27:0a:1a: 82:02:ee:b4:4d:a1:20:84:f2:17:ae:22:7f:00:40:96:37:c0: 68:86:f7:e8:69:ae:b5:14:1c:ca:72:47:ee:4e:42:eb:e1:05: 08:03:fc:91:56:38:b9:38:ec:c9:34:41:9c:bd:11:5a:b9:14: 95:bb:17:5e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMstK3LxuFfosQt9VWYzAntXhWl8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0VDRTdEMkU5QzJGRjNENUQzMEQyOTRENzQ5MkMzRkVG NjUxQkFBQTAeFw0yNTExMDQxNDE2NTVaFw0yNTExMDcyMDI1NTVaMDMxMTAvBgNV BAMTKEE4Q0FDMEY5Q0FCN0I2QUU3MDNGQ0U1OTJDMkQ4Mjc3ODQzQUI5NEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChtOtdUaGCKolpT1vUNFEsS2EY Wlt6ihYiVrzwG/WiLGaJByTTz+hZ9q+XVu1DgegF10Icyup0p0Lq5n2nkY/AqjW3 Z9h97qWqyc4jvoPBo/It4FF+80ylFhVbHdKvgLRdGKL2JCW/Q4AmyMWbs9OPXXEh 26ct6L5CJYn0FqSf0hd20OC52/84iSZyhk/MvphP3D7LNFn/UqxNeh8bGYPoTqsz h1KNrYw4nxr8F/qi1nFdDCeB6ptZFwv2SgOzemDiwFFO/cUQxwmynwOjBoRgZ2mt F8vfAoWByDWjHufAq27y8cRl+0gTqelJ7Cgf0djd6nVYUv1utKNCMttvLCi/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUqMrA+cq3tq5wP85ZLC2Cd4Q6uU8wHwYDVR0j BBgwFoAUPs59Lpwv89XTDSlNdJLD/vZRuqowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l MzUwNWNiMy1iNTVlLTQwZTQtYWM3OS02MzY1NjA2ZjRlZjkvMC8zRUNFN0QyRTlD MkZGM0Q1RDMwRDI5NEQ3NDkyQzNGRUY2NTFCQUFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0VDRTdEMkU5QzJGRjNENUQzMEQyOTRENzQ5MkMzRkVGNjUx QkFBQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZTM1MDVjYjMtYjU1ZS00MGU0LWFj NzktNjM2NTYwNmY0ZWY5LzAvM0VDRTdEMkU5QzJGRjNENUQzMEQyOTRENzQ5MkMz RkVGNjUxQkFBQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMYzbypSIbCdT2vPOdZuiilMiVTI5GRpQ1Li ZE8W2H2g/Q3Y1X3WCdXnGy8eBic8RyQCb1/e1tY0J79fS3W2huRu1rqpzwW/jrcv crk1RvxoaqSTT9KjteSO4JUjC+RlD5N8DJumHxcdp8S0tAiM1dPHkt+5lgWYbEyj eilLcsaLiAe9PvrQ1NthV2zFKEeoSiXCf8rTeeDZSp6yM2S/uFCDG9UC83/OzwLs 26Pt8pqCw8J095oYotgNQfirar+xF9nXrCcKGoIC7rRNoSCE8heuIn8AQJY3wGiG 9+hprrUUHMpyR+5OQuvhBQgD/JFWOLk47Mk0QZy9EVq5FJW7F14= -----END CERTIFICATE-----Generated at Wed Nov 5 00:29:56 2025 by rpki-client