$ rpki-client -vvf repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft File: 821049BBD22C335A50850F16AB159C0C6BCC28E5.mft (raw, json) Hash identifier: p4A+S4n0XBTk3bezFsmTAmv7clbOuOfJ/pMSOXJFTTE= Subject key identifier: 6E:E3:2F:46:D1:4A:E4:76:1E:D2:12:53:54:D3:28:49:C2:61:FD:F2 Authority key identifier: 82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 Certificate issuer: /CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Certificate serial: 026DD0977ADB7B4EBEA17C2199C436B4F10A8850 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft Manifest number: 0255 Signing time: Wed 05 Nov 2025 03:01:42 +0000 Manifest this update: Wed 05 Nov 2025 02:56:42 +0000 Manifest next update: Sat 08 Nov 2025 03:39:42 +0000 Files and hashes: 1: 821049BBD22C335A50850F16AB159C0C6BCC28E5.crl (hash: xf1ZsLHhga+eTmpRO3iFy9Mk98joIdYfvXyiPV1OFFQ=) 2: 3130332e32312e39322e302f32342d3234203d3e20313331373338.roa (hash: ndyvXGLmi+s4jvx/l0C4JrK1SIn52emjpfzG2w+2lsw=) 3: 3130332e32312e39342e302f32342d3234203d3e20313331373338.roa (hash: KCUnGn0DyBychM59+lv18yYznYr1wdm5Tf5W0sYTxbE=) 4: 3130332e32312e39332e302f32342d3234203d3e20313331373338.roa (hash: Hx5e9eX/0MDiWg+S8NREaCwOHPQ1Onm3jq45DAvThoc=) 5: 3130332e32312e39352e302f32342d3234203d3e203435323935.roa (hash: WHp6+633q2Em0ghmTjJeCMByUXIoDLeS8IvSNmEh0gE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 03:39:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:6d:d0:97:7a:db:7b:4e:be:a1:7c:21:99:c4:36:b4:f1:0a:88:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Validity Not Before: Nov 5 02:56:42 2025 GMT Not After : Nov 8 03:39:42 2025 GMT Subject: CN=6EE32F46D14AE4761ED2125354D32849C261FDF2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:3c:81:eb:48:7e:66:3d:07:1b:7e:15:dd:d7: 70:f5:b8:3c:c9:fb:41:ca:c3:50:72:03:ad:44:ba: 51:9d:25:80:b8:6c:f0:46:2b:0e:70:f0:0d:92:94: d4:46:79:32:fb:db:4f:6c:87:88:c4:a2:8a:15:f7: 97:1d:38:05:b5:65:97:8e:2f:e9:8b:15:b8:a4:12: c5:9e:45:a1:bc:9a:8f:c0:19:2a:79:97:f0:ca:63: bf:64:95:87:83:f0:c3:39:78:0c:2b:12:6a:6c:df: 3a:b1:24:01:e8:05:4c:6b:8e:85:e8:bf:58:95:2d: d4:bf:24:54:74:ea:21:0e:7b:c1:77:3f:22:9e:66: 34:2c:c6:51:6a:5d:8b:0f:70:1e:18:5d:dc:58:0a: 5d:80:85:0a:a4:16:0b:61:af:e3:a9:e0:47:ad:2f: 5e:b4:b3:e7:f8:ab:81:72:8a:8c:3d:17:08:18:32: 2b:1e:20:75:df:11:3f:a2:55:8a:a5:2f:6e:31:06: 0c:e1:f6:19:30:eb:bb:34:09:b4:18:81:7d:59:df: 1b:1f:3b:fa:48:02:12:58:00:47:6d:ae:1b:fa:0a: 37:ac:89:c4:18:d1:07:e8:34:22:75:59:ba:a7:28: 0e:a9:dd:73:38:bb:c9:8a:aa:f9:f1:6f:c6:03:d0: bb:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:E3:2F:46:D1:4A:E4:76:1E:D2:12:53:54:D3:28:49:C2:61:FD:F2 X509v3 Authority Key Identifier: keyid:82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:4d:c7:f8:ce:bc:61:12:dd:4e:3a:36:60:1d:c1:eb:4d:d0: 0d:af:44:7f:57:7e:5d:e8:dd:06:06:04:8b:c0:32:f4:bf:40: f6:18:8f:23:7e:9c:c5:87:a7:6b:37:61:d8:8f:2f:a0:e1:cf: 9d:d4:e2:94:72:91:e1:e6:cd:63:0e:b3:a8:65:f3:dd:6e:ce: 67:57:80:97:c8:a2:26:ff:13:95:21:03:4b:31:b2:a4:e1:4c: 5b:d0:8b:9c:be:e9:e7:5f:d6:90:d4:34:5d:ab:e4:8d:ef:ef: 29:da:98:40:9a:a3:c5:1b:75:4e:d2:39:35:6e:08:aa:f1:bb: db:8a:10:4f:a2:bd:6f:1b:87:b4:89:d7:1a:75:4d:e1:34:20: a7:b6:50:80:78:2d:7c:4e:5c:55:1c:1d:c8:db:4e:74:bd:00: b5:43:71:13:4c:02:25:42:4f:b2:9a:da:2c:f6:61:44:b2:42: d4:27:0b:cb:f8:fc:fc:c7:9c:96:d7:aa:a3:ae:50:32:86:c1: 57:87:fe:7f:2a:79:ce:c1:ba:ca:ba:c0:34:f0:d0:0c:ba:14: 1a:97:95:f9:38:c2:a3:68:76:e1:5d:99:44:de:82:da:22:27: 94:f1:2e:bc:79:ee:e1:fb:61:c1:5f:b9:a4:69:f6:cd:81:8c: 9c:70:1e:84 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUAm3Ql3rbe06+oXwhmcQ2tPEKiFAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2 QkNDMjhFNTAeFw0yNTExMDUwMjU2NDJaFw0yNTExMDgwMzM5NDJaMDMxMTAvBgNV BAMTKDZFRTMyRjQ2RDE0QUU0NzYxRUQyMTI1MzU0RDMyODQ5QzI2MUZERjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaPIHrSH5mPQcbfhXd13D1uDzJ +0HKw1ByA61EulGdJYC4bPBGKw5w8A2SlNRGeTL7209sh4jEoooV95cdOAW1ZZeO L+mLFbikEsWeRaG8mo/AGSp5l/DKY79klYeD8MM5eAwrEmps3zqxJAHoBUxrjoXo v1iVLdS/JFR06iEOe8F3PyKeZjQsxlFqXYsPcB4YXdxYCl2AhQqkFgthr+Op4Eet L160s+f4q4Fyiow9FwgYMiseIHXfET+iVYqlL24xBgzh9hkw67s0CbQYgX1Z3xsf O/pIAhJYAEdtrhv6CjesicQY0QfoNCJ1WbqnKA6p3XM4u8mKqvnxb8YD0LubAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUbuMvRtFK5HYe0hJTVNMoScJh/fIwHwYDVR0j BBgwFoAUghBJu9IsM1pQhQ8WqxWcDGvMKOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l ZGU4ZTE4ZC1hMDQ3LTQ1OTAtOWU1Ni00NjRhNzNlMjNjNmMvMC84MjEwNDlCQkQy MkMzMzVBNTA4NTBGMTZBQjE1OUMwQzZCQ0MyOEU1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2QkND MjhFNS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWRlOGUxOGQtYTA0Ny00NTkwLTll NTYtNDY0YTczZTIzYzZjLzAvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlD MEM2QkNDMjhFNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKRNx/jOvGES3U46NmAdwetN0A2vRH9Xfl3o 3QYGBIvAMvS/QPYYjyN+nMWHp2s3YdiPL6Dhz53U4pRykeHmzWMOs6hl891uzmdX gJfIoib/E5UhA0sxsqThTFvQi5y+6edf1pDUNF2r5I3v7ynamECao8UbdU7SOTVu CKrxu9uKEE+ivW8bh7SJ1xp1TeE0IKe2UIB4LXxOXFUcHcjbTnS9ALVDcRNMAiVC T7Ka2iz2YUSyQtQnC8v4/PzHnJbXqqOuUDKGwVeH/n8qec7Busq6wDTw0Ay6FBqX lfk4wqNoduFdmUTegtoiJ5TxLrx57uH7YcFfuaRp9s2BjJxwHoQ= -----END CERTIFICATE-----Generated at Wed Nov 5 17:33:00 2025 by rpki-client