$ rpki-client -vvf repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft File: 821049BBD22C335A50850F16AB159C0C6BCC28E5.mft (raw, json) Hash identifier: hqnf51raYX7vVgnBisBayz9DdcVmgKDdFLQf9vrUQvY= Subject key identifier: 72:75:BE:B9:8F:EA:5F:37:E0:AA:7A:B5:A4:23:C3:2A:82:1B:5D:2B Authority key identifier: 82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 Certificate issuer: /CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Certificate serial: 169AA3E67F68F304053B08564A51B2DE0530377F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft Manifest number: 022C Signing time: Thu 07 Aug 2025 09:31:40 +0000 Manifest this update: Thu 07 Aug 2025 09:26:40 +0000 Manifest next update: Sun 10 Aug 2025 20:37:40 +0000 Files and hashes: 1: 3130332e32312e39322e302f32342d3234203d3e20313331373338.roa (hash: ncuNmuDMRCz7XEGjG+8p/qjKUpvp2YtlNc4JXvP3iGg=) 2: 3130332e32312e39352e302f32342d3234203d3e203435323935.roa (hash: O6mcNqFGUKoXPAXAaTNGJf2XpVfyBv0t3Gtn3V+6lKE=) 3: 3130332e32312e39342e302f32342d3234203d3e20313331373338.roa (hash: YF6vJXMVtUVK6CmNTZeLfmthP1D0nB1ofgHbuXDKxvI=) 4: 821049BBD22C335A50850F16AB159C0C6BCC28E5.crl (hash: 8/YjWH6OfXcgUc0rWU+1L2/QVFeDoKKCoogTbkkf/ho=) 5: 3130332e32312e39332e302f32342d3234203d3e20313331373338.roa (hash: gJZ1sW5BxaKi4OlH0Ko1+AD9dXMVkojyx6OKsnKZ2JU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 20:37:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:9a:a3:e6:7f:68:f3:04:05:3b:08:56:4a:51:b2:de:05:30:37:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Validity Not Before: Aug 7 09:26:40 2025 GMT Not After : Aug 10 20:37:40 2025 GMT Subject: CN=7275BEB98FEA5F37E0AA7AB5A423C32A821B5D2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ee:bd:09:b0:30:b3:ea:9c:dd:a8:ef:90:c8: e6:50:d8:42:57:f1:b3:9b:f9:64:23:19:73:5f:08: c4:4a:84:68:eb:d5:d1:64:f6:9e:c3:a3:ce:26:77: 67:4d:8d:16:8c:9f:30:64:de:10:a6:1c:39:3b:ec: 07:0c:66:84:d2:d4:94:80:47:d6:9b:de:d8:1f:ce: 53:3c:c5:93:ed:b1:0c:62:ef:9a:de:46:43:54:7d: af:08:9b:09:4b:6f:59:51:64:12:a4:7f:61:6f:81: 59:f1:33:02:a0:08:e4:94:36:14:dd:43:0c:3b:8a: 6b:25:47:0d:5d:c9:80:5f:1b:ff:2e:0c:00:d6:63: ed:08:6a:dc:bb:04:27:85:89:3b:31:7d:02:e0:4e: 83:74:65:1e:90:07:87:93:c6:a9:3d:58:b3:16:ce: 71:69:d3:e8:a3:95:e6:79:72:c4:0b:cd:fd:26:8b: 69:4b:86:f7:d9:b1:66:58:08:48:0d:96:bd:7a:fc: dd:86:4f:48:55:ec:dc:a5:7a:51:e7:c9:b5:04:0b: c7:ed:01:01:c6:6a:4d:6f:39:e9:aa:17:bb:d5:bb: 82:0a:97:e8:44:ed:1c:0c:90:0f:39:15:29:b6:09: 51:19:44:86:1b:b4:38:34:59:cc:4b:2f:87:9f:7a: 27:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:75:BE:B9:8F:EA:5F:37:E0:AA:7A:B5:A4:23:C3:2A:82:1B:5D:2B X509v3 Authority Key Identifier: keyid:82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:5e:b3:2c:5b:83:72:1d:e6:fc:b4:c9:3e:f2:d4:d5:d0:8f: e2:2c:92:0b:b9:b1:f5:fb:90:26:cd:1d:dd:92:fb:a0:82:6f: 86:9b:3c:e2:61:48:7f:d6:36:76:de:23:93:4d:a9:6a:0a:82: 11:0b:47:fd:53:9b:0c:d4:aa:f8:88:73:60:25:4d:af:78:35: 48:72:59:d6:ec:b8:02:39:6b:6a:27:5f:cd:97:a4:64:20:1e: 34:26:8d:96:a3:77:f2:98:eb:69:64:f9:f2:09:b6:fc:92:8f: ab:dd:c8:b8:b7:83:f3:4f:2c:6b:03:aa:17:4f:f3:2e:2e:e0: d5:46:11:df:08:78:e1:f9:86:84:6e:58:f2:42:3a:de:ba:93: 0c:ce:cc:e6:ee:aa:dd:c2:96:7f:41:53:bf:94:d0:4d:57:51: 01:46:74:16:c9:3f:a5:16:d8:a2:62:87:45:1b:df:f1:d7:2e: b9:28:07:b8:7b:09:72:ed:d4:97:d6:50:a5:f4:5d:11:7f:cc: 6f:85:3a:90:76:36:42:a7:6b:43:a0:05:1a:6e:4c:90:3f:79: eb:06:5f:3e:52:fa:6f:9a:25:72:2f:c7:bf:40:8f:4b:39:06: 30:0a:15:01:85:3e:6a:80:6c:86:4b:6b:df:46:f5:70:ea:54: 37:c9:6e:ee -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFpqj5n9o8wQFOwhWSlGy3gUwN38wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2 QkNDMjhFNTAeFw0yNTA4MDcwOTI2NDBaFw0yNTA4MTAyMDM3NDBaMDMxMTAvBgNV BAMTKDcyNzVCRUI5OEZFQTVGMzdFMEFBN0FCNUE0MjNDMzJBODIxQjVEMkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ7r0JsDCz6pzdqO+QyOZQ2EJX 8bOb+WQjGXNfCMRKhGjr1dFk9p7Do84md2dNjRaMnzBk3hCmHDk77AcMZoTS1JSA R9ab3tgfzlM8xZPtsQxi75reRkNUfa8ImwlLb1lRZBKkf2FvgVnxMwKgCOSUNhTd Qww7imslRw1dyYBfG/8uDADWY+0Iaty7BCeFiTsxfQLgToN0ZR6QB4eTxqk9WLMW znFp0+ijleZ5csQLzf0mi2lLhvfZsWZYCEgNlr16/N2GT0hV7NylelHnybUEC8ft AQHGak1vOemqF7vVu4IKl+hE7RwMkA85FSm2CVEZRIYbtDg0WcxLL4efeievAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUcnW+uY/qXzfgqnq1pCPDKoIbXSswHwYDVR0j BBgwFoAUghBJu9IsM1pQhQ8WqxWcDGvMKOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l ZGU4ZTE4ZC1hMDQ3LTQ1OTAtOWU1Ni00NjRhNzNlMjNjNmMvMC84MjEwNDlCQkQy MkMzMzVBNTA4NTBGMTZBQjE1OUMwQzZCQ0MyOEU1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2QkND MjhFNS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWRlOGUxOGQtYTA0Ny00NTkwLTll NTYtNDY0YTczZTIzYzZjLzAvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlD MEM2QkNDMjhFNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGFesyxbg3Id5vy0yT7y1NXQj+Iskgu5sfX7 kCbNHd2S+6CCb4abPOJhSH/WNnbeI5NNqWoKghELR/1TmwzUqviIc2AlTa94NUhy WdbsuAI5a2onX82XpGQgHjQmjZajd/KY62lk+fIJtvySj6vdyLi3g/NPLGsDqhdP 8y4u4NVGEd8IeOH5hoRuWPJCOt66kwzOzObuqt3Cln9BU7+U0E1XUQFGdBbJP6UW 2KJih0Ub3/HXLrkoB7h7CXLt1JfWUKX0XRF/zG+FOpB2NkKna0OgBRpuTJA/eesG Xz5S+m+aJXIvx79Aj0s5BjAKFQGFPmqAbIZLa99G9XDqVDfJbu4= -----END CERTIFICATE-----Generated at Thu Aug 7 23:57:32 2025 by rpki-client