$ rpki-client -vvf repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft File: 528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft (raw, json) Hash identifier: 956q4MFp7hpt0U7U5cK0capnLZBnhODti81BpFqZYlM= Subject key identifier: F0:27:E9:4C:F4:B2:0A:E5:EA:77:E1:36:B7:63:3B:B9:DA:CB:D7:D5 Authority key identifier: 52:8A:79:9E:94:BD:50:52:F6:F5:8A:CF:DD:9F:4D:ED:3A:0E:D5:BB Certificate issuer: /CN=528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB Certificate serial: 1E9EC11350E047E93243B7FD0DFECBA7F27F7AAE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft Manifest number: 04E8 Signing time: Wed 05 Nov 2025 11:20:49 +0000 Manifest this update: Wed 05 Nov 2025 11:15:49 +0000 Manifest next update: Sat 08 Nov 2025 11:29:49 +0000 Files and hashes: 1: 528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.crl (hash: Tv0Cr4LQ3+hwLDzz47AQuMcM2AnSDQ69k79vugHNOmA=) 2: 323030313a6466363a616330303a3a2f34382d3438203d3e203538343034.roa (hash: hmq0uoHwUsEo+oTXEtyTpYYQCEB74jpeYd9ceOhWLKI=) 3: 3130332e3139352e39302e302f32332d3234203d3e203538343034.roa (hash: /RTTrDt1roX5iqnN5YmyZ+CyR+tqtyybCHqOwLYwxXI=) 4: 3130332e3139352e38392e302f32342d3234203d3e203538343034.roa (hash: 8vEqnPeXr9755NhRmkDVV3kvpgE2wfzA2jlzpFzSE/0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.crl rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 11:29:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:9e:c1:13:50:e0:47:e9:32:43:b7:fd:0d:fe:cb:a7:f2:7f:7a:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB Validity Not Before: Nov 5 11:15:49 2025 GMT Not After : Nov 8 11:29:49 2025 GMT Subject: CN=F027E94CF4B20AE5EA77E136B7633BB9DACBD7D5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b6:cf:05:63:72:66:b2:bb:a0:f4:e6:0d:7b: 28:ba:9f:26:6e:ed:30:6a:0f:a1:6b:da:db:10:32: 96:e9:e7:47:e0:df:79:f2:42:5f:d3:a6:f2:f6:85: d2:e6:2e:a2:c0:64:ea:ac:2a:7d:4f:ad:2d:1e:e8: ee:f9:b1:44:fd:9c:5c:28:6c:fd:46:4a:45:c8:e2: 73:79:5c:42:f4:a2:05:76:f0:fc:f3:47:28:bd:27: 83:f7:25:6a:f4:b1:b8:82:79:57:cf:d0:a2:cb:1a: 45:5e:64:d6:75:58:65:b3:b6:ae:95:35:07:32:5c: ce:e5:36:2b:69:ef:c8:59:e0:33:90:a3:27:19:f3: de:6b:47:63:61:0e:69:f1:ce:56:d7:78:3d:21:72: 0d:9b:7b:1d:a9:23:34:72:6e:f9:1d:85:2a:21:ed: 51:92:0e:92:cd:c3:31:9a:c7:43:ac:e3:16:3c:4c: 47:48:8e:d9:71:82:25:4f:2a:04:52:c1:a2:71:b5: c2:e1:9e:d5:23:08:81:9f:5d:2c:96:94:c7:97:1e: 6a:48:54:ab:ca:db:c7:36:1b:23:47:4a:b5:51:0e: 65:75:66:c7:44:ac:23:0e:47:86:12:4b:c7:f8:4f: 70:fe:1f:20:ef:a6:12:75:58:29:88:b1:a2:94:de: e5:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:27:E9:4C:F4:B2:0A:E5:EA:77:E1:36:B7:63:3B:B9:DA:CB:D7:D5 X509v3 Authority Key Identifier: keyid:52:8A:79:9E:94:BD:50:52:F6:F5:8A:CF:DD:9F:4D:ED:3A:0E:D5:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:3e:c2:0c:b6:c8:d3:9d:d1:a5:49:16:0e:aa:19:59:17:b4: e4:b6:11:30:40:44:3f:b5:6b:84:2e:4d:88:72:aa:7f:ba:eb: 7d:27:66:dd:a7:b0:29:ea:9a:b5:cc:49:b7:20:af:bd:bf:d8: f6:12:17:71:78:7a:04:99:c7:15:5c:10:8d:a1:76:2f:93:f3: b3:d0:0e:7d:d5:02:be:b6:57:46:1d:1b:09:94:31:9b:dd:b4: aa:21:6d:c2:e5:7a:c9:90:14:7a:4d:53:fe:c5:a5:10:85:76: 55:75:7b:61:df:79:fe:24:9e:63:ac:af:1e:ce:6f:aa:b6:bc: bd:0a:62:4e:59:9e:81:01:88:f3:01:e0:63:7b:8e:1f:ad:a4: ad:8d:46:07:ce:cb:cd:a9:ea:df:5b:c9:9d:d6:d5:3a:26:21: e0:28:ae:17:d1:b3:41:f6:c3:40:23:9a:a2:3c:5c:b2:17:af: 58:02:c6:5b:e7:50:57:43:bc:18:c5:c2:e0:02:78:6e:d0:dc: 78:63:84:4f:41:56:c2:59:11:23:b1:fe:b3:6a:49:e0:96:c5: 9f:0a:1a:59:67:b5:c5:3e:b1:e3:5c:fd:61:db:7c:af:9f:44: c1:2d:58:5d:87:91:90:cb:94:fe:41:a4:28:05:cd:20:4e:7f: a7:f8:2d:32 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUHp7BE1DgR+kyQ7f9Df7Lp/J/eq4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTI4QTc5OUU5NEJENTA1MkY2RjU4QUNGREQ5RjRERUQz QTBFRDVCQjAeFw0yNTExMDUxMTE1NDlaFw0yNTExMDgxMTI5NDlaMDMxMTAvBgNV BAMTKEYwMjdFOTRDRjRCMjBBRTVFQTc3RTEzNkI3NjMzQkI5REFDQkQ3RDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCots8FY3Jmsrug9OYNeyi6nyZu 7TBqD6Fr2tsQMpbp50fg33nyQl/TpvL2hdLmLqLAZOqsKn1PrS0e6O75sUT9nFwo bP1GSkXI4nN5XEL0ogV28PzzRyi9J4P3JWr0sbiCeVfP0KLLGkVeZNZ1WGWztq6V NQcyXM7lNitp78hZ4DOQoycZ895rR2NhDmnxzlbXeD0hcg2bex2pIzRybvkdhSoh 7VGSDpLNwzGax0Os4xY8TEdIjtlxgiVPKgRSwaJxtcLhntUjCIGfXSyWlMeXHmpI VKvK28c2GyNHSrVRDmV1ZsdErCMOR4YSS8f4T3D+HyDvphJ1WCmIsaKU3uV1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU8CfpTPSyCuXqd+E2t2M7udrL19UwHwYDVR0j BBgwFoAUUop5npS9UFL29YrP3Z9N7ToO1bswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m OThmMTljMy1lNGUxLTQxYTEtYWFmMC1kNjEzYWNhNDkzMGMvMC81MjhBNzk5RTk0 QkQ1MDUyRjZGNThBQ0ZERDlGNERFRDNBMEVENUJCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTI4QTc5OUU5NEJENTA1MkY2RjU4QUNGREQ5RjRERUQzQTBF RDVCQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZjk4ZjE5YzMtZTRlMS00MWExLWFh ZjAtZDYxM2FjYTQ5MzBjLzAvNTI4QTc5OUU5NEJENTA1MkY2RjU4QUNGREQ5RjRE RUQzQTBFRDVCQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABI+wgy2yNOd0aVJFg6qGVkXtOS2ETBARD+1 a4QuTYhyqn+6630nZt2nsCnqmrXMSbcgr72/2PYSF3F4egSZxxVcEI2hdi+T87PQ Dn3VAr62V0YdGwmUMZvdtKohbcLlesmQFHpNU/7FpRCFdlV1e2Hfef4knmOsrx7O b6q2vL0KYk5ZnoEBiPMB4GN7jh+tpK2NRgfOy82p6t9byZ3W1TomIeAorhfRs0H2 w0AjmqI8XLIXr1gCxlvnUFdDvBjFwuACeG7Q3HhjhE9BVsJZESOx/rNqSeCWxZ8K GllntcU+seNc/WHbfK+fRMEtWF2HkZDLlP5BpCgFzSBOf6f4LTI= -----END CERTIFICATE-----Generated at Wed Nov 5 17:45:40 2025 by rpki-client