$ rpki-client -vvf repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/8659BE8500DEBB314448F1412FA1E264025A4148.mft File: 8659BE8500DEBB314448F1412FA1E264025A4148.mft (raw, json) Hash identifier: sAl2ua5bDW/0EYpTszIhRD/HGSOzWJySm6yMuZEIIYY= Subject key identifier: 88:3D:88:BD:24:CF:44:44:38:81:4B:3F:A0:2E:A8:9C:DD:A1:D6:D8 Authority key identifier: 86:59:BE:85:00:DE:BB:31:44:48:F1:41:2F:A1:E2:64:02:5A:41:48 Certificate issuer: /CN=8659BE8500DEBB314448F1412FA1E264025A4148 Certificate serial: 6D417B7151B92BD532A437A3D2DAA554AE8EB1EF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8659BE8500DEBB314448F1412FA1E264025A4148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/8659BE8500DEBB314448F1412FA1E264025A4148.mft Manifest number: 01EB Signing time: Mon 03 Nov 2025 23:31:03 +0000 Manifest this update: Mon 03 Nov 2025 23:26:03 +0000 Manifest next update: Fri 07 Nov 2025 00:01:03 +0000 Files and hashes: 1: 323030313a6466313a316263303a3a2f34382d3438203d3e20313431393339.roa (hash: E8NUcaKWe3ABHFVxNWSSIkp1m8C7YtMxKMRA2hg1NmI=) 2: 3130332e3136342e3139322e302f32332d3234203d3e20313431393339.roa (hash: DGmbIbAAoCUymOY6DDh+0S4rcPuhCP+BlaH232+y3TY=) 3: 3130332e3136342e3139332e302f32342d3234203d3e20313431393339.roa (hash: o1EC2V3xudD67YQ4ezVJUlO4R22GwhC3UT5xp118BUc=) 4: 3130332e3136342e3139322e302f32342d3234203d3e20313431393339.roa (hash: V8FXW6i5FhDhWnneEy9JcwyRx6grWMlQZ/xTqZlJefU=) 5: 8659BE8500DEBB314448F1412FA1E264025A4148.crl (hash: yg1jocBAqtJ14CB6zkykZKC9PTRMPxAWCtqu30SDVIM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/8659BE8500DEBB314448F1412FA1E264025A4148.crl rsync://repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/8659BE8500DEBB314448F1412FA1E264025A4148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8659BE8500DEBB314448F1412FA1E264025A4148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:41:7b:71:51:b9:2b:d5:32:a4:37:a3:d2:da:a5:54:ae:8e:b1:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8659BE8500DEBB314448F1412FA1E264025A4148 Validity Not Before: Nov 3 23:26:03 2025 GMT Not After : Nov 7 00:01:03 2025 GMT Subject: CN=883D88BD24CF444438814B3FA02EA89CDDA1D6D8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:bd:7a:cf:ae:45:df:89:0a:91:17:35:1e:4b: 72:f5:9d:8d:b2:78:69:fb:40:df:63:3d:5b:ba:43: cd:eb:67:7c:64:9d:be:64:a9:ab:92:7e:8d:ef:4d: 3b:87:fb:5d:d8:3f:0e:5e:f6:0f:76:ce:0f:10:9a: 4b:0d:d9:44:7f:7e:53:76:f0:e0:3b:83:62:22:dc: 41:dc:fe:2c:a5:0f:7c:c4:29:06:56:6b:dd:cf:bf: 57:23:9d:7b:1b:80:d2:e3:6d:0b:a1:90:b3:89:bc: 44:60:21:c2:89:48:76:47:92:c7:aa:8c:6b:9b:f8: c1:85:92:c4:c9:5f:f6:91:61:bf:25:77:42:39:e0: 66:c5:4b:e3:ae:05:38:5c:e0:a0:7e:b8:59:03:48: 38:e8:6a:5a:80:fa:4c:29:b8:5f:6a:21:e0:9e:1f: 8c:25:4b:6e:9b:00:6d:be:b8:1c:81:49:1f:d6:3e: 55:56:3d:a8:bf:4b:24:b8:0d:75:a7:10:c7:5d:88: 3f:30:ab:cf:66:20:4a:c4:33:86:e9:6d:e2:3f:27: 1b:c1:00:cf:a4:36:7e:6f:94:c4:4c:d3:53:83:e9: 8a:c7:3a:23:d8:84:0b:18:5f:db:75:07:21:61:24: 2c:29:42:92:08:34:55:66:20:12:60:b6:94:37:73: af:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:3D:88:BD:24:CF:44:44:38:81:4B:3F:A0:2E:A8:9C:DD:A1:D6:D8 X509v3 Authority Key Identifier: keyid:86:59:BE:85:00:DE:BB:31:44:48:F1:41:2F:A1:E2:64:02:5A:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/8659BE8500DEBB314448F1412FA1E264025A4148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8659BE8500DEBB314448F1412FA1E264025A4148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/fba48e4e-fc95-4acf-beac-d93a0f694421/0/8659BE8500DEBB314448F1412FA1E264025A4148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:86:75:f7:32:5a:18:f8:5e:40:a6:2b:f5:fc:aa:bf:4e:17: 1e:06:62:e7:44:d3:7a:f5:8f:a4:ff:85:8a:ea:6f:25:ec:f6: 64:c6:b4:6e:3f:90:41:d5:47:f3:2b:2c:48:2f:49:5a:20:06: 6d:4b:15:06:07:f9:1b:ca:09:8d:6a:6c:4c:f9:7b:c2:76:43: 9d:60:a5:1e:de:4e:c6:c4:da:fe:66:d2:db:3c:3d:f4:e2:90: a9:7b:68:2f:fc:f3:f9:f8:6d:30:ea:97:c6:10:dc:cb:7c:7e: ca:d2:d7:5c:1e:b0:f5:e3:6c:56:c4:a5:ce:65:92:22:5a:b9: 2d:a5:10:5d:f1:45:06:de:6e:cc:8a:af:ab:47:1e:de:87:41: 4e:de:1c:d2:22:10:c1:63:2a:05:f9:6d:75:a4:8e:e7:a6:18: 43:77:ce:18:40:c4:9b:77:0e:90:00:d1:91:a1:bb:7c:a7:c1: aa:0a:3f:09:90:a6:fd:0f:a5:c8:12:3d:57:fb:1d:78:ab:18: d0:5b:cb:b6:20:2d:c5:ad:55:42:30:89:38:fa:cc:80:92:af: 6c:3d:df:bb:74:3e:5a:6a:0c:4a:c0:ac:01:0e:26:f4:87:5f: 31:43:21:dc:07:a8:18:ba:96:04:0a:c3:6d:81:af:7d:d9:a8: 2f:b4:4c:78 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUbUF7cVG5K9UypDej0tqlVK6Ose8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODY1OUJFODUwMERFQkIzMTQ0NDhGMTQxMkZBMUUyNjQw MjVBNDE0ODAeFw0yNTExMDMyMzI2MDNaFw0yNTExMDcwMDAxMDNaMDMxMTAvBgNV BAMTKDg4M0Q4OEJEMjRDRjQ0NDQzODgxNEIzRkEwMkVBODlDRERBMUQ2RDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkvXrPrkXfiQqRFzUeS3L1nY2y eGn7QN9jPVu6Q83rZ3xknb5kqauSfo3vTTuH+13YPw5e9g92zg8QmksN2UR/flN2 8OA7g2Ii3EHc/iylD3zEKQZWa93Pv1cjnXsbgNLjbQuhkLOJvERgIcKJSHZHkseq jGub+MGFksTJX/aRYb8ld0I54GbFS+OuBThc4KB+uFkDSDjoalqA+kwpuF9qIeCe H4wlS26bAG2+uByBSR/WPlVWPai/SyS4DXWnEMddiD8wq89mIErEM4bpbeI/JxvB AM+kNn5vlMRM01OD6YrHOiPYhAsYX9t1ByFhJCwpQpIINFVmIBJgtpQ3c6+5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUiD2IvSTPREQ4gUs/oC6onN2h1tgwHwYDVR0j BBgwFoAUhlm+hQDeuzFESPFBL6HiZAJaQUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m YmE0OGU0ZS1mYzk1LTRhY2YtYmVhYy1kOTNhMGY2OTQ0MjEvMC84NjU5QkU4NTAw REVCQjMxNDQ0OEYxNDEyRkExRTI2NDAyNUE0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODY1OUJFODUwMERFQkIzMTQ0NDhGMTQxMkZBMUUyNjQwMjVB NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZmJhNDhlNGUtZmM5NS00YWNmLWJl YWMtZDkzYTBmNjk0NDIxLzAvODY1OUJFODUwMERFQkIzMTQ0NDhGMTQxMkZBMUUy NjQwMjVBNDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJSGdfcyWhj4XkCmK/X8qr9OFx4GYudE03r1 j6T/hYrqbyXs9mTGtG4/kEHVR/MrLEgvSVogBm1LFQYH+RvKCY1qbEz5e8J2Q51g pR7eTsbE2v5m0ts8PfTikKl7aC/88/n4bTDql8YQ3Mt8fsrS11wesPXjbFbEpc5l kiJauS2lEF3xRQbebsyKr6tHHt6HQU7eHNIiEMFjKgX5bXWkjuemGEN3zhhAxJt3 DpAA0ZGhu3ynwaoKPwmQpv0PpcgSPVf7HXirGNBby7YgLcWtVUIwiTj6zICSr2w9 37t0PlpqDErArAEOJvSHXzFDIdwHqBi6lgQKw22Br33ZqC+0THg= -----END CERTIFICATE-----Generated at Wed Nov 5 00:05:26 2025 by rpki-client