$ rpki-client -vvf repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft File: D237DEA20D73B3F216B98336BA8307D913DDB257.mft (raw, json) Hash identifier: GWWNRXpOBRyBjxJCBZUPu/tosyTwYhvbbbtzuw2EMhY= Subject key identifier: 83:0C:1F:D5:C7:BB:2D:FD:8D:F2:25:82:2F:31:6E:E6:02:4D:4F:A0 Authority key identifier: D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 Certificate issuer: /CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Certificate serial: 5D37865365A034766EF538F18BD6228BEED3F41A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject info access: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft Manifest number: DB Signing time: Tue 04 Nov 2025 06:41:07 +0000 Manifest this update: Tue 04 Nov 2025 06:36:07 +0000 Manifest next update: Fri 07 Nov 2025 07:52:07 +0000 Files and hashes: 1: 3136302e32302e3130352e302f32342d3234203d3e20313532373930.roa (hash: eyJcLgwqfLDN5yf54+8qcXB3Eo84ClH1ySCmSpCcr34=) 2: 3136302e32302e3130342e302f32332d3233203d3e20313532373930.roa (hash: 6GiaOKLyqPYX/f1R6Pzjd3Rq6FZr1+gkkd5RuGl5VaI=) 3: D237DEA20D73B3F216B98336BA8307D913DDB257.crl (hash: we0KTik9S045Mm4oLNysi6By0M0zYUXm1oCK7xUiKbA=) 4: 3136302e32302e3130342e302f32342d3234203d3e20313532373930.roa (hash: /XQcveyg4jv0OLVMXGF7RkM1OgqinZHYHqjopRTiyzg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 07:52:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:37:86:53:65:a0:34:76:6e:f5:38:f1:8b:d6:22:8b:ee:d3:f4:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Validity Not Before: Nov 4 06:36:07 2025 GMT Not After : Nov 7 07:52:07 2025 GMT Subject: CN=830C1FD5C7BB2DFD8DF225822F316EE6024D4FA0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:8d:44:44:cd:15:bd:96:aa:03:d3:9e:2f:c6: 59:90:f6:ec:7d:23:2b:e8:dd:65:65:0e:b5:7f:b1: db:16:29:01:32:38:cb:e7:f0:68:7f:96:d9:57:29: a6:e6:f7:13:83:60:9e:18:93:17:51:3f:01:09:e6: e9:88:68:9f:ca:d3:fb:6c:30:71:7e:21:5b:16:15: 99:5f:10:6b:c7:bc:c2:e2:33:5a:08:66:f0:dc:46: ee:68:f5:2c:cc:8c:5a:c2:76:74:a5:31:d4:b1:41: e8:c7:97:74:a5:c3:4c:84:63:cc:5a:b0:1e:88:48: 8c:05:32:43:13:fb:c9:47:e1:43:dc:5f:35:bb:75: f8:9b:61:d3:53:20:6f:ab:af:da:98:6e:b1:06:5b: c0:3d:71:ef:46:d3:a5:2a:06:5c:d0:3f:8f:cd:be: 3e:9c:c7:64:4b:cc:9a:12:08:79:b1:93:c2:e1:f7: 0d:9f:bc:48:51:7b:13:b5:c1:d5:26:d9:c1:0c:c3: 3c:bc:8f:ec:57:06:0c:20:c6:e1:2d:80:d7:88:af: 99:04:c2:3b:68:e3:a2:51:f6:b4:20:84:15:e3:a4: fe:d8:14:26:46:3c:33:5e:8d:04:94:a1:52:cf:cc: 73:2e:5b:c0:4e:ea:2e:d2:8a:72:92:2b:71:9d:1a: 91:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:0C:1F:D5:C7:BB:2D:FD:8D:F2:25:82:2F:31:6E:E6:02:4D:4F:A0 X509v3 Authority Key Identifier: keyid:D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:b3:ff:8a:38:76:56:58:44:4d:9d:1a:c1:af:9f:01:3e:d8: 02:9b:01:64:6e:f2:39:8f:4b:e0:e9:0f:f8:29:a6:32:cb:1c: 37:3b:36:d2:6e:35:9a:83:fe:46:9c:19:89:c9:62:cd:4a:32: 93:c2:be:f4:b1:fb:25:04:43:5c:d1:17:d1:e1:46:d1:97:74: 95:a7:b9:3f:3b:6c:fa:27:3a:40:96:fd:f1:f7:0a:9d:fd:89: af:1e:80:6d:f0:af:06:f1:49:d4:11:39:91:bb:90:c5:69:bf: 74:b7:34:57:f0:a3:1e:97:82:b9:99:9d:10:17:f2:9e:15:84: 9a:0c:85:28:73:02:15:9a:31:77:69:c9:f1:7a:bd:05:2e:d5: cb:63:e2:01:91:20:3f:ca:41:b0:71:b6:14:a9:9c:ad:da:56: 10:0a:f8:8e:07:c4:3a:23:83:f8:b9:df:12:f1:3b:8f:9f:3f: eb:c6:71:0f:70:53:c4:1d:f0:04:fc:d9:69:d7:80:eb:96:3a: 9e:47:34:3d:f1:c6:b3:e8:75:6b:0e:ed:41:ed:dd:10:19:3b: ec:a0:fb:2c:b5:c9:81:e4:10:7e:95:d9:bc:08:fd:f6:ab:86: 12:2e:0f:29:13:40:23:3e:a9:55:45:31:b2:a1:17:25:44:d7: 5a:a2:35:19 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXTeGU2WgNHZu9Tjxi9Yii+7T9BowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkx M0REQjI1NzAeFw0yNTExMDQwNjM2MDdaFw0yNTExMDcwNzUyMDdaMDMxMTAvBgNV BAMTKDgzMEMxRkQ1QzdCQjJERkQ4REYyMjU4MjJGMzE2RUU2MDI0RDRGQTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3jUREzRW9lqoD054vxlmQ9ux9 Iyvo3WVlDrV/sdsWKQEyOMvn8Gh/ltlXKabm9xODYJ4YkxdRPwEJ5umIaJ/K0/ts MHF+IVsWFZlfEGvHvMLiM1oIZvDcRu5o9SzMjFrCdnSlMdSxQejHl3Slw0yEY8xa sB6ISIwFMkMT+8lH4UPcXzW7dfibYdNTIG+rr9qYbrEGW8A9ce9G06UqBlzQP4/N vj6cx2RLzJoSCHmxk8Lh9w2fvEhRexO1wdUm2cEMwzy8j+xXBgwgxuEtgNeIr5kE wjto46JR9rQghBXjpP7YFCZGPDNejQSUoVLPzHMuW8BO6i7SinKSK3GdGpFBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUgwwf1ce7Lf2N8iWCLzFu5gJNT6AwHwYDVR0j BBgwFoAU0jfeog1zs/IWuYM2uoMH2RPdslcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m YmI1ZmE0YS1iZWE2LTQ2NGYtYjQwOS0xMWQ5YTM3NjFhNmMvMC9EMjM3REVBMjBE NzNCM0YyMTZCOTgzMzZCQTgzMDdEOTEzRERCMjU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkxM0RE QjI1Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZmJiNWZhNGEtYmVhNi00NjRmLWI0 MDktMTFkOWEzNzYxYTZjLzAvRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3 RDkxM0REQjI1Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKiz/4o4dlZYRE2dGsGvnwE+2AKbAWRu8jmP S+DpD/gppjLLHDc7NtJuNZqD/kacGYnJYs1KMpPCvvSx+yUEQ1zRF9HhRtGXdJWn uT87bPonOkCW/fH3Cp39ia8egG3wrwbxSdQROZG7kMVpv3S3NFfwox6XgrmZnRAX 8p4VhJoMhShzAhWaMXdpyfF6vQUu1ctj4gGRID/KQbBxthSpnK3aVhAK+I4HxDoj g/i53xLxO4+fP+vGcQ9wU8Qd8AT82WnXgOuWOp5HND3xxrPodWsO7UHt3RAZO+yg +yy1yYHkEH6V2bwI/farhhIuDykTQCM+qVVFMbKhFyVE11qiNRk= -----END CERTIFICATE-----Generated at Wed Nov 5 03:40:51 2025 by rpki-client