$ rpki-client -vvf repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft File: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft (raw, json) Hash identifier: JblTYeoqktamiZDdAF3J60WSNgkzA/an/U3ySPSF5TE= Subject key identifier: 18:64:22:8A:46:9F:D1:14:0E:8F:AE:A1:9E:63:AC:CA:EE:6D:9B:60 Authority key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Certificate issuer: /CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Certificate serial: 472BF6F5D94F318D8C6CF3C22EB8BD9962C9F6BD Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft Manifest number: CB Signing time: Sat 18 Oct 2025 17:31:43 +0000 Manifest this update: Sat 18 Oct 2025 17:26:43 +0000 Manifest next update: Wed 22 Oct 2025 04:01:43 +0000 Files and hashes: 1: 3136302e32322e31332e302f32342d3234203d3e20313532373935.roa (hash: CjQ8LjHFMEFZAKqjfhXd2Dui1+KhZzwEUkNHDbRDo5c=) 2: 3136302e32322e31322e302f32342d3234203d3e20313532373935.roa (hash: kSF1VyQJjpek8Mf3gy+lWICO98IQh62K2L543jgKTUA=) 3: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl (hash: PsxrnhYAYFQIpFUSVYewrqe9o48pySQ/LeJ1HdFSm4Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 04:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:2b:f6:f5:d9:4f:31:8d:8c:6c:f3:c2:2e:b8:bd:99:62:c9:f6:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Validity Not Before: Oct 18 17:26:43 2025 GMT Not After : Oct 22 04:01:43 2025 GMT Subject: CN=1864228A469FD1140E8FAEA19E63ACCAEE6D9B60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:99:a3:6e:b9:f7:36:e7:0f:bb:29:2c:74:43: 31:ca:1e:5c:71:83:51:4e:7f:b6:46:6f:f2:c4:a3: b1:b0:99:1a:19:d7:b1:db:47:6e:be:07:94:e6:9b: 9a:ce:e0:b8:1d:47:1a:1b:43:2f:83:48:c4:a9:66: 12:08:52:a9:df:18:99:07:d7:b5:b5:a0:bd:80:6d: 81:1d:ba:f9:ea:04:69:e1:de:de:1e:35:91:b4:e1: 98:62:c1:c7:24:eb:4e:d9:cd:06:ee:b3:8b:87:f2: 0f:c7:ed:9b:76:1f:57:32:95:7a:c1:53:7d:52:ba: 23:ac:85:42:15:64:18:e9:82:10:77:59:4b:ee:62: 0a:bd:a1:98:8d:cb:8a:73:6e:ed:4d:1b:bc:29:2e: 8b:eb:a6:61:17:4d:c7:22:5e:53:db:44:25:45:8f: 29:7b:be:8a:5f:08:81:f4:04:80:44:09:df:e2:19: 17:46:92:c3:9e:fc:3a:f2:8e:ec:09:ba:2c:70:f3: f9:38:f2:d3:73:5c:eb:4f:6d:8c:8e:89:a8:b1:30: 5c:f5:ff:92:7d:bc:da:b1:32:cc:d9:84:97:a0:04: c7:52:81:75:28:1c:e1:af:a2:e6:e9:30:cc:81:b7: d6:05:31:4e:cf:02:21:a5:ec:5b:9d:04:68:48:2e: 7f:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:64:22:8A:46:9F:D1:14:0E:8F:AE:A1:9E:63:AC:CA:EE:6D:9B:60 X509v3 Authority Key Identifier: keyid:58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:93:75:a3:a0:58:fb:36:aa:14:66:f3:9f:fe:e7:6a:b2:e0: 25:37:41:8c:91:6f:14:28:e4:dc:8d:66:db:09:f1:d2:c6:a8: d3:70:1f:d4:46:15:e1:76:66:4e:02:3c:55:f6:09:83:30:85: 9f:74:3a:09:a4:7e:7d:a8:de:35:1a:1c:30:6b:cd:7d:1a:cf: 7c:4c:05:69:71:57:24:4c:20:30:d4:6e:1a:c4:de:61:d5:e1: 14:15:b8:49:95:64:51:8b:d6:db:e2:7d:70:b8:45:e3:41:30: 03:3e:53:82:53:74:73:a6:65:1d:51:0f:87:85:3c:48:a4:22: c1:63:42:7c:ad:f3:c7:33:8d:b5:ca:62:13:09:01:05:2e:2b: bb:6f:26:e0:04:e4:8e:63:5c:c6:d6:cf:cd:59:53:62:d5:e9: d2:0a:08:99:19:46:b3:a6:f8:f7:5c:c2:5e:d5:be:10:38:8a: d8:8c:e3:93:da:12:87:34:2e:c1:91:e0:b8:63:73:49:cd:bb: ec:b2:48:2c:a1:2e:33:b8:3f:16:a0:a8:d6:d1:0e:1a:61:da: c6:70:d7:b0:3b:9d:6e:e2:6d:9f:18:6b:5a:a8:77:3c:ea:9c: 9e:84:89:ac:08:d0:59:ca:40:be:db:19:d2:d5:d1:4c:f3:c9: bb:f0:e6:3b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURyv29dlPMY2MbPPCLri9mWLJ9r0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdF MEU0RDA2OTAeFw0yNTEwMTgxNzI2NDNaFw0yNTEwMjIwNDAxNDNaMDMxMTAvBgNV BAMTKDE4NjQyMjhBNDY5RkQxMTQwRThGQUVBMTlFNjNBQ0NBRUU2RDlCNjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1maNuufc25w+7KSx0QzHKHlxx g1FOf7ZGb/LEo7GwmRoZ17HbR26+B5Tmm5rO4LgdRxobQy+DSMSpZhIIUqnfGJkH 17W1oL2AbYEduvnqBGnh3t4eNZG04Zhiwcck607ZzQbus4uH8g/H7Zt2H1cylXrB U31SuiOshUIVZBjpghB3WUvuYgq9oZiNy4pzbu1NG7wpLovrpmEXTcciXlPbRCVF jyl7vopfCIH0BIBECd/iGRdGksOe/DryjuwJuixw8/k48tNzXOtPbYyOiaixMFz1 /5J9vNqxMszZhJegBMdSgXUoHOGvoubpMMyBt9YFMU7PAiGl7FudBGhILn83AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUGGQiikaf0RQOj66hnmOsyu5tm2AwHwYDVR0j BBgwFoAUWI3Q/OS8JDzJxtaK4E6EZ+Dk0GkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMC81ODhERDBGQ0U0 QkMyNDNDQzlDNkQ2OEFFMDRFODQ2N0UwRTREMDY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdFMEU0 RDA2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDE5OWU1NDEtMTg2MS00ZDZhLThl MjgtYjAyODQ1ODYxNDk2LzAvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0 NjdFMEU0RDA2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACeTdaOgWPs2qhRm85/+52qy4CU3QYyRbxQo 5NyNZtsJ8dLGqNNwH9RGFeF2Zk4CPFX2CYMwhZ90Ogmkfn2o3jUaHDBrzX0az3xM BWlxVyRMIDDUbhrE3mHV4RQVuEmVZFGL1tvifXC4ReNBMAM+U4JTdHOmZR1RD4eF PEikIsFjQnyt88czjbXKYhMJAQUuK7tvJuAE5I5jXMbWz81ZU2LV6dIKCJkZRrOm +Pdcwl7VvhA4itiM45PaEoc0LsGR4Lhjc0nNu+yySCyhLjO4PxagqNbRDhph2sZw 17A7nW7ibZ8Ya1qodzzqnJ6EiawI0FnKQL7bGdLV0Uzzybvw5js= -----END CERTIFICATE-----Generated at Mon Oct 20 16:47:51 2025 by rpki-client