$ rpki-client -vvf repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.mft File: 658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.mft (raw, json) Hash identifier: +du+m+Sc1VoPk/hft5hsgOAg9TBbIU/9+JVvNHGKo7k= Subject key identifier: FF:CF:A4:9F:0C:5D:3C:29:00:FF:00:0C:DC:04:F1:A7:61:D2:70:57 Authority key identifier: 65:8C:0D:86:17:C2:D0:5C:E7:20:42:7E:1D:F7:2F:DE:12:C9:CB:9F Certificate issuer: /CN=658C0D8617C2D05CE720427E1DF72FDE12C9CB9F Certificate serial: 26ABA82D2B59863AB3FEF3748DCC808836CACF7B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.mft Manifest number: 01E1 Signing time: Thu 21 Aug 2025 17:31:45 +0000 Manifest this update: Thu 21 Aug 2025 17:26:45 +0000 Manifest next update: Mon 25 Aug 2025 02:19:45 +0000 Files and hashes: 1: 658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.crl (hash: 5HMWI9yc0Q+cL5wp5d5snIKbWuK4C1HejPKwsnjpcso=) 2: 323430343a643863303a3a2f33322d3438203d3e20313338383630.roa (hash: iufPrZZScnO80QkyCPvSlgZqxsE8YzjDEGRWUUoEP4M=) 3: 3130332e3133392e32362e302f32332d3234203d3e20313338383630.roa (hash: en7yrsRqDUaal9vRU4LRRex8mQ3pcI0rlYghVnCEE78=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.crl rsync://repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 02:19:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:ab:a8:2d:2b:59:86:3a:b3:fe:f3:74:8d:cc:80:88:36:ca:cf:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=658C0D8617C2D05CE720427E1DF72FDE12C9CB9F Validity Not Before: Aug 21 17:26:45 2025 GMT Not After : Aug 25 02:19:45 2025 GMT Subject: CN=FFCFA49F0C5D3C2900FF000CDC04F1A761D27057 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:f8:72:52:97:68:bd:66:80:64:48:c2:e4:0d: a8:f0:bf:87:07:db:5a:78:4a:67:75:21:14:10:22: fb:dd:e9:9c:b9:a0:3b:86:35:ae:fa:f3:a0:da:b7: ff:f1:26:5f:ed:f7:b6:d9:2e:81:b2:ad:b8:ad:ea: be:f2:a5:f6:ef:94:5c:d0:2a:25:b4:9a:36:a5:b7: d8:ad:0b:6b:52:61:51:a9:21:f1:42:6b:f5:42:3d: 2e:6b:28:73:b8:65:cf:5c:c9:99:8d:fb:9f:a3:24: ea:ed:85:52:2e:e3:89:55:d1:68:16:fa:79:19:76: c1:cb:76:a7:d9:05:a0:85:a5:7b:0f:f8:10:45:99: 9b:91:35:bf:89:be:42:5d:45:cf:c3:ea:70:86:ca: 95:dd:1e:3a:ab:ca:6e:63:34:33:fa:20:a1:57:19: 75:f7:3d:d7:8f:49:25:05:16:ec:dc:53:5f:b5:f8: df:03:fe:df:09:f0:f6:28:a4:2b:4f:08:12:a5:1c: 27:e7:d0:72:c0:fb:45:ee:30:a9:ef:ee:c1:01:a7: 24:95:bd:ad:5e:19:9e:fe:7a:19:a8:24:04:09:d5: 77:24:86:42:01:26:8a:7d:d7:b3:64:7b:69:f1:7e: ba:29:c5:9b:8e:f7:cf:6c:61:a4:59:49:b8:e4:6b: d9:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:CF:A4:9F:0C:5D:3C:29:00:FF:00:0C:DC:04:F1:A7:61:D2:70:57 X509v3 Authority Key Identifier: keyid:65:8C:0D:86:17:C2:D0:5C:E7:20:42:7E:1D:F7:2F:DE:12:C9:CB:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:79:70:cd:1e:f0:03:cc:a5:48:95:a7:23:6b:6e:99:73:ab: 5e:50:72:2c:62:98:54:14:d3:7a:f1:ea:44:6c:1f:65:75:44: 8f:e5:95:e6:01:59:2c:3a:1d:68:a3:59:e0:8e:c6:73:25:ea: 89:ac:f1:c3:5d:1e:2d:65:98:e3:0c:f0:3f:c7:00:a8:a9:ae: 83:80:2e:77:43:8f:b1:80:de:a8:5e:a8:6c:16:ea:0d:7b:11: a5:82:55:ce:a2:25:3a:f7:da:7c:a0:35:67:8f:92:a6:01:a2: a4:56:6e:ec:37:7a:8f:1e:9c:25:02:b0:44:20:61:bf:62:c2: 81:7e:5d:35:2e:58:b4:98:94:db:55:88:fa:3a:f3:53:6d:57: da:b1:cb:45:b2:58:3c:30:e0:b2:33:a8:4a:2a:eb:e2:2a:e2: 06:92:aa:d2:25:de:6b:00:87:77:bd:be:19:0e:c4:5c:33:3b: b2:75:9e:46:2a:ca:77:30:6a:66:85:4d:c5:57:16:54:11:4c: 53:b9:fa:d0:a2:74:a6:ba:75:46:92:4b:2d:a5:35:ab:24:8a: b3:86:14:f1:e3:8b:55:48:34:9c:91:f7:9f:7d:94:4e:2d:d1: 89:1c:34:3c:d2:29:77:6b:79:c1:33:2b:dc:7c:cb:34:8b:13: 89:51:ba:8a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJquoLStZhjqz/vN0jcyAiDbKz3swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjU4QzBEODYxN0MyRDA1Q0U3MjA0MjdFMURGNzJGREUx MkM5Q0I5RjAeFw0yNTA4MjExNzI2NDVaFw0yNTA4MjUwMjE5NDVaMDMxMTAvBgNV BAMTKEZGQ0ZBNDlGMEM1RDNDMjkwMEZGMDAwQ0RDMDRGMUE3NjFEMjcwNTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ+HJSl2i9ZoBkSMLkDajwv4cH 21p4Smd1IRQQIvvd6Zy5oDuGNa7686Dat//xJl/t97bZLoGyrbit6r7ypfbvlFzQ KiW0mjalt9itC2tSYVGpIfFCa/VCPS5rKHO4Zc9cyZmN+5+jJOrthVIu44lV0WgW +nkZdsHLdqfZBaCFpXsP+BBFmZuRNb+JvkJdRc/D6nCGypXdHjqrym5jNDP6IKFX GXX3PdePSSUFFuzcU1+1+N8D/t8J8PYopCtPCBKlHCfn0HLA+0XuMKnv7sEBpySV va1eGZ7+ehmoJAQJ1XckhkIBJop917Nke2nxfropxZuO989sYaRZSbjka9nNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU/8+knwxdPCkA/wAM3ATxp2HScFcwHwYDVR0j BBgwFoAUZYwNhhfC0FznIEJ+Hfcv3hLJy58wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x NjVkODhmMS1iOWMwLTQ4NWUtOTE2ZS01OWI3ZTM2OThkYTEvMC82NThDMEQ4NjE3 QzJEMDVDRTcyMDQyN0UxREY3MkZERTEyQzlDQjlGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjU4QzBEODYxN0MyRDA1Q0U3MjA0MjdFMURGNzJGREUxMkM5 Q0I5Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTY1ZDg4ZjEtYjljMC00ODVlLTkx NmUtNTliN2UzNjk4ZGExLzAvNjU4QzBEODYxN0MyRDA1Q0U3MjA0MjdFMURGNzJG REUxMkM5Q0I5Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGx5cM0e8APMpUiVpyNrbplzq15QciximFQU 03rx6kRsH2V1RI/lleYBWSw6HWijWeCOxnMl6oms8cNdHi1lmOMM8D/HAKiproOA LndDj7GA3qheqGwW6g17EaWCVc6iJTr32nygNWePkqYBoqRWbuw3eo8enCUCsEQg Yb9iwoF+XTUuWLSYlNtViPo681NtV9qxy0WyWDww4LIzqEoq6+Iq4gaSqtIl3msA h3e9vhkOxFwzO7J1nkYqyncwamaFTcVXFlQRTFO5+tCidKa6dUaSSy2lNaskirOG FPHji1VINJyR9599lE4t0YkcNDzSKXdrecEzK9x8yzSLE4lRuoo= -----END CERTIFICATE-----Generated at Sat Aug 23 12:07:43 2025 by rpki-client