$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: jsLJvFD9Isg++kefKFUfLEAcR2h+/QOW4GfzCEHAmoQ= Subject key identifier: 3B:CB:94:40:EF:12:17:D4:C4:5A:F6:08:9D:39:F1:77:3B:12:99:4C Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 3ECC6DE57576CC0366AB877CEDD4AD91A7B0C907 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 0518 Signing time: Mon 20 Oct 2025 10:20:58 +0000 Manifest this update: Mon 20 Oct 2025 10:15:58 +0000 Manifest next update: Thu 23 Oct 2025 20:23:58 +0000 Files and hashes: 1: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: TnR6itFlsxB8KH6lpZBEq5uIcsXPN1BsHbq49oSwy4w=) 2: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) 3: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: 43ScMK1xGJHkc43OYqRAxNw2Nmb59FaJi1G0FFtsD2M=) 4: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) 5: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 11:48:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:cc:6d:e5:75:76:cc:03:66:ab:87:7c:ed:d4:ad:91:a7:b0:c9:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Oct 20 10:15:58 2025 GMT Not After : Oct 23 20:23:58 2025 GMT Subject: CN=3BCB9440EF1217D4C45AF6089D39F1773B12994C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:2e:06:0c:f8:eb:73:50:a1:8f:ab:8e:a2:ef: 21:30:10:d0:6c:91:ea:35:21:e8:1d:0a:00:ca:cb: 16:e9:78:ed:8c:75:70:5e:e0:21:4a:0f:04:0c:25: 6b:22:ab:40:11:b6:6d:b2:70:e9:1e:21:5f:35:42: 84:9f:3f:61:90:86:a7:fe:81:ed:b0:c2:e3:1d:3a: 57:b8:bb:cc:ea:96:07:36:cc:f4:53:79:f3:0a:f1: 82:6d:40:7e:35:10:f2:f2:0c:94:aa:22:de:18:7d: 2d:99:d7:31:26:e5:7f:55:31:e2:15:6e:7c:13:2b: 3d:07:2b:1e:bd:71:7f:1c:14:98:e8:9f:ec:5b:2a: 86:e4:1d:7f:57:d0:36:cc:52:8e:78:a2:1f:d5:5f: b3:fa:07:00:5d:9b:42:33:7a:13:67:3c:f8:db:b3: 63:5f:b7:e1:09:8e:49:be:c2:f9:24:f3:68:2d:fc: 48:3e:12:e5:e7:0f:f8:09:7e:4d:a1:f4:3e:d9:89: 6d:9a:54:28:00:dc:4e:fe:67:d6:16:42:88:04:ad: c9:49:0a:45:41:ce:d0:df:d3:94:94:01:fd:df:e2: 1a:57:12:6e:84:7b:1e:c9:44:41:19:8f:57:d1:3f: 2a:60:19:1d:12:01:44:cf:cb:d1:69:c6:39:24:ad: e0:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:CB:94:40:EF:12:17:D4:C4:5A:F6:08:9D:39:F1:77:3B:12:99:4C X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:16:25:9f:f7:f0:ff:d0:d1:bb:4d:eb:99:96:a1:24:d0:b7: 5a:d6:e7:f5:44:d0:0c:27:4e:b7:2f:7f:80:8d:3d:c5:1c:82: 12:94:a9:21:52:d0:91:f1:2a:1c:6b:21:2f:3f:48:32:07:58: a1:e6:df:63:be:31:66:d9:c2:33:6f:e7:b2:f7:1e:4e:83:21: a0:41:0f:ba:9a:47:d9:e5:a0:59:a2:97:93:54:4c:fd:8c:2e: dd:57:e4:96:b6:00:4c:e7:86:f1:12:77:6d:b3:0f:a4:42:1b: a0:bd:bd:9b:3d:4e:19:d8:f3:d3:5b:4b:24:17:1b:94:88:d4: 62:59:4e:97:d7:27:ce:ce:86:e6:62:44:59:fe:3b:ef:f7:ca: 89:d2:8f:67:a9:d2:05:f2:b6:0d:49:8f:06:0b:7e:24:22:51: 1f:78:16:ae:26:c1:33:c2:a2:f2:42:a9:86:ff:6a:44:3e:9c: f3:62:f5:8e:54:ca:02:45:73:c8:83:e3:13:21:22:2d:33:bb: 62:bd:19:eb:39:1c:25:95:33:bd:21:a4:42:ae:26:a2:29:0d: 34:3f:55:d7:8f:34:10:c3:81:63:0c:07:90:d7:2e:c0:72:45: 16:a0:5b:ed:aa:6e:83:f0:43:74:72:66:92:c7:e9:9d:9a:2a: 4a:a4:d3:f2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPsxt5XV2zANmq4d87dStkaewyQcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTEwMjAxMDE1NThaFw0yNTEwMjMyMDIzNThaMDMxMTAvBgNV BAMTKDNCQ0I5NDQwRUYxMjE3RDRDNDVBRjYwODlEMzlGMTc3M0IxMjk5NEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXLgYM+OtzUKGPq46i7yEwENBs keo1IegdCgDKyxbpeO2MdXBe4CFKDwQMJWsiq0ARtm2ycOkeIV81QoSfP2GQhqf+ ge2wwuMdOle4u8zqlgc2zPRTefMK8YJtQH41EPLyDJSqIt4YfS2Z1zEm5X9VMeIV bnwTKz0HKx69cX8cFJjon+xbKobkHX9X0DbMUo54oh/VX7P6BwBdm0IzehNnPPjb s2Nft+EJjkm+wvkk82gt/Eg+EuXnD/gJfk2h9D7ZiW2aVCgA3E7+Z9YWQogErclJ CkVBztDf05SUAf3f4hpXEm6Eex7JREEZj1fRPypgGR0SAUTPy9FpxjkkreCzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUO8uUQO8SF9TEWvYInTnxdzsSmUwwHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACIWJZ/38P/Q0btN65mWoSTQt1rW5/VE0Awn Trcvf4CNPcUcghKUqSFS0JHxKhxrIS8/SDIHWKHm32O+MWbZwjNv57L3Hk6DIaBB D7qaR9nloFmil5NUTP2MLt1X5Ja2AEznhvESd22zD6RCG6C9vZs9ThnY89NbSyQX G5SI1GJZTpfXJ87OhuZiRFn+O+/3yonSj2ep0gXytg1JjwYLfiQiUR94Fq4mwTPC ovJCqYb/akQ+nPNi9Y5UygJFc8iD4xMhIi0zu2K9Ges5HCWVM70hpEKuJqIpDTQ/ VdePNBDDgWMMB5DXLsByRRagW+2qboPwQ3RyZpLH6Z2aKkqk0/I= -----END CERTIFICATE-----Generated at Mon Oct 20 20:34:29 2025 by rpki-client