$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: hSCSocGlC2A8/4y63/sYkzUHDs9aaYO/KekTHOEjoGk= Subject key identifier: 76:EB:C9:20:31:CD:D1:04:BD:F9:B7:53:FE:54:22:03:A9:39:4A:2A Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 75C0F955025CEEB3B7D934917BAAD9A2C3AE0B14 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 04FE Signing time: Fri 22 Aug 2025 21:10:58 +0000 Manifest this update: Fri 22 Aug 2025 21:05:58 +0000 Manifest next update: Tue 26 Aug 2025 06:40:58 +0000 Files and hashes: 1: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) 2: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: tlF6psrZL+o6oStr+y9TyDIV+bvueySvI+2/RvijD3M=) 3: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) 4: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: 43ScMK1xGJHkc43OYqRAxNw2Nmb59FaJi1G0FFtsD2M=) 5: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 06:40:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:c0:f9:55:02:5c:ee:b3:b7:d9:34:91:7b:aa:d9:a2:c3:ae:0b:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Aug 22 21:05:58 2025 GMT Not After : Aug 26 06:40:58 2025 GMT Subject: CN=76EBC92031CDD104BDF9B753FE542203A9394A2A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:e5:3d:b3:c8:3d:f9:05:13:44:83:a8:ab:d9: 7c:7a:e0:d7:91:69:53:c5:e3:13:5e:9c:e3:2a:45: c8:43:c2:d4:ea:49:cc:9c:0b:04:0f:92:39:26:f4: 95:62:df:82:35:61:2a:3d:37:47:a4:e8:a0:1a:92: 56:7b:57:7b:77:a0:b7:ab:be:64:60:36:cc:f9:22: 82:2b:46:62:c5:14:f4:d2:b7:a9:96:f4:df:e8:5a: 8a:af:0a:02:52:14:5f:d7:4e:de:67:ff:de:0c:36: 52:95:0c:1e:94:34:3b:5c:d9:1a:61:e5:36:1a:1d: 4d:47:5e:f5:90:da:06:f7:58:31:84:58:cc:a7:a2: 9f:78:ce:4a:66:fa:38:cb:91:2a:c9:61:47:b7:04: 01:ad:0f:8d:1f:4f:26:e7:01:4a:c2:9e:7a:b9:aa: 34:98:93:01:8c:99:be:7a:0f:4e:52:88:61:86:ba: 1e:b8:e2:08:69:94:b4:fa:d3:e6:19:d1:e7:2b:ac: 16:5e:d9:9d:fd:8e:fd:60:b2:6d:08:d9:4d:a4:8a: 51:21:f7:cc:6e:81:e7:df:a4:69:d7:87:cc:f2:37: 87:c2:05:52:68:cf:31:cb:35:7b:13:9e:e2:d5:2e: ec:17:17:94:83:ae:ce:01:bd:06:d2:6e:fa:2e:ab: 67:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:EB:C9:20:31:CD:D1:04:BD:F9:B7:53:FE:54:22:03:A9:39:4A:2A X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 19:c5:93:49:a7:e2:6d:80:03:19:f1:75:df:73:e9:37:6e:ad: 7e:80:2e:72:a0:61:8b:73:f8:5c:ac:d0:c7:a1:48:62:50:f2: 59:2d:ee:36:07:24:c1:38:c0:07:82:e4:a1:5e:49:b3:b5:76: 77:c6:62:7a:f2:ce:46:f6:18:a3:c5:8b:38:ac:dc:a1:b9:66: 70:58:56:d4:b4:82:19:32:5a:d6:92:fa:35:f0:91:13:ac:68: 45:29:39:d5:7b:d9:7e:fc:76:2f:a0:b3:0f:97:a0:f5:37:6b: 43:d3:f4:d3:46:50:51:74:3e:61:d7:68:84:84:54:70:80:8b: d1:c9:a1:b5:84:ae:9b:ab:91:a9:70:53:dd:b5:95:41:22:10: d6:86:f3:5d:38:a3:af:ff:04:31:99:82:cd:d3:f5:7e:dd:e9: a1:3a:ee:55:ca:8a:d6:4d:b4:e2:f3:cd:b1:ae:f9:2b:0d:c8: 42:9d:e3:17:99:36:4e:e8:ed:30:38:08:68:cd:9e:de:89:99: f7:95:43:3d:65:32:85:aa:3c:f0:31:84:18:9f:60:0d:3c:5b: 4e:46:4c:fe:eb:5a:f9:1b:ef:52:ef:f9:aa:cf:f6:23:ec:e6: 03:7e:4f:e5:e2:4a:29:fe:50:92:c5:4a:15:77:97:56:3a:1a: e3:9a:e8:a0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdcD5VQJc7rO32TSRe6rZosOuCxQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTA4MjIyMTA1NThaFw0yNTA4MjYwNjQwNThaMDMxMTAvBgNV BAMTKDc2RUJDOTIwMzFDREQxMDRCREY5Qjc1M0ZFNTQyMjAzQTkzOTRBMkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn5T2zyD35BRNEg6ir2Xx64NeR aVPF4xNenOMqRchDwtTqScycCwQPkjkm9JVi34I1YSo9N0ek6KAaklZ7V3t3oLer vmRgNsz5IoIrRmLFFPTSt6mW9N/oWoqvCgJSFF/XTt5n/94MNlKVDB6UNDtc2Rph 5TYaHU1HXvWQ2gb3WDGEWMynop94zkpm+jjLkSrJYUe3BAGtD40fTybnAUrCnnq5 qjSYkwGMmb56D05SiGGGuh644ghplLT60+YZ0ecrrBZe2Z39jv1gsm0I2U2kilEh 98xugeffpGnXh8zyN4fCBVJozzHLNXsTnuLVLuwXF5SDrs4BvQbSbvouq2chAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUduvJIDHN0QS9+bdT/lQiA6k5SiowHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABnFk0mn4m2AAxnxdd9z6TdurX6ALnKgYYtz +Fys0MehSGJQ8lkt7jYHJME4wAeC5KFeSbO1dnfGYnryzkb2GKPFizis3KG5ZnBY VtS0ghkyWtaS+jXwkROsaEUpOdV72X78di+gsw+XoPU3a0PT9NNGUFF0PmHXaISE VHCAi9HJobWErpurkalwU921lUEiENaG8104o6//BDGZgs3T9X7d6aE67lXKitZN tOLzzbGu+SsNyEKd4xeZNk7o7TA4CGjNnt6JmfeVQz1lMoWqPPAxhBifYA08W05G TP7rWvkb71Lv+arP9iPs5gN+T+XiSin+UJLFShV3l1Y6GuOa6KA= -----END CERTIFICATE-----Generated at Sat Aug 23 10:11:57 2025 by rpki-client