$ rpki-client -vvf repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.mft File: 2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.mft (raw, json) Hash identifier: NE7KT4r9PEQfilsoPmfiN6insUL7souh4vDvzWpjAfg= Subject key identifier: EC:83:4E:D5:CC:48:38:7D:CA:3E:B4:A4:BD:A1:49:A3:93:24:E7:A9 Authority key identifier: 2C:FD:5B:DD:D1:DB:A6:D9:40:28:74:D6:22:3A:BD:7E:EE:E0:16:05 Certificate issuer: /CN=2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605 Certificate serial: 493BF12711711486209EBAB8ACF31C051B43F632 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.mft Manifest number: EB Signing time: Sat 18 Oct 2025 22:50:37 +0000 Manifest this update: Sat 18 Oct 2025 22:45:37 +0000 Manifest next update: Wed 22 Oct 2025 02:32:37 +0000 Files and hashes: 1: 32372e3132342e36372e302f32342d3234203d3e20313532303339.roa (hash: PIB1m7UZc9kcov7LjZoIh/Ol3lgnFrAZfbEkkmZBCd0=) 2: 2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.crl (hash: GjPmWJtyry3+rheF992zjDkml705WEKkrS++8XMQOmI=) 3: 32372e3132342e36362e302f32342d3234203d3e20313532303339.roa (hash: Qk1aebZH6HpsmbRtyw6Zbd7LsZDQbi5L/mrlB31+AsU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.crl rsync://repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 02:32:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:3b:f1:27:11:71:14:86:20:9e:ba:b8:ac:f3:1c:05:1b:43:f6:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605 Validity Not Before: Oct 18 22:45:37 2025 GMT Not After : Oct 22 02:32:37 2025 GMT Subject: CN=EC834ED5CC48387DCA3EB4A4BDA149A39324E7A9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:96:7a:31:02:99:e9:67:0b:0c:bb:f7:01:74: ca:ad:4a:59:7f:95:ea:66:34:8b:dd:d7:42:ff:15: 59:ae:16:72:ed:a0:43:49:8d:ba:48:69:d9:70:a2: bd:78:39:2f:60:80:d2:c6:b4:4d:42:90:23:e4:c6: e4:d7:8f:df:06:27:0a:fa:ab:9d:74:6f:99:9b:98: d4:e0:3c:c3:34:df:0a:23:b6:f5:ee:ad:98:87:7a: af:f4:a7:24:c2:e2:78:3d:4f:05:f7:1b:6d:d2:89: 16:2f:d6:07:77:c3:8a:7d:66:8d:0e:c1:ef:79:85: 7b:11:12:a4:20:b7:41:27:75:55:50:98:e8:a7:6f: 75:25:27:9e:dc:57:89:b9:a6:7e:2b:c4:5a:0b:74: b4:a6:b7:df:56:e3:4d:fe:c0:66:80:0d:8a:97:ce: d9:9b:be:9e:fb:d9:db:25:70:0c:87:60:88:55:57: 04:74:b6:96:e9:e2:47:2c:9d:a2:14:63:8e:53:ba: 54:5b:74:e9:cb:8b:10:cf:fc:39:a3:2d:ba:a8:92: ec:cb:6e:0e:f8:5b:71:65:82:bb:f4:ed:d7:0f:c7: 6f:57:b5:93:65:25:48:55:b0:86:17:a2:0d:41:2f: 9c:98:77:73:ca:e2:f4:e2:31:59:d3:61:9c:99:99: 68:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:83:4E:D5:CC:48:38:7D:CA:3E:B4:A4:BD:A1:49:A3:93:24:E7:A9 X509v3 Authority Key Identifier: keyid:2C:FD:5B:DD:D1:DB:A6:D9:40:28:74:D6:22:3A:BD:7E:EE:E0:16:05 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption dc:e6:e1:ea:10:f6:6e:09:49:48:1e:e2:dc:8c:a8:db:6d:17: e3:56:9b:95:1c:7d:16:b1:67:a8:e2:25:a4:85:40:42:50:20: a0:ab:bb:66:0f:02:a3:d4:f9:f7:f7:18:59:d9:84:84:b5:32: 04:f1:2a:84:2f:46:8c:6c:5e:d0:f1:73:40:91:bc:73:75:a0: 1c:d0:55:b8:2d:ea:0b:dd:c9:97:cc:9b:70:c3:d2:7a:57:47: 6e:47:0a:6b:f6:51:99:67:64:61:25:19:4a:3f:f3:91:f1:c5: 14:a1:40:ff:1d:83:a3:c6:3b:d8:3c:ef:95:e3:17:b9:55:e7: 49:c3:b1:6f:1b:d6:ce:b9:c4:d6:72:10:28:3c:42:26:66:72: 2d:d9:e7:d8:8b:dc:17:4a:fc:98:8c:86:a7:86:0e:48:a2:59: 6f:69:58:24:83:b7:6e:c0:48:e5:45:77:7c:9f:d8:dc:b0:7d: 15:26:8c:31:d1:ad:3c:f3:5a:fc:0a:9b:9c:46:1c:8c:2e:5c: f4:1d:8e:e1:86:fe:2d:15:cd:fc:77:d3:83:17:44:3a:b9:f8: bf:93:a2:bb:2c:43:86:65:f4:de:3a:de:fa:50:69:29:9b:e5: 7f:fb:5c:97:59:69:57:27:e7:23:a5:fe:af:d4:99:82:0f:98: cd:2a:4a:bb -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSTvxJxFxFIYgnrq4rPMcBRtD9jIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkNGRDVCREREMURCQTZEOTQwMjg3NEQ2MjIzQUJEN0VF RUUwMTYwNTAeFw0yNTEwMTgyMjQ1MzdaFw0yNTEwMjIwMjMyMzdaMDMxMTAvBgNV BAMTKEVDODM0RUQ1Q0M0ODM4N0RDQTNFQjRBNEJEQTE0OUEzOTMyNEU3QTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/lnoxApnpZwsMu/cBdMqtSll/ lepmNIvd10L/FVmuFnLtoENJjbpIadlwor14OS9ggNLGtE1CkCPkxuTXj98GJwr6 q510b5mbmNTgPMM03wojtvXurZiHeq/0pyTC4ng9TwX3G23SiRYv1gd3w4p9Zo0O we95hXsREqQgt0EndVVQmOinb3UlJ57cV4m5pn4rxFoLdLSmt99W403+wGaADYqX ztmbvp772dslcAyHYIhVVwR0tpbp4kcsnaIUY45TulRbdOnLixDP/DmjLbqokuzL bg74W3Flgrv07dcPx29XtZNlJUhVsIYXog1BL5yYd3PK4vTiMVnTYZyZmWgpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU7INO1cxIOH3KPrSkvaFJo5Mk56kwHwYDVR0j BBgwFoAULP1b3dHbptlAKHTWIjq9fu7gFgUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YjdlMGJjMC03NjFiLTRlYzMtOGY0Mi04Mjk4MWI5MWE5N2EvMC8yQ0ZENUJEREQx REJBNkQ5NDAyODc0RDYyMjNBQkQ3RUVFRTAxNjA1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkNGRDVCREREMURCQTZEOTQwMjg3NEQ2MjIzQUJEN0VFRUUw MTYwNS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWI3ZTBiYzAtNzYxYi00ZWMzLThm NDItODI5ODFiOTFhOTdhLzAvMkNGRDVCREREMURCQTZEOTQwMjg3NEQ2MjIzQUJE N0VFRUUwMTYwNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBANzm4eoQ9m4JSUge4tyMqNttF+NWm5UcfRax Z6jiJaSFQEJQIKCru2YPAqPU+ff3GFnZhIS1MgTxKoQvRoxsXtDxc0CRvHN1oBzQ Vbgt6gvdyZfMm3DD0npXR25HCmv2UZlnZGElGUo/85HxxRShQP8dg6PGO9g875Xj F7lV50nDsW8b1s65xNZyECg8QiZmci3Z59iL3BdK/JiMhqeGDkiiWW9pWCSDt27A SOVFd3yf2NywfRUmjDHRrTzzWvwKm5xGHIwuXPQdjuGG/i0Vzfx304MXRDq5+L+T orssQ4Zl9N463vpQaSmb5X/7XJdZaVcn5yOl/q/UmYIPmM0qSrs= -----END CERTIFICATE-----Generated at Mon Oct 20 18:46:37 2025 by rpki-client