$ rpki-client -vvf repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft File: CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft (raw, json) Hash identifier: WnAP3/tEF8qwJGhiHZI7SQwHj0BxR/X+Nmqv8tyayrc= Subject key identifier: BD:C0:1B:FA:54:DD:19:A2:C1:F5:BF:80:21:B3:78:EA:50:03:30:C6 Authority key identifier: CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F Certificate issuer: /CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F Certificate serial: 59D90A30A9C21F8B9F64CE1D8445F58A94EC478F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft Manifest number: 0527 Signing time: Fri 22 Aug 2025 12:11:53 +0000 Manifest this update: Fri 22 Aug 2025 12:06:53 +0000 Manifest next update: Tue 26 Aug 2025 00:00:53 +0000 Files and hashes: 1: 3230322e3135322e3132382e302f31392d3234203d3e203233393531.roa (hash: 0r1qT8I3KYKeRC/g+vu3+beTQV2dYBEegiYAXFw3fs8=) 2: 3230322e36352e3131322e302f32312d3234203d3e203233393531.roa (hash: 42OUxulwbAB1CTRXrAGVc4itTg6RD7nCc12Z/wbxKk0=) 3: 3230322e36352e3132332e302f32342d3234203d3e203233393531.roa (hash: uYljhWPFI38b1Nx1UtlQJyqp8X7WWWNXDKkB58nW4HI=) 4: 3230322e36352e3132342e302f32322d3234203d3e203436303531.roa (hash: nCRffZlynF4CiEOh2iuotIMhJ1K47T3UdPYWHYFk4iY=) 5: 323430313a656530303a3a2f33322d3438203d3e203233393531.roa (hash: NzMEm3c3sVacQZSWsj7eCdzP+65DR1/M0h04y+5YJYE=) 6: 3230322e36352e3131322e302f32302d3231203d3e203233393531.roa (hash: la3Lo26Aa17Lz+dfnwUc2WZ/Zq7gWX7qsfEvtWc9abY=) 7: 3230322e36352e3132322e302f32342d3234203d3e203233393531.roa (hash: 09wWxPVAnpsug3YZq5fezhFaG7QDA9T1Mjs7NiJLE+g=) 8: 3230322e36352e3132302e302f32342d3234203d3e203233393531.roa (hash: HWfHUrPU0i0A++2BYGkQMMOMjrzhDkKb6wybSU/0t9A=) 9: 3131372e32302e34382e302f32302d3234203d3e203233393531.roa (hash: jzYSflbMwJIU7OJmfhxLLNRmLBX8xfDaE+EvcpXWcPM=) 10: 3230322e36352e3131322e302f32342d3234203d3e203233393531.roa (hash: G3BDF4TZ5GKx7Jq6M6FOl3lpCmK1xcIVdoD+jUyf4vU=) 11: 3130332e3130312e3133362e302f32322d3232203d3e203233393531.roa (hash: 4xDh+QQ3DjVG3ZsJTKYXeue+iML5/d6SNSBZf74CI44=) 12: 3230322e36352e3132322e302f32332d3233203d3e203233393531.roa (hash: uySOy+S8Xsy4H4ygVfn9FFZSJNP2ZKNqDsizB5B+qv8=) 13: 3230322e36352e3131322e302f32312d3231203d3e203233393531.roa (hash: YMkK1MNXH2D6eByawSLr2fAy1YjJp/Nm5M4Ucze1b40=) 14: 3130332e3130312e3133362e302f32342d3234203d3e203538353030.roa (hash: 6WhqetXB0Qru1Hk4/GxM3BsbsVKsqVduKrzOxiby6RM=) 15: 3130332e3130312e3133372e302f32342d3234203d3e203538353030.roa (hash: SHObZCSyQ759rOoQJ/JZR3beQgRHBAmiHG/b7NwBiWM=) 16: CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl (hash: zyRUGhnAHqON2/HG9xjmpMzsEA3arv+ryxvIeWeu/sc=) 17: 3130332e3130312e3133362e302f32332d3233203d3e203233393531.roa (hash: 8QPIleK9jMxRrZo8MGpSwWvTnJ7WLwlPDZ1i0haixbA=) 18: 3130332e3130312e3133382e302f32332d3234203d3e203233393531.roa (hash: gYdjbrllcxVsFjz+69ccDbd/xh/3XuSos0MpuObt62I=) 19: 3130332e3130312e3133362e302f32332d3233203d3e203538353030.roa (hash: iGsP4VUogsadbwnWd/AM/1aXy+hpua+BCk1eWXzoRzA=) 20: 3230322e36352e3132302e302f32332d3234203d3e203233393531.roa (hash: C1WvxvbH5IPUep7eQYoHGhXLqRMtWOqOKZMr05i/OjU=) 21: 3230322e36352e3132302e302f32322d3233203d3e203233393531.roa (hash: bHw7ucEbh58xjruyf4VXXtftgFiKqgJhqbjayjPsTrs=) 22: 3230322e36352e3132312e302f32342d3234203d3e203233393531.roa (hash: W+avD/27cuz8u7PAdTFS+byjySE6cCdTL/goNcaSuQ0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 00:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:d9:0a:30:a9:c2:1f:8b:9f:64:ce:1d:84:45:f5:8a:94:ec:47:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F Validity Not Before: Aug 22 12:06:53 2025 GMT Not After : Aug 26 00:00:53 2025 GMT Subject: CN=BDC01BFA54DD19A2C1F5BF8021B378EA500330C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:3c:43:91:89:1a:fb:23:a0:15:7b:9a:89:3f: a4:bf:fc:d6:17:17:59:0d:3d:24:f5:05:00:ad:87: 88:c8:91:39:ab:6f:48:9f:2f:2e:db:e0:8a:da:46: 42:63:b5:96:6d:34:7b:d1:84:e1:fd:3c:c0:0d:dc: b3:82:f9:3f:c6:99:fc:ba:90:3a:f1:5d:aa:58:29: 33:d1:73:3f:e8:6e:3d:fc:bb:5f:5d:d1:79:9d:6b: 1c:67:f3:68:73:03:f4:86:1c:b9:d2:33:c5:a7:71: 73:a8:ca:25:f6:ce:66:45:f5:5b:08:30:a1:85:5f: f5:a8:ca:17:47:51:d3:99:39:3f:14:af:3b:42:78: cd:23:c5:b2:a2:b1:eb:9c:e8:47:a9:c2:07:42:76: 83:7b:e4:f3:53:84:25:6c:d8:61:92:9d:c6:29:1b: c4:4e:51:c7:d3:40:db:c1:cd:3e:87:3a:20:c3:9d: b3:5b:b6:95:14:97:67:e8:59:cd:c6:1f:b1:68:28: f2:97:55:95:39:81:e1:62:20:8b:28:f0:01:9f:dc: 52:b0:fc:a3:52:1f:1a:9e:02:de:f0:aa:f9:18:74: b9:3b:0c:80:26:df:d2:00:6a:70:25:f0:d2:98:cd: e7:8d:f1:e8:92:9c:48:28:77:c9:62:26:39:16:7e: cc:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:C0:1B:FA:54:DD:19:A2:C1:F5:BF:80:21:B3:78:EA:50:03:30:C6 X509v3 Authority Key Identifier: keyid:CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:0f:2d:9c:86:95:d4:95:c8:d0:27:f9:6a:93:a4:30:e7:8c: 40:11:d4:98:94:44:1a:36:d9:08:e1:7b:10:c1:3a:f0:9e:70: 07:fb:bd:13:30:42:b2:32:5d:8f:de:ac:da:15:c5:6a:1e:71: 4b:5f:57:d8:be:5c:63:9e:9a:ba:6f:c1:3b:5a:0d:be:1a:77: 32:aa:09:18:ba:cb:6f:22:48:9e:d1:44:f7:bb:ef:b5:d1:cd: 54:a9:d2:9b:7b:be:11:68:9f:52:b0:26:ef:8c:51:41:c3:c2: 4e:e8:97:f7:32:57:54:8f:4e:72:33:5c:26:f6:4c:cd:93:ac: 5f:0b:74:95:7b:04:dc:88:77:85:c7:ef:87:56:92:b4:45:a9: 15:c0:92:ce:90:10:4e:f8:67:a8:3a:92:fc:d3:c2:31:94:c3: 94:27:26:f8:63:5d:40:3d:7f:89:4a:36:f2:18:61:2a:c9:5d: 18:50:49:d1:e2:02:a9:47:48:1f:f4:f1:a8:46:fb:2c:79:1e: f2:d1:75:9d:21:66:b4:08:6c:65:69:53:dc:d8:85:d9:fd:41: c9:aa:df:ea:72:c3:2b:98:40:77:49:a6:74:90:7a:4c:56:49: ee:48:60:e9:bc:88:c8:2a:36:8e:2a:ce:0f:25:45:10:59:37: 10:3e:d3:76 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWdkKMKnCH4ufZM4dhEX1ipTsR48wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUx NDNDOEU4RjAeFw0yNTA4MjIxMjA2NTNaFw0yNTA4MjYwMDAwNTNaMDMxMTAvBgNV BAMTKEJEQzAxQkZBNTRERDE5QTJDMUY1QkY4MDIxQjM3OEVBNTAwMzMwQzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLPEORiRr7I6AVe5qJP6S//NYX F1kNPST1BQCth4jIkTmrb0ifLy7b4IraRkJjtZZtNHvRhOH9PMAN3LOC+T/Gmfy6 kDrxXapYKTPRcz/obj38u19d0Xmdaxxn82hzA/SGHLnSM8WncXOoyiX2zmZF9VsI MKGFX/WoyhdHUdOZOT8UrztCeM0jxbKiseuc6EepwgdCdoN75PNThCVs2GGSncYp G8ROUcfTQNvBzT6HOiDDnbNbtpUUl2foWc3GH7FoKPKXVZU5geFiIIso8AGf3FKw /KNSHxqeAt7wqvkYdLk7DIAm39IAanAl8NKYzeeN8eiSnEgod8liJjkWfsxhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUvcAb+lTdGaLB9b+AIbN46lADMMYwHwYDVR0j BBgwFoAUyjW6x6QF3x7Z7WLwnS9PLhQ8jo8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ZTZhN2U0Ni1iNmFkLTRhN2QtYjkzMC0xYWIwYmYwMmRkNWQvMC9DQTM1QkFDN0E0 MDVERjFFRDlFRDYyRjA5RDJGNEYyRTE0M0M4RThGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUxNDND OEU4Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWU2YTdlNDYtYjZhZC00YTdkLWI5 MzAtMWFiMGJmMDJkZDVkLzAvQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRG MkUxNDNDOEU4Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFgPLZyGldSVyNAn+WqTpDDnjEAR1JiURBo2 2QjhexDBOvCecAf7vRMwQrIyXY/erNoVxWoecUtfV9i+XGOemrpvwTtaDb4adzKq CRi6y28iSJ7RRPe777XRzVSp0pt7vhFon1KwJu+MUUHDwk7ol/cyV1SPTnIzXCb2 TM2TrF8LdJV7BNyId4XH74dWkrRFqRXAks6QEE74Z6g6kvzTwjGUw5QnJvhjXUA9 f4lKNvIYYSrJXRhQSdHiAqlHSB/08ahG+yx5HvLRdZ0hZrQIbGVpU9zYhdn9Qcmq 3+pywyuYQHdJpnSQekxWSe5IYOm8iMgqNo4qzg8lRRBZNxA+03Y= -----END CERTIFICATE-----Generated at Sat Aug 23 10:34:39 2025 by rpki-client