$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: 8z0ZESWqAjdpwxJr+32mwRCQWg5UCBeUVbzdjjzY6tk= Subject key identifier: 7A:F4:83:73:C0:4C:4F:45:DB:56:CD:97:68:BE:55:F5:42:F4:5D:FB Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 4B9B3F4EF59C2072A43C2B8B223469A3F4CBBD78 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: 94 Signing time: Thu 21 Aug 2025 19:52:36 +0000 Manifest this update: Thu 21 Aug 2025 19:47:36 +0000 Manifest next update: Sun 24 Aug 2025 20:05:36 +0000 Files and hashes: 1: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: LDJv6wYx3HsP5pbUhXvKMJKGJv2fMd2X2nhqPoeeYwE=) 2: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: OU8qJl5uGD7ihUW4d0l8GXlWGsrGRN+fUkk6dGI7Vgk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 20:05:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:9b:3f:4e:f5:9c:20:72:a4:3c:2b:8b:22:34:69:a3:f4:cb:bd:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Aug 21 19:47:36 2025 GMT Not After : Aug 24 20:05:36 2025 GMT Subject: CN=7AF48373C04C4F45DB56CD9768BE55F542F45DFB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:2a:4c:84:36:7a:24:a6:43:95:e1:8b:49:63: 8e:e9:c2:6b:8d:74:83:78:44:28:97:fa:5c:7a:2a: 64:45:9c:c0:89:c2:a4:65:73:33:32:de:6e:1a:64: e6:b3:99:dc:b6:20:ea:1b:97:82:71:1b:de:be:dd: 4f:d5:38:3d:88:60:68:5a:ad:f9:c1:37:13:74:b0: 74:9d:cd:fa:a1:f0:38:21:7f:88:e2:50:2d:0f:eb: b7:22:12:ae:aa:44:c2:b1:fd:22:a7:ff:f8:c4:30: 33:f0:8e:02:81:7d:f3:9a:cd:78:93:fd:a7:d6:7c: 56:2a:3c:fc:80:be:74:ba:83:a5:91:bb:db:82:e9: ef:68:7c:2a:26:e9:f9:4f:cd:ec:cd:32:e7:59:d1: 38:5d:21:fa:e8:ee:32:a4:05:3f:83:f3:f3:65:11: a9:89:e4:1c:a5:6d:f3:65:3d:74:57:b3:d8:95:c5: 93:77:73:66:0f:b2:cc:35:84:83:a9:27:6b:a2:46: 8a:cd:11:af:3e:16:2a:da:0d:f8:8c:27:01:e5:79: 95:8c:87:e1:5e:f6:61:1d:93:83:8a:6b:91:c7:06: 96:06:64:78:70:86:3b:f7:9b:5b:11:58:39:04:a3: 40:74:00:f1:31:8e:b4:46:41:1b:84:ba:6e:ab:58: 20:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:F4:83:73:C0:4C:4F:45:DB:56:CD:97:68:BE:55:F5:42:F4:5D:FB X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:b6:2c:3d:4e:7a:f8:f5:66:3c:f5:66:e4:a7:38:63:12:44: 01:ae:b5:44:ef:88:ee:16:ea:f9:27:26:06:a3:77:51:6d:f4: 0c:ca:94:ec:92:c3:73:12:37:12:1d:aa:8e:08:f1:83:85:d7: 16:e6:41:5d:a6:6e:2c:46:89:f7:0b:82:ca:30:d5:cc:7b:5b: 87:bf:64:9b:cb:13:f0:21:af:b2:e8:ba:73:0c:3a:d3:7c:eb: 8f:bf:e8:d5:b3:ec:a7:32:6c:79:aa:92:e1:56:89:7c:9b:b4: b6:a5:06:ed:c5:95:ce:21:2d:66:60:5c:0a:70:9b:ed:6b:ed: 78:64:8c:fe:90:a4:94:d0:60:04:9a:9a:02:7e:e6:e1:8e:40: 98:49:ca:03:e7:0e:43:49:91:45:fa:65:f3:69:c7:f2:e8:02: 12:dc:5a:ae:b5:13:7d:07:ab:6d:90:98:ce:a9:61:0a:e6:e1: 74:61:f9:48:54:ef:d3:89:75:e1:d2:e0:ed:ea:94:cf:68:89: 70:f1:bc:10:4d:56:ad:29:45:87:3d:59:43:0a:23:94:63:88: ee:13:85:73:17:0e:78:12:9d:3e:43:56:38:96:77:52:5d:b2: 8a:5b:d1:b1:95:62:cb:db:da:75:78:ea:24:7c:ec:89:ab:5a: 83:37:35:9f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUS5s/TvWcIHKkPCuLIjRpo/TLvXgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNTA4MjExOTQ3MzZaFw0yNTA4MjQyMDA1MzZaMDMxMTAvBgNV BAMTKDdBRjQ4MzczQzA0QzRGNDVEQjU2Q0Q5NzY4QkU1NUY1NDJGNDVERkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0KkyENnokpkOV4YtJY47pwmuN dIN4RCiX+lx6KmRFnMCJwqRlczMy3m4aZOazmdy2IOobl4JxG96+3U/VOD2IYGha rfnBNxN0sHSdzfqh8Dghf4jiUC0P67ciEq6qRMKx/SKn//jEMDPwjgKBffOazXiT /afWfFYqPPyAvnS6g6WRu9uC6e9ofCom6flPzezNMudZ0ThdIfro7jKkBT+D8/Nl EamJ5BylbfNlPXRXs9iVxZN3c2YPssw1hIOpJ2uiRorNEa8+FiraDfiMJwHleZWM h+Fe9mEdk4OKa5HHBpYGZHhwhjv3m1sRWDkEo0B0APExjrRGQRuEum6rWCDVAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUevSDc8BMT0XbVs2XaL5V9UL0XfswHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHy2LD1Oevj1Zjz1ZuSnOGMSRAGutUTviO4W 6vknJgajd1Ft9AzKlOySw3MSNxIdqo4I8YOF1xbmQV2mbixGifcLgsow1cx7W4e/ ZJvLE/Ahr7LounMMOtN864+/6NWz7KcybHmqkuFWiXybtLalBu3Flc4hLWZgXApw m+1r7XhkjP6QpJTQYASamgJ+5uGOQJhJygPnDkNJkUX6ZfNpx/LoAhLcWq61E30H q22QmM6pYQrm4XRh+UhU79OJdeHS4O3qlM9oiXDxvBBNVq0pRYc9WUMKI5RjiO4T hXMXDngSnT5DVjiWd1Jdsopb0bGVYsvb2nV46iR87ImrWoM3NZ8= -----END CERTIFICATE-----Generated at Sat Aug 23 20:01:41 2025 by rpki-client