$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: or7AVb5RWPcHnR+j3szZlP1wvD1jIPU362+HGNh7L7Q= Subject key identifier: 40:C4:87:3B:55:7A:D4:31:C1:8B:7C:47:A3:99:87:8D:CC:22:05:9E Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 4783F6B3780AA759E2197EFB7D26484667537D22 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: AF Signing time: Sun 19 Oct 2025 21:02:23 +0000 Manifest this update: Sun 19 Oct 2025 20:57:23 +0000 Manifest next update: Thu 23 Oct 2025 01:34:23 +0000 Files and hashes: 1: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: I98r/YvoKJnqIbKebXKfBKywu1BzE/FQD60HTUreMMU=) 2: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: ZMbRC/IpBi+8mii5Dp2+jDXSaUJEjbGxObTVyki01IM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 01:34:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:83:f6:b3:78:0a:a7:59:e2:19:7e:fb:7d:26:48:46:67:53:7d:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Oct 19 20:57:23 2025 GMT Not After : Oct 23 01:34:23 2025 GMT Subject: CN=40C4873B557AD431C18B7C47A399878DCC22059E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:9c:aa:8c:e9:5f:ef:9f:dd:84:8d:8d:4c:ff: 4d:64:64:ea:b7:0b:a6:59:a6:bd:4c:07:35:13:ba: 52:6e:87:ce:25:d3:5e:f4:c5:42:09:39:61:40:65: 37:7c:fb:16:26:23:a5:b1:db:83:71:b2:5e:29:9b: 1c:14:ab:bd:46:cf:b1:88:3a:a9:98:6a:7d:2c:7c: 8e:ec:4d:db:a0:31:0d:d7:ba:45:ff:d2:7c:d0:60: 4f:4c:86:6c:db:22:ce:ff:f5:63:ca:b1:c7:92:da: 97:c5:c6:c1:c4:e5:f6:4b:5d:07:64:03:6c:51:37: bf:80:9b:18:7c:c7:f2:00:97:00:00:62:78:c3:33: 07:4a:9e:fe:1a:22:0b:f3:5e:f2:ae:6d:c8:81:e5: e2:cb:4d:a5:ee:57:7a:e6:41:8a:85:c1:17:43:89: 16:e6:47:0d:43:a1:6b:33:0a:87:62:80:70:6d:96: 11:78:af:00:51:75:bb:91:74:dd:11:eb:89:fd:f4: b4:e5:b7:ea:db:d0:f2:3c:af:b6:6e:60:81:4a:cb: 4f:cb:27:f1:32:27:28:89:e2:aa:c2:e5:ff:e9:8d: 05:a1:47:50:9b:cc:bf:75:08:8d:c0:ed:19:d4:b2: 1b:ae:cf:c1:f5:4d:2f:38:73:66:90:7a:f6:e6:69: 5a:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:C4:87:3B:55:7A:D4:31:C1:8B:7C:47:A3:99:87:8D:CC:22:05:9E X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:84:4e:98:fa:1f:21:57:0d:df:b4:3f:c7:6e:68:39:0f:8e: 5d:7a:34:b8:8a:c5:fe:54:34:71:0c:c2:63:af:af:d2:8c:81: 34:85:30:7c:84:f3:48:59:0d:94:98:03:49:a4:c1:ac:45:8e: 26:c5:fd:ed:e5:ea:31:b1:a4:1d:4d:85:11:1c:13:2a:f0:4f: a2:99:4b:cf:b6:38:17:ba:84:58:af:b0:a1:49:e1:fa:32:e5: d2:83:d4:ef:29:8d:e3:21:64:0b:e5:55:2a:ca:9c:59:b6:a8: f1:02:29:00:02:a1:b6:10:87:1b:de:bd:74:51:73:6f:c3:7d: b6:d0:58:85:47:b3:8a:0d:5e:0f:33:de:53:e0:7e:2a:71:86: 31:a4:80:68:c8:d5:f7:25:87:1d:f1:67:65:c9:be:d8:ab:fc: f7:d8:06:f3:16:64:a3:3b:e3:74:f1:ce:a8:55:49:0c:02:d2: d8:da:a0:36:1c:0f:d5:71:a7:97:15:87:64:b4:c3:49:22:5b: 00:9e:1d:f4:4c:0f:a3:3c:b9:29:5e:48:fe:12:2d:93:b5:fe: ee:46:67:e3:15:8b:38:ce:49:cb:b8:77:71:65:63:61:9f:31: 38:3a:7f:47:40:b5:06:15:97:5f:00:27:ef:ca:61:7b:6a:ba: 02:ef:3d:a8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUR4P2s3gKp1niGX77fSZIRmdTfSIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNTEwMTkyMDU3MjNaFw0yNTEwMjMwMTM0MjNaMDMxMTAvBgNV BAMTKDQwQzQ4NzNCNTU3QUQ0MzFDMThCN0M0N0EzOTk4NzhEQ0MyMjA1OUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgnKqM6V/vn92EjY1M/01kZOq3 C6ZZpr1MBzUTulJuh84l0170xUIJOWFAZTd8+xYmI6Wx24Nxsl4pmxwUq71Gz7GI OqmYan0sfI7sTdugMQ3XukX/0nzQYE9MhmzbIs7/9WPKsceS2pfFxsHE5fZLXQdk A2xRN7+Amxh8x/IAlwAAYnjDMwdKnv4aIgvzXvKubciB5eLLTaXuV3rmQYqFwRdD iRbmRw1DoWszCodigHBtlhF4rwBRdbuRdN0R64n99LTlt+rb0PI8r7ZuYIFKy0/L J/EyJyiJ4qrC5f/pjQWhR1CbzL91CI3A7RnUshuuz8H1TS84c2aQevbmaVrtAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUQMSHO1V61DHBi3xHo5mHjcwiBZ4wHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHeETpj6HyFXDd+0P8duaDkPjl16NLiKxf5U NHEMwmOvr9KMgTSFMHyE80hZDZSYA0mkwaxFjibF/e3l6jGxpB1NhREcEyrwT6KZ S8+2OBe6hFivsKFJ4foy5dKD1O8pjeMhZAvlVSrKnFm2qPECKQACobYQhxvevXRR c2/DfbbQWIVHs4oNXg8z3lPgfipxhjGkgGjI1fclhx3xZ2XJvtir/PfYBvMWZKM7 43TxzqhVSQwC0tjaoDYcD9Vxp5cVh2S0w0kiWwCeHfRMD6M8uSleSP4SLZO1/u5G Z+MVizjOScu4d3FlY2GfMTg6f0dAtQYVl18AJ+/KYXtqugLvPag= -----END CERTIFICATE-----Generated at Mon Oct 20 13:55:46 2025 by rpki-client