$ rpki-client -vvf repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft File: D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft (raw, json) Hash identifier: O7lOY++b8k6NlGI1S3s9x8sBWSDmx16oWpgtyi5tAb0= Subject key identifier: A0:DF:02:F8:5B:14:E6:76:95:03:56:24:0E:17:E7:B8:00:A0:AD:6D Authority key identifier: D0:F7:9D:82:6E:43:EA:B6:1A:7A:83:4E:6A:27:77:C5:EC:82:1F:FD Certificate issuer: /CN=D0F79D826E43EAB61A7A834E6A2777C5EC821FFD Certificate serial: 704286303370BE45FC9771FA7ED3F54AF67014C2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft Manifest number: 01CF Signing time: Sat 18 Oct 2025 11:12:19 +0000 Manifest this update: Sat 18 Oct 2025 11:07:19 +0000 Manifest next update: Tue 21 Oct 2025 12:43:19 +0000 Files and hashes: 1: 3130332e37352e3133362e302f32332d3233203d3e20313530353233.roa (hash: YcSRTKOMF12aOzXL8N5UR6kDF37yCb3W4QZONTd7a9A=) 2: 3130332e37352e3133372e302f32342d3234203d3e20313530353233.roa (hash: Qa1udsECIRHsg1OUvc+qS4VEGfZjWwfHSm/JuoyHhYg=) 3: 3130332e37352e3133362e302f32342d3234203d3e20313530353233.roa (hash: q6SY7dMZTZK38tnoR+pXFf7kzoZFDF5ifDK7XqxUw8c=) 4: D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.crl (hash: 4tzy5zo87FhIxZgaHTLEGW5mU1YH/DlABM+/Jvp0Rds=) 5: 323030313a6466313a646663303a3a2f34382d3438203d3e20313530353233.roa (hash: 6/CFAgI9fYm2h+bpsbThjdmYrbI1a+tEsxm7cMbpBNY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.crl rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 12:43:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:42:86:30:33:70:be:45:fc:97:71:fa:7e:d3:f5:4a:f6:70:14:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D0F79D826E43EAB61A7A834E6A2777C5EC821FFD Validity Not Before: Oct 18 11:07:19 2025 GMT Not After : Oct 21 12:43:19 2025 GMT Subject: CN=A0DF02F85B14E676950356240E17E7B800A0AD6D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:f4:45:c4:8d:0b:e6:91:d9:73:2b:5e:06:06: 7e:e6:e6:a8:8a:7d:f7:15:99:9a:23:64:a0:5f:f7: 63:41:1c:6c:92:ad:a9:8d:23:28:7a:c6:2c:6c:d1: c1:82:59:e0:ce:d5:02:96:51:e3:8a:8d:63:35:15: 1f:d2:02:cc:a4:05:e8:b0:91:e9:14:0d:4d:fa:29: 45:33:4c:c1:18:bd:d8:01:6e:09:24:5c:2f:a7:1b: ea:22:3e:b1:d0:e9:98:71:49:8a:c4:20:16:d6:44: f8:cf:14:0e:c7:9e:13:61:bc:a9:7d:ba:28:c7:d4: 4e:68:79:d5:0f:2a:2f:d1:ac:e9:38:cc:6f:ed:4a: 6c:ee:e3:c2:4d:3b:27:38:ec:d4:09:e9:43:25:39: 59:ad:cb:6b:d7:f2:84:42:36:fd:eb:37:cf:78:94: ef:ab:d1:e7:5f:a4:ad:1f:9b:22:af:c8:e7:ac:7a: 04:3d:77:14:5c:74:da:50:fa:93:07:9e:b2:f8:a3: e8:31:fd:bd:7c:53:0f:3d:7d:d0:9c:1d:88:a0:e0: 6a:f4:27:b3:c9:11:e6:82:8d:b7:f1:97:8a:7f:f8: 21:92:55:89:42:ea:8d:e2:6a:c7:31:df:71:a7:a6: 6f:f3:13:a1:b7:d1:eb:9e:ec:47:35:2a:bf:b2:28: 1b:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:DF:02:F8:5B:14:E6:76:95:03:56:24:0E:17:E7:B8:00:A0:AD:6D X509v3 Authority Key Identifier: keyid:D0:F7:9D:82:6E:43:EA:B6:1A:7A:83:4E:6A:27:77:C5:EC:82:1F:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:a0:65:d0:78:76:b4:c5:ec:10:4d:c1:74:87:17:a8:22:96: 1c:61:85:31:79:93:07:6c:e2:15:2b:7a:50:a9:2f:8b:a8:8e: fa:e4:0c:52:92:8e:d1:a0:8b:a7:fe:2c:16:c0:0d:50:4d:09: 02:80:63:42:52:99:99:41:16:24:c6:5d:d1:74:a2:c2:cd:70: de:6a:8f:61:fb:70:81:66:e8:a8:21:ea:3c:4b:ed:4a:63:80: 92:1f:80:ff:a8:1c:2b:8f:15:32:25:26:ae:d1:92:f2:45:86: f6:9c:50:48:76:8e:5a:50:e1:c4:29:57:5d:c2:06:0f:b4:3b: fc:c2:bd:61:c0:05:d0:72:45:ba:a8:36:7d:8d:9d:39:12:3d: 99:d2:4d:fb:d9:04:93:b8:34:9c:46:17:da:47:df:fe:ff:81: c6:d6:dd:f3:c4:72:e9:5f:67:d8:6b:4f:25:dd:20:56:e5:80: 99:b3:bc:bb:39:ff:e3:c1:55:2c:3e:7f:c8:b8:98:5f:67:4a: 8d:81:fe:3c:84:af:60:b6:07:cf:d8:a5:d8:13:e2:a0:d3:f6: a6:8b:2e:c3:e3:38:e9:cb:a5:c0:02:f7:fe:0a:6f:81:08:5f: 09:69:4c:96:5a:4d:99:35:dc:f4:52:89:f2:09:55:fe:7c:7b: df:8d:4f:63 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUcEKGMDNwvkX8l3H6ftP1SvZwFMIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDBGNzlEODI2RTQzRUFCNjFBN0E4MzRFNkEyNzc3QzVF QzgyMUZGRDAeFw0yNTEwMTgxMTA3MTlaFw0yNTEwMjExMjQzMTlaMDMxMTAvBgNV BAMTKEEwREYwMkY4NUIxNEU2NzY5NTAzNTYyNDBFMTdFN0I4MDBBMEFENkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC89EXEjQvmkdlzK14GBn7m5qiK ffcVmZojZKBf92NBHGySramNIyh6xixs0cGCWeDO1QKWUeOKjWM1FR/SAsykBeiw kekUDU36KUUzTMEYvdgBbgkkXC+nG+oiPrHQ6ZhxSYrEIBbWRPjPFA7HnhNhvKl9 uijH1E5oedUPKi/RrOk4zG/tSmzu48JNOyc47NQJ6UMlOVmty2vX8oRCNv3rN894 lO+r0edfpK0fmyKvyOesegQ9dxRcdNpQ+pMHnrL4o+gx/b18Uw89fdCcHYig4Gr0 J7PJEeaCjbfxl4p/+CGSVYlC6o3iascx33Gnpm/zE6G30eue7Ec1Kr+yKBvtAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUoN8C+FsU5naVA1YkDhfnuACgrW0wHwYDVR0j BBgwFoAU0Pedgm5D6rYaeoNOaid3xeyCH/0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ODQ2MzI4NS03YzI4LTQzNWEtODJiYi1mY2MzMmQ1ODAyMGUvMC9EMEY3OUQ4MjZF NDNFQUI2MUE3QTgzNEU2QTI3NzdDNUVDODIxRkZELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDBGNzlEODI2RTQzRUFCNjFBN0E4MzRFNkEyNzc3QzVFQzgy MUZGRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjg0NjMyODUtN2MyOC00MzVhLTgy YmItZmNjMzJkNTgwMjBlLzAvRDBGNzlEODI2RTQzRUFCNjFBN0E4MzRFNkEyNzc3 QzVFQzgyMUZGRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADWgZdB4drTF7BBNwXSHF6gilhxhhTF5kwds 4hUrelCpL4uojvrkDFKSjtGgi6f+LBbADVBNCQKAY0JSmZlBFiTGXdF0osLNcN5q j2H7cIFm6Kgh6jxL7UpjgJIfgP+oHCuPFTIlJq7RkvJFhvacUEh2jlpQ4cQpV13C Bg+0O/zCvWHABdByRbqoNn2NnTkSPZnSTfvZBJO4NJxGF9pH3/7/gcbW3fPEculf Z9hrTyXdIFblgJmzvLs5/+PBVSw+f8i4mF9nSo2B/jyEr2C2B8/YpdgT4qDT9qaL LsPjOOnLpcAC9/4Kb4EIXwlpTJZaTZk13PRSifIJVf58e9+NT2M= -----END CERTIFICATE-----Generated at Mon Oct 20 12:45:51 2025 by rpki-client