$ rpki-client -vvf repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.mft File: 289151EF8AE8A79D8F426683D1525AD82FAB3D5C.mft (raw, json) Hash identifier: mC1jxlTC3O+ecQQ7D0ekgByL9PlwUvs/g1RQMMZVHyA= Subject key identifier: E0:8F:A8:E6:C2:D5:A2:74:E5:F3:B2:D6:77:BA:BA:C3:39:2E:8A:F9 Authority key identifier: 28:91:51:EF:8A:E8:A7:9D:8F:42:66:83:D1:52:5A:D8:2F:AB:3D:5C Certificate issuer: /CN=289151EF8AE8A79D8F426683D1525AD82FAB3D5C Certificate serial: 39C49B29F93A7EFAC404BF39F21A49E4DE3A6A2E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.mft Manifest number: 0182 Signing time: Sun 19 Oct 2025 11:51:41 +0000 Manifest this update: Sun 19 Oct 2025 11:46:41 +0000 Manifest next update: Wed 22 Oct 2025 18:44:41 +0000 Files and hashes: 1: 323030313a6466313a633263303a3a2f34382d3438203d3e20313439393039.roa (hash: 6LOGBCF5zTr7iAtxuc25TGgWiHmJgXAtcLTxMujO3no=) 2: 3130332e3139312e35382e302f32332d3234203d3e20313439393039.roa (hash: uLA8drzoTGDdLRLknWkZIaOJdJxpC+UKHzjWLF3FpOA=) 3: 289151EF8AE8A79D8F426683D1525AD82FAB3D5C.crl (hash: o77GOjjCHh58jUj+sArhFDqOyRi7WsFU5UbDTIa8T78=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.crl rsync://repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 18:44:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:c4:9b:29:f9:3a:7e:fa:c4:04:bf:39:f2:1a:49:e4:de:3a:6a:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=289151EF8AE8A79D8F426683D1525AD82FAB3D5C Validity Not Before: Oct 19 11:46:41 2025 GMT Not After : Oct 22 18:44:41 2025 GMT Subject: CN=E08FA8E6C2D5A274E5F3B2D677BABAC3392E8AF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:16:9c:7b:e8:cb:a7:20:45:fa:66:10:84:b6: 47:18:8d:b7:78:db:57:4a:d1:53:c2:83:d7:11:63: 09:a0:45:1a:f4:3e:d7:bd:e1:ac:c2:5a:0d:ee:1e: bf:09:d9:a3:68:b8:f7:49:15:1f:b4:ca:f6:3b:a7: d6:6f:5a:ea:14:75:5f:44:28:48:5b:d3:f3:79:3a: 00:01:2c:d3:66:72:2b:35:30:90:c0:dc:64:e3:9f: 42:78:89:f7:83:93:0d:54:22:97:c3:10:0e:81:1c: 44:51:33:b4:41:f3:e2:0e:69:98:8e:05:63:ef:47: 32:8c:76:df:8a:b9:17:30:31:db:4a:77:83:83:4a: 30:8d:97:c3:99:b7:4e:b1:9e:29:24:75:1e:2c:1a: 99:e0:3b:19:df:32:67:4f:37:65:d6:77:8e:3b:29: 50:7b:3a:3f:f2:25:a1:cd:b5:c8:00:1a:0a:61:74: 90:8b:d1:71:20:b0:f8:41:a2:7a:f4:bf:af:45:36: 26:c4:eb:0b:29:c9:ca:aa:33:77:a2:be:8f:f3:ed: c5:d3:74:40:c0:c6:9a:1e:60:ce:86:67:01:36:ab: 74:d5:99:fc:20:4a:a6:99:f6:81:da:b1:27:70:b1: 53:07:f5:00:30:80:ce:44:54:49:fa:68:82:89:44: 40:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:8F:A8:E6:C2:D5:A2:74:E5:F3:B2:D6:77:BA:BA:C3:39:2E:8A:F9 X509v3 Authority Key Identifier: keyid:28:91:51:EF:8A:E8:A7:9D:8F:42:66:83:D1:52:5A:D8:2F:AB:3D:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b2:61:5e:92:cd:08:c0:9e:eb:62:fe:7f:72:8c:d8:a8:e2:51: e7:e1:2a:c8:1e:23:4d:fc:12:c1:82:6a:c4:4c:89:12:bd:c8: cf:d7:f5:01:c0:a3:72:2f:04:16:a4:6a:9c:00:2f:c4:ff:bd: b5:77:45:57:3e:9e:5a:7e:8c:f5:63:d7:3d:46:af:50:57:6a: f1:2d:64:5b:59:b5:22:86:47:7a:6c:d9:31:39:02:ba:61:66: 6d:7d:83:45:86:be:56:b0:1b:03:db:25:8c:83:f3:56:e4:87: f5:85:8d:39:ec:1d:59:95:4d:f3:4f:4c:28:e0:9f:18:bc:d0: cf:c6:84:16:5d:30:93:c4:49:ad:ae:fb:a2:27:c7:83:d9:1a: dd:10:56:79:17:03:15:0d:57:aa:90:c8:e6:9f:45:21:85:81: d1:b1:9a:1c:b3:e7:e2:66:db:b2:8b:f2:c3:a1:bc:86:4d:5a: f5:e2:7b:ab:72:20:e0:9b:b4:c7:e0:df:a7:48:5b:c0:90:57: 17:44:6b:5f:03:6a:13:68:0e:7d:11:5d:ce:52:21:de:f6:b1: 9c:e0:56:0f:1e:06:77:fb:4a:04:c8:eb:6f:96:2f:89:63:9d: a8:66:9d:fe:29:3a:e3:fa:25:b4:d9:4e:a8:d9:f9:27:00:0e: 75:c9:af:16 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOcSbKfk6fvrEBL858hpJ5N46ai4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjg5MTUxRUY4QUU4QTc5RDhGNDI2NjgzRDE1MjVBRDgy RkFCM0Q1QzAeFw0yNTEwMTkxMTQ2NDFaFw0yNTEwMjIxODQ0NDFaMDMxMTAvBgNV BAMTKEUwOEZBOEU2QzJENUEyNzRFNUYzQjJENjc3QkFCQUMzMzkyRThBRjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxFpx76MunIEX6ZhCEtkcYjbd4 21dK0VPCg9cRYwmgRRr0Pte94azCWg3uHr8J2aNouPdJFR+0yvY7p9ZvWuoUdV9E KEhb0/N5OgABLNNmcis1MJDA3GTjn0J4ifeDkw1UIpfDEA6BHERRM7RB8+IOaZiO BWPvRzKMdt+KuRcwMdtKd4ODSjCNl8OZt06xnikkdR4sGpngOxnfMmdPN2XWd447 KVB7Oj/yJaHNtcgAGgphdJCL0XEgsPhBonr0v69FNibE6wspycqqM3eivo/z7cXT dEDAxpoeYM6GZwE2q3TVmfwgSqaZ9oHasSdwsVMH9QAwgM5EVEn6aIKJRECFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU4I+o5sLVonTl87LWd7q6wzkuivkwHwYDVR0j BBgwFoAUKJFR74rop52PQmaD0VJa2C+rPVwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YmJlNjgxNS0zMTBlLTQyMDYtYTUwMC02YmI5ZDMyNjNhYmYvMC8yODkxNTFFRjhB RThBNzlEOEY0MjY2ODNEMTUyNUFEODJGQUIzRDVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjg5MTUxRUY4QUU4QTc5RDhGNDI2NjgzRDE1MjVBRDgyRkFC M0Q1Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmJiZTY4MTUtMzEwZS00MjA2LWE1 MDAtNmJiOWQzMjYzYWJmLzAvMjg5MTUxRUY4QUU4QTc5RDhGNDI2NjgzRDE1MjVB RDgyRkFCM0Q1Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALJhXpLNCMCe62L+f3KM2KjiUefhKsgeI038 EsGCasRMiRK9yM/X9QHAo3IvBBakapwAL8T/vbV3RVc+nlp+jPVj1z1Gr1BXavEt ZFtZtSKGR3ps2TE5ArphZm19g0WGvlawGwPbJYyD81bkh/WFjTnsHVmVTfNPTCjg nxi80M/GhBZdMJPESa2u+6Inx4PZGt0QVnkXAxUNV6qQyOafRSGFgdGxmhyz5+Jm 27KL8sOhvIZNWvXie6tyIOCbtMfg36dIW8CQVxdEa18DahNoDn0RXc5SId72sZzg Vg8eBnf7SgTI62+WL4ljnahmnf4pOuP6JbTZTqjZ+ScADnXJrxY= -----END CERTIFICATE-----Generated at Mon Oct 20 09:44:20 2025 by rpki-client