$ rpki-client -vvf repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft File: 4AA76DED689FD4420809D0962087A03BCF018FEA.mft (raw, json) Hash identifier: amAg2XjKnx0JET8Nar6FYIQxEYoeAWIEmyhDpSKKLyM= Subject key identifier: 64:8A:58:EA:99:98:3E:31:96:E3:2B:53:EC:9B:D5:0A:B6:F5:F7:C3 Authority key identifier: 4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA Certificate issuer: /CN=4AA76DED689FD4420809D0962087A03BCF018FEA Certificate serial: 6BC432A47040CB38FF62BFD7273008BAF80EFF6F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft Manifest number: D6 Signing time: Sat 18 Oct 2025 19:31:42 +0000 Manifest this update: Sat 18 Oct 2025 19:26:42 +0000 Manifest next update: Wed 22 Oct 2025 02:56:42 +0000 Files and hashes: 1: 3130332e39392e3133362e302f32342d3234203d3e20313531353735.roa (hash: 2CpAucK+rvU21eAZmyDV5IqqR6dCAIafzExn8g2LOMw=) 2: 3130332e39392e3133362e302f32332d3233203d3e20313531353735.roa (hash: bYo0zSG/Y+l/kRQWqzhvCy7R5Romzqih1iDCz89t3mk=) 3: 323030313a6466343a3763303a3a2f34382d3438203d3e20313531353735.roa (hash: khEVLFQtH+a45cc9yGf67pi2XkwhJ0LBpc+mc2azWiQ=) 4: 4AA76DED689FD4420809D0962087A03BCF018FEA.crl (hash: XJj9r4+L6+emKMzFPG38/xgAMtpMLxmXCCjT4O7y6qg=) 5: 3130332e39392e3133372e302f32342d3234203d3e20313531353735.roa (hash: qGUv354O5bgjhTMZ45JMcvyFGWQg1EdVxERPegJoKCQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 02:56:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:c4:32:a4:70:40:cb:38:ff:62:bf:d7:27:30:08:ba:f8:0e:ff:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4AA76DED689FD4420809D0962087A03BCF018FEA Validity Not Before: Oct 18 19:26:42 2025 GMT Not After : Oct 22 02:56:42 2025 GMT Subject: CN=648A58EA99983E3196E32B53EC9BD50AB6F5F7C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:93:d5:c1:bf:f3:bf:d3:c5:49:e5:94:a3:c2: a8:5b:65:6e:ee:36:87:90:6b:d0:ef:28:f0:4c:59: aa:6c:89:9a:28:47:9a:53:99:66:b5:35:82:3f:39: 47:40:13:3c:02:46:a7:97:bd:17:a4:81:4a:5b:2c: bd:4d:b0:fd:40:a7:3f:49:2e:ae:c5:91:96:9f:11: 4b:b3:6e:2d:6b:84:21:28:ba:d5:a6:be:79:5c:87: 92:c5:89:d1:d5:cb:7d:0f:00:d1:b3:1f:68:be:b3: 68:0a:56:1e:41:cd:f4:31:32:74:39:88:75:9f:94: ed:be:98:37:87:50:18:30:22:be:45:eb:44:7f:b0: dd:b8:6d:34:78:8c:30:65:71:3a:d5:8e:cb:7e:2e: 66:c6:f6:41:5f:00:e8:26:e8:a3:20:38:14:33:ea: 2c:de:d8:b1:d6:64:75:de:ea:81:87:19:a4:94:04: 13:bf:d6:1e:02:71:53:d0:6c:70:55:84:29:bb:ff: 39:dc:60:bf:71:ba:ad:67:80:d5:d7:21:e8:45:85: 14:f8:a5:84:4e:0d:a5:23:1e:7f:56:bf:f7:a6:5f: b1:1a:c0:05:73:b9:6e:a9:dd:3d:a6:16:ca:b3:d7: b8:20:bd:7b:a0:90:e4:87:a4:33:6d:8d:90:03:66: 55:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:8A:58:EA:99:98:3E:31:96:E3:2B:53:EC:9B:D5:0A:B6:F5:F7:C3 X509v3 Authority Key Identifier: keyid:4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:88:e3:61:e3:30:be:0d:bc:d2:85:73:dd:9e:a4:53:d7:b1: cf:ef:ac:1c:07:69:6e:48:0f:34:8e:58:2b:df:b4:29:3a:50: 6d:e5:44:39:b9:52:cc:ce:6a:07:e5:f2:99:d3:cf:34:9c:b9: 2b:69:a4:7d:45:a4:30:9c:3b:3b:31:9d:b8:81:63:b7:74:27: 95:0a:00:48:a3:9f:0c:10:70:a2:e2:b0:a0:b0:6c:c9:1e:6b: 55:a7:a0:27:3b:4a:59:35:07:ec:e7:89:a6:2d:92:a5:f1:38: d3:a3:f7:5b:60:1a:11:4b:6d:bf:36:3d:07:9d:3d:c4:fa:39: b9:e4:51:0b:26:89:cc:de:19:a0:07:48:56:20:6d:55:ad:2a: bb:73:61:34:d6:56:b5:6b:63:da:e8:ef:ad:3e:11:8b:64:aa: 71:36:8b:41:d4:61:bd:65:da:9f:75:45:f4:87:e9:d7:16:5e: b8:c0:c5:9f:af:d9:df:1d:84:1c:eb:ff:a5:d4:da:1a:9c:6b: 09:25:fe:e9:e0:06:6f:1d:d7:1e:de:5c:62:24:98:6c:83:56: d5:88:46:c2:bb:d3:4b:1e:37:7e:c7:f1:39:a7:65:70:f9:b6: 6b:eb:f7:03:f6:98:4d:e9:9c:35:8b:b5:4a:66:69:cc:f7:04: 3a:6e:b7:41 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUa8QypHBAyzj/Yr/XJzAIuvgO/28wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JD RjAxOEZFQTAeFw0yNTEwMTgxOTI2NDJaFw0yNTEwMjIwMjU2NDJaMDMxMTAvBgNV BAMTKDY0OEE1OEVBOTk5ODNFMzE5NkUzMkI1M0VDOUJENTBBQjZGNUY3QzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChk9XBv/O/08VJ5ZSjwqhbZW7u NoeQa9DvKPBMWapsiZooR5pTmWa1NYI/OUdAEzwCRqeXvRekgUpbLL1NsP1Apz9J Lq7FkZafEUuzbi1rhCEoutWmvnlch5LFidHVy30PANGzH2i+s2gKVh5BzfQxMnQ5 iHWflO2+mDeHUBgwIr5F60R/sN24bTR4jDBlcTrVjst+LmbG9kFfAOgm6KMgOBQz 6ize2LHWZHXe6oGHGaSUBBO/1h4CcVPQbHBVhCm7/zncYL9xuq1ngNXXIehFhRT4 pYRODaUjHn9Wv/emX7EawAVzuW6p3T2mFsqz17ggvXugkOSHpDNtjZADZlUfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZIpY6pmYPjGW4ytT7JvVCrb198MwHwYDVR0j BBgwFoAUSqdt7Wif1EIICdCWIIegO88Bj+owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YzI4MGFmMy1hYTFkLTQyNzEtOGMwNi1hM2ZhMjg4OTg0MjYvMC80QUE3NkRFRDY4 OUZENDQyMDgwOUQwOTYyMDg3QTAzQkNGMDE4RkVBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JDRjAx OEZFQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmMyODBhZjMtYWExZC00MjcxLThj MDYtYTNmYTI4ODk4NDI2LzAvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0Ew M0JDRjAxOEZFQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEeI42HjML4NvNKFc92epFPXsc/vrBwHaW5I DzSOWCvftCk6UG3lRDm5UszOagfl8pnTzzScuStppH1FpDCcOzsxnbiBY7d0J5UK AEijnwwQcKLisKCwbMkea1WnoCc7Slk1B+zniaYtkqXxONOj91tgGhFLbb82PQed PcT6ObnkUQsmiczeGaAHSFYgbVWtKrtzYTTWVrVrY9ro760+EYtkqnE2i0HUYb1l 2p91RfSH6dcWXrjAxZ+v2d8dhBzr/6XU2hqcawkl/ungBm8d1x7eXGIkmGyDVtWI RsK700seN37H8TmnZXD5tmvr9wP2mE3pnDWLtUpmacz3BDput0E= -----END CERTIFICATE-----Generated at Mon Oct 20 12:07:17 2025 by rpki-client