$ rpki-client -vvf repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft File: D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft (raw, json) Hash identifier: PSsZtUZNK2ZCm1eOqbMsmcAJZDLmD960zwJy/DeXgTE= Subject key identifier: 78:FD:9A:9A:98:45:13:80:3A:6C:41:75:A7:4E:36:1D:BA:17:87:A3 Authority key identifier: D5:8B:CD:47:A6:26:3C:C3:A1:2A:BD:E6:E3:A2:AD:28:AF:8B:DE:D7 Certificate issuer: /CN=D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7 Certificate serial: 4FC7168707A5394FC0AFC6659A468083DD3FD3C2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft Manifest number: 02FC Signing time: Sun 19 Oct 2025 16:42:10 +0000 Manifest this update: Sun 19 Oct 2025 16:37:10 +0000 Manifest next update: Wed 22 Oct 2025 17:36:10 +0000 Files and hashes: 1: 3130332e3136392e34302e302f32342d3234203d3e20313432333332.roa (hash: yIxyAi+LsGKpwTABrM9lNwtjILhJjgs1G21qada+Ir4=) 2: 3130332e3136392e34312e302f32342d3234203d3e20313432333332.roa (hash: zPRVVEuzND/TSHdVq3ZkAQYAgPmvosaZoKU+TXGH1vc=) 3: D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl (hash: +3WR0KI+2hbZy3SgfdNnbWYLpcPBRrKF0L7dgsp7guc=) 4: 3130332e3136392e34302e302f32332d3233203d3e20313432333332.roa (hash: lwypc1eue2zj3ktOWvglzu1Jo7qmvdfN4AlugN+i5Zw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 17:36:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:c7:16:87:07:a5:39:4f:c0:af:c6:65:9a:46:80:83:dd:3f:d3:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7 Validity Not Before: Oct 19 16:37:10 2025 GMT Not After : Oct 22 17:36:10 2025 GMT Subject: CN=78FD9A9A984513803A6C4175A74E361DBA1787A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:e8:d4:c9:06:7a:50:21:a0:9c:68:1a:bf:d6: eb:e2:c1:56:fe:f2:44:a4:f4:8a:09:83:ef:4e:f1: 33:a4:8a:8a:a6:ed:86:a6:33:09:32:e2:c9:aa:71: eb:c7:65:f4:f9:b7:4b:61:ef:ca:05:6e:4a:8d:13: 4f:88:1a:32:b1:41:fb:de:6d:9a:9c:0c:3e:e1:e6: 08:01:1e:d7:8d:ff:0d:28:20:fe:e1:02:6e:42:42: ff:fe:76:6b:24:ab:50:c1:05:02:ca:ef:cd:5d:93: c9:9a:2d:6a:19:40:c8:21:e7:48:53:24:ca:3e:ff: e1:f0:28:e6:25:d5:bd:eb:cf:0c:55:e8:93:88:4e: 39:a2:5b:10:73:8c:13:0d:93:40:64:5c:95:6a:3a: ac:e5:bb:70:1c:7f:51:4b:b9:32:c8:ac:2f:82:26: 21:38:4e:6d:35:e4:6d:d0:2a:a8:4c:ac:ae:61:9f: bb:ce:ea:60:cb:4c:2a:5d:c7:d1:25:fa:1b:c6:97: be:8e:69:e8:a0:b2:fa:c8:cb:dd:23:10:0b:92:82: 99:da:d7:1d:42:b5:9d:aa:df:f2:10:84:45:01:ac: 3d:76:28:f9:07:8f:36:bb:eb:65:c3:6e:68:83:65: 23:c7:ea:56:bf:99:c1:b0:f9:c9:e6:52:0f:86:df: 76:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:FD:9A:9A:98:45:13:80:3A:6C:41:75:A7:4E:36:1D:BA:17:87:A3 X509v3 Authority Key Identifier: keyid:D5:8B:CD:47:A6:26:3C:C3:A1:2A:BD:E6:E3:A2:AD:28:AF:8B:DE:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:1e:fd:57:4d:4f:5a:10:26:c7:d6:b8:3f:7d:bf:3a:f7:c5: 10:9a:5c:50:15:21:4e:3a:19:39:8b:c2:0e:63:5e:fd:41:31: fd:86:a7:a2:07:6a:96:5f:07:f0:e5:4f:39:d5:7c:c4:9f:f9: fe:21:4b:73:45:5f:31:4d:e7:24:f5:d9:ad:7c:36:af:6c:2a: ff:71:45:42:6b:01:64:23:36:21:32:57:28:43:0a:c4:2c:6d: 40:b4:a2:5d:c6:01:f7:81:58:33:4c:bb:89:76:48:46:d9:de: 4c:98:31:a5:c9:47:40:d1:df:a0:d0:bc:65:96:33:65:63:27: 94:f7:db:09:ce:54:9b:2c:5e:9d:27:d0:03:52:4b:28:72:5a: b8:6a:ac:86:35:c8:b7:06:b0:0c:be:41:e5:18:e9:61:15:1c: 37:9a:21:bc:33:59:f1:fc:f8:c1:72:3c:35:f3:92:40:ca:91: ff:ac:a7:e8:38:da:4c:0a:42:f6:6f:ff:f1:d4:22:cc:cd:be: 61:96:7c:ea:ca:1c:cb:42:c3:ef:2b:3f:d8:5f:7d:57:dc:46: c8:ba:07:fa:72:f1:84:85:8e:7f:dd:0b:1d:d4:e4:0a:b8:2e: 49:94:f9:2d:55:db:98:e1:7f:ad:a5:1b:d9:39:6c:20:29:d5: c2:a4:e5:c0 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUT8cWhwelOU/Ar8ZlmkaAg90/08IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFEMjhB RjhCREVENzAeFw0yNTEwMTkxNjM3MTBaFw0yNTEwMjIxNzM2MTBaMDMxMTAvBgNV BAMTKDc4RkQ5QTlBOTg0NTEzODAzQTZDNDE3NUE3NEUzNjFEQkExNzg3QTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX6NTJBnpQIaCcaBq/1uviwVb+ 8kSk9IoJg+9O8TOkioqm7YamMwky4smqcevHZfT5t0th78oFbkqNE0+IGjKxQfve bZqcDD7h5ggBHteN/w0oIP7hAm5CQv/+dmskq1DBBQLK781dk8maLWoZQMgh50hT JMo+/+HwKOYl1b3rzwxV6JOITjmiWxBzjBMNk0BkXJVqOqzlu3Acf1FLuTLIrC+C JiE4Tm015G3QKqhMrK5hn7vO6mDLTCpdx9El+hvGl76OaeigsvrIy90jEAuSgpna 1x1CtZ2q3/IQhEUBrD12KPkHjza762XDbmiDZSPH6la/mcGw+cnmUg+G33YJAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUeP2amphFE4A6bEF1p042HboXh6MwHwYDVR0j BBgwFoAU1YvNR6YmPMOhKr3m46KtKK+L3tcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y Y2I1MjYxOS0zNzlkLTQzMGEtYjE5Yi0xZjBlYzUzYWU5MDkvMC9ENThCQ0Q0N0E2 MjYzQ0MzQTEyQUJERTZFM0EyQUQyOEFGOEJERUQ3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFEMjhBRjhC REVENy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmNiNTI2MTktMzc5ZC00MzBhLWIx OWItMWYwZWM1M2FlOTA5LzAvRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFE MjhBRjhCREVENy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAG8e/VdNT1oQJsfWuD99vzr3xRCaXFAVIU46 GTmLwg5jXv1BMf2Gp6IHapZfB/DlTznVfMSf+f4hS3NFXzFN5yT12a18Nq9sKv9x RUJrAWQjNiEyVyhDCsQsbUC0ol3GAfeBWDNMu4l2SEbZ3kyYMaXJR0DR36DQvGWW M2VjJ5T32wnOVJssXp0n0ANSSyhyWrhqrIY1yLcGsAy+QeUY6WEVHDeaIbwzWfH8 +MFyPDXzkkDKkf+sp+g42kwKQvZv//HUIszNvmGWfOrKHMtCw+8rP9hffVfcRsi6 B/py8YSFjn/dCx3U5Aq4LkmU+S1V25jhf62lG9k5bCAp1cKk5cA= -----END CERTIFICATE-----Generated at Mon Oct 20 14:57:37 2025 by rpki-client