$ rpki-client -vvf repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft File: 3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft (raw, json) Hash identifier: bCsD69KKYBq0oTinfHAX5xiHbWi+S6qeDj4AVqCZQl0= Subject key identifier: B9:01:C5:56:55:FB:6D:5F:B6:2A:52:B7:72:CC:C2:2E:DE:8D:E4:26 Authority key identifier: 31:57:B9:BE:6F:36:9A:1C:A3:87:38:FF:D6:4D:61:13:C7:5C:0E:2D Certificate issuer: /CN=3157B9BE6F369A1CA38738FFD64D6113C75C0E2D Certificate serial: 1A49FB9EC3ADA3A8499076577D8298A4728C84B3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer Subject info access: rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft Manifest number: AE Signing time: Sun 19 Oct 2025 14:11:52 +0000 Manifest this update: Sun 19 Oct 2025 14:06:52 +0000 Manifest next update: Wed 22 Oct 2025 22:22:52 +0000 Files and hashes: 1: 3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl (hash: zn/FEkZcpGqLJ1wk/lqV34kc+eXyj9jh7pgxcT/CfWo=) 2: 3136302e32322e3132382e302f32332d3233203d3e20313532383138.roa (hash: W0LbcDgwtmyP20SeYwIB78u7UnepT3G+vjiQKG938P8=) 3: 3136302e32322e3132392e302f32342d3234203d3e20313532383138.roa (hash: kfe7bioqh5Iq3Zs3yK/jDrU8ENFR3XhQIQMqoWIpf3I=) 4: 3136302e32322e3132382e302f32342d3234203d3e20313532383138.roa (hash: vWKkBT4xeS3gWR4PhONDDyBeT46kLBCLfRTaWAbu5Wk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 22:22:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:49:fb:9e:c3:ad:a3:a8:49:90:76:57:7d:82:98:a4:72:8c:84:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3157B9BE6F369A1CA38738FFD64D6113C75C0E2D Validity Not Before: Oct 19 14:06:52 2025 GMT Not After : Oct 22 22:22:52 2025 GMT Subject: CN=B901C55655FB6D5FB62A52B772CCC22EDE8DE426 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ad:9b:14:06:9a:99:f6:6e:ab:2c:65:f9:f1: a8:a6:57:99:c9:28:4e:f9:ed:07:79:9a:ad:d6:37: 5d:89:c5:9a:44:74:25:af:75:c2:03:f3:22:48:0e: 26:3d:c8:6f:8e:86:6f:21:fb:6d:9f:ce:40:bf:c5: ad:55:2b:24:94:e1:ac:6b:c4:79:a9:ff:fc:07:ab: fb:3b:4d:90:ff:b5:c7:88:5c:95:04:46:aa:44:62: c0:70:e0:0e:c0:40:ea:6b:4c:43:ab:a9:3b:3a:8b: a9:80:67:0c:d5:47:c7:20:3b:43:89:9e:94:3f:96: fc:d5:9b:7c:6f:c3:0a:02:00:85:2b:10:dd:b6:44: 9f:2d:53:5e:0a:1f:c6:5f:ca:8d:cd:0f:4d:f4:78: fd:bd:2d:c6:37:14:43:31:9b:13:f3:2d:f9:7f:75: f1:e6:8f:7d:01:4d:2d:e6:4a:5d:e5:a8:7b:f9:ff: eb:c3:20:01:12:d2:b0:f1:76:da:3e:ff:3d:25:34: 84:f3:be:df:25:b4:0c:f0:c8:99:11:8d:3d:6e:f5: c7:6f:93:7f:e0:04:5d:d4:85:20:93:75:0c:2a:17: 97:e1:ae:05:40:84:0e:af:51:cc:90:23:7d:70:de: df:8d:7d:c3:b1:69:f7:3a:ca:9e:fd:34:d6:75:e0: a0:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:01:C5:56:55:FB:6D:5F:B6:2A:52:B7:72:CC:C2:2E:DE:8D:E4:26 X509v3 Authority Key Identifier: keyid:31:57:B9:BE:6F:36:9A:1C:A3:87:38:FF:D6:4D:61:13:C7:5C:0E:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:c1:ca:f3:53:2d:08:22:3e:82:20:73:b2:51:53:73:81:7c: 9a:fa:43:31:35:61:28:84:8e:b4:3a:9a:9d:1e:2f:75:ee:bb: 24:cf:56:f2:b1:ac:90:76:77:27:9d:e9:68:49:63:c6:8a:7b: 7c:39:10:c0:ea:d0:9d:a0:16:94:71:1c:f5:bb:14:d2:4a:97: 3f:12:3f:6e:2e:00:7f:81:21:5a:7e:e8:a7:d4:d1:c3:b3:23: bb:34:43:17:d9:b4:ca:2a:1d:58:e8:e7:f3:59:54:74:39:d1: d7:87:c4:ec:d8:a8:ed:90:e2:f2:82:f2:43:c1:e4:05:85:37: d1:cd:80:36:a6:13:5a:91:70:74:39:7a:6c:9a:75:12:4b:4f: 2c:d0:2b:fe:69:9f:cc:54:84:05:7a:c4:33:1d:cb:d7:39:56: 50:16:7e:bf:8e:a4:78:14:8a:51:e5:5b:fa:6b:56:e0:d9:98: 86:f9:63:8d:9e:01:67:c6:a8:88:ec:7d:47:5f:0a:92:ee:ac: 00:3a:b3:a1:da:50:c5:4d:50:96:df:7a:9a:21:c7:70:52:07: a6:f1:38:0d:fa:47:23:98:b6:cb:c4:fd:ce:2c:98:eb:60:dc: 28:66:be:13:46:ed:c3:29:29:9a:dd:08:61:bb:6a:01:4d:c4: f4:62:ec:49 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGkn7nsOto6hJkHZXfYKYpHKMhLMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYxMTND NzVDMEUyRDAeFw0yNTEwMTkxNDA2NTJaFw0yNTEwMjIyMjIyNTJaMDMxMTAvBgNV BAMTKEI5MDFDNTU2NTVGQjZENUZCNjJBNTJCNzcyQ0NDMjJFREU4REU0MjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPrZsUBpqZ9m6rLGX58aimV5nJ KE757Qd5mq3WN12JxZpEdCWvdcID8yJIDiY9yG+Ohm8h+22fzkC/xa1VKySU4axr xHmp//wHq/s7TZD/tceIXJUERqpEYsBw4A7AQOprTEOrqTs6i6mAZwzVR8cgO0OJ npQ/lvzVm3xvwwoCAIUrEN22RJ8tU14KH8Zfyo3ND030eP29LcY3FEMxmxPzLfl/ dfHmj30BTS3mSl3lqHv5/+vDIAES0rDxdto+/z0lNITzvt8ltAzwyJkRjT1u9cdv k3/gBF3UhSCTdQwqF5fhrgVAhA6vUcyQI31w3t+NfcOxafc6yp79NNZ14KAdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUuQHFVlX7bV+2KlK3cszCLt6N5CYwHwYDVR0j BBgwFoAUMVe5vm82mhyjhzj/1k1hE8dcDi0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MGZiNzhhOS1jZDY4LTQ0ZmQtODVhYS02YzZiMDhjYjIzNDYvMC8zMTU3QjlCRTZG MzY5QTFDQTM4NzM4RkZENjRENjExM0M3NUMwRTJELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYxMTNDNzVD MEUyRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzBmYjc4YTktY2Q2OC00NGZkLTg1 YWEtNmM2YjA4Y2IyMzQ2LzAvMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYx MTNDNzVDMEUyRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGzByvNTLQgiPoIgc7JRU3OBfJr6QzE1YSiE jrQ6mp0eL3XuuyTPVvKxrJB2dyed6WhJY8aKe3w5EMDq0J2gFpRxHPW7FNJKlz8S P24uAH+BIVp+6KfU0cOzI7s0QxfZtMoqHVjo5/NZVHQ50deHxOzYqO2Q4vKC8kPB 5AWFN9HNgDamE1qRcHQ5emyadRJLTyzQK/5pn8xUhAV6xDMdy9c5VlAWfr+OpHgU ilHlW/prVuDZmIb5Y42eAWfGqIjsfUdfCpLurAA6s6HaUMVNUJbfepohx3BSB6bx OA36RyOYtsvE/c4smOtg3ChmvhNG7cMpKZrdCGG7agFNxPRi7Ek= -----END CERTIFICATE-----Generated at Mon Oct 20 10:24:42 2025 by rpki-client