$ rpki-client -vvf repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft File: 338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft (raw, json) Hash identifier: iTK4e/Ta8sVQuZrvntiyOxspD2zdl8E/SIVY5GsuhYs= Subject key identifier: 0D:38:32:F9:0A:12:C8:01:8E:76:E8:26:3E:A7:29:E2:AB:DF:7B:DE Authority key identifier: 33:8D:EB:8D:70:51:C6:3F:C6:CC:D7:B1:A5:DD:8C:9E:3C:93:B9:6B Certificate issuer: /CN=338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B Certificate serial: 7BE15B6C344CD32DBD3EE35206F5B15C54ED7009 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft Manifest number: 04E5 Signing time: Mon 20 Oct 2025 01:12:02 +0000 Manifest this update: Mon 20 Oct 2025 01:07:02 +0000 Manifest next update: Thu 23 Oct 2025 01:31:02 +0000 Files and hashes: 1: 338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl (hash: vsFrdV84J9oYPWblkcbskRGt+bNwI4s562NCYLrMJdY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 01:31:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:e1:5b:6c:34:4c:d3:2d:bd:3e:e3:52:06:f5:b1:5c:54:ed:70:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B Validity Not Before: Oct 20 01:07:02 2025 GMT Not After : Oct 23 01:31:02 2025 GMT Subject: CN=0D3832F90A12C8018E76E8263EA729E2ABDF7BDE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:eb:1f:bc:e5:49:f3:b5:47:ed:74:a0:d2:f4: 11:f3:d5:fe:72:0f:d8:17:1c:24:1e:83:c2:7e:00: 94:ca:c4:31:40:0c:0c:83:22:25:7e:5f:d7:c8:b4: ff:5c:7e:ff:c7:b8:1e:14:17:f2:f0:4e:8d:05:9e: 0f:4b:c3:48:22:84:c4:13:f7:d4:9b:c6:02:93:2f: 88:37:6d:83:3a:8d:dd:2a:22:77:22:91:b4:81:09: a2:dc:0f:c8:7b:cc:21:40:fa:07:44:93:17:06:46: 21:b1:07:d7:02:ae:a6:1f:88:ac:f4:29:24:b9:cb: 61:5c:ae:ee:d1:1c:b7:21:d1:d5:05:9d:fb:99:53: a9:a0:eb:ce:d2:d9:91:6e:0f:30:92:8c:cc:77:75: 5c:c5:e3:9e:51:b4:b9:de:23:2d:f3:f7:63:35:eb: 59:03:5b:9c:7a:fb:09:e6:62:03:ef:5f:bf:39:5a: 8e:a6:ee:ba:de:a1:29:2b:fe:b0:f6:c5:0e:54:ab: 8d:ab:0e:68:a5:c9:65:a5:68:0d:e8:db:88:e3:a5: 7c:65:cd:cd:06:47:ce:9c:80:da:75:8a:c7:d9:0f: ca:07:34:81:27:66:c4:8d:03:0f:fc:31:68:e5:9b: a7:8e:cc:9f:70:37:94:ff:bd:b9:d0:75:99:f7:25: d5:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:38:32:F9:0A:12:C8:01:8E:76:E8:26:3E:A7:29:E2:AB:DF:7B:DE X509v3 Authority Key Identifier: keyid:33:8D:EB:8D:70:51:C6:3F:C6:CC:D7:B1:A5:DD:8C:9E:3C:93:B9:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:6d:c8:8f:c7:98:d8:4f:0b:67:c4:a6:3e:11:c5:f9:7a:02: d6:fb:a8:e4:c4:d4:91:6b:64:7c:0a:85:3a:fa:18:4d:0f:bc: ea:fa:7a:ec:65:06:34:4e:d0:37:95:94:66:6a:57:65:c0:9c: 1e:49:ed:8e:96:d9:53:c2:8a:ec:45:1e:13:2f:b1:64:ed:96: 37:a4:4d:d3:dc:f9:ee:5a:ea:c9:d7:c4:e3:d0:2a:2f:91:2c: 87:07:bd:43:01:38:f2:7b:31:79:9d:f6:4a:6e:0b:f8:d2:96: 33:d6:45:53:56:15:25:7b:43:7c:26:00:3e:4f:dd:9b:1c:fd: fb:af:ad:59:2c:d4:a2:31:62:56:a4:6e:f8:ca:c0:34:12:57: 3c:c7:3c:aa:4d:be:4f:6b:05:58:61:89:6c:0c:9c:37:ba:ad: 60:32:a1:a0:48:a2:31:62:ed:2a:61:2f:b7:d2:38:da:dc:1b: 47:61:ee:a6:ed:31:fb:54:cd:47:c7:d9:9b:ad:7e:67:35:41: 15:45:ac:9e:60:8e:05:33:d8:7c:62:06:19:ce:ad:92:81:0f: 43:4b:48:0c:e7:79:ce:1b:1f:72:04:ef:91:97:ba:27:c2:58: 61:0d:91:ff:ab:97:8f:14:24:7d:b5:08:be:41:07:2e:5d:06: 65:dd:ec:96 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUe+FbbDRM0y29PuNSBvWxXFTtcAkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhDOUUz QzkzQjk2QjAeFw0yNTEwMjAwMTA3MDJaFw0yNTEwMjMwMTMxMDJaMDMxMTAvBgNV BAMTKDBEMzgzMkY5MEExMkM4MDE4RTc2RTgyNjNFQTcyOUUyQUJERjdCREUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV6x+85UnztUftdKDS9BHz1f5y D9gXHCQeg8J+AJTKxDFADAyDIiV+X9fItP9cfv/HuB4UF/LwTo0Fng9Lw0gihMQT 99SbxgKTL4g3bYM6jd0qIncikbSBCaLcD8h7zCFA+gdEkxcGRiGxB9cCrqYfiKz0 KSS5y2Fcru7RHLch0dUFnfuZU6mg687S2ZFuDzCSjMx3dVzF455RtLneIy3z92M1 61kDW5x6+wnmYgPvX785Wo6m7rreoSkr/rD2xQ5Uq42rDmilyWWlaA3o24jjpXxl zc0GR86cgNp1isfZD8oHNIEnZsSNAw/8MWjlm6eOzJ9wN5T/vbnQdZn3JdUxAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUDTgy+QoSyAGOdugmPqcp4qvfe94wHwYDVR0j BBgwFoAUM43rjXBRxj/GzNexpd2MnjyTuWswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MjRhNjVmNC00ZjRiLTQ0YjYtYTJlYi01OTk1N2JjNmE0ZDMvMC8zMzhERUI4RDcw NTFDNjNGQzZDQ0Q3QjFBNUREOEM5RTNDOTNCOTZCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhDOUUzQzkz Qjk2Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzI0YTY1ZjQtNGY0Yi00NGI2LWEy ZWItNTk5NTdiYzZhNGQzLzAvMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhD OUUzQzkzQjk2Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAB1tyI/HmNhPC2fEpj4Rxfl6Atb7qOTE1JFr ZHwKhTr6GE0PvOr6euxlBjRO0DeVlGZqV2XAnB5J7Y6W2VPCiuxFHhMvsWTtljek TdPc+e5a6snXxOPQKi+RLIcHvUMBOPJ7MXmd9kpuC/jSljPWRVNWFSV7Q3wmAD5P 3Zsc/fuvrVks1KIxYlakbvjKwDQSVzzHPKpNvk9rBVhhiWwMnDe6rWAyoaBIojFi 7SphL7fSONrcG0dh7qbtMftUzUfH2Zutfmc1QRVFrJ5gjgUz2HxiBhnOrZKBD0NL SAznec4bH3IE75GXuifCWGENkf+rl48UJH21CL5BBy5dBmXd7JY= -----END CERTIFICATE-----Generated at Mon Oct 20 20:18:12 2025 by rpki-client