$ rpki-client -vvf repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft File: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft (raw, json) Hash identifier: 3PoaKLUegoP5Zgqi7Nb74Ib/FDkAxukTk1NfT9jGjO8= Subject key identifier: F5:CD:D2:F7:E8:05:8A:DD:FA:93:83:33:0A:99:89:F5:A9:8F:83:74 Authority key identifier: 2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 Certificate issuer: /CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Certificate serial: 2ACE66D0D4C2B4DDE780AA0A22CA6E79B249CD83 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft Manifest number: 01A1 Signing time: Mon 20 Oct 2025 19:20:42 +0000 Manifest this update: Mon 20 Oct 2025 19:15:42 +0000 Manifest next update: Fri 24 Oct 2025 01:32:42 +0000 Files and hashes: 1: 3130332e3137372e3231392e302f32342d3234203d3e20313331373639.roa (hash: fU1tQ4gaeWNhq2F1RA67XHvI+/xcbSrzocYJJCxhg9Q=) 2: 3130332e3137372e3231382e302f32342d3234203d3e20313331373639.roa (hash: geET9/YOwUtWNeEIEWu0ZCElrUfY/yNFJvOG/4u0aBI=) 3: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl (hash: 0ewrvHHbsVVek0QjJD8G/qa2Pt7tVGo19e+jQp7ScSQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 11:48:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:ce:66:d0:d4:c2:b4:dd:e7:80:aa:0a:22:ca:6e:79:b2:49:cd:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Validity Not Before: Oct 20 19:15:42 2025 GMT Not After : Oct 24 01:32:42 2025 GMT Subject: CN=F5CDD2F7E8058ADDFA9383330A9989F5A98F8374 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:49:79:24:de:ee:1d:0a:e5:2b:18:25:e9:89: bd:2f:98:31:53:b1:95:8f:90:c2:13:bc:3d:22:3b: db:d8:66:1c:02:69:d4:0f:0c:21:9e:ae:2c:a9:41: 9e:f9:f6:92:e9:96:0f:8b:e3:fa:6c:65:68:29:32: a9:04:c2:80:eb:b4:b7:b9:cd:39:5f:40:79:96:14: 62:df:75:94:8d:fa:41:b8:f6:91:0d:fd:01:e2:6d: a5:6d:6d:c7:4a:6c:83:00:46:4e:27:5f:4c:f1:8c: 2f:c9:e9:3b:58:98:05:0f:b9:b4:28:f5:6e:31:c9: 11:aa:a9:ac:0e:d0:5e:15:18:98:2b:55:83:79:09: d8:f2:6c:14:a3:cc:de:b0:bd:1a:1a:0e:6a:56:58: 97:62:cf:e6:4a:bc:90:83:c8:01:97:74:84:3e:55: b0:f7:03:c7:65:9e:59:00:89:b0:4b:0b:f1:e7:fb: bd:65:33:4a:bf:ed:d1:ac:83:e2:d0:1c:23:44:6b: a5:f4:91:5e:a7:7d:8c:5d:a7:ce:8e:db:b4:bf:d7: 17:55:a1:bf:3c:81:de:b0:94:a1:87:f6:ef:20:b4: bd:c8:af:59:84:f9:6d:fc:af:21:5d:90:3c:01:f7: de:4a:67:bb:4f:e3:3b:a6:28:3e:6c:b4:d9:5d:72: bd:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:CD:D2:F7:E8:05:8A:DD:FA:93:83:33:0A:99:89:F5:A9:8F:83:74 X509v3 Authority Key Identifier: keyid:2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:8e:11:08:1e:68:6c:12:b0:12:2a:54:bb:1f:6c:13:40:95: 7c:d2:27:4a:e6:ce:ba:83:8a:59:95:e7:7f:2f:21:8f:c1:d8: 47:ae:c6:bc:92:a4:ef:dd:bd:bb:af:b9:45:d8:8c:e2:28:18: 44:79:d1:00:d1:f1:16:86:55:12:61:a6:a8:21:73:06:ae:a6: f1:d4:86:ac:ad:83:79:27:85:c3:d0:d6:d0:ee:d7:15:d7:d3: 3b:58:31:37:89:62:f6:12:40:ca:4e:59:7b:d2:f5:f9:49:f7: 82:8f:12:a3:33:69:d7:22:2f:38:1c:cc:65:4b:5e:10:23:0b: 2f:ec:ce:07:a0:52:3a:72:73:49:a2:49:f3:03:7d:5c:d5:f7: 1c:3d:59:3a:35:29:62:ca:94:a2:57:ef:4e:57:85:e7:ba:52: 12:f9:67:70:f2:0a:5a:4b:27:5e:d8:cb:2a:fb:1d:8e:01:43: 95:9c:e6:a6:93:f7:b3:8b:14:0f:3b:be:1f:5c:6b:02:56:fe: 4b:f0:71:d6:d4:56:73:7b:c9:51:05:34:c8:69:4f:54:3b:52: 16:95:29:21:b4:80:32:18:ec:15:59:79:16:3a:9f:c5:0b:d7: 5b:7a:95:54:2a:97:e1:60:1d:dd:90:97:95:cb:86:fb:fd:26: e9:a8:d5:55 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKs5m0NTCtN3ngKoKIspuebJJzYMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2Nzcz RjNFNkYxNjAeFw0yNTEwMjAxOTE1NDJaFw0yNTEwMjQwMTMyNDJaMDMxMTAvBgNV BAMTKEY1Q0REMkY3RTgwNThBRERGQTkzODMzMzBBOTk4OUY1QTk4RjgzNzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvSXkk3u4dCuUrGCXpib0vmDFT sZWPkMITvD0iO9vYZhwCadQPDCGeriypQZ759pLplg+L4/psZWgpMqkEwoDrtLe5 zTlfQHmWFGLfdZSN+kG49pEN/QHibaVtbcdKbIMARk4nX0zxjC/J6TtYmAUPubQo 9W4xyRGqqawO0F4VGJgrVYN5CdjybBSjzN6wvRoaDmpWWJdiz+ZKvJCDyAGXdIQ+ VbD3A8dlnlkAibBLC/Hn+71lM0q/7dGsg+LQHCNEa6X0kV6nfYxdp86O27S/1xdV ob88gd6wlKGH9u8gtL3Ir1mE+W38ryFdkDwB995KZ7tP4zumKD5stNldcr3tAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU9c3S9+gFit36k4MzCpmJ9amPg3QwHwYDVR0j BBgwFoAUKq+oFBTtyxAyI18iQP4Gdz8+bxYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YWI4ZTYwZi1mOTkzLTQ1MzQtOWRhMC1mMjg1YTg2MDNmNjkvMC8yQUFGQTgxNDE0 RURDQjEwMzIyMzVGMjI0MEZFMDY3NzNGM0U2RjE2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2NzczRjNF NkYxNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2FiOGU2MGYtZjk5My00NTM0LTlk YTAtZjI4NWE4NjAzZjY5LzAvMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2 NzczRjNFNkYxNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADaOEQgeaGwSsBIqVLsfbBNAlXzSJ0rmzrqD ilmV538vIY/B2EeuxrySpO/dvbuvuUXYjOIoGER50QDR8RaGVRJhpqghcwaupvHU hqytg3knhcPQ1tDu1xXX0ztYMTeJYvYSQMpOWXvS9flJ94KPEqMzadciLzgczGVL XhAjCy/szgegUjpyc0miSfMDfVzV9xw9WTo1KWLKlKJX705Xhee6UhL5Z3DyClpL J17Yyyr7HY4BQ5Wc5qaT97OLFA87vh9cawJW/kvwcdbUVnN7yVEFNMhpT1Q7UhaV KSG0gDIY7BVZeRY6n8UL11t6lVQql+FgHd2Ql5XLhvv9Jumo1VU= -----END CERTIFICATE-----Generated at Mon Oct 20 23:30:37 2025 by rpki-client