$ rpki-client -vvf repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft File: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft (raw, json) Hash identifier: zm3gePgDCLKgRyaj7CU/A7SvtoFJq3XFzJvWgzKvi8s= Subject key identifier: 48:65:B4:22:EF:90:20:F4:17:32:EE:B7:50:4B:D8:E8:EE:64:4E:30 Authority key identifier: 2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 Certificate issuer: /CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Certificate serial: 76827BC40F62E6D9E98392C515A678545639D6D9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft Manifest number: 01A0 Signing time: Sat 18 Oct 2025 16:10:40 +0000 Manifest this update: Sat 18 Oct 2025 16:05:40 +0000 Manifest next update: Tue 21 Oct 2025 19:13:40 +0000 Files and hashes: 1: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl (hash: cdIUp1oxQn8CpQjJxkchnoAltJ6rszknVSmSRtbrl0Q=) 2: 3130332e3137372e3231382e302f32342d3234203d3e20313331373639.roa (hash: geET9/YOwUtWNeEIEWu0ZCElrUfY/yNFJvOG/4u0aBI=) 3: 3130332e3137372e3231392e302f32342d3234203d3e20313331373639.roa (hash: fU1tQ4gaeWNhq2F1RA67XHvI+/xcbSrzocYJJCxhg9Q=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 19:13:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:82:7b:c4:0f:62:e6:d9:e9:83:92:c5:15:a6:78:54:56:39:d6:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Validity Not Before: Oct 18 16:05:40 2025 GMT Not After : Oct 21 19:13:40 2025 GMT Subject: CN=4865B422EF9020F41732EEB7504BD8E8EE644E30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:90:ff:e6:eb:ce:fa:40:24:de:b7:76:5b:68: af:66:5a:5e:fa:74:12:15:f6:e3:fe:08:4e:f9:3a: 76:9f:73:a9:74:79:b5:04:32:7f:c0:82:ff:9d:1e: 07:89:86:57:d0:30:19:0d:b0:0d:40:ec:0b:0d:af: 6a:81:71:88:f7:86:87:a7:6a:54:90:81:82:c9:d1: a6:a7:58:8d:10:a2:5d:83:74:27:56:f6:18:47:ae: 64:b9:2a:46:f6:11:39:8d:15:a2:de:1f:54:c7:07: c8:ce:d2:52:e4:14:33:2e:fc:ea:8d:25:a6:cb:31: 6a:39:2d:ff:e4:8e:45:09:cf:23:7c:1d:db:3c:03: 00:fe:b7:7b:b6:05:49:1c:ef:af:97:6c:bd:a1:a0: e7:25:6c:2c:ee:6c:02:d2:06:93:64:f0:c4:67:52: f1:dc:17:a1:93:3d:70:01:fe:4d:5f:e3:fd:4d:fe: 9e:a0:c2:e7:10:8f:7e:9c:b1:2b:07:78:42:26:1e: 0e:a9:14:17:96:f5:8c:d5:9d:ce:e1:47:7a:13:bb: d9:72:08:24:58:d4:14:ce:42:1e:fd:86:d7:c5:6a: 00:c8:bd:0c:1c:98:93:69:37:f7:7a:64:b0:89:0a: fa:01:c7:49:8b:64:47:37:68:b1:cd:c8:ed:03:56: 21:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:65:B4:22:EF:90:20:F4:17:32:EE:B7:50:4B:D8:E8:EE:64:4E:30 X509v3 Authority Key Identifier: keyid:2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:7b:32:83:62:00:f8:70:30:ee:82:7a:56:e6:45:b4:b8:3b: f9:90:2b:20:c4:26:93:b1:fd:26:42:f7:79:27:70:f9:72:93: a3:07:d5:8c:b1:35:03:1e:0a:9b:18:30:24:17:7d:6a:b7:85: 04:1d:14:98:46:04:28:40:0e:9a:c5:45:7e:f6:60:8a:e5:8b: ba:39:a6:b5:fa:40:7a:01:0b:0c:7f:68:af:a3:c0:b0:98:db: 77:dd:8a:03:ac:a5:61:74:2c:a1:33:c6:56:85:2e:4c:93:3b: 61:8a:22:2e:90:ec:b0:24:cb:74:d1:fd:41:98:c9:81:86:d5: e4:0f:95:c2:1e:9f:49:67:2f:27:e4:72:f7:15:cf:af:22:de: 53:7a:a0:ab:b5:78:be:83:b8:bf:ff:f2:a4:ca:5c:14:08:53: 73:b4:09:ec:24:97:dd:5d:8c:0b:8c:4d:62:e3:f1:81:d8:d0: 58:fb:c0:38:c2:dc:a3:84:8d:60:f9:dc:d8:da:e1:4f:8b:2f: 62:09:f3:d0:79:81:c8:fc:a4:16:29:b8:49:69:3c:5d:05:a6: fc:3a:a8:04:9d:cc:ee:18:23:3d:aa:5c:eb:97:07:03:95:f4: a3:43:70:c5:b6:bb:b5:c6:7f:ab:95:ec:6b:a2:9e:b1:49:7d: 63:4c:a1:0e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdoJ7xA9i5tnpg5LFFaZ4VFY51tkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2Nzcz RjNFNkYxNjAeFw0yNTEwMTgxNjA1NDBaFw0yNTEwMjExOTEzNDBaMDMxMTAvBgNV BAMTKDQ4NjVCNDIyRUY5MDIwRjQxNzMyRUVCNzUwNEJEOEU4RUU2NDRFMzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCukP/m6876QCTet3ZbaK9mWl76 dBIV9uP+CE75Onafc6l0ebUEMn/Agv+dHgeJhlfQMBkNsA1A7AsNr2qBcYj3hoen alSQgYLJ0aanWI0Qol2DdCdW9hhHrmS5Kkb2ETmNFaLeH1THB8jO0lLkFDMu/OqN JabLMWo5Lf/kjkUJzyN8Hds8AwD+t3u2BUkc76+XbL2hoOclbCzubALSBpNk8MRn UvHcF6GTPXAB/k1f4/1N/p6gwucQj36csSsHeEImHg6pFBeW9YzVnc7hR3oTu9ly CCRY1BTOQh79htfFagDIvQwcmJNpN/d6ZLCJCvoBx0mLZEc3aLHNyO0DViEZAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUSGW0Iu+QIPQXMu63UEvY6O5kTjAwHwYDVR0j BBgwFoAUKq+oFBTtyxAyI18iQP4Gdz8+bxYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YWI4ZTYwZi1mOTkzLTQ1MzQtOWRhMC1mMjg1YTg2MDNmNjkvMC8yQUFGQTgxNDE0 RURDQjEwMzIyMzVGMjI0MEZFMDY3NzNGM0U2RjE2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2NzczRjNF NkYxNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2FiOGU2MGYtZjk5My00NTM0LTlk YTAtZjI4NWE4NjAzZjY5LzAvMkFBRkE4MTQxNEVEQ0IxMDMyMjM1RjIyNDBGRTA2 NzczRjNFNkYxNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIZ7MoNiAPhwMO6CelbmRbS4O/mQKyDEJpOx /SZC93kncPlyk6MH1YyxNQMeCpsYMCQXfWq3hQQdFJhGBChADprFRX72YIrli7o5 prX6QHoBCwx/aK+jwLCY23fdigOspWF0LKEzxlaFLkyTO2GKIi6Q7LAky3TR/UGY yYGG1eQPlcIen0lnLyfkcvcVz68i3lN6oKu1eL6DuL//8qTKXBQIU3O0Cewkl91d jAuMTWLj8YHY0Fj7wDjC3KOEjWD53Nja4U+LL2IJ89B5gcj8pBYpuElpPF0Fpvw6 qASdzO4YIz2qXOuXBwOV9KNDcMW2u7XGf6uV7GuinrFJfWNMoQ4= -----END CERTIFICATE-----Generated at Mon Oct 20 18:19:40 2025 by rpki-client