$ rpki-client -vvf repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft File: DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft (raw, json) Hash identifier: dCXyd91xUoQ/b8rLoReTq3jsWTzPiNGmyUE6uIrxSwE= Subject key identifier: 6F:0C:5B:CD:46:E2:5E:DC:A2:1F:97:B0:40:1C:50:F7:8D:89:8C:E8 Authority key identifier: DF:19:94:9C:E1:7D:C1:16:E7:B7:C2:24:8C:93:34:05:B7:A1:AE:F2 Certificate issuer: /CN=DF19949CE17DC116E7B7C2248C933405B7A1AEF2 Certificate serial: 47CBC9D8A11EA5B871CF5B8360924E306604F9C8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft Manifest number: 0257 Signing time: Sat 18 Oct 2025 14:41:55 +0000 Manifest this update: Sat 18 Oct 2025 14:36:55 +0000 Manifest next update: Tue 21 Oct 2025 20:14:55 +0000 Files and hashes: 1: 3130332e3136362e3233342e302f32342d3234203d3e20313430343037.roa (hash: sMfIE/u5AzCpsIXByAsN/oEvGS84+QQDQwr2MsQjPBU=) 2: DF19949CE17DC116E7B7C2248C933405B7A1AEF2.crl (hash: RQeTTKvny+gPl9EXq4oHnppKm3ux6XdzkHf/TQaP8NE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.crl rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 20:14:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:cb:c9:d8:a1:1e:a5:b8:71:cf:5b:83:60:92:4e:30:66:04:f9:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF19949CE17DC116E7B7C2248C933405B7A1AEF2 Validity Not Before: Oct 18 14:36:55 2025 GMT Not After : Oct 21 20:14:55 2025 GMT Subject: CN=6F0C5BCD46E25EDCA21F97B0401C50F78D898CE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:f3:c3:a1:68:4e:7d:9f:35:3e:03:d5:91:e0: 99:3d:ce:eb:21:d8:47:48:de:ed:fa:ae:97:a3:de: 53:61:69:bd:b9:bc:b5:5b:6e:da:b6:47:99:98:29: 22:93:e8:b5:45:5e:8f:a7:21:64:41:c2:10:da:fc: 70:b7:0e:00:75:30:7a:aa:6b:74:72:d4:37:04:5b: b9:be:23:f5:45:31:03:a9:97:7a:fc:9f:c2:ad:d6: df:6d:c9:4b:df:c9:e0:2d:38:63:09:d8:55:80:6f: 45:45:88:f6:3f:a6:3d:18:4c:aa:1a:52:7b:85:ba: 15:35:b0:56:01:fc:35:51:22:26:46:68:cf:10:bd: cf:bd:a1:a1:07:21:d8:97:4d:67:2d:e2:06:66:a9: f7:50:0c:e7:ea:32:55:08:3f:8a:b8:14:10:9a:a0: d6:94:80:c1:4b:fa:b0:9e:8c:92:92:89:82:1e:80: 16:3a:89:5f:de:f7:01:b5:09:74:33:b9:7a:58:fc: dd:a1:ac:f5:a0:05:27:1a:05:ae:46:37:a2:1a:0b: 65:73:c3:e2:50:41:93:92:d3:93:78:ab:64:af:51: 3a:d7:cf:6c:d4:fa:e0:a2:ef:1d:c2:b8:c0:16:e0: ab:c8:ae:16:7b:ef:7a:d3:e2:18:b8:08:da:2a:85: ac:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:0C:5B:CD:46:E2:5E:DC:A2:1F:97:B0:40:1C:50:F7:8D:89:8C:E8 X509v3 Authority Key Identifier: keyid:DF:19:94:9C:E1:7D:C1:16:E7:B7:C2:24:8C:93:34:05:B7:A1:AE:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:7a:03:2f:cd:b8:b8:a6:70:7a:bb:cf:a2:79:9f:7b:58:cc: 6c:1e:54:8f:90:ed:48:dc:e3:0e:7b:a4:40:a9:9a:b1:86:98: 70:b1:85:17:27:c5:bb:45:af:3a:ff:7e:ec:62:54:22:15:ab: 54:71:fe:9c:be:98:89:b0:e0:85:39:a8:ac:31:80:1c:99:8f: 97:fb:63:9f:69:5f:60:8c:1b:35:d8:00:b9:be:66:56:ff:6a: f5:6c:c6:01:94:9f:89:eb:d6:28:99:44:7b:7c:03:10:54:09: fe:e7:9e:fc:a9:14:ff:d3:a5:84:e9:c4:02:d4:7f:4f:91:5b: 35:fa:61:fb:13:f3:20:8f:65:89:91:39:48:c7:1a:3f:0f:31: 9b:42:69:7f:74:6a:e3:f8:06:04:08:f2:d1:cf:2b:76:4b:80: ac:e7:e5:00:35:de:87:ae:6c:96:59:16:01:7d:34:83:1e:fb: ef:17:f4:f1:57:25:88:a4:72:78:be:29:f1:0d:c7:0b:a6:1d: c1:6f:dc:90:fd:00:3c:9a:22:34:0a:5c:07:5d:b2:d6:cc:2e: 52:e3:91:35:71:9d:dc:fb:20:e4:de:6a:13:aa:d9:24:30:9d: 60:34:fb:f3:53:4e:ff:ac:3e:03:8a:3e:69:4b:39:9b:e6:6f: eb:5e:c3:53 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUR8vJ2KEepbhxz1uDYJJOMGYE+cgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREYxOTk0OUNFMTdEQzExNkU3QjdDMjI0OEM5MzM0MDVC N0ExQUVGMjAeFw0yNTEwMTgxNDM2NTVaFw0yNTEwMjEyMDE0NTVaMDMxMTAvBgNV BAMTKDZGMEM1QkNENDZFMjVFRENBMjFGOTdCMDQwMUM1MEY3OEQ4OThDRTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC588OhaE59nzU+A9WR4Jk9zush 2EdI3u36rpej3lNhab25vLVbbtq2R5mYKSKT6LVFXo+nIWRBwhDa/HC3DgB1MHqq a3Ry1DcEW7m+I/VFMQOpl3r8n8Kt1t9tyUvfyeAtOGMJ2FWAb0VFiPY/pj0YTKoa UnuFuhU1sFYB/DVRIiZGaM8Qvc+9oaEHIdiXTWct4gZmqfdQDOfqMlUIP4q4FBCa oNaUgMFL+rCejJKSiYIegBY6iV/e9wG1CXQzuXpY/N2hrPWgBScaBa5GN6IaC2Vz w+JQQZOS05N4q2SvUTrXz2zU+uCi7x3CuMAW4KvIrhZ773rT4hi4CNoqhayBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUbwxbzUbiXtyiH5ewQBxQ942JjOgwHwYDVR0j BBgwFoAU3xmUnOF9wRbnt8IkjJM0BbehrvIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YWVmNzg2Yi02MjI2LTQ0YWYtODUyZC0xZmIwNDVjNGRlYjMvMC9ERjE5OTQ5Q0Ux N0RDMTE2RTdCN0MyMjQ4QzkzMzQwNUI3QTFBRUYyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREYxOTk0OUNFMTdEQzExNkU3QjdDMjI0OEM5MzM0MDVCN0Ex QUVGMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2FlZjc4NmItNjIyNi00NGFmLTg1 MmQtMWZiMDQ1YzRkZWIzLzAvREYxOTk0OUNFMTdEQzExNkU3QjdDMjI0OEM5MzM0 MDVCN0ExQUVGMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAx6Ay/NuLimcHq7z6J5n3tYzGweVI+Q7Ujc 4w57pECpmrGGmHCxhRcnxbtFrzr/fuxiVCIVq1Rx/py+mImw4IU5qKwxgByZj5f7 Y59pX2CMGzXYALm+Zlb/avVsxgGUn4nr1iiZRHt8AxBUCf7nnvypFP/TpYTpxALU f0+RWzX6YfsT8yCPZYmROUjHGj8PMZtCaX90auP4BgQI8tHPK3ZLgKzn5QA13oeu bJZZFgF9NIMe++8X9PFXJYikcni+KfENxwumHcFv3JD9ADyaIjQKXAddstbMLlLj kTVxndz7IOTeahOq2SQwnWA0+/NTTv+sPgOKPmlLOZvmb+tew1M= -----END CERTIFICATE-----Generated at Mon Oct 20 12:01:53 2025 by rpki-client