$ rpki-client -vvf repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft File: DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft (raw, json) Hash identifier: Dk9pJcfirGUidsubqidHguNa5+yjOZuLHvzKy1hzXnE= Subject key identifier: B6:47:6A:7A:22:A9:5E:33:2D:13:BC:66:D7:1E:E6:65:A9:D5:1C:A4 Authority key identifier: DF:19:94:9C:E1:7D:C1:16:E7:B7:C2:24:8C:93:34:05:B7:A1:AE:F2 Certificate issuer: /CN=DF19949CE17DC116E7B7C2248C933405B7A1AEF2 Certificate serial: 317498585193CC2711C2C5B30722DAFCAB71C90D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft Manifest number: 023D Signing time: Fri 22 Aug 2025 07:21:54 +0000 Manifest this update: Fri 22 Aug 2025 07:16:54 +0000 Manifest next update: Mon 25 Aug 2025 09:28:54 +0000 Files and hashes: 1: 3130332e3136362e3233342e302f32342d3234203d3e20313430343037.roa (hash: sMfIE/u5AzCpsIXByAsN/oEvGS84+QQDQwr2MsQjPBU=) 2: DF19949CE17DC116E7B7C2248C933405B7A1AEF2.crl (hash: NvaVYYM8UtI6T3iYg81uB/mrO6eJkAC03B3oKr7nGNU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.crl rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 09:28:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:74:98:58:51:93:cc:27:11:c2:c5:b3:07:22:da:fc:ab:71:c9:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF19949CE17DC116E7B7C2248C933405B7A1AEF2 Validity Not Before: Aug 22 07:16:54 2025 GMT Not After : Aug 25 09:28:54 2025 GMT Subject: CN=B6476A7A22A95E332D13BC66D71EE665A9D51CA4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:5f:94:ff:c0:b4:12:19:1a:17:e6:92:63:d6: c5:69:6f:46:24:f8:3e:3e:d8:a3:d3:73:0b:bf:88: a0:83:7f:e8:0a:00:ad:a1:e3:36:5e:a5:e1:a7:d6: df:a6:07:f7:74:1c:69:6c:22:51:b5:ee:77:e8:8c: 1d:24:a9:4f:96:63:9f:d8:98:d0:d0:fd:86:5f:ea: d6:aa:53:cb:2e:87:86:03:09:9d:2f:54:80:59:6d: cd:47:0e:7f:8d:5d:62:ba:65:05:ae:d9:24:bc:3b: c9:5c:94:0d:5c:4e:48:f2:b2:a3:e7:fe:7d:de:b4: 1b:b5:e8:26:dc:e5:b7:da:25:ea:35:d1:9f:b7:76: 41:57:d1:9e:2b:70:08:79:60:e5:f2:ba:5e:62:d9: 4e:87:3c:20:0c:3c:51:f6:02:80:80:b6:42:44:01: 48:01:f4:5c:9f:56:0e:21:cc:8d:83:92:0f:c9:9a: 00:2c:9f:46:e1:41:3b:96:13:40:f0:7b:e9:54:45: e3:c2:3e:fc:4d:da:c9:f3:d6:50:7e:f2:a6:02:49: 98:16:f2:c0:0d:5e:b9:47:60:b7:40:f6:fb:37:e0: 2f:30:6f:7a:bd:2d:c0:c7:2b:38:4c:a0:27:e0:7a: 96:af:af:7f:5a:59:3a:58:c6:55:45:6e:5a:c0:ab: c5:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:47:6A:7A:22:A9:5E:33:2D:13:BC:66:D7:1E:E6:65:A9:D5:1C:A4 X509v3 Authority Key Identifier: keyid:DF:19:94:9C:E1:7D:C1:16:E7:B7:C2:24:8C:93:34:05:B7:A1:AE:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:bb:d5:bb:74:27:42:b8:35:da:e0:f5:ba:ee:eb:37:bd:68: 85:7c:c0:a5:69:d8:b0:d4:9b:24:8d:f2:10:94:25:c5:49:d5: 8b:26:c4:87:23:ac:b6:db:9e:d6:73:51:0d:a0:95:cc:79:db: d5:3a:a1:f7:ee:cc:72:c5:a6:bf:8b:96:66:7c:7e:7f:78:97: 64:d4:de:6c:62:a7:96:1e:9a:3d:a6:22:7e:4a:1f:e0:5f:2d: eb:52:69:a0:ac:0c:a9:11:7b:90:19:4a:f6:21:0e:3e:90:73: 1d:61:02:68:dd:34:f4:81:af:52:bf:87:9a:f9:c7:0d:e6:6e: 23:4c:da:ae:98:df:66:5a:ab:fb:f1:b2:fe:1d:9e:ea:bd:82: 94:5b:c6:65:92:07:b5:14:df:60:e2:d8:6c:90:27:d4:52:67: 11:b5:36:92:e2:f5:28:d5:90:e9:df:31:71:2a:f4:77:4c:0b: d5:be:13:54:90:38:f7:07:1b:36:28:37:ea:c6:4f:d7:03:25: 34:b8:f6:67:84:28:1b:f8:7d:b2:bd:0e:c8:50:06:3e:bf:9b: 09:50:00:57:0b:d0:af:48:1d:44:a8:2d:d7:73:70:18:ac:97: b3:3f:4a:33:8a:ba:08:04:15:bb:43:55:73:d0:4e:f4:51:92: 7a:9b:b4:7b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMXSYWFGTzCcRwsWzByLa/KtxyQ0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREYxOTk0OUNFMTdEQzExNkU3QjdDMjI0OEM5MzM0MDVC N0ExQUVGMjAeFw0yNTA4MjIwNzE2NTRaFw0yNTA4MjUwOTI4NTRaMDMxMTAvBgNV BAMTKEI2NDc2QTdBMjJBOTVFMzMyRDEzQkM2NkQ3MUVFNjY1QTlENTFDQTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbX5T/wLQSGRoX5pJj1sVpb0Yk +D4+2KPTcwu/iKCDf+gKAK2h4zZepeGn1t+mB/d0HGlsIlG17nfojB0kqU+WY5/Y mNDQ/YZf6taqU8suh4YDCZ0vVIBZbc1HDn+NXWK6ZQWu2SS8O8lclA1cTkjysqPn /n3etBu16Cbc5bfaJeo10Z+3dkFX0Z4rcAh5YOXyul5i2U6HPCAMPFH2AoCAtkJE AUgB9FyfVg4hzI2Dkg/JmgAsn0bhQTuWE0Dwe+lURePCPvxN2snz1lB+8qYCSZgW 8sANXrlHYLdA9vs34C8wb3q9LcDHKzhMoCfgepavr39aWTpYxlVFblrAq8UpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUtkdqeiKpXjMtE7xm1x7mZanVHKQwHwYDVR0j BBgwFoAU3xmUnOF9wRbnt8IkjJM0BbehrvIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YWVmNzg2Yi02MjI2LTQ0YWYtODUyZC0xZmIwNDVjNGRlYjMvMC9ERjE5OTQ5Q0Ux N0RDMTE2RTdCN0MyMjQ4QzkzMzQwNUI3QTFBRUYyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREYxOTk0OUNFMTdEQzExNkU3QjdDMjI0OEM5MzM0MDVCN0Ex QUVGMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2FlZjc4NmItNjIyNi00NGFmLTg1 MmQtMWZiMDQ1YzRkZWIzLzAvREYxOTk0OUNFMTdEQzExNkU3QjdDMjI0OEM5MzM0 MDVCN0ExQUVGMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHu71bt0J0K4Ndrg9bru6ze9aIV8wKVp2LDU mySN8hCUJcVJ1YsmxIcjrLbbntZzUQ2glcx529U6offuzHLFpr+LlmZ8fn94l2TU 3mxip5Yemj2mIn5KH+BfLetSaaCsDKkRe5AZSvYhDj6Qcx1hAmjdNPSBr1K/h5r5 xw3mbiNM2q6Y32Zaq/vxsv4dnuq9gpRbxmWSB7UU32Di2GyQJ9RSZxG1NpLi9SjV kOnfMXEq9HdMC9W+E1SQOPcHGzYoN+rGT9cDJTS49meEKBv4fbK9DshQBj6/mwlQ AFcL0K9IHUSoLddzcBisl7M/SjOKuggEFbtDVXPQTvRRknqbtHs= -----END CERTIFICATE-----Generated at Sat Aug 23 15:39:03 2025 by rpki-client