$ rpki-client -vvf repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft File: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft (raw, json) Hash identifier: eeJzD0HR3uaYcoZn50F/jAtUyDWWUh2eR7850EtJAv0= Subject key identifier: F1:3C:91:0E:CD:C7:7E:39:89:CF:68:CE:FC:11:E2:50:C2:F0:42:A3 Authority key identifier: D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 Certificate issuer: /CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Certificate serial: 3198F526F8554F89D9881FC60764EA787D3823AE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft Manifest number: 022E Signing time: Sat 18 Oct 2025 12:01:49 +0000 Manifest this update: Sat 18 Oct 2025 11:56:49 +0000 Manifest next update: Tue 21 Oct 2025 20:05:49 +0000 Files and hashes: 1: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl (hash: T6kkYaDCC13hLNafoGzUQ5uIRwFqMFb/0Dsg/Dx8LWI=) 2: 3130332e3138332e362e302f32332d3234203d3e20313439343037.roa (hash: bu4LtbxxfvYhSmPVYXsHJnQ8u6QDASxNerDLPSby9+A=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 20:05:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:98:f5:26:f8:55:4f:89:d9:88:1f:c6:07:64:ea:78:7d:38:23:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Validity Not Before: Oct 18 11:56:49 2025 GMT Not After : Oct 21 20:05:49 2025 GMT Subject: CN=F13C910ECDC77E3989CF68CEFC11E250C2F042A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:27:23:48:4f:55:41:2d:b4:f2:83:41:ae:7d: 3f:19:a4:ca:cd:39:e0:c5:a6:34:cd:21:93:93:e3: 9d:3c:a3:bf:52:54:26:2d:12:da:e6:7e:f3:09:43: 7f:8d:a9:14:b5:e3:bc:75:92:b5:02:97:0c:b0:63: 73:6b:aa:69:d6:23:a2:b2:0f:03:74:fa:1a:12:b8: 3e:ce:c9:08:ed:ec:fa:c6:61:61:c8:da:ed:58:9c: 72:04:fd:a4:ad:ef:d6:d7:bc:1c:7d:ce:46:d8:f0: db:99:18:10:34:ca:53:8d:cd:5e:1f:87:f5:3b:6c: d3:ac:fb:a8:a9:95:cf:e1:b7:69:fd:75:08:41:59: 72:ed:61:fd:e8:06:5a:6b:a5:3c:d4:5d:6d:cb:dc: 88:f6:79:21:a1:35:b0:2f:a6:2e:cb:52:e5:e8:4c: d3:56:86:aa:35:89:c9:6b:f2:62:b6:c6:5a:6e:85: b8:ef:2e:a8:98:25:22:76:a6:6e:9a:c1:c0:1a:fe: 8b:66:dc:4f:da:ae:8d:41:c9:92:75:98:f5:67:ff: 36:88:7e:37:01:e5:27:9b:85:be:42:ff:cd:96:7e: 11:24:a3:cb:e4:52:69:ff:9a:eb:ac:80:a0:c5:5e: bf:a0:60:5d:85:8b:9a:0c:ae:e3:11:a1:6c:4d:d5: ad:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:3C:91:0E:CD:C7:7E:39:89:CF:68:CE:FC:11:E2:50:C2:F0:42:A3 X509v3 Authority Key Identifier: keyid:D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:b5:bd:22:d1:df:b3:d1:18:b2:eb:a0:75:33:a6:e5:ad:d9: fd:ab:24:0d:c2:15:af:be:46:2f:30:93:67:c2:68:1a:1a:82: 50:2a:4e:4f:d6:2b:7d:ee:46:5b:2c:6d:f2:53:a3:e3:42:8b: b1:9f:02:1d:fc:ec:8f:a0:28:b7:28:7d:c3:88:ae:ee:2b:a2: 34:1c:cf:da:ac:cd:c9:b8:18:2d:f5:7a:21:b0:52:09:ce:f0: 4a:11:b9:9f:26:f7:a3:8a:48:86:58:25:68:13:ae:f8:4f:fb: 9d:82:dc:8e:e5:13:fd:76:02:7f:a9:87:73:69:92:4c:4c:78: 65:4b:ae:77:a5:72:27:3e:a5:80:0b:fd:3a:3c:ed:31:00:45: 3b:9a:8a:87:60:a7:88:45:bd:cc:d4:ee:2c:a8:71:70:69:32: 94:ff:ef:5d:9c:72:f9:d9:45:3b:1f:9c:d8:1c:2e:ed:ca:a2: 86:f7:98:ac:14:4c:f3:bb:1e:b0:5b:8d:01:1d:63:11:de:ba: 18:db:ee:5b:3e:93:de:19:55:a6:27:6e:8a:1f:be:28:2b:a1: d2:ad:be:e4:85:21:83:23:9c:1a:aa:61:46:58:e0:55:11:4e: af:85:76:66:91:9d:a1:a4:a4:c0:d9:3e:54:06:9d:24:11:91: 42:7f:be:5b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMZj1JvhVT4nZiB/GB2TqeH04I64wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2 NEREOUYyNjAeFw0yNTEwMTgxMTU2NDlaFw0yNTEwMjEyMDA1NDlaMDMxMTAvBgNV BAMTKEYxM0M5MTBFQ0RDNzdFMzk4OUNGNjhDRUZDMTFFMjUwQzJGMDQyQTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOJyNIT1VBLbTyg0GufT8ZpMrN OeDFpjTNIZOT4508o79SVCYtEtrmfvMJQ3+NqRS147x1krUClwywY3NrqmnWI6Ky DwN0+hoSuD7OyQjt7PrGYWHI2u1YnHIE/aSt79bXvBx9zkbY8NuZGBA0ylONzV4f h/U7bNOs+6iplc/ht2n9dQhBWXLtYf3oBlprpTzUXW3L3Ij2eSGhNbAvpi7LUuXo TNNWhqo1iclr8mK2xlpuhbjvLqiYJSJ2pm6awcAa/otm3E/aro1ByZJ1mPVn/zaI fjcB5Sebhb5C/82WfhEko8vkUmn/muusgKDFXr+gYF2Fi5oMruMRoWxN1a3fAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU8TyRDs3HfjmJz2jO/BHiUMLwQqMwHwYDVR0j BBgwFoAU0ho1l9e169mlR2gPHC7XpGTdnyYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z Y2M1NjA1ZC1mMTdhLTQwMTAtOTI1My0yMTBjNjRmMTQ4YmQvMC9EMjFBMzU5N0Q3 QjVFQkQ5QTU0NzY4MEYxQzJFRDdBNDY0REQ5RjI2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2NERE OUYyNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2NjNTYwNWQtZjE3YS00MDEwLTky NTMtMjEwYzY0ZjE0OGJkLzAvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3 QTQ2NEREOUYyNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFe1vSLR37PRGLLroHUzpuWt2f2rJA3CFa++ Ri8wk2fCaBoaglAqTk/WK33uRlssbfJTo+NCi7GfAh387I+gKLcofcOIru4rojQc z9qszcm4GC31eiGwUgnO8EoRuZ8m96OKSIZYJWgTrvhP+52C3I7lE/12An+ph3Np kkxMeGVLrnelcic+pYAL/To87TEARTuaiodgp4hFvczU7iyocXBpMpT/712ccvnZ RTsfnNgcLu3Koob3mKwUTPO7HrBbjQEdYxHeuhjb7ls+k94ZVaYnboofvigrodKt vuSFIYMjnBqqYUZY4FURTq+FdmaRnaGkpMDZPlQGnSQRkUJ/vls= -----END CERTIFICATE-----Generated at Mon Oct 20 20:17:58 2025 by rpki-client