$ rpki-client -vvf repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft File: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft (raw, json) Hash identifier: MGPVfIRkDmN6vSl/GBPa7kaBXERFFYuD5lEptsjiIN4= Subject key identifier: 6F:F4:16:6C:CC:E7:BC:5C:2F:72:3C:A1:CF:14:E6:5F:A4:DB:30:EC Authority key identifier: D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 Certificate issuer: /CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Certificate serial: 329676A843681786241B7BCA76D2C8D6C511A555 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft Manifest number: 0215 Signing time: Fri 22 Aug 2025 19:02:02 +0000 Manifest this update: Fri 22 Aug 2025 18:57:02 +0000 Manifest next update: Tue 26 Aug 2025 05:22:02 +0000 Files and hashes: 1: 3130332e3138332e362e302f32332d3234203d3e20313439343037.roa (hash: bu4LtbxxfvYhSmPVYXsHJnQ8u6QDASxNerDLPSby9+A=) 2: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl (hash: N3xvSF9Pd6NalZJF+7ciRQDNr9szbzaVtyHfA0KpiZQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 05:22:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:96:76:a8:43:68:17:86:24:1b:7b:ca:76:d2:c8:d6:c5:11:a5:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Validity Not Before: Aug 22 18:57:02 2025 GMT Not After : Aug 26 05:22:02 2025 GMT Subject: CN=6FF4166CCCE7BC5C2F723CA1CF14E65FA4DB30EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:14:5e:10:99:97:eb:21:6d:10:49:0d:7b:ff: cf:90:97:28:3c:69:35:b9:b2:b5:e3:f3:a9:17:ea: 1d:5e:38:c7:3e:b0:75:93:3f:13:e2:73:d2:31:37: 01:60:41:b9:7e:1b:c1:84:f5:f5:8b:cd:cf:ca:8a: 2b:db:61:01:da:a7:2c:a4:f0:17:00:df:6b:63:1d: 79:23:30:12:5d:b0:0b:b6:7e:98:72:0b:0c:6a:55: e4:b2:cc:15:a2:ad:ec:02:80:65:bd:39:a8:10:ab: dd:81:74:87:f1:80:77:ad:68:87:1e:84:7e:39:21: b1:97:87:86:d0:f2:e0:0d:85:a3:d1:90:f4:00:c3: a6:fb:c4:ec:ff:a3:9b:dc:da:16:b6:2e:7f:e9:7e: 53:53:5d:7f:9f:0b:53:04:b9:6b:3c:94:06:dc:6d: 11:70:33:b9:81:f2:9b:02:8c:32:b2:82:51:6a:d3: aa:11:ee:68:6c:71:64:75:d0:95:4d:f3:8b:d1:7a: 13:56:55:4d:5b:6d:cd:d2:11:2c:bf:ea:bd:39:92: 79:f3:7b:b9:a2:31:fb:27:07:cc:d9:3b:92:57:52: 08:bd:5d:27:91:9a:22:e5:63:44:3f:e1:38:42:22: 71:5f:ee:a2:f2:ab:88:fd:08:85:7d:b4:b2:46:43: f4:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:F4:16:6C:CC:E7:BC:5C:2F:72:3C:A1:CF:14:E6:5F:A4:DB:30:EC X509v3 Authority Key Identifier: keyid:D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:27:c8:3e:d8:4b:e6:52:5c:a2:88:6e:93:b6:38:87:75:4c: f6:38:16:3b:05:87:53:c3:2d:1d:25:41:7d:51:40:71:ab:31: c9:5f:00:f5:d1:0d:6d:8e:1c:4f:1b:e2:bb:02:d9:05:d5:61: 2f:5d:26:02:73:84:e1:ad:bd:0d:54:ef:94:d6:4e:a4:5d:67: 01:e0:6b:c3:4c:b9:89:d0:3b:f7:44:f6:f5:54:17:68:e8:c0: 4e:fd:36:23:80:dc:67:07:16:d0:25:39:99:59:0d:6b:e1:e9: af:02:ca:50:fe:bb:7b:c1:49:25:25:a9:bd:c9:29:d0:50:f2: f0:2f:d4:ef:ff:43:89:70:32:6c:7d:ce:cc:fa:5a:0a:e8:17: 30:7d:be:f7:81:56:f3:e7:55:66:65:29:9d:77:30:98:de:a6: bd:b7:60:92:8f:d8:fb:65:ed:c6:1b:59:d3:f0:4c:e8:72:e8: 7b:4d:ae:76:b6:a6:62:74:90:1e:a1:7b:51:9e:90:bd:f1:94: b8:60:fb:ca:6a:57:d5:6e:9c:99:6e:ba:96:04:21:30:63:a5: 17:83:55:8c:01:5c:db:98:8e:e2:b6:23:63:6a:35:ab:a4:ac: 27:05:59:6f:f8:46:4e:ef:dc:23:3e:68:8e:27:52:38:38:63: 77:ab:98:ab -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMpZ2qENoF4YkG3vKdtLI1sURpVUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2 NEREOUYyNjAeFw0yNTA4MjIxODU3MDJaFw0yNTA4MjYwNTIyMDJaMDMxMTAvBgNV BAMTKDZGRjQxNjZDQ0NFN0JDNUMyRjcyM0NBMUNGMTRFNjVGQTREQjMwRUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFFF4QmZfrIW0QSQ17/8+Qlyg8 aTW5srXj86kX6h1eOMc+sHWTPxPic9IxNwFgQbl+G8GE9fWLzc/KiivbYQHapyyk 8BcA32tjHXkjMBJdsAu2fphyCwxqVeSyzBWirewCgGW9OagQq92BdIfxgHetaIce hH45IbGXh4bQ8uANhaPRkPQAw6b7xOz/o5vc2ha2Ln/pflNTXX+fC1MEuWs8lAbc bRFwM7mB8psCjDKyglFq06oR7mhscWR10JVN84vRehNWVU1bbc3SESy/6r05knnz e7miMfsnB8zZO5JXUgi9XSeRmiLlY0Q/4ThCInFf7qLyq4j9CIV9tLJGQ/SBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUb/QWbMznvFwvcjyhzxTmX6TbMOwwHwYDVR0j BBgwFoAU0ho1l9e169mlR2gPHC7XpGTdnyYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z Y2M1NjA1ZC1mMTdhLTQwMTAtOTI1My0yMTBjNjRmMTQ4YmQvMC9EMjFBMzU5N0Q3 QjVFQkQ5QTU0NzY4MEYxQzJFRDdBNDY0REQ5RjI2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2NERE OUYyNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2NjNTYwNWQtZjE3YS00MDEwLTky NTMtMjEwYzY0ZjE0OGJkLzAvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3 QTQ2NEREOUYyNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAF4nyD7YS+ZSXKKIbpO2OId1TPY4FjsFh1PD LR0lQX1RQHGrMclfAPXRDW2OHE8b4rsC2QXVYS9dJgJzhOGtvQ1U75TWTqRdZwHg a8NMuYnQO/dE9vVUF2jowE79NiOA3GcHFtAlOZlZDWvh6a8CylD+u3vBSSUlqb3J KdBQ8vAv1O//Q4lwMmx9zsz6WgroFzB9vveBVvPnVWZlKZ13MJjepr23YJKP2Ptl 7cYbWdPwTOhy6HtNrna2pmJ0kB6he1GekL3xlLhg+8pqV9VunJluupYEITBjpReD VYwBXNuYjuK2I2NqNaukrCcFWW/4Rk7v3CM+aI4nUjg4Y3ermKs= -----END CERTIFICATE-----Generated at Sat Aug 23 18:35:02 2025 by rpki-client