$ rpki-client -vvf repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft File: 5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft (raw, json) Hash identifier: RV8AMvgB7baQGru3cXy3vC18djJwQ8X8YoMGpDQ4M84= Subject key identifier: 1A:A7:9F:4B:F3:08:C5:3E:A4:11:F0:CC:DB:6C:CC:F5:5B:FF:92:58 Authority key identifier: 5B:D3:41:A6:D4:6A:F5:2C:FF:23:A5:D1:E2:58:94:94:EE:AC:A2:70 Certificate issuer: /CN=5BD341A6D46AF52CFF23A5D1E2589494EEACA270 Certificate serial: 2838E3EA5BBC03EE69B4D5326B5EE49982AFC867 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft Manifest number: 029E Signing time: Mon 20 Oct 2025 04:40:50 +0000 Manifest this update: Mon 20 Oct 2025 04:35:50 +0000 Manifest next update: Thu 23 Oct 2025 13:37:50 +0000 Files and hashes: 1: 3130332e3137392e36362e302f32332d3234203d3e20313531303030.roa (hash: 3ytI4WNdkarTA98AKzILbdHeDtsgun+xePSvAI/3j/w=) 2: 5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl (hash: ii7+seanFT411AQnwsWuJsz6hwS3gr+WKNAEPBo5iU0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 13:37:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:38:e3:ea:5b:bc:03:ee:69:b4:d5:32:6b:5e:e4:99:82:af:c8:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5BD341A6D46AF52CFF23A5D1E2589494EEACA270 Validity Not Before: Oct 20 04:35:50 2025 GMT Not After : Oct 23 13:37:50 2025 GMT Subject: CN=1AA79F4BF308C53EA411F0CCDB6CCCF55BFF9258 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ec:26:f1:96:3e:f4:3e:26:4d:3d:68:af:24: e4:e4:a6:03:d8:bb:df:91:0c:6a:87:0d:8d:d3:12: 4e:75:03:b8:c1:ad:8c:95:99:9c:d9:86:c2:40:51: 24:65:b8:cf:e5:da:82:8c:04:20:60:f0:1b:7f:79: 48:07:eb:1a:16:e2:23:bc:1b:64:a9:03:2f:75:f4: 64:15:bd:92:cb:e3:61:2c:21:d2:43:41:6a:4e:a4: ac:af:6f:f9:e0:29:5d:ac:2b:d8:b6:11:f5:60:70: 28:6e:50:a1:f2:4e:cb:dd:ea:b9:32:00:50:1d:1e: 7c:b1:fd:6d:08:41:b5:08:3b:84:88:fe:d4:10:ed: e3:f8:55:ba:77:99:d7:d2:12:cb:07:75:b7:76:32: 23:76:a2:02:8d:25:c5:46:5b:6e:c2:1f:9c:80:11: 38:5a:f4:ea:2d:6d:ae:c4:ff:b1:c8:fc:1f:09:11: ea:61:e8:18:f5:02:c7:79:8d:56:f7:9d:f2:24:ac: be:2b:98:51:48:fa:10:03:25:86:43:6c:5b:60:cc: 9d:ba:20:90:d2:00:e3:34:fb:fa:20:5b:80:b2:76: 7c:e4:88:e0:b8:7d:59:6b:e4:91:74:45:20:d1:21: 0a:e5:28:71:05:39:08:0b:7a:dc:b6:95:ff:c9:27: ae:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:A7:9F:4B:F3:08:C5:3E:A4:11:F0:CC:DB:6C:CC:F5:5B:FF:92:58 X509v3 Authority Key Identifier: keyid:5B:D3:41:A6:D4:6A:F5:2C:FF:23:A5:D1:E2:58:94:94:EE:AC:A2:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:1a:c4:f5:85:8f:12:96:1f:e8:c7:ad:63:2b:12:d8:b5:a9: 16:e9:5f:d3:37:15:b2:0f:08:c1:d7:d3:62:3f:4b:81:31:ef: 17:81:22:63:71:fb:86:28:38:80:2e:35:9c:c0:9f:a3:1f:80: ae:72:1a:c9:65:3e:ab:7e:1e:68:f7:05:20:93:04:af:fc:9d: 94:b0:0f:e8:5b:60:6f:72:74:92:ad:51:57:a1:19:2b:26:9b: b0:73:e8:c6:05:2a:aa:67:a9:fb:64:0a:81:43:1c:10:d2:ed: 54:90:5b:1a:33:3d:78:83:f8:16:66:c9:38:7d:0d:59:e6:e4: 32:13:c0:55:49:6b:df:33:05:a4:83:e0:36:af:94:d9:b9:39: 15:b0:1f:63:10:61:7c:19:dc:ce:e1:3d:ab:4b:fc:9c:80:6b: df:3f:59:ee:b0:9f:a5:de:ac:8c:ed:b4:9d:31:b7:ad:24:c8: 84:eb:e7:81:d3:93:c9:fe:da:91:aa:a6:84:b1:3d:8e:1e:cf: 91:7e:bb:08:f4:19:01:71:57:2f:15:78:37:8e:36:2e:c2:65: 5e:b9:83:e5:1b:0a:dd:60:a7:dc:42:b0:cd:7c:d1:82:32:91: 15:67:ed:a1:12:06:9c:c1:13:46:7f:73:bb:e4:01:5d:d5:41: 8e:0e:fe:e6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKDjj6lu8A+5ptNUya17kmYKvyGcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0OTRF RUFDQTI3MDAeFw0yNTEwMjAwNDM1NTBaFw0yNTEwMjMxMzM3NTBaMDMxMTAvBgNV BAMTKDFBQTc5RjRCRjMwOEM1M0VBNDExRjBDQ0RCNkNDQ0Y1NUJGRjkyNTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA7Cbxlj70PiZNPWivJOTkpgPY u9+RDGqHDY3TEk51A7jBrYyVmZzZhsJAUSRluM/l2oKMBCBg8Bt/eUgH6xoW4iO8 G2SpAy919GQVvZLL42EsIdJDQWpOpKyvb/ngKV2sK9i2EfVgcChuUKHyTsvd6rky AFAdHnyx/W0IQbUIO4SI/tQQ7eP4Vbp3mdfSEssHdbd2MiN2ogKNJcVGW27CH5yA ETha9Ootba7E/7HI/B8JEeph6Bj1Asd5jVb3nfIkrL4rmFFI+hADJYZDbFtgzJ26 IJDSAOM0+/ogW4CydnzkiOC4fVlr5JF0RSDRIQrlKHEFOQgLety2lf/JJ66DAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUGqefS/MIxT6kEfDM22zM9Vv/klgwHwYDVR0j BBgwFoAUW9NBptRq9Sz/I6XR4liUlO6sonAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZTEyNzQzZC1kNTZkLTRhNzctOTBlMi1jNTJlNmRmZTA2YzIvMC81QkQzNDFBNkQ0 NkFGNTJDRkYyM0E1RDFFMjU4OTQ5NEVFQUNBMjcwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0OTRFRUFD QTI3MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2UxMjc0M2QtZDU2ZC00YTc3LTkw ZTItYzUyZTZkZmUwNmMyLzAvNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0 OTRFRUFDQTI3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJgaxPWFjxKWH+jHrWMrEti1qRbpX9M3FbIP CMHX02I/S4Ex7xeBImNx+4YoOIAuNZzAn6MfgK5yGsllPqt+Hmj3BSCTBK/8nZSw D+hbYG9ydJKtUVehGSsmm7Bz6MYFKqpnqftkCoFDHBDS7VSQWxozPXiD+BZmyTh9 DVnm5DITwFVJa98zBaSD4DavlNm5ORWwH2MQYXwZ3M7hPatL/JyAa98/We6wn6Xe rIzttJ0xt60kyITr54HTk8n+2pGqpoSxPY4ez5F+uwj0GQFxVy8VeDeONi7CZV65 g+UbCt1gp9xCsM180YIykRVn7aESBpzBE0Z/c7vkAV3VQY4O/uY= -----END CERTIFICATE-----Generated at Mon Oct 20 11:05:28 2025 by rpki-client