$ rpki-client -vvf repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft File: 2D18956397FA6055A44153CABF07303FD6E55E44.mft (raw, json) Hash identifier: hy+DnVyBGEOYiw2FbzK5jjQWgkt73MlnzL7vcxbUTwM= Subject key identifier: F4:61:5E:3B:1D:A7:EF:39:0D:AD:7B:56:65:BA:F4:C6:57:69:C9:B8 Authority key identifier: 2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 Certificate issuer: /CN=2D18956397FA6055A44153CABF07303FD6E55E44 Certificate serial: 35E1143F214AA5FEA9867A4FFAF6FFA71E87F742 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft Manifest number: 0524 Signing time: Mon 20 Oct 2025 13:02:02 +0000 Manifest this update: Mon 20 Oct 2025 12:57:02 +0000 Manifest next update: Thu 23 Oct 2025 22:08:02 +0000 Files and hashes: 1: 323430363a373734303a3a2f33322d3438203d3e20313431303733.roa (hash: 9pt7JLtOWMCBsJXp8H1J28V9N/OUvx5VflNai/uQZgc=) 2: 323430363a373734303a3a2f33322d3332203d3e20313431303733.roa (hash: BilMX6PAfP77Q5Ze/r2bseAvAFYgHI4D9c4hoNAPY/0=) 3: 2D18956397FA6055A44153CABF07303FD6E55E44.crl (hash: /ehxZ2RithisxkO68+3ypu41mVXNM4xDeAtQFHGjmBk=) 4: 3130332e3135352e3230302e302f32332d3233203d3e20313431303733.roa (hash: 1cZaLW2bYSVuCFR3p6/QnCg+KIF2tEt9ZDlyjUYN2tI=) 5: 3130332e3135352e3230302e302f32332d3234203d3e20313431303733.roa (hash: LMlg0YtMMAZTGP6EzKXImD6a6ZjUtLMQ+VabkB5A5lc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 11:48:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:e1:14:3f:21:4a:a5:fe:a9:86:7a:4f:fa:f6:ff:a7:1e:87:f7:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D18956397FA6055A44153CABF07303FD6E55E44 Validity Not Before: Oct 20 12:57:02 2025 GMT Not After : Oct 23 22:08:02 2025 GMT Subject: CN=F4615E3B1DA7EF390DAD7B5665BAF4C65769C9B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d9:92:55:0a:79:01:8f:9c:57:a3:b1:9c:ab: 70:dc:61:6a:24:e2:94:c7:0d:2b:c3:ef:06:79:e1: eb:1e:73:9e:28:af:d9:88:ce:27:73:b0:28:3b:fe: 94:6c:d1:a5:e2:26:4b:2b:c1:9d:bb:0a:6e:cf:94: 5c:ef:84:3f:26:8d:bc:a6:29:b2:91:d6:7b:78:c5: b3:ba:7a:e9:e2:29:61:cb:bf:67:2a:86:aa:3c:0c: 4c:0e:51:2a:f5:70:f0:ad:0e:06:4f:b7:d0:f9:15: 5a:32:c8:ce:ba:7a:4a:05:95:7a:9e:1a:c9:da:0f: 71:10:6c:81:23:5a:7e:0c:ab:61:af:6f:73:44:e5: f2:c5:e4:1c:fb:76:88:47:e7:24:eb:45:01:68:bb: f7:d4:f0:0e:86:49:c1:10:30:12:62:fb:b2:70:eb: 0c:b9:2b:f4:14:a3:cd:10:b0:7e:55:34:e5:a7:55: 0e:82:83:47:b3:2a:cf:4c:42:c4:70:3a:f0:d2:94: fc:f0:7a:cb:3a:74:91:31:d6:77:d3:fc:23:17:32: 37:23:cd:45:4b:98:9d:25:df:3b:84:76:79:af:ea: 02:c5:6f:b6:a7:9b:19:da:7d:71:15:78:4f:be:36: 4f:a6:b1:7d:7d:ad:e8:20:29:5b:5e:97:0f:ee:e5: 3b:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:61:5E:3B:1D:A7:EF:39:0D:AD:7B:56:65:BA:F4:C6:57:69:C9:B8 X509v3 Authority Key Identifier: keyid:2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:27:58:dc:3f:79:3e:7f:4f:17:eb:b2:42:de:be:8e:51:84: aa:02:8d:12:5b:e1:b5:db:bb:92:c7:3e:25:0b:69:06:fb:d2: 29:a9:11:c3:d1:a9:68:e2:59:55:74:f3:bb:81:23:3e:87:ea: 5c:7d:7f:6f:2b:a8:9e:2e:4c:5e:06:cf:35:d8:ac:91:af:d3: ac:7f:55:0e:09:0c:fe:10:49:48:0f:66:98:1f:58:ea:12:5f: a1:31:23:40:64:42:7d:a7:2c:7e:36:74:ba:e7:31:23:47:56: 75:f7:0c:77:80:fb:fc:e3:eb:4c:92:98:e9:4e:90:53:c4:fd: ee:eb:34:da:b4:54:8c:ba:a5:ff:b6:a6:f1:32:24:a5:26:2b: 99:01:2e:0b:17:27:7a:47:ba:36:1c:6c:d1:2d:63:7c:db:bd: 00:bd:13:19:8d:99:25:05:a8:44:86:ff:ea:9b:06:82:a5:b3: 05:2e:6c:4f:1d:b3:5f:0e:3d:e4:0e:0d:5a:30:9b:03:26:3b: ff:89:1a:00:7c:5d:91:2f:30:06:f5:49:61:9c:27:dd:87:be: f5:6f:3a:cc:38:db:10:5f:b8:6b:bd:1d:28:5a:e0:a0:a1:03: 87:46:4b:a6:72:6f:a5:34:dc:48:3a:f0:36:3a:21:ae:cc:a9: eb:a8:ba:5f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNeEUPyFKpf6phnpP+vb/px6H90IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZE NkU1NUU0NDAeFw0yNTEwMjAxMjU3MDJaFw0yNTEwMjMyMjA4MDJaMDMxMTAvBgNV BAMTKEY0NjE1RTNCMURBN0VGMzkwREFEN0I1NjY1QkFGNEM2NTc2OUM5QjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO2ZJVCnkBj5xXo7Gcq3DcYWok 4pTHDSvD7wZ54esec54or9mIzidzsCg7/pRs0aXiJksrwZ27Cm7PlFzvhD8mjbym KbKR1nt4xbO6euniKWHLv2cqhqo8DEwOUSr1cPCtDgZPt9D5FVoyyM66ekoFlXqe GsnaD3EQbIEjWn4Mq2Gvb3NE5fLF5Bz7dohH5yTrRQFou/fU8A6GScEQMBJi+7Jw 6wy5K/QUo80QsH5VNOWnVQ6Cg0ezKs9MQsRwOvDSlPzwess6dJEx1nfT/CMXMjcj zUVLmJ0l3zuEdnmv6gLFb7anmxnafXEVeE++Nk+msX19reggKVtelw/u5TsdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU9GFeOx2n7zkNrXtWZbr0xldpybgwHwYDVR0j BBgwFoAULRiVY5f6YFWkQVPKvwcwP9blXkQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ODU4Zjg1Yy1hNDU4LTRhNTgtYmJkZS00YmZiMzQzZGM0YjAvMC8yRDE4OTU2Mzk3 RkE2MDU1QTQ0MTUzQ0FCRjA3MzAzRkQ2RTU1RTQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZENkU1 NUU0NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDg1OGY4NWMtYTQ1OC00YTU4LWJi ZGUtNGJmYjM0M2RjNGIwLzAvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMw M0ZENkU1NUU0NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFMnWNw/eT5/TxfrskLevo5RhKoCjRJb4bXb u5LHPiULaQb70impEcPRqWjiWVV087uBIz6H6lx9f28rqJ4uTF4GzzXYrJGv06x/ VQ4JDP4QSUgPZpgfWOoSX6ExI0BkQn2nLH42dLrnMSNHVnX3DHeA+/zj60ySmOlO kFPE/e7rNNq0VIy6pf+2pvEyJKUmK5kBLgsXJ3pHujYcbNEtY3zbvQC9ExmNmSUF qESG/+qbBoKlswUubE8ds18OPeQODVowmwMmO/+JGgB8XZEvMAb1SWGcJ92HvvVv Osw42xBfuGu9HSha4KChA4dGS6Zyb6U03Eg68DY6Ia7Mqeuoul8= -----END CERTIFICATE-----Generated at Mon Oct 20 18:07:24 2025 by rpki-client