$ rpki-client -vvf repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft File: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft (raw, json) Hash identifier: bx4kUofHJ+d8c2z1AvX9CKolT9Cp5UJbhZQ8QjSAjRw= Subject key identifier: 65:A3:C2:0D:D9:DB:D2:E5:36:9D:1B:4D:76:A7:42:F9:E2:1C:3F:CC Authority key identifier: 3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F Certificate issuer: /CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Certificate serial: 7168713DF0795C566C6550033343824B44B97021 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft Manifest number: 01F8 Signing time: Sun 19 Oct 2025 18:20:55 +0000 Manifest this update: Sun 19 Oct 2025 18:15:55 +0000 Manifest next update: Wed 22 Oct 2025 23:53:55 +0000 Files and hashes: 1: 3130332e32382e3136332e302f32342d3234203d3e203536323539.roa (hash: NAFqFIaSAImXyE9eWh33YjJ4/n4BJqvDNhOBlZ2+l28=) 2: 3130332e31302e3235332e302f32342d3234203d3e203536323539.roa (hash: HvzvMBj5qU+NExWSjTWqrdpmvH/WBtBrlcSKkhbhERc=) 3: 3130332e36352e39362e302f32332d3234203d3e203536323539.roa (hash: GJQ3NUFsB2nVnSk1uRZagjtzrc7ng31cjwY1HHOp2FQ=) 4: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl (hash: VU9VSjfJhF+sSg7eJ7Kxmt+mE2VQhtVzoX3ZI2EqK9I=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 23:53:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:68:71:3d:f0:79:5c:56:6c:65:50:03:33:43:82:4b:44:b9:70:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Validity Not Before: Oct 19 18:15:55 2025 GMT Not After : Oct 22 23:53:55 2025 GMT Subject: CN=65A3C20DD9DBD2E5369D1B4D76A742F9E21C3FCC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:43:28:9e:20:b6:a4:2e:c6:56:ee:d4:da:f5: a2:a2:f0:ef:20:c3:37:57:e1:79:4c:97:91:df:54: 83:59:c5:fc:22:4a:79:5c:06:58:00:7c:56:75:64: 8d:c5:67:36:6d:ef:d4:24:e0:97:6d:d7:10:6e:69: 7c:c5:2b:1e:7d:2b:32:86:3d:7b:ef:e7:b9:8e:5c: 22:42:1e:f6:5a:77:ae:26:99:1e:be:63:da:7f:a8: fe:14:ca:15:84:de:8d:04:7a:e1:d4:0c:43:76:fa: c6:f5:83:00:e0:de:77:2d:f7:f3:5d:9f:d1:70:4b: ba:90:88:e1:39:ee:a8:b8:7c:24:c9:dc:a1:6f:85: b7:75:96:11:5e:c3:73:e1:80:47:39:28:cc:a6:ff: 2a:23:a5:ec:4c:7c:d9:23:1b:1c:21:a0:53:07:71: c3:ed:a6:f7:e7:b5:3f:26:15:d6:d4:f8:f0:71:37: 43:45:b5:9e:05:6f:82:c5:77:d3:8a:6a:3b:b7:11: 6e:d3:ca:88:70:31:42:04:ea:12:37:1a:6c:2a:54: be:c2:ce:1f:d0:2d:7b:a6:68:8a:09:bf:e8:1d:62: f8:51:ea:4a:85:ea:ef:90:81:0f:98:1d:24:4f:1f: e0:2f:02:a8:6a:73:2d:c2:43:12:63:0a:c9:ea:8f: 6c:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:A3:C2:0D:D9:DB:D2:E5:36:9D:1B:4D:76:A7:42:F9:E2:1C:3F:CC X509v3 Authority Key Identifier: keyid:3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:42:bb:8d:e8:ec:21:87:e1:c7:76:7d:77:19:93:4b:8e:9a: f9:3f:8b:60:a6:44:3d:ba:20:e9:7e:0f:cf:e9:a0:d1:8b:0e: a6:3c:5a:69:06:a2:8c:33:6c:36:49:1e:dd:8c:53:25:2e:11: 4d:9d:ed:e6:43:d0:c5:3f:03:f3:4d:47:04:d9:4c:5a:c7:4a: 79:bf:41:01:0d:bd:75:e0:f4:ef:1e:2d:d9:1b:9a:62:eb:ec: 62:88:ce:ad:dd:f6:0a:8e:6b:18:e1:15:ee:84:3e:2d:7e:8d: b3:84:2d:3e:5a:3e:10:60:0e:23:40:30:c2:d9:e8:bc:cc:d5: d3:f8:7a:cf:a8:be:0f:7c:65:cc:11:70:e2:ad:a7:37:16:d0: 39:28:50:fc:df:40:35:f1:8a:e3:02:a4:d0:c1:aa:2c:22:5c: fc:ab:1b:6b:6e:7b:df:e1:af:ff:a3:46:37:3a:1b:96:df:aa: c4:9e:31:fd:01:ab:86:93:37:b5:a1:8d:9d:eb:16:98:24:b6: 53:95:fa:ad:47:bf:e1:09:8e:c4:01:1b:75:e2:1d:61:e5:85: 17:7a:96:f4:28:c9:af:71:0c:a6:4b:db:2c:33:71:a7:b0:ad: 50:3f:66:b5:80:81:70:55:11:34:6c:d5:d5:82:1c:19:78:51: 31:0f:3c:f2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUcWhxPfB5XFZsZVADM0OCS0S5cCEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4 NUMzNUU0RjAeFw0yNTEwMTkxODE1NTVaFw0yNTEwMjIyMzUzNTVaMDMxMTAvBgNV BAMTKDY1QTNDMjBERDlEQkQyRTUzNjlEMUI0RDc2QTc0MkY5RTIxQzNGQ0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWQyieILakLsZW7tTa9aKi8O8g wzdX4XlMl5HfVINZxfwiSnlcBlgAfFZ1ZI3FZzZt79Qk4Jdt1xBuaXzFKx59KzKG PXvv57mOXCJCHvZad64mmR6+Y9p/qP4UyhWE3o0EeuHUDEN2+sb1gwDg3nct9/Nd n9FwS7qQiOE57qi4fCTJ3KFvhbd1lhFew3PhgEc5KMym/yojpexMfNkjGxwhoFMH ccPtpvfntT8mFdbU+PBxN0NFtZ4Fb4LFd9OKaju3EW7TyohwMUIE6hI3GmwqVL7C zh/QLXumaIoJv+gdYvhR6kqF6u+QgQ+YHSRPH+AvAqhqcy3CQxJjCsnqj2yjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZaPCDdnb0uU2nRtNdqdC+eIcP8wwHwYDVR0j BBgwFoAUPXifr19+vmk4xMcj3NLu14XDXk8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZDk3MDAzMi0wOGVhLTQ4OTAtYmRiYS02MzA5YTQ5NzkxN2QvMC8zRDc4OUZBRjVG N0VCRTY5MzhDNEM3MjNEQ0QyRUVENzg1QzM1RTRGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4NUMz NUU0Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGQ5NzAwMzItMDhlYS00ODkwLWJk YmEtNjMwOWE0OTc5MTdkLzAvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVF RDc4NUMzNUU0Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGZCu43o7CGH4cd2fXcZk0uOmvk/i2CmRD26 IOl+D8/poNGLDqY8WmkGoowzbDZJHt2MUyUuEU2d7eZD0MU/A/NNRwTZTFrHSnm/ QQENvXXg9O8eLdkbmmLr7GKIzq3d9gqOaxjhFe6EPi1+jbOELT5aPhBgDiNAMMLZ 6LzM1dP4es+ovg98ZcwRcOKtpzcW0DkoUPzfQDXxiuMCpNDBqiwiXPyrG2tue9/h r/+jRjc6G5bfqsSeMf0Bq4aTN7WhjZ3rFpgktlOV+q1Hv+EJjsQBG3XiHWHlhRd6 lvQoya9xDKZL2ywzcaewrVA/ZrWAgXBVETRs1dWCHBl4UTEPPPI= -----END CERTIFICATE-----Generated at Mon Oct 20 20:44:27 2025 by rpki-client