$ rpki-client -vvf repo-rpki.idnic.net/repo/4df4296f-1ca9-45fc-bb08-84135eb00fa7/0/40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D.mft File: 40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D.mft (raw, json) Hash identifier: f4Sp6D1S+7JFoTMCu7B6L/MPtE/SMG6ZwqU4fAU2oSA= Subject key identifier: 9A:CE:FD:11:E9:55:C5:D6:FC:38:03:1B:83:F1:91:09:3F:E8:39:D0 Authority key identifier: 40:70:6A:5C:CF:A8:96:C8:EE:0C:1F:9A:5B:6D:CD:A1:91:5A:C7:6D Certificate issuer: /CN=40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D Certificate serial: 53D917D0B7F9E693562B7C5B02FA53AD55DF6192 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4df4296f-1ca9-45fc-bb08-84135eb00fa7/0/40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D.mft Manifest number: 0208 Signing time: Sat 18 Oct 2025 16:31:23 +0000 Manifest this update: Sat 18 Oct 2025 16:26:23 +0000 Manifest next update: Tue 21 Oct 2025 22:26:23 +0000 Files and hashes: 1: 40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D.crl (hash: HZl1qw6Z0S5l12yhddnkO08HH+QcoaeyyF1LGoVShUQ=) 2: 3130332e31342e3233312e302f32342d3234203d3e20313439393435.roa (hash: hy+/jpVeqW5ZdBPpsEQxih0c4zQVAJjPaRw4KAPp/Ro=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4df4296f-1ca9-45fc-bb08-84135eb00fa7/0/40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D.crl rsync://repo-rpki.idnic.net/repo/4df4296f-1ca9-45fc-bb08-84135eb00fa7/0/40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 22:26:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:d9:17:d0:b7:f9:e6:93:56:2b:7c:5b:02:fa:53:ad:55:df:61:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D Validity Not Before: Oct 18 16:26:23 2025 GMT Not After : Oct 21 22:26:23 2025 GMT Subject: CN=9ACEFD11E955C5D6FC38031B83F191093FE839D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:ef:2a:22:17:01:1f:8e:6a:3d:a3:0d:d5:8f: 88:ed:13:b8:86:ee:ec:3c:eb:38:7b:25:1a:26:96: dc:8d:8e:ee:da:f0:fb:cc:38:ea:e1:3a:cc:b7:2b: f2:fc:f4:72:9b:e7:ed:9f:4d:8d:ac:51:e0:e4:c4: 8d:fe:12:1c:64:ab:1e:8f:8e:f4:51:7e:9f:72:4d: 93:fc:6c:2c:16:46:4f:30:d4:d7:e7:3c:37:b8:83: fc:e4:d0:7b:f8:7f:fb:28:04:14:32:8f:5b:13:e7: 5a:06:d3:88:33:76:d7:f5:72:60:f0:83:0e:f5:57: b3:80:1e:5c:5c:c1:99:29:9d:ac:9f:17:16:82:5f: b8:63:a5:8d:7a:26:0d:24:02:d5:4b:ba:64:b0:48: d6:9e:1f:34:55:06:c8:39:7a:0a:45:d6:59:f9:49: ac:02:a9:95:c8:8e:33:7e:ec:27:92:a3:c2:30:68: d0:95:eb:df:5f:97:97:f0:9f:9e:25:f5:d1:7c:81: 04:b0:92:a3:98:df:b0:19:c4:ae:e3:d3:1b:5d:94: 0d:70:d0:8d:f2:ed:3e:36:90:f9:81:7b:1b:8b:f2: 47:c0:fa:a8:15:bc:05:62:06:e1:09:68:ce:bd:3f: bd:15:b4:4c:df:69:25:44:38:69:05:c9:6d:e1:00: 8a:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:CE:FD:11:E9:55:C5:D6:FC:38:03:1B:83:F1:91:09:3F:E8:39:D0 X509v3 Authority Key Identifier: keyid:40:70:6A:5C:CF:A8:96:C8:EE:0C:1F:9A:5B:6D:CD:A1:91:5A:C7:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4df4296f-1ca9-45fc-bb08-84135eb00fa7/0/40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4df4296f-1ca9-45fc-bb08-84135eb00fa7/0/40706A5CCFA896C8EE0C1F9A5B6DCDA1915AC76D.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:93:57:cc:38:14:ea:53:37:9b:06:fe:cf:3e:aa:f6:72:33: 61:c7:d6:a1:a7:a9:be:70:a3:9e:7f:d2:33:fe:5f:39:17:dd: bf:62:ff:4d:18:2a:a9:8c:20:5e:eb:76:df:c4:f8:55:cf:ad: d9:c8:04:c5:1d:cc:4a:4c:f9:c0:8c:7a:a1:61:3e:62:f2:8f: 1a:24:b9:54:35:22:dc:0d:06:98:9c:e6:6f:38:49:0c:26:71: cb:cb:a2:d6:ad:11:46:79:79:29:2e:65:d1:6d:c9:2d:bb:28: 35:79:91:a9:f0:dc:c0:2c:b3:e4:5c:3b:0c:83:d2:ef:76:f3: 44:70:d6:71:1b:92:93:aa:6e:12:f4:15:40:62:b7:98:8a:cf: 27:d3:f2:95:ba:e5:17:41:31:3e:8b:cd:c5:97:d9:a7:da:c3: 63:ed:69:19:f7:1d:8e:a6:6e:74:00:c0:7a:46:57:b3:f1:a5: e9:1f:0a:0c:ef:3b:95:ab:b6:68:34:9e:c4:04:7e:01:a2:a3: 8c:99:16:74:58:7f:72:92:10:93:19:c1:89:28:d9:24:8f:bf: 9e:24:0b:28:ac:e9:6d:a9:72:ce:76:c8:6d:7b:e0:0f:e3:54: 0e:31:f7:e6:6b:52:ed:0e:f9:d8:86:10:92:de:47:bd:f2:27: 90:c4:8a:9f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUU9kX0Lf55pNWK3xbAvpTrVXfYZIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA3MDZBNUNDRkE4OTZDOEVFMEMxRjlBNUI2RENEQTE5 MTVBQzc2RDAeFw0yNTEwMTgxNjI2MjNaFw0yNTEwMjEyMjI2MjNaMDMxMTAvBgNV BAMTKDlBQ0VGRDExRTk1NUM1RDZGQzM4MDMxQjgzRjE5MTA5M0ZFODM5RDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL7yoiFwEfjmo9ow3Vj4jtE7iG 7uw86zh7JRomltyNju7a8PvMOOrhOsy3K/L89HKb5+2fTY2sUeDkxI3+Ehxkqx6P jvRRfp9yTZP8bCwWRk8w1NfnPDe4g/zk0Hv4f/soBBQyj1sT51oG04gzdtf1cmDw gw71V7OAHlxcwZkpnayfFxaCX7hjpY16Jg0kAtVLumSwSNaeHzRVBsg5egpF1ln5 SawCqZXIjjN+7CeSo8IwaNCV699fl5fwn54l9dF8gQSwkqOY37AZxK7j0xtdlA1w 0I3y7T42kPmBexuL8kfA+qgVvAViBuEJaM69P70VtEzfaSVEOGkFyW3hAIoLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUms79EelVxdb8OAMbg/GRCT/oOdAwHwYDVR0j BBgwFoAUQHBqXM+olsjuDB+aW23NoZFax20wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZGY0Mjk2Zi0xY2E5LTQ1ZmMtYmIwOC04NDEzNWViMDBmYTcvMC80MDcwNkE1Q0NG QTg5NkM4RUUwQzFGOUE1QjZEQ0RBMTkxNUFDNzZELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDA3MDZBNUNDRkE4OTZDOEVFMEMxRjlBNUI2RENEQTE5MTVB Qzc2RC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGRmNDI5NmYtMWNhOS00NWZjLWJi MDgtODQxMzVlYjAwZmE3LzAvNDA3MDZBNUNDRkE4OTZDOEVFMEMxRjlBNUI2RENE QTE5MTVBQzc2RC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEKTV8w4FOpTN5sG/s8+qvZyM2HH1qGnqb5w o55/0jP+XzkX3b9i/00YKqmMIF7rdt/E+FXPrdnIBMUdzEpM+cCMeqFhPmLyjxok uVQ1ItwNBpic5m84SQwmccvLotatEUZ5eSkuZdFtyS27KDV5kanw3MAss+RcOwyD 0u9280Rw1nEbkpOqbhL0FUBit5iKzyfT8pW65RdBMT6LzcWX2afaw2PtaRn3HY6m bnQAwHpGV7PxpekfCgzvO5Wrtmg0nsQEfgGio4yZFnRYf3KSEJMZwYko2SSPv54k Cyis6W2pcs52yG174A/jVA4x9+ZrUu0O+diGEJLeR73yJ5DEip8= -----END CERTIFICATE-----Generated at Mon Oct 20 13:54:01 2025 by rpki-client