$ rpki-client -vvf repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.mft File: 28351380A86044778274FC7CEC0F116CF3B3CA39.mft (raw, json) Hash identifier: 7PeJlzec7CXGu48X8KedzWBJgSIs8yeEF6dXO7xJdMA= Subject key identifier: CF:11:9A:E5:5F:C7:C2:4B:EA:AC:B1:EA:02:35:29:06:F6:1B:D9:C9 Authority key identifier: 28:35:13:80:A8:60:44:77:82:74:FC:7C:EC:0F:11:6C:F3:B3:CA:39 Certificate issuer: /CN=28351380A86044778274FC7CEC0F116CF3B3CA39 Certificate serial: 29C976CAF9A8C430D7082F1D6F7963E3BDFF350F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28351380A86044778274FC7CEC0F116CF3B3CA39.cer Subject info access: rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.mft Manifest number: 0519 Signing time: Sun 19 Oct 2025 17:10:45 +0000 Manifest this update: Sun 19 Oct 2025 17:05:45 +0000 Manifest next update: Wed 22 Oct 2025 18:06:45 +0000 Files and hashes: 1: 3230332e38302e31322e302f32342d3234203d3e203234323034.roa (hash: iP5DwSyfUL5exxyNjMDQ+1fcb6ngK3/LzByJJLI9xyw=) 2: 3230332e38302e31302e302f32342d3234203d3e203234323034.roa (hash: GDVJSN1CaQCPhQqR3FRWg5swzCjmjmNit8vMHebzfag=) 3: 3230332e38302e31332e302f32342d3234203d3e203234323034.roa (hash: OqfsOYg/HuhRheOY7XtpBvVh7Zqp58h+Rj/M/YaFZNI=) 4: 323430353a386530303a3a2f33322d3332203d3e203234323034.roa (hash: qKSq3uz3mAbrZSzfHP44tJYlF6gqnOloWG4wyUGOKH8=) 5: 3230332e38302e382e302f32342d3234203d3e203234323034.roa (hash: WygMqvrzr917+KMa/vGo8fQyT0ctkaWPjHAmxb/T5Js=) 6: 3230332e38302e31352e302f32342d3234203d3e203234323034.roa (hash: +tRBG8B/+C8vTbXJTWqe0liAiPTh4alenhwEBf60dxs=) 7: 3230332e38302e31342e302f32342d3234203d3e203234323034.roa (hash: meqQFV3Ai00Xi6pHJ24Fpc5SOLYd2Ucdi8hBuOG/mOI=) 8: 28351380A86044778274FC7CEC0F116CF3B3CA39.crl (hash: PhrJZ7UZIyARth5nQaBFj67kjsh/y02oPlNW7OiIbVo=) 9: 3230332e38302e31312e302f32342d3234203d3e203234323034.roa (hash: wP5JcTumZVhD5RKTIHW84jMQLqPiyj2qPNYzd9k1ZOs=) 10: 3230332e38302e392e302f32342d3234203d3e203234323034.roa (hash: D4SmgWinw2uDnNDHY1kT9jgep4MItUVn6E6KY3uTDIU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.crl rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28351380A86044778274FC7CEC0F116CF3B3CA39.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 18:06:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:c9:76:ca:f9:a8:c4:30:d7:08:2f:1d:6f:79:63:e3:bd:ff:35:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28351380A86044778274FC7CEC0F116CF3B3CA39 Validity Not Before: Oct 19 17:05:45 2025 GMT Not After : Oct 22 18:06:45 2025 GMT Subject: CN=CF119AE55FC7C24BEAACB1EA02352906F61BD9C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:7c:e3:33:99:f6:a4:fb:97:8c:2e:48:74:3f: 32:66:15:1d:41:87:fe:0f:26:5a:a2:a2:39:c5:d6: c7:51:98:c9:f9:fd:2c:cf:dd:5f:70:d3:bd:2b:f2: e3:cb:6a:d0:a3:13:3a:bc:39:62:64:47:f6:64:6c: f3:d4:fd:73:9e:0b:17:2c:8c:b7:c4:af:d9:05:42: c4:88:45:96:81:b4:9c:1d:da:e2:9b:8d:31:21:84: f4:c6:41:b6:12:b5:2d:9f:13:d3:de:ea:9e:32:1f: 36:f4:46:43:e7:b6:72:7c:25:8b:15:b9:fb:da:d0: a4:d9:72:af:4d:65:e2:d0:bc:a5:78:e1:08:40:13: 34:aa:2d:73:0e:a9:64:87:52:8a:5c:d2:4b:6d:47: ad:36:8a:c9:45:d6:7a:92:a8:2b:b9:74:48:7e:cf: 85:d1:14:aa:19:c8:f6:69:bf:da:3a:c4:74:35:55: 1e:e4:a8:a4:84:4a:64:73:65:55:43:28:93:e8:0f: 8f:5d:95:86:e4:21:7d:c8:0d:ee:d6:29:68:f8:65: 78:1c:75:f4:0c:d9:c9:50:5b:51:d1:44:4e:86:27: 3a:3b:68:04:0d:85:59:c8:ff:9f:75:13:70:60:b2: c4:dd:ff:27:5d:c1:ff:3f:13:79:c7:fa:1f:7b:64: b8:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:11:9A:E5:5F:C7:C2:4B:EA:AC:B1:EA:02:35:29:06:F6:1B:D9:C9 X509v3 Authority Key Identifier: keyid:28:35:13:80:A8:60:44:77:82:74:FC:7C:EC:0F:11:6C:F3:B3:CA:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28351380A86044778274FC7CEC0F116CF3B3CA39.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:7b:43:09:cf:f3:e1:4c:b7:d1:e1:de:02:bc:0a:cc:7b:fd: b0:2c:41:b6:7f:33:b3:96:06:0e:04:12:40:92:57:03:c0:8f: 3a:c5:cf:32:6c:d8:52:63:20:83:3a:cd:c2:99:2a:23:eb:48: ca:8c:88:0f:aa:00:a1:74:67:7e:fa:3b:6c:8e:14:27:8e:8b: 17:d0:e8:41:37:3c:c4:3d:a3:a7:cd:08:90:2c:7b:ac:dc:87: f3:f5:1a:da:03:1f:65:ed:64:e1:05:86:97:79:bd:47:9c:ea: bf:3f:91:fc:78:92:54:77:04:69:6a:b7:21:05:4f:37:d2:7e: 65:52:c2:97:19:41:86:5c:81:10:2c:5f:c5:b2:85:94:c1:ec: 6b:f4:02:32:39:c1:3e:f6:bc:61:a4:54:1c:26:31:92:e1:a5: ea:f1:8e:4e:26:fe:17:d6:ea:92:26:f5:cc:ea:30:0f:a5:53: 18:64:7c:c7:3c:28:67:18:89:ea:63:f6:43:1f:47:00:04:be: 70:19:5d:a4:76:00:7a:c5:50:2f:12:a5:8e:59:84:d5:ab:8c: 83:33:f3:1d:13:f1:f9:30:5c:df:16:08:10:4a:c2:42:8e:f9: 91:d5:d9:e5:c4:07:7d:13:d0:bc:c1:22:14:e1:5d:89:12:1f: fb:47:50:04 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKcl2yvmoxDDXCC8db3lj473/NQ8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjgzNTEzODBBODYwNDQ3NzgyNzRGQzdDRUMwRjExNkNG M0IzQ0EzOTAeFw0yNTEwMTkxNzA1NDVaFw0yNTEwMjIxODA2NDVaMDMxMTAvBgNV BAMTKENGMTE5QUU1NUZDN0MyNEJFQUFDQjFFQTAyMzUyOTA2RjYxQkQ5QzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3fOMzmfak+5eMLkh0PzJmFR1B h/4PJlqiojnF1sdRmMn5/SzP3V9w070r8uPLatCjEzq8OWJkR/ZkbPPU/XOeCxcs jLfEr9kFQsSIRZaBtJwd2uKbjTEhhPTGQbYStS2fE9Pe6p4yHzb0RkPntnJ8JYsV ufva0KTZcq9NZeLQvKV44QhAEzSqLXMOqWSHUopc0kttR602islF1nqSqCu5dEh+ z4XRFKoZyPZpv9o6xHQ1VR7kqKSESmRzZVVDKJPoD49dlYbkIX3IDe7WKWj4ZXgc dfQM2clQW1HRRE6GJzo7aAQNhVnI/591E3BgssTd/yddwf8/E3nH+h97ZLhzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzxGa5V/HwkvqrLHqAjUpBvYb2ckwHwYDVR0j BBgwFoAUKDUTgKhgRHeCdPx87A8RbPOzyjkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 MjRhOTEwNS04ZDJhLTRiMzgtYTZhZS0wNWVhZDY5NzE5YTMvMC8yODM1MTM4MEE4 NjA0NDc3ODI3NEZDN0NFQzBGMTE2Q0YzQjNDQTM5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjgzNTEzODBBODYwNDQ3NzgyNzRGQzdDRUMwRjExNkNGM0Iz Q0EzOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTI0YTkxMDUtOGQyYS00YjM4LWE2 YWUtMDVlYWQ2OTcxOWEzLzAvMjgzNTEzODBBODYwNDQ3NzgyNzRGQzdDRUMwRjEx NkNGM0IzQ0EzOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACp7QwnP8+FMt9Hh3gK8Csx7/bAsQbZ/M7OW Bg4EEkCSVwPAjzrFzzJs2FJjIIM6zcKZKiPrSMqMiA+qAKF0Z376O2yOFCeOixfQ 6EE3PMQ9o6fNCJAse6zch/P1GtoDH2XtZOEFhpd5vUec6r8/kfx4klR3BGlqtyEF TzfSfmVSwpcZQYZcgRAsX8WyhZTB7Gv0AjI5wT72vGGkVBwmMZLhperxjk4m/hfW 6pIm9czqMA+lUxhkfMc8KGcYiepj9kMfRwAEvnAZXaR2AHrFUC8SpY5ZhNWrjIMz 8x0T8fkwXN8WCBBKwkKO+ZHV2eXEB30T0LzBIhThXYkSH/tHUAQ= -----END CERTIFICATE-----Generated at Tue Oct 21 02:09:05 2025 by rpki-client