$ rpki-client -vvf repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft File: 843FDF32A52D11795BBFB0918ABF926E0A210870.mft (raw, json) Hash identifier: c3dHWqppzJUxp3hMgFHBux0mpYvYubKfolnYyyDn6W0= Subject key identifier: 24:CA:6E:42:4B:16:DE:13:53:BE:78:83:2A:D8:DE:0F:FA:9A:F8:C5 Authority key identifier: 84:3F:DF:32:A5:2D:11:79:5B:BF:B0:91:8A:BF:92:6E:0A:21:08:70 Certificate issuer: /CN=843FDF32A52D11795BBFB0918ABF926E0A210870 Certificate serial: 5F4259E0EE80C34450BDF1C27B1168702AAB463E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer Subject info access: rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft Manifest number: 0111 Signing time: Sat 18 Oct 2025 19:02:11 +0000 Manifest this update: Sat 18 Oct 2025 18:57:11 +0000 Manifest next update: Wed 22 Oct 2025 00:36:11 +0000 Files and hashes: 1: 843FDF32A52D11795BBFB0918ABF926E0A210870.crl (hash: PqYAstuheykmpj509q3o878aWYuPBuVdnkR873hyZJI=) 2: 3231302e38372e3132342e302f32332d3234203d3e20313532303539.roa (hash: bZtCXaxnCo0kXFhv+UgtkdHVo3axHOoHwsSEN85b1Nc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.crl rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 00:36:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:42:59:e0:ee:80:c3:44:50:bd:f1:c2:7b:11:68:70:2a:ab:46:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=843FDF32A52D11795BBFB0918ABF926E0A210870 Validity Not Before: Oct 18 18:57:11 2025 GMT Not After : Oct 22 00:36:11 2025 GMT Subject: CN=24CA6E424B16DE1353BE78832AD8DE0FFA9AF8C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:95:69:49:70:49:f0:f6:22:12:8b:49:97:ac: fa:e7:5a:a6:42:ef:20:bf:5f:c8:b0:f1:c6:8e:ac: da:e0:77:e0:3f:2f:06:2c:63:53:da:42:e7:8e:c1: 93:5e:9b:8e:76:83:e1:1c:92:76:a1:4a:d1:b4:e8: 4b:0f:ad:55:94:dd:6c:b0:06:50:6c:67:b1:b7:db: f5:79:4b:e0:77:97:22:f5:82:5b:c7:08:44:19:bc: 98:e8:8e:66:c3:d7:45:2d:95:6b:75:6e:f7:a6:8d: a2:e4:8f:e3:9b:07:d6:a9:47:5a:de:e3:9a:09:5a: 39:da:37:cc:cd:a8:49:48:9a:11:04:25:bf:7b:65: 5d:f6:64:a9:56:eb:4b:f4:00:b1:0e:0a:00:ec:8c: 0e:6e:04:db:8b:c8:82:2f:63:f7:b7:b5:5f:06:c1: c5:1c:5f:15:86:a3:c7:70:5d:ec:76:fa:df:10:54: 8a:56:da:74:39:13:47:8e:f8:cc:b5:09:2e:4e:0b: 18:e6:6b:81:6d:7b:1e:d3:d3:a2:a5:3d:0e:03:ae: 4a:96:1f:28:81:40:ee:59:db:e7:aa:06:96:b3:dc: 15:e9:2c:98:6c:31:9f:d4:59:9b:e0:86:70:35:bc: a4:3f:8e:21:8e:8d:1b:0a:35:94:0e:20:a5:e6:9d: 87:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:CA:6E:42:4B:16:DE:13:53:BE:78:83:2A:D8:DE:0F:FA:9A:F8:C5 X509v3 Authority Key Identifier: keyid:84:3F:DF:32:A5:2D:11:79:5B:BF:B0:91:8A:BF:92:6E:0A:21:08:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:27:62:60:f8:24:0c:53:7f:4b:54:6e:b7:d7:9a:ce:55:be: 67:d9:ee:35:f5:c2:26:59:42:74:c7:1f:4c:cc:c0:9c:27:73: fc:a1:1a:b3:d8:bc:90:49:22:1c:91:6d:3f:0f:7d:78:39:fa: 30:8f:27:64:35:a0:77:2f:26:dd:ab:c0:de:fe:1a:f7:c9:60: 8a:ae:a6:1a:62:59:d5:ed:23:f1:dd:3c:86:9e:15:77:6d:b0: 9f:49:c7:3e:49:3a:4d:e2:01:90:39:94:31:48:e9:17:5b:c5: fa:b7:fd:a3:7b:58:66:07:f7:d0:3a:b2:01:ad:ea:93:63:38: 8c:bc:94:ec:da:2b:42:3a:a3:39:63:16:2b:ed:08:de:a5:f7: 2d:5c:16:8b:27:a9:fc:b3:24:eb:57:58:ba:96:d1:0e:a3:83: f3:7b:0f:d4:62:ac:39:8a:9b:7b:db:08:27:23:a9:3f:ac:ea: 4d:47:a6:d0:64:d8:42:cc:a6:df:ef:c0:3a:07:6d:85:93:a2: a9:b1:c9:2e:b1:6e:30:64:ae:2b:49:b1:b6:8f:a5:63:62:7a: d7:41:77:41:1e:7f:78:79:b4:6d:72:0e:3f:a0:9d:36:e5:5e: a9:42:b3:86:65:fd:6b:a8:bc:62:e1:f4:87:37:f3:d4:a1:d0: bb:cb:fe:e9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUX0JZ4O6Aw0RQvfHCexFocCqrRj4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjkyNkUw QTIxMDg3MDAeFw0yNTEwMTgxODU3MTFaFw0yNTEwMjIwMDM2MTFaMDMxMTAvBgNV BAMTKDI0Q0E2RTQyNEIxNkRFMTM1M0JFNzg4MzJBRDhERTBGRkE5QUY4QzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtlWlJcEnw9iISi0mXrPrnWqZC 7yC/X8iw8caOrNrgd+A/LwYsY1PaQueOwZNem452g+EcknahStG06EsPrVWU3Wyw BlBsZ7G32/V5S+B3lyL1glvHCEQZvJjojmbD10UtlWt1bvemjaLkj+ObB9apR1re 45oJWjnaN8zNqElImhEEJb97ZV32ZKlW60v0ALEOCgDsjA5uBNuLyIIvY/e3tV8G wcUcXxWGo8dwXex2+t8QVIpW2nQ5E0eO+My1CS5OCxjma4Ftex7T06KlPQ4DrkqW HyiBQO5Z2+eqBpaz3BXpLJhsMZ/UWZvghnA1vKQ/jiGOjRsKNZQOIKXmnYfXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUJMpuQksW3hNTvniDKtjeD/qa+MUwHwYDVR0j BBgwFoAUhD/fMqUtEXlbv7CRir+SbgohCHAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 N2JlOGI3Yy0yMzJmLTQ3ZTgtOWNkZC04ODE3ZDM5YjcwZWEvMC84NDNGREYzMkE1 MkQxMTc5NUJCRkIwOTE4QUJGOTI2RTBBMjEwODcwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjkyNkUwQTIx MDg3MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTdiZThiN2MtMjMyZi00N2U4LTlj ZGQtODgxN2QzOWI3MGVhLzAvODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjky NkUwQTIxMDg3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGsnYmD4JAxTf0tUbrfXms5VvmfZ7jX1wiZZ QnTHH0zMwJwnc/yhGrPYvJBJIhyRbT8PfXg5+jCPJ2Q1oHcvJt2rwN7+GvfJYIqu phpiWdXtI/HdPIaeFXdtsJ9Jxz5JOk3iAZA5lDFI6Rdbxfq3/aN7WGYH99A6sgGt 6pNjOIy8lOzaK0I6ozljFivtCN6l9y1cFosnqfyzJOtXWLqW0Q6jg/N7D9RirDmK m3vbCCcjqT+s6k1HptBk2ELMpt/vwDoHbYWToqmxyS6xbjBkritJsbaPpWNietdB d0Eef3h5tG1yDj+gnTblXqlCs4Zl/WuovGLh9Ic389Sh0LvL/uk= -----END CERTIFICATE-----Generated at Mon Oct 20 15:57:32 2025 by rpki-client