$ rpki-client -vvf repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.mft File: 3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.mft (raw, json) Hash identifier: 49gmZqACqvCIHmUa6jPtOlRGF3n9f982HQWOlgWJOiw= Subject key identifier: 0A:2F:7B:68:19:3B:AC:21:85:5E:F4:B5:D7:02:E0:D9:20:0C:C6:01 Authority key identifier: 3B:A5:C1:01:90:AD:C9:6E:E3:4E:B4:A6:D0:54:45:70:22:CB:DE:E9 Certificate issuer: /CN=3BA5C10190ADC96EE34EB4A6D054457022CBDEE9 Certificate serial: 2B7A8614B011B6F98869D44884D85653AFC4CD2E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.mft Manifest number: 021E Signing time: Mon 20 Oct 2025 02:51:57 +0000 Manifest this update: Mon 20 Oct 2025 02:46:57 +0000 Manifest next update: Thu 23 Oct 2025 14:44:57 +0000 Files and hashes: 1: 3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.crl (hash: sZpjFRbWcRiaWeKSvvK6f0o/IgXeI76mO71vaTouSwU=) 2: 3130332e3139302e36302e302f32342d3234203d3e20313439393031.roa (hash: TsTDpWhEe0S4QbX7Nvx05CapjsmJk1el8Dy5qKfw9Z4=) 3: 3130332e3139302e36302e302f32332d3233203d3e20313439393031.roa (hash: 51ekgtNLYDLFINvFYDj/N8stn5dpVipAbdc9vPbRQ7I=) 4: 3130332e3139302e36312e302f32342d3234203d3e20313439393031.roa (hash: Ykg6X7TmWGcN3xNxQzs8nCjH8QlPm6F3Uq9zQ4bEBTI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.crl rsync://repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 11:48:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:7a:86:14:b0:11:b6:f9:88:69:d4:48:84:d8:56:53:af:c4:cd:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BA5C10190ADC96EE34EB4A6D054457022CBDEE9 Validity Not Before: Oct 20 02:46:57 2025 GMT Not After : Oct 23 14:44:57 2025 GMT Subject: CN=0A2F7B68193BAC21855EF4B5D702E0D9200CC601 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:52:68:6d:57:fb:1b:f0:5d:ce:b8:4d:bb:39: 74:4f:37:b9:99:18:63:2b:5b:d6:af:b9:b9:d7:0c: d2:96:99:e7:4b:8f:2a:56:e5:9b:ca:01:f8:92:46: 6e:26:c2:d5:cc:42:78:3a:3c:08:af:55:29:36:ac: 2e:cb:37:40:da:df:21:fb:20:44:80:28:e0:98:09: 89:9e:c9:0e:55:0c:90:d4:14:83:ff:af:c0:fb:91: 45:2b:cf:09:d1:a3:67:56:a7:73:1d:f7:5e:13:16: 2d:ae:69:10:01:5b:3b:81:4e:38:c7:b1:b7:c6:09: ba:a1:f7:c1:cc:69:77:c0:9c:c7:00:f1:b3:50:8f: 1b:c7:3e:33:ad:45:30:cc:b3:c0:f0:e9:00:f4:66: 57:55:fe:b1:46:7b:7a:86:c1:46:57:4a:54:ef:32: 0d:65:d8:05:e7:5c:25:ae:b1:99:f2:e0:5f:f3:b8: e1:57:f8:79:9c:e9:23:d5:97:6a:e3:6b:4d:48:0e: d9:51:c7:a4:ae:43:ef:55:01:67:5e:4a:95:4d:c0: bf:2c:9c:97:c8:4a:0b:24:ad:0f:f4:d2:d8:3f:14: e9:cf:6c:76:0c:7e:b4:93:8f:14:ba:18:06:50:b4: d8:d6:c0:82:6e:d7:35:3a:c2:24:4e:51:83:0f:28: eb:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:2F:7B:68:19:3B:AC:21:85:5E:F4:B5:D7:02:E0:D9:20:0C:C6:01 X509v3 Authority Key Identifier: keyid:3B:A5:C1:01:90:AD:C9:6E:E3:4E:B4:A6:D0:54:45:70:22:CB:DE:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5e314858-b33a-4b65-9a55-dce41e223873/0/3BA5C10190ADC96EE34EB4A6D054457022CBDEE9.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:21:79:80:55:ca:7f:5b:00:06:62:c8:49:73:45:3f:07:13: ae:4a:5f:3d:c6:2f:90:ac:de:5f:22:ac:34:e9:3d:fd:00:4b: fb:2f:bb:f2:8e:77:5d:a7:8e:32:59:3c:92:aa:38:9d:31:2f: 6e:b6:95:6e:ae:01:2b:76:8e:ef:ad:c0:0f:ed:f7:d6:f8:5d: 9a:7a:2f:4a:61:c3:23:52:4c:f2:5d:b2:11:f4:5e:da:27:ce: 9c:cb:c0:d7:1d:d5:cc:a2:d7:da:b0:92:88:63:9d:9a:a4:68: cf:c8:2f:b9:1a:99:0b:b8:dd:c0:7e:fd:50:be:17:3b:66:c4: ea:2f:83:29:14:87:e8:2d:f8:fa:21:b8:20:9f:fb:84:99:54: 1e:b2:76:f6:5d:13:35:6c:75:a9:37:ac:eb:3c:f1:2a:29:03: 3e:ca:84:bc:b8:fb:a3:58:de:ee:ac:64:e1:37:e4:c1:ec:dd: 5a:47:c7:59:1d:c0:d1:54:88:84:a7:ff:9e:ab:7d:6d:c4:da: 55:09:1c:53:23:41:2e:06:bd:6d:6c:93:2a:12:f5:6b:4b:40: d5:e4:2b:8e:10:05:55:5a:b4:f0:b7:76:cf:e4:df:b0:4b:47: e3:bf:8d:23:29:f1:1a:20:84:be:b3:73:0c:f0:23:2f:3d:ed: 03:09:bd:1f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUK3qGFLARtvmIadRIhNhWU6/EzS4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0JBNUMxMDE5MEFEQzk2RUUzNEVCNEE2RDA1NDQ1NzAy MkNCREVFOTAeFw0yNTEwMjAwMjQ2NTdaFw0yNTEwMjMxNDQ0NTdaMDMxMTAvBgNV BAMTKDBBMkY3QjY4MTkzQkFDMjE4NTVFRjRCNUQ3MDJFMEQ5MjAwQ0M2MDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVUmhtV/sb8F3OuE27OXRPN7mZ GGMrW9avubnXDNKWmedLjypW5ZvKAfiSRm4mwtXMQng6PAivVSk2rC7LN0Da3yH7 IESAKOCYCYmeyQ5VDJDUFIP/r8D7kUUrzwnRo2dWp3Md914TFi2uaRABWzuBTjjH sbfGCbqh98HMaXfAnMcA8bNQjxvHPjOtRTDMs8Dw6QD0ZldV/rFGe3qGwUZXSlTv Mg1l2AXnXCWusZny4F/zuOFX+Hmc6SPVl2rja01IDtlRx6SuQ+9VAWdeSpVNwL8s nJfISgskrQ/00tg/FOnPbHYMfrSTjxS6GAZQtNjWwIJu1zU6wiROUYMPKOtzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUCi97aBk7rCGFXvS11wLg2SAMxgEwHwYDVR0j BBgwFoAUO6XBAZCtyW7jTrSm0FRFcCLL3ukwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ZTMxNDg1OC1iMzNhLTRiNjUtOWE1NS1kY2U0MWUyMjM4NzMvMC8zQkE1QzEwMTkw QURDOTZFRTM0RUI0QTZEMDU0NDU3MDIyQ0JERUU5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0JBNUMxMDE5MEFEQzk2RUUzNEVCNEE2RDA1NDQ1NzAyMkNC REVFOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWUzMTQ4NTgtYjMzYS00YjY1LTlh NTUtZGNlNDFlMjIzODczLzAvM0JBNUMxMDE5MEFEQzk2RUUzNEVCNEE2RDA1NDQ1 NzAyMkNCREVFOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFUheYBVyn9bAAZiyElzRT8HE65KXz3GL5Cs 3l8irDTpPf0AS/svu/KOd12njjJZPJKqOJ0xL262lW6uASt2ju+twA/t99b4XZp6 L0phwyNSTPJdshH0XtonzpzLwNcd1cyi19qwkohjnZqkaM/IL7kamQu43cB+/VC+ FztmxOovgykUh+gt+PohuCCf+4SZVB6ydvZdEzVsdak3rOs88SopAz7KhLy4+6NY 3u6sZOE35MHs3VpHx1kdwNFUiISn/56rfW3E2lUJHFMjQS4GvW1skyoS9WtLQNXk K44QBVVatPC3ds/k37BLR+O/jSMp8RoghL6zcwzwIy897QMJvR8= -----END CERTIFICATE-----Generated at Mon Oct 20 12:40:04 2025 by rpki-client