$ rpki-client -vvf repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft File: 85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft (raw, json) Hash identifier: 5x2FWLdzOy4LcboqkzwgrDPG6i5P79TjJF8P8ubjw/Q= Subject key identifier: 84:A8:E6:4C:7B:DD:F3:F7:B2:D3:D9:75:5A:A9:C4:40:93:07:50:D7 Authority key identifier: 85:E8:DE:B3:87:42:E3:90:C7:BF:B3:4B:1E:4A:BA:C3:1D:33:7A:C3 Certificate issuer: /CN=85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3 Certificate serial: 53DC32BFE5E07852EAF14D7CAEF1AC088ADAB97E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft Manifest number: 02AF Signing time: Mon 20 Oct 2025 12:01:40 +0000 Manifest this update: Mon 20 Oct 2025 11:56:40 +0000 Manifest next update: Thu 23 Oct 2025 23:08:40 +0000 Files and hashes: 1: 3130332e3137382e3137342e302f32332d3234203d3e20313337333331.roa (hash: gonve5wIJ3O85bDiwHHm2xjnNdsU9xH6JAbxD3Ax5a8=) 2: 85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl (hash: 2iGm1To13+tVgoSuglUdEWt3s2MTHSO6C0yheQSIjVw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 11:48:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:dc:32:bf:e5:e0:78:52:ea:f1:4d:7c:ae:f1:ac:08:8a:da:b9:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3 Validity Not Before: Oct 20 11:56:40 2025 GMT Not After : Oct 23 23:08:40 2025 GMT Subject: CN=84A8E64C7BDDF3F7B2D3D9755AA9C440930750D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:f6:43:6d:91:23:40:1b:6a:24:d8:75:81:04: 76:fc:14:4f:0a:6f:57:91:15:04:77:2c:7a:4b:a2: 9e:4c:11:28:03:16:d8:02:b2:6a:2e:20:d5:a0:a1: 25:18:82:49:af:c0:cb:44:d8:5f:ef:b6:8b:13:6f: 3e:c9:4a:da:9b:b9:dd:38:df:54:44:65:8b:75:ef: 22:ea:ef:da:25:50:bc:01:85:38:d1:4f:d6:0e:05: 9b:67:66:41:43:d4:b2:fb:09:4f:a1:49:d4:ed:2b: 58:6c:30:c3:90:35:13:73:36:a7:a5:95:b0:31:f0: d9:f1:c0:83:bf:14:4e:cb:39:8e:17:86:f2:f0:9c: 75:02:e6:bf:f4:eb:0a:08:b9:2b:f1:14:79:8e:e0: 7d:23:81:b9:99:78:28:0b:99:f0:8f:2c:e2:bf:18: 88:ae:84:4c:cb:75:3a:94:36:d5:b5:27:af:ee:dd: d1:9d:41:92:ac:5a:c4:63:21:62:72:24:68:5f:a5: e9:4f:f5:de:70:7c:7e:34:a4:17:0e:f7:ac:d0:b5: 6d:57:9e:13:9c:26:8d:d6:33:44:87:fa:b1:22:51: 2b:66:dd:ac:6f:cd:71:ab:0a:fa:59:38:86:ea:1d: ee:64:99:0a:19:1d:1b:82:a5:be:81:e7:4a:9b:a4: 09:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:A8:E6:4C:7B:DD:F3:F7:B2:D3:D9:75:5A:A9:C4:40:93:07:50:D7 X509v3 Authority Key Identifier: keyid:85:E8:DE:B3:87:42:E3:90:C7:BF:B3:4B:1E:4A:BA:C3:1D:33:7A:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:9c:ab:1a:ff:f7:26:2c:35:b7:6a:cb:fa:b9:5a:61:89:28: cf:c5:b7:7d:98:df:03:8c:f9:c4:5b:34:0d:d4:25:1b:30:02: 8d:77:4f:d3:e0:4c:67:ac:22:a2:14:23:f6:f6:55:e2:30:41: 3d:fa:83:86:fd:a4:25:bb:7d:e7:f4:9b:74:c5:e3:47:16:20: 6a:52:bb:0e:13:53:bb:06:a1:e0:2c:fa:6a:a2:20:ee:65:31: 72:e7:0f:da:20:c9:21:62:16:f0:11:62:a1:35:f3:98:8f:29: 88:27:33:14:b6:7b:00:b9:ba:2b:50:ae:6a:4f:ea:9f:55:51: 1c:1d:d0:4f:61:dc:84:0d:a0:e2:2a:40:ae:61:88:2a:b3:4d: bc:c3:b3:1f:94:d3:34:d7:56:c1:c2:ab:03:6a:b2:35:17:8e: 4c:6a:99:fd:f6:79:83:66:83:e2:ea:45:d9:4b:85:97:e7:fa: 88:eb:bb:02:ab:f3:b3:27:73:f8:32:81:86:b1:e5:40:ad:7e: cb:f6:c3:be:d2:dc:67:7b:ab:fb:4c:44:a7:61:c8:a5:0b:10: 2c:09:15:49:0d:b8:49:14:83:86:17:44:10:e3:b2:d4:8c:aa: 0f:5d:45:78:e4:9f:bc:8d:0c:d9:92:32:67:c2:93:10:2d:de: 28:35:d7:60 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUU9wyv+XgeFLq8U18rvGsCIrauX4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJBQzMx RDMzN0FDMzAeFw0yNTEwMjAxMTU2NDBaFw0yNTEwMjMyMzA4NDBaMDMxMTAvBgNV BAMTKDg0QThFNjRDN0JEREYzRjdCMkQzRDk3NTVBQTlDNDQwOTMwNzUwRDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR9kNtkSNAG2ok2HWBBHb8FE8K b1eRFQR3LHpLop5MESgDFtgCsmouINWgoSUYgkmvwMtE2F/vtosTbz7JStqbud04 31REZYt17yLq79olULwBhTjRT9YOBZtnZkFD1LL7CU+hSdTtK1hsMMOQNRNzNqel lbAx8NnxwIO/FE7LOY4XhvLwnHUC5r/06woIuSvxFHmO4H0jgbmZeCgLmfCPLOK/ GIiuhEzLdTqUNtW1J6/u3dGdQZKsWsRjIWJyJGhfpelP9d5wfH40pBcO96zQtW1X nhOcJo3WM0SH+rEiUStm3axvzXGrCvpZOIbqHe5kmQoZHRuCpb6B50qbpAm5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhKjmTHvd8/ey09l1WqnEQJMHUNcwHwYDVR0j BBgwFoAUhejes4dC45DHv7NLHkq6wx0zesMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 ZDdmOWVmNC1mOTlmLTQ0ZmYtYjk2OC03MGQ0NTI0ZDcyMDcvMC84NUU4REVCMzg3 NDJFMzkwQzdCRkIzNEIxRTRBQkFDMzFEMzM3QUMzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJBQzMxRDMz N0FDMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNmQ3ZjllZjQtZjk5Zi00NGZmLWI5 NjgtNzBkNDUyNGQ3MjA3LzAvODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJB QzMxRDMzN0FDMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACucqxr/9yYsNbdqy/q5WmGJKM/Ft32Y3wOM +cRbNA3UJRswAo13T9PgTGesIqIUI/b2VeIwQT36g4b9pCW7fef0m3TF40cWIGpS uw4TU7sGoeAs+mqiIO5lMXLnD9ogySFiFvARYqE185iPKYgnMxS2ewC5uitQrmpP 6p9VURwd0E9h3IQNoOIqQK5hiCqzTbzDsx+U0zTXVsHCqwNqsjUXjkxqmf32eYNm g+LqRdlLhZfn+ojruwKr87Mnc/gygYax5UCtfsv2w77S3Gd7q/tMRKdhyKULECwJ FUkNuEkUg4YXRBDjstSMqg9dRXjkn7yNDNmSMmfCkxAt3ig112A= -----END CERTIFICATE-----Generated at Mon Oct 20 13:45:21 2025 by rpki-client