$ rpki-client -vvf repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft File: D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft (raw, json) Hash identifier: Kbywd/70HlQDdakRXZ8Xb8VzVSlof3yHomoxLwYPUwA= Subject key identifier: C0:21:DA:C5:8E:7D:EB:03:51:EF:BA:DE:55:84:2F:57:4B:B9:A1:77 Authority key identifier: D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 Certificate issuer: /CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Certificate serial: 6925D9C3EFA088FC8074312D704250E4B6B45A40 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft Manifest number: 99 Signing time: Sun 19 Oct 2025 03:20:11 +0000 Manifest this update: Sun 19 Oct 2025 03:15:11 +0000 Manifest next update: Wed 22 Oct 2025 03:47:11 +0000 Files and hashes: 1: D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl (hash: cwch6VaDpXvW5ISYNwzPAdcG3zQLb4/LeZqzK6Sfijw=) 2: 3136302e32322e3138372e302f32342d3234203d3e20313532383233.roa (hash: hp0FWXodRjkZ1xCt3tnFlPQ3FclJlDZduoZ/rI+jC6E=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 03:47:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:25:d9:c3:ef:a0:88:fc:80:74:31:2d:70:42:50:e4:b6:b4:5a:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Validity Not Before: Oct 19 03:15:11 2025 GMT Not After : Oct 22 03:47:11 2025 GMT Subject: CN=C021DAC58E7DEB0351EFBADE55842F574BB9A177 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:23:c5:8d:9d:d5:bf:80:bf:bf:55:f6:4b:25: a1:2e:1c:2b:7e:e9:24:6c:2b:f6:e8:4e:3c:e9:ae: 8e:ea:4f:f6:9b:9b:c1:8f:4e:a7:13:eb:28:00:9f: 25:d2:dd:42:9b:3f:fc:1e:38:99:c4:d4:39:52:8a: 0c:f0:9e:c7:5d:d0:2a:93:6a:54:4f:24:8b:71:8a: 64:86:43:80:43:08:6f:45:b0:8e:d3:60:46:25:49: 9f:f2:dc:77:db:5d:7c:45:c6:71:4a:97:d7:d9:10: da:5d:e0:ef:e9:dc:91:ef:71:4b:a1:c3:ad:6f:4d: de:47:48:cd:5c:d5:be:e8:85:15:77:02:ff:92:4f: 8c:0b:de:e5:db:c4:f7:6d:c7:11:c2:68:a6:19:60: d7:c4:7a:24:f2:d3:3a:0b:35:f4:75:53:dc:34:4f: 58:00:e5:93:e7:d1:19:72:7b:cc:2b:2e:65:da:56: 4d:75:10:98:5a:93:86:e6:83:e4:e1:5e:a1:cc:20: a9:56:ef:be:bc:de:0a:7e:40:83:30:05:88:ba:c7: 5d:44:9a:62:ae:64:7b:43:bd:65:c7:d3:cd:31:ff: d7:bb:bc:0f:27:33:0d:fa:a8:6a:01:11:f7:51:1e: 85:46:f3:36:f7:e7:d2:70:8a:8c:f1:56:9c:f1:a7: d9:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:21:DA:C5:8E:7D:EB:03:51:EF:BA:DE:55:84:2F:57:4B:B9:A1:77 X509v3 Authority Key Identifier: keyid:D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:c7:c9:13:3d:c4:26:ca:ef:7e:72:d1:55:b4:e7:38:a6:87: 0d:c6:5f:5b:3d:f9:50:98:d1:00:78:90:25:72:60:57:fd:13: 96:7e:83:39:9b:20:19:f2:aa:a2:b6:cd:d8:da:2a:6d:c2:f3: 4d:c6:b8:57:7b:5b:26:21:77:06:60:be:de:a8:55:0e:75:d3: 14:59:ec:3f:f5:aa:bb:8b:c5:76:16:3d:67:97:3c:1f:a0:e8: 38:eb:cf:cc:68:cf:79:53:ce:df:f8:63:a1:e4:2c:d7:3b:97: f4:b0:c8:bb:f9:80:7d:25:9f:a8:de:95:bf:0a:41:77:30:09: 55:8c:0c:a1:f5:61:cd:f6:ac:12:37:a2:5f:45:4e:ce:ca:5b: 7f:df:10:e1:ed:7c:d0:f0:6a:c3:fa:12:25:91:f8:8d:7a:d0: 3f:83:f4:0b:b9:e8:83:e4:25:9a:e6:08:38:4d:32:c3:69:cd: 86:bf:e7:f3:a7:19:f6:3c:02:81:52:8e:bf:d8:e2:f2:1c:ab: dc:ac:5c:2b:b1:61:bb:eb:a7:56:7f:1e:57:a3:20:1c:e4:e8: d3:fd:df:47:25:95:74:57:f8:1e:ba:09:1a:e1:80:b6:34:cc: 01:5c:76:8a:73:8c:f9:09:6a:01:c9:c2:60:51:1c:04:89:d3: fc:19:bc:0b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaSXZw++giPyAdDEtcEJQ5La0WkAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZDMzJC NEZBMjhGMDAeFw0yNTEwMTkwMzE1MTFaFw0yNTEwMjIwMzQ3MTFaMDMxMTAvBgNV BAMTKEMwMjFEQUM1OEU3REVCMDM1MUVGQkFERTU1ODQyRjU3NEJCOUExNzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgI8WNndW/gL+/VfZLJaEuHCt+ 6SRsK/boTjzpro7qT/abm8GPTqcT6ygAnyXS3UKbP/weOJnE1DlSigzwnsdd0CqT alRPJItximSGQ4BDCG9FsI7TYEYlSZ/y3HfbXXxFxnFKl9fZENpd4O/p3JHvcUuh w61vTd5HSM1c1b7ohRV3Av+ST4wL3uXbxPdtxxHCaKYZYNfEeiTy0zoLNfR1U9w0 T1gA5ZPn0Rlye8wrLmXaVk11EJhak4bmg+ThXqHMIKlW77683gp+QIMwBYi6x11E mmKuZHtDvWXH080x/9e7vA8nMw36qGoBEfdRHoVG8zb359JwiozxVpzxp9nNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUwCHaxY596wNR77reVYQvV0u5oXcwHwYDVR0j BBgwFoAU07Ddu44H/NmKOZyQxbP8MrT6KPAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 ZDlmOThmMy03MmYwLTQwMDYtYmU5OS1iOWE5ZThkOWQyYmYvMC9EM0IwRERCQjhF MDdGQ0Q5OEEzOTlDOTBDNUIzRkMzMkI0RkEyOEYwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZDMzJCNEZB MjhGMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vN2Q5Zjk4ZjMtNzJmMC00MDA2LWJl OTktYjlhOWU4ZDlkMmJmLzAvRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZD MzJCNEZBMjhGMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALXHyRM9xCbK735y0VW05zimhw3GX1s9+VCY 0QB4kCVyYFf9E5Z+gzmbIBnyqqK2zdjaKm3C803GuFd7WyYhdwZgvt6oVQ510xRZ 7D/1qruLxXYWPWeXPB+g6Djrz8xoz3lTzt/4Y6HkLNc7l/SwyLv5gH0ln6jelb8K QXcwCVWMDKH1Yc32rBI3ol9FTs7KW3/fEOHtfNDwasP6EiWR+I160D+D9Au56IPk JZrmCDhNMsNpzYa/5/OnGfY8AoFSjr/Y4vIcq9ysXCuxYbvrp1Z/HlejIBzk6NP9 30cllXRX+B66CRrhgLY0zAFcdopzjPkJagHJwmBRHASJ0/wZvAs= -----END CERTIFICATE-----Generated at Mon Oct 20 13:55:49 2025 by rpki-client