$ rpki-client -vvf repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft File: D4D0F3E6E684847D602FC73758893CE2BB05D399.mft (raw, json) Hash identifier: augsmyILzxGB55wUevxip58pPKbgizUBEa1Rvsemc0M= Subject key identifier: FF:0B:2D:68:80:7B:05:94:63:53:C3:0A:BA:8C:12:C8:8B:62:2C:F7 Authority key identifier: D4:D0:F3:E6:E6:84:84:7D:60:2F:C7:37:58:89:3C:E2:BB:05:D3:99 Certificate issuer: /CN=D4D0F3E6E684847D602FC73758893CE2BB05D399 Certificate serial: 575AD1F81A8F447800A628BD943BA9C7D15EBA96 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer Subject info access: rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft Manifest number: 01A3 Signing time: Fri 22 Aug 2025 23:50:44 +0000 Manifest this update: Fri 22 Aug 2025 23:45:44 +0000 Manifest next update: Tue 26 Aug 2025 01:44:44 +0000 Files and hashes: 1: D4D0F3E6E684847D602FC73758893CE2BB05D399.crl (hash: gH9nz6fQ5D1TgPn9KNV5G/cACnFbmQjRWDx5ICwZp6E=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.crl rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 01:44:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:5a:d1:f8:1a:8f:44:78:00:a6:28:bd:94:3b:a9:c7:d1:5e:ba:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4D0F3E6E684847D602FC73758893CE2BB05D399 Validity Not Before: Aug 22 23:45:44 2025 GMT Not After : Aug 26 01:44:44 2025 GMT Subject: CN=FF0B2D68807B05946353C30ABA8C12C88B622CF7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:23:76:82:66:fc:9c:5e:fa:ad:7e:b3:2d:1b: 96:b2:ca:a1:85:89:d6:42:50:cc:9a:fb:e0:51:28: 4e:37:92:26:0b:3e:4e:d6:da:85:86:9f:be:f8:e3: 26:ef:77:4f:6c:1f:98:48:e0:65:38:1a:04:4f:f5: a0:11:60:a0:0b:5a:b1:d7:74:10:98:f5:3e:72:a5: 58:9c:1c:7b:f5:6f:c9:d2:da:ca:1a:e6:40:de:0d: 68:f4:95:07:5c:77:91:d1:ed:68:1d:ff:11:a6:30: 2b:80:86:e8:6a:fa:64:e6:c1:f5:62:06:db:99:9c: b4:57:56:8c:4d:89:5a:f4:5a:76:c2:6b:95:99:03: de:65:6a:c7:ad:f0:7a:6c:b4:fb:6c:e3:1b:97:1e: 6b:97:1b:51:7e:ab:61:b6:8b:fd:fb:94:63:12:25: 7a:7a:1b:70:34:ef:a2:82:57:f7:31:f2:4d:d5:0a: a3:9a:fc:90:ea:91:83:20:48:32:1b:83:be:d7:fb: ad:14:1a:5d:8d:c5:eb:fe:01:00:ca:94:e5:81:ec: a7:6f:9a:99:9e:29:37:f0:95:80:c8:71:88:4c:17: ba:7c:da:f6:4e:6b:7d:e9:c8:73:7b:b6:8f:9b:bc: 6c:54:95:51:54:66:14:e9:33:59:79:04:76:ce:68: 3a:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:0B:2D:68:80:7B:05:94:63:53:C3:0A:BA:8C:12:C8:8B:62:2C:F7 X509v3 Authority Key Identifier: keyid:D4:D0:F3:E6:E6:84:84:7D:60:2F:C7:37:58:89:3C:E2:BB:05:D3:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:13:8b:d1:f5:da:6c:87:56:f6:de:90:35:71:79:ee:e9:a3: f2:03:a3:a4:7b:08:3c:35:7f:d2:16:9a:b6:ae:95:0c:5d:e3: d9:8a:4c:16:26:7d:73:b4:55:14:5b:9b:36:f8:34:4f:82:5d: af:69:d1:2d:df:f9:ca:b9:e6:30:11:7b:be:d9:34:de:a7:48: 10:a3:2e:e8:05:2a:54:ee:6d:06:72:8f:3d:32:c5:31:30:44: c8:8a:4e:b2:b2:01:fe:c0:df:c2:7c:ef:7a:e0:7d:5a:e6:d3: a9:58:df:bb:55:80:36:c2:2c:1e:7f:99:cf:e4:fe:11:24:4f: 76:3c:56:92:98:a7:e4:d3:7a:0c:37:1c:29:47:48:fb:1d:5a: 5d:15:f7:77:49:0e:57:3c:30:ff:c8:5f:82:4e:ec:64:72:d1: 5e:14:43:e4:17:9a:98:4d:4a:ae:60:62:f8:4e:a4:c3:d9:4d: 78:c4:61:de:ea:ab:10:e2:33:47:1a:44:fe:22:54:1c:57:51: d0:98:a5:03:85:17:44:a6:5f:40:27:44:0e:65:68:26:b4:6c: 06:2f:15:a4:00:07:6f:a4:9c:d0:11:de:9f:17:59:37:8f:68: e1:d8:04:fc:81:f7:dc:5e:c1:f8:f6:cc:2b:12:ed:1e:bc:d0: 6f:8a:55:16 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUV1rR+BqPRHgApii9lDupx9FeupYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTNDRTJC QjA1RDM5OTAeFw0yNTA4MjIyMzQ1NDRaFw0yNTA4MjYwMTQ0NDRaMDMxMTAvBgNV BAMTKEZGMEIyRDY4ODA3QjA1OTQ2MzUzQzMwQUJBOEMxMkM4OEI2MjJDRjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6I3aCZvycXvqtfrMtG5ayyqGF idZCUMya++BRKE43kiYLPk7W2oWGn7744ybvd09sH5hI4GU4GgRP9aARYKALWrHX dBCY9T5ypVicHHv1b8nS2soa5kDeDWj0lQdcd5HR7Wgd/xGmMCuAhuhq+mTmwfVi BtuZnLRXVoxNiVr0WnbCa5WZA95laset8HpstPts4xuXHmuXG1F+q2G2i/37lGMS JXp6G3A076KCV/cx8k3VCqOa/JDqkYMgSDIbg77X+60UGl2Nxev+AQDKlOWB7Kdv mpmeKTfwlYDIcYhMF7p82vZOa33pyHN7to+bvGxUlVFUZhTpM1l5BHbOaDpvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU/wstaIB7BZRjU8MKuowSyItiLPcwHwYDVR0j BBgwFoAU1NDz5uaEhH1gL8c3WIk84rsF05kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 MjM1MzBlYy05OTBlLTQxZDctOWQ3OC1iNzdlMjBkNzZiY2QvMC9ENEQwRjNFNkU2 ODQ4NDdENjAyRkM3Mzc1ODg5M0NFMkJCMDVEMzk5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTNDRTJCQjA1 RDM5OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODIzNTMwZWMtOTkwZS00MWQ3LTlk NzgtYjc3ZTIwZDc2YmNkLzAvRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTND RTJCQjA1RDM5OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHkTi9H12myHVvbekDVxee7po/IDo6R7CDw1 f9IWmraulQxd49mKTBYmfXO0VRRbmzb4NE+CXa9p0S3f+cq55jARe77ZNN6nSBCj LugFKlTubQZyjz0yxTEwRMiKTrKyAf7A38J873rgfVrm06lY37tVgDbCLB5/mc/k /hEkT3Y8VpKYp+TTegw3HClHSPsdWl0V93dJDlc8MP/IX4JO7GRy0V4UQ+QXmphN Sq5gYvhOpMPZTXjEYd7qqxDiM0caRP4iVBxXUdCYpQOFF0SmX0AnRA5laCa0bAYv FaQAB2+knNAR3p8XWTePaOHYBPyB99xewfj2zCsS7R680G+KVRY= -----END CERTIFICATE-----Generated at Sun Aug 24 02:49:06 2025 by rpki-client