$ rpki-client -vvf repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft File: D4D0F3E6E684847D602FC73758893CE2BB05D399.mft (raw, json) Hash identifier: rtvcmtNwUbbBT7VzkO5HM8b8t27+mJA7ItLJIu2qaCM= Subject key identifier: 87:80:89:0B:E6:AB:E5:0C:FA:DD:47:80:9E:5B:7A:89:6C:AE:10:D8 Authority key identifier: D4:D0:F3:E6:E6:84:84:7D:60:2F:C7:37:58:89:3C:E2:BB:05:D3:99 Certificate issuer: /CN=D4D0F3E6E684847D602FC73758893CE2BB05D399 Certificate serial: 24285F51D86CF6AF8C3A53E2032683E34CB8F242 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer Subject info access: rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft Manifest number: 01BC Signing time: Sat 18 Oct 2025 09:00:43 +0000 Manifest this update: Sat 18 Oct 2025 08:55:43 +0000 Manifest next update: Tue 21 Oct 2025 17:14:43 +0000 Files and hashes: 1: D4D0F3E6E684847D602FC73758893CE2BB05D399.crl (hash: 5igz3a0CscEbkk/XuO8SZ1COJr0TZFGLFstlfKGYnIQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.crl rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 17:14:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:28:5f:51:d8:6c:f6:af:8c:3a:53:e2:03:26:83:e3:4c:b8:f2:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4D0F3E6E684847D602FC73758893CE2BB05D399 Validity Not Before: Oct 18 08:55:43 2025 GMT Not After : Oct 21 17:14:43 2025 GMT Subject: CN=8780890BE6ABE50CFADD47809E5B7A896CAE10D8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:5e:35:8c:74:02:06:7c:5a:e1:ba:e0:9f:23: 61:68:03:da:d9:8d:a7:4d:b4:67:39:d3:78:74:1f: 65:4e:2e:90:56:8c:eb:7a:c7:a0:67:2f:e3:c3:27: 09:c6:e4:75:e2:10:08:bb:dc:7f:c3:c1:b3:bd:53: f9:06:d9:83:d8:f5:63:da:1f:f4:3d:f0:2e:7a:da: 84:99:64:37:df:d5:cc:51:e4:a1:92:85:d6:f0:60: f3:72:15:79:c1:54:25:3f:fe:91:80:bb:86:5a:96: a6:ff:25:a2:bb:be:1b:60:29:75:2e:c6:14:37:08: a0:46:da:2c:31:36:ed:0b:43:96:8b:0d:74:1b:ae: a8:a5:44:bc:f5:8c:72:a3:b4:bc:41:57:b9:80:81: 82:98:68:13:50:d0:c5:da:ee:b4:b6:9c:bf:50:44: a6:0e:8f:88:21:cb:66:8a:9d:4a:1a:85:1b:81:c5: ce:a2:db:3a:13:bb:e4:40:04:0f:c8:5b:3a:fc:09: 07:96:26:47:cd:75:2c:2f:3d:8e:57:0d:0e:70:75: e4:b1:96:e5:9a:1b:8b:3d:13:f5:03:53:b2:5b:c3: f8:6b:5e:6b:ac:5a:21:3f:9e:3a:75:b4:cf:fe:ab: 72:89:08:bb:bf:a9:ce:52:46:86:db:0d:cf:96:5b: 16:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:80:89:0B:E6:AB:E5:0C:FA:DD:47:80:9E:5B:7A:89:6C:AE:10:D8 X509v3 Authority Key Identifier: keyid:D4:D0:F3:E6:E6:84:84:7D:60:2F:C7:37:58:89:3C:E2:BB:05:D3:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:c3:2e:8a:a1:9e:22:42:4f:ee:16:31:70:be:c6:57:b0:ae: 51:6c:19:43:d9:1f:12:38:d6:0d:a8:ef:76:c7:33:dd:78:53: 49:5c:d1:b3:65:02:d1:7b:a7:35:a8:87:16:d6:21:c6:ad:d6: 50:9b:ee:47:98:1b:71:98:d4:d7:f5:fc:6a:6d:65:84:23:3a: 3f:2c:dd:9a:90:b6:20:3f:d5:58:f6:fc:87:76:32:31:59:39: 93:6a:d3:ff:5a:96:cf:5c:ab:3a:98:d3:d3:98:76:b4:b5:1d: be:c7:30:2a:00:0c:e6:16:d5:9b:e0:63:f3:93:f9:b6:60:dc: d6:99:6a:f0:4c:12:19:b4:8d:09:28:bf:9d:65:88:22:9d:0d: d1:97:d5:7b:11:6b:df:81:59:10:a7:fb:01:73:34:92:b4:07: 17:66:6b:7b:a6:e0:2f:e2:d2:c1:2f:7d:a5:15:0d:e1:cc:66: 64:3b:26:e7:32:a6:18:a9:bf:71:b6:14:97:6b:6d:dc:ec:ae: ea:a4:cd:a0:6d:7c:f6:53:f6:7c:99:13:13:c4:9a:90:e6:cb: b1:8e:8d:aa:74:c9:2d:0e:f0:7a:eb:7e:31:6b:c4:3e:e1:6f: 80:23:d3:81:17:10:8e:44:64:7b:e4:82:a6:54:18:25:16:40: 7b:45:ba:78 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJChfUdhs9q+MOlPiAyaD40y48kIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTNDRTJC QjA1RDM5OTAeFw0yNTEwMTgwODU1NDNaFw0yNTEwMjExNzE0NDNaMDMxMTAvBgNV BAMTKDg3ODA4OTBCRTZBQkU1MENGQURENDc4MDlFNUI3QTg5NkNBRTEwRDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7XjWMdAIGfFrhuuCfI2FoA9rZ jadNtGc503h0H2VOLpBWjOt6x6BnL+PDJwnG5HXiEAi73H/DwbO9U/kG2YPY9WPa H/Q98C562oSZZDff1cxR5KGShdbwYPNyFXnBVCU//pGAu4Zalqb/JaK7vhtgKXUu xhQ3CKBG2iwxNu0LQ5aLDXQbrqilRLz1jHKjtLxBV7mAgYKYaBNQ0MXa7rS2nL9Q RKYOj4ghy2aKnUoahRuBxc6i2zoTu+RABA/IWzr8CQeWJkfNdSwvPY5XDQ5wdeSx luWaG4s9E/UDU7Jbw/hrXmusWiE/njp1tM/+q3KJCLu/qc5SRobbDc+WWxZhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUh4CJC+ar5Qz63UeAnlt6iWyuENgwHwYDVR0j BBgwFoAU1NDz5uaEhH1gL8c3WIk84rsF05kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 MjM1MzBlYy05OTBlLTQxZDctOWQ3OC1iNzdlMjBkNzZiY2QvMC9ENEQwRjNFNkU2 ODQ4NDdENjAyRkM3Mzc1ODg5M0NFMkJCMDVEMzk5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTNDRTJCQjA1 RDM5OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODIzNTMwZWMtOTkwZS00MWQ3LTlk NzgtYjc3ZTIwZDc2YmNkLzAvRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTND RTJCQjA1RDM5OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACLDLoqhniJCT+4WMXC+xlewrlFsGUPZHxI4 1g2o73bHM914U0lc0bNlAtF7pzWohxbWIcat1lCb7keYG3GY1Nf1/GptZYQjOj8s 3ZqQtiA/1Vj2/Id2MjFZOZNq0/9als9cqzqY09OYdrS1Hb7HMCoADOYW1ZvgY/OT +bZg3NaZavBMEhm0jQkov51liCKdDdGX1XsRa9+BWRCn+wFzNJK0Bxdma3um4C/i 0sEvfaUVDeHMZmQ7Jucyphipv3G2FJdrbdzsruqkzaBtfPZT9nyZExPEmpDmy7GO jap0yS0O8HrrfjFrxD7hb4Aj04EXEI5EZHvkgqZUGCUWQHtFung= -----END CERTIFICATE-----Generated at Mon Oct 20 12:25:55 2025 by rpki-client