$ rpki-client -vvf repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.mft File: 58D7DC530F3BA4ACD0488062170E1581B67D61EA.mft (raw, json) Hash identifier: gYB4iVOBJOP2I9q2tX7tgEIp8MnrOsTMeCTwh313vew= Subject key identifier: CC:35:0B:4D:73:97:9F:1F:46:E0:93:C2:DA:E0:BD:35:F7:C2:72:D8 Authority key identifier: 58:D7:DC:53:0F:3B:A4:AC:D0:48:80:62:17:0E:15:81:B6:7D:61:EA Certificate issuer: /CN=58D7DC530F3BA4ACD0488062170E1581B67D61EA Certificate serial: 06720B1CAD40A3BB64D45FDAAE9DCB25B42ABF45 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/58D7DC530F3BA4ACD0488062170E1581B67D61EA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.mft Manifest number: 0520 Signing time: Sat 18 Oct 2025 09:51:06 +0000 Manifest this update: Sat 18 Oct 2025 09:46:06 +0000 Manifest next update: Tue 21 Oct 2025 17:32:06 +0000 Files and hashes: 1: 58D7DC530F3BA4ACD0488062170E1581B67D61EA.crl (hash: uTpN9gDYamKhbZP13s3Yr/sniSqkYOAgjUfyJZM6IEw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.crl rsync://repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/58D7DC530F3BA4ACD0488062170E1581B67D61EA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 17:32:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:72:0b:1c:ad:40:a3:bb:64:d4:5f:da:ae:9d:cb:25:b4:2a:bf:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=58D7DC530F3BA4ACD0488062170E1581B67D61EA Validity Not Before: Oct 18 09:46:06 2025 GMT Not After : Oct 21 17:32:06 2025 GMT Subject: CN=CC350B4D73979F1F46E093C2DAE0BD35F7C272D8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:bf:7b:09:31:67:2a:c7:dd:30:e1:b4:56:b6: 5b:43:81:93:3b:f0:26:d6:1c:d7:ad:7b:2c:4b:1c: b8:68:d9:32:36:5c:25:b5:81:d5:98:e2:09:c3:32: ab:0d:8a:e5:2b:2c:ba:b7:a7:cf:6f:bb:4c:2e:ba: a5:37:74:51:4c:64:67:39:ce:40:c9:e7:e6:62:04: 8a:fd:61:55:62:b5:b7:42:8b:6f:5c:e8:46:f8:26: 48:d6:77:bb:5c:84:bc:66:43:84:25:32:a1:72:0e: be:a4:7b:85:ed:ff:45:30:75:b6:95:4f:16:95:ee: 2d:ad:de:b8:2c:3e:6f:12:88:bf:b0:af:ce:cb:0a: aa:d7:20:44:97:b5:f7:1a:31:a5:24:d3:30:ed:02: 2a:98:86:a7:88:d9:ea:ed:4e:0d:6c:08:c1:11:25: df:12:56:13:ea:76:37:37:c5:83:a1:4c:3b:7d:78: 95:c9:67:af:46:ab:83:1b:23:93:7e:0a:08:9c:b1: 86:54:3f:8f:de:5b:4c:5e:05:0a:77:c7:53:83:36: e1:6b:21:a6:b6:d6:b8:23:c6:88:87:32:d2:ac:e3: dd:f1:ee:25:70:b9:a9:ce:ff:99:69:77:9e:bb:55: a0:c0:1d:fa:72:a9:44:b2:ae:da:fa:1f:63:f9:4d: 74:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:35:0B:4D:73:97:9F:1F:46:E0:93:C2:DA:E0:BD:35:F7:C2:72:D8 X509v3 Authority Key Identifier: keyid:58:D7:DC:53:0F:3B:A4:AC:D0:48:80:62:17:0E:15:81:B6:7D:61:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/58D7DC530F3BA4ACD0488062170E1581B67D61EA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:d3:d5:4d:81:3c:f6:0c:48:4f:52:56:92:bc:7d:95:be:42: 13:60:1c:9e:fd:58:84:aa:46:73:0e:4c:a5:22:3d:b9:5a:de: e5:0a:b3:b9:ba:da:65:32:0c:12:db:f9:70:8d:2b:da:b2:b4: 6b:b9:f0:8a:fb:88:15:5c:ef:aa:d9:81:8c:17:81:a7:3c:21: 45:c3:f5:02:a1:d6:2f:35:d4:9b:02:e3:f7:50:6d:78:da:53: f1:8c:36:1a:59:a6:6b:31:21:0d:43:91:a8:aa:4f:ac:8c:0a: c9:31:85:de:e0:e6:3e:4e:f3:7e:ed:9b:2d:72:d8:23:d9:83: 00:ed:90:a5:55:00:36:59:db:71:86:64:49:3e:e9:82:ff:b6: 51:1b:c4:10:25:20:b2:6c:43:10:8b:c9:df:7a:f5:d0:fa:a8: 09:12:81:7b:5c:16:a8:29:36:d8:a6:b4:e9:e5:e8:e9:5b:5e: 18:1d:f2:13:42:69:58:20:0f:4b:93:a5:d1:20:ac:1c:d5:4d: 27:08:55:2e:3e:a3:a3:49:37:41:17:9c:3c:c9:dd:46:14:7a: d7:29:0a:1d:8d:fd:a6:e5:58:94:e6:eb:95:c2:6c:7f:51:8b: f2:fa:f0:7d:d1:fe:78:f6:26:d3:94:70:1b:14:a7:26:0c:1f: 9c:98:f3:23 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBnILHK1Ao7tk1F/arp3LJbQqv0UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNThEN0RDNTMwRjNCQTRBQ0QwNDg4MDYyMTcwRTE1ODFC NjdENjFFQTAeFw0yNTEwMTgwOTQ2MDZaFw0yNTEwMjExNzMyMDZaMDMxMTAvBgNV BAMTKENDMzUwQjRENzM5NzlGMUY0NkUwOTNDMkRBRTBCRDM1RjdDMjcyRDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDv3sJMWcqx90w4bRWtltDgZM7 8CbWHNeteyxLHLho2TI2XCW1gdWY4gnDMqsNiuUrLLq3p89vu0wuuqU3dFFMZGc5 zkDJ5+ZiBIr9YVVitbdCi29c6Eb4JkjWd7tchLxmQ4QlMqFyDr6ke4Xt/0UwdbaV TxaV7i2t3rgsPm8SiL+wr87LCqrXIESXtfcaMaUk0zDtAiqYhqeI2ertTg1sCMER Jd8SVhPqdjc3xYOhTDt9eJXJZ69Gq4MbI5N+CgicsYZUP4/eW0xeBQp3x1ODNuFr Iaa21rgjxoiHMtKs493x7iVwuanO/5lpd567VaDAHfpyqUSyrtr6H2P5TXQLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzDULTXOXnx9G4JPC2uC9NffCctgwHwYDVR0j BBgwFoAUWNfcUw87pKzQSIBiFw4VgbZ9YeowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 MmZhM2EzOS1lMGVjLTRmYzEtOWI1NC0zNTNlMDdmMDA1ZGQvMC81OEQ3REM1MzBG M0JBNEFDRDA0ODgwNjIxNzBFMTU4MUI2N0Q2MUVBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNThEN0RDNTMwRjNCQTRBQ0QwNDg4MDYyMTcwRTE1ODFCNjdE NjFFQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODJmYTNhMzktZTBlYy00ZmMxLTli NTQtMzUzZTA3ZjAwNWRkLzAvNThEN0RDNTMwRjNCQTRBQ0QwNDg4MDYyMTcwRTE1 ODFCNjdENjFFQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADfT1U2BPPYMSE9SVpK8fZW+QhNgHJ79WISq RnMOTKUiPbla3uUKs7m62mUyDBLb+XCNK9qytGu58Ir7iBVc76rZgYwXgac8IUXD 9QKh1i811JsC4/dQbXjaU/GMNhpZpmsxIQ1DkaiqT6yMCskxhd7g5j5O837tmy1y 2CPZgwDtkKVVADZZ23GGZEk+6YL/tlEbxBAlILJsQxCLyd969dD6qAkSgXtcFqgp NtimtOnl6OlbXhgd8hNCaVggD0uTpdEgrBzVTScIVS4+o6NJN0EXnDzJ3UYUetcp Ch2N/ablWJTm65XCbH9Ri/L68H3R/nj2JtOUcBsUpyYMH5yY8yM= -----END CERTIFICATE-----Generated at Mon Oct 20 16:47:43 2025 by rpki-client