$ rpki-client -vvf repo-rpki.idnic.net/repo/835048c6-8ccd-463d-ad34-ae7428647a9c/0/7008868799E77C42E437F0D7ACCF683CF5B2AA4E.mft File: 7008868799E77C42E437F0D7ACCF683CF5B2AA4E.mft (raw, json) Hash identifier: DPvehhpsmdGlENKsIEbQgDM869+1m1NReS1YtrXk258= Subject key identifier: 6C:F0:1C:D3:6F:6D:B3:12:D2:36:93:53:AE:67:2C:D6:8D:72:07:53 Authority key identifier: 70:08:86:87:99:E7:7C:42:E4:37:F0:D7:AC:CF:68:3C:F5:B2:AA:4E Certificate issuer: /CN=7008868799E77C42E437F0D7ACCF683CF5B2AA4E Certificate serial: 3AF4C44788BB331A0F67D2E124EAC85EC1B191CA Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7008868799E77C42E437F0D7ACCF683CF5B2AA4E.cer Subject info access: rsync://repo-rpki.idnic.net/repo/835048c6-8ccd-463d-ad34-ae7428647a9c/0/7008868799E77C42E437F0D7ACCF683CF5B2AA4E.mft Manifest number: 04B3 Signing time: Sun 19 Oct 2025 12:11:19 +0000 Manifest this update: Sun 19 Oct 2025 12:06:19 +0000 Manifest next update: Wed 22 Oct 2025 14:01:19 +0000 Files and hashes: 1: 3130332e3134362e3139362e302f32342d3234203d3e20313339393431.roa (hash: WkFNZS79+nq1P3vYzsoqHasGlqkPwC3TJbG5gTcIHd8=) 2: 3130332e3134362e3139372e302f32342d3234203d3e20313339393431.roa (hash: p7Jtuo2fT9SMHQpNlniVY5E8TDvsdgf0sorpgXPSACM=) 3: 3130332e3134362e3139362e302f32332d3233203d3e20313339393431.roa (hash: KEUVODDrcsujN0g1v6DrUa6Mji4U9jJWIyDXhx1aJNY=) 4: 7008868799E77C42E437F0D7ACCF683CF5B2AA4E.crl (hash: 3WqRaE+AOnGggDVZ1oQwHIn0JqX6QGemDubLQFUwlgI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/835048c6-8ccd-463d-ad34-ae7428647a9c/0/7008868799E77C42E437F0D7ACCF683CF5B2AA4E.crl rsync://repo-rpki.idnic.net/repo/835048c6-8ccd-463d-ad34-ae7428647a9c/0/7008868799E77C42E437F0D7ACCF683CF5B2AA4E.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7008868799E77C42E437F0D7ACCF683CF5B2AA4E.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 14:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:f4:c4:47:88:bb:33:1a:0f:67:d2:e1:24:ea:c8:5e:c1:b1:91:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7008868799E77C42E437F0D7ACCF683CF5B2AA4E Validity Not Before: Oct 19 12:06:19 2025 GMT Not After : Oct 22 14:01:19 2025 GMT Subject: CN=6CF01CD36F6DB312D2369353AE672CD68D720753 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:42:7b:22:a5:92:26:b1:7d:dd:09:da:fa:35: 8c:10:c5:a8:80:78:4e:86:ba:7c:8c:fb:16:20:ca: 58:cd:33:50:dd:cc:40:5e:5f:41:0a:62:28:39:16: cc:e1:f9:f4:36:19:68:d1:04:5d:ca:d8:0c:5f:c2: 93:b3:15:38:09:10:b1:88:dd:06:cc:4b:a8:ae:3a: 9f:77:23:3c:e3:cf:aa:a0:af:11:04:47:fc:68:5a: 16:64:61:b3:45:8a:e3:24:15:8f:3f:1d:68:7f:8e: 46:e0:34:94:b0:6f:ff:b5:3e:5a:56:0c:7d:46:06: 8d:d3:88:1c:62:2a:3f:d7:72:88:ed:de:50:2c:32: 8c:48:af:92:fc:2a:16:ff:87:1e:ec:51:f0:a7:df: 59:dd:50:66:11:80:49:df:ff:cb:ef:67:4d:81:58: f8:d7:aa:90:ee:b9:5a:35:89:1f:62:c6:b7:eb:ff: a0:bd:d3:eb:e2:d4:a7:e6:fb:d7:ab:e6:ae:42:80: a0:f5:f1:f2:e2:36:76:70:0c:a5:7e:c7:f9:84:0c: f8:74:02:9e:f1:73:66:7b:ef:33:21:31:21:3e:64: 3a:7f:b5:37:b0:ec:b2:e7:ab:2a:9c:32:8a:73:b6: 50:8a:8b:2d:42:70:26:3b:e4:fc:05:d5:dc:36:6c: 72:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:F0:1C:D3:6F:6D:B3:12:D2:36:93:53:AE:67:2C:D6:8D:72:07:53 X509v3 Authority Key Identifier: keyid:70:08:86:87:99:E7:7C:42:E4:37:F0:D7:AC:CF:68:3C:F5:B2:AA:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/835048c6-8ccd-463d-ad34-ae7428647a9c/0/7008868799E77C42E437F0D7ACCF683CF5B2AA4E.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7008868799E77C42E437F0D7ACCF683CF5B2AA4E.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/835048c6-8ccd-463d-ad34-ae7428647a9c/0/7008868799E77C42E437F0D7ACCF683CF5B2AA4E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:5d:a1:7a:78:5d:4f:90:c6:ab:4a:d1:a4:94:53:7c:3c:05: ec:a0:d1:55:49:8a:45:7f:21:d2:12:34:9e:a7:1c:0c:55:90: 50:00:34:e2:bd:2b:f6:09:9d:a2:4e:d5:b3:54:9c:53:72:a9: 74:81:7b:9d:04:d6:64:74:5f:20:29:29:7f:35:78:78:c6:88: 26:eb:04:85:a8:64:56:f7:2e:51:90:6c:ec:d5:7e:d0:85:cf: 04:82:3f:a5:b3:b3:c5:0e:6f:4e:f0:79:99:1e:5f:53:61:5b: de:ad:07:8c:dd:61:0a:ce:3d:4b:70:af:ec:ae:88:f5:85:7f: b9:52:3e:2f:19:fd:65:da:46:6f:b0:00:8f:c3:c3:bb:70:6a: 6e:1a:a3:ed:ef:c7:46:0a:05:a7:e9:ec:82:e7:ce:4f:9b:6a: 90:c3:63:48:24:bf:a1:be:cf:23:b2:60:8a:c2:1f:07:8c:ab: 2f:dd:50:98:43:47:d0:f2:a5:b1:48:3e:6d:d3:7b:e8:88:22: f9:2e:d6:1a:44:c1:cd:83:56:2f:84:1f:f6:6b:bd:da:76:74: 9d:86:88:3e:b1:1c:e1:e7:65:27:0e:18:97:3b:6f:63:84:7d: 88:c0:42:5e:5b:c9:40:13:b2:f8:44:c6:68:00:8f:e4:06:93: 5b:32:42:f4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOvTER4i7MxoPZ9LhJOrIXsGxkcowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzAwODg2ODc5OUU3N0M0MkU0MzdGMEQ3QUNDRjY4M0NG NUIyQUE0RTAeFw0yNTEwMTkxMjA2MTlaFw0yNTEwMjIxNDAxMTlaMDMxMTAvBgNV BAMTKDZDRjAxQ0QzNkY2REIzMTJEMjM2OTM1M0FFNjcyQ0Q2OEQ3MjA3NTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9QnsipZImsX3dCdr6NYwQxaiA eE6GunyM+xYgyljNM1DdzEBeX0EKYig5Fszh+fQ2GWjRBF3K2AxfwpOzFTgJELGI 3QbMS6iuOp93Izzjz6qgrxEER/xoWhZkYbNFiuMkFY8/HWh/jkbgNJSwb/+1PlpW DH1GBo3TiBxiKj/Xcojt3lAsMoxIr5L8Khb/hx7sUfCn31ndUGYRgEnf/8vvZ02B WPjXqpDuuVo1iR9ixrfr/6C90+vi1Kfm+9er5q5CgKD18fLiNnZwDKV+x/mEDPh0 Ap7xc2Z77zMhMSE+ZDp/tTew7LLnqyqcMopztlCKiy1CcCY75PwF1dw2bHKnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUbPAc029tsxLSNpNTrmcs1o1yB1MwHwYDVR0j BBgwFoAUcAiGh5nnfELkN/DXrM9oPPWyqk4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 MzUwNDhjNi04Y2NkLTQ2M2QtYWQzNC1hZTc0Mjg2NDdhOWMvMC83MDA4ODY4Nzk5 RTc3QzQyRTQzN0YwRDdBQ0NGNjgzQ0Y1QjJBQTRFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNzAwODg2ODc5OUU3N0M0MkU0MzdGMEQ3QUNDRjY4M0NGNUIy QUE0RS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODM1MDQ4YzYtOGNjZC00NjNkLWFk MzQtYWU3NDI4NjQ3YTljLzAvNzAwODg2ODc5OUU3N0M0MkU0MzdGMEQ3QUNDRjY4 M0NGNUIyQUE0RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAExdoXp4XU+QxqtK0aSUU3w8Beyg0VVJikV/ IdISNJ6nHAxVkFAANOK9K/YJnaJO1bNUnFNyqXSBe50E1mR0XyApKX81eHjGiCbr BIWoZFb3LlGQbOzVftCFzwSCP6Wzs8UOb07weZkeX1NhW96tB4zdYQrOPUtwr+yu iPWFf7lSPi8Z/WXaRm+wAI/Dw7twam4ao+3vx0YKBafp7ILnzk+bapDDY0gkv6G+ zyOyYIrCHweMqy/dUJhDR9DypbFIPm3Te+iIIvku1hpEwc2DVi+EH/Zrvdp2dJ2G iD6xHOHnZScOGJc7b2OEfYjAQl5byUATsvhExmgAj+QGk1syQvQ= -----END CERTIFICATE-----Generated at Mon Oct 20 13:05:17 2025 by rpki-client