$ rpki-client -vvf repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft File: 95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft (raw, json) Hash identifier: SGTJm0r8Zj+MrJlbPOUkLSC14VobTghPGCvR1z03vYU= Subject key identifier: F5:1A:F6:60:4B:3F:19:CA:3E:5A:5C:45:68:94:77:47:49:F7:3F:1D Authority key identifier: 95:FA:C3:8A:5C:B2:CE:A3:E5:FF:E2:49:56:26:A7:BE:A3:28:D6:89 Certificate issuer: /CN=95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689 Certificate serial: 2BA6447BA56D4FD7F9E60E81B438288103BB3B04 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer Subject info access: rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft Manifest number: E0 Signing time: Mon 20 Oct 2025 04:11:24 +0000 Manifest this update: Mon 20 Oct 2025 04:06:24 +0000 Manifest next update: Thu 23 Oct 2025 07:00:24 +0000 Files and hashes: 1: 3136302e31392e38382e302f32342d3234203d3e20313437303838.roa (hash: +Xk0mxGkc/lCxZDeUptrpwZhCqCSnBV/uCVgeNZ+WpY=) 2: 95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.crl (hash: tdn8fV6O2E61xTtnxFT7Ic50ek654AtNC7BFlUzn35g=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.crl rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:a6:44:7b:a5:6d:4f:d7:f9:e6:0e:81:b4:38:28:81:03:bb:3b:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689 Validity Not Before: Oct 20 04:06:24 2025 GMT Not After : Oct 23 07:00:24 2025 GMT Subject: CN=F51AF6604B3F19CA3E5A5C456894774749F73F1D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c9:4c:9d:21:ab:a8:9c:e4:e7:bb:6f:9a:a9: bb:f3:0b:a4:4d:d6:6d:30:57:b9:14:64:2b:84:9a: 08:1a:69:da:34:80:d2:a0:66:ea:2a:ed:18:cd:a1: 53:90:0a:4d:c7:99:b8:af:70:44:cb:60:d6:bb:56: 2d:a2:d0:a3:5d:26:44:08:db:41:0f:28:a3:e2:39: 5f:9f:5c:30:d5:c8:32:eb:6c:84:58:21:0b:ed:ec: e0:d8:eb:6f:15:f9:c0:1e:51:20:1b:93:fc:a7:24: 08:10:a7:f6:bb:d0:b2:4c:c1:90:15:ec:cd:f8:b3: 1e:5e:b4:7a:1e:9a:10:73:ab:3d:7a:f9:a3:52:01: 67:9c:77:57:d6:ff:ff:7b:c5:7d:6d:a5:37:1c:f7: 83:86:b6:ce:e6:40:b7:6b:71:fb:a5:87:bb:e5:78: cc:b6:4d:b2:78:d7:da:fd:e9:5f:87:de:fc:a2:bd: 3f:78:7e:09:50:1d:50:c5:15:ed:da:7f:79:6f:da: bf:a7:a4:f8:dd:c6:83:f7:a6:8b:ef:f4:23:8d:2b: 69:a7:48:a9:76:07:2f:d8:8d:43:7c:d9:fb:49:d3: 06:31:5d:e8:8b:ce:a5:65:0e:8f:98:af:c7:e9:e3: 9f:ee:68:65:e4:c2:6a:58:9f:34:16:9d:c5:3f:61: 6a:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:1A:F6:60:4B:3F:19:CA:3E:5A:5C:45:68:94:77:47:49:F7:3F:1D X509v3 Authority Key Identifier: keyid:95:FA:C3:8A:5C:B2:CE:A3:E5:FF:E2:49:56:26:A7:BE:A3:28:D6:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:42:87:8f:ea:a3:23:6a:81:fa:cb:86:a5:41:ea:d2:75:5d: 1c:5d:45:6f:65:0f:de:77:5b:ad:cb:12:9f:cd:8f:01:07:fd: bf:d2:84:1d:e0:2f:d6:9e:08:db:ce:ca:ce:38:17:44:89:eb: 55:41:65:50:8b:cf:58:13:3e:9b:3b:e0:ab:f9:25:78:d3:b7: af:ea:b4:09:b9:e5:cb:5f:1b:82:2f:ab:9b:7a:33:36:83:de: db:8b:53:4a:8b:e4:68:7a:b7:be:04:4c:d1:af:ac:af:86:ac: 09:c3:13:6d:4f:c0:ad:0d:93:52:fc:f7:29:c8:ff:4e:8f:f3: ca:42:bc:81:15:e4:ea:bf:cb:f5:b0:d6:6b:67:51:e0:d9:e2: 75:1e:29:56:cb:d5:2f:1f:b9:9e:9d:20:47:4a:1e:df:bd:1c: 90:b8:c7:fb:2f:99:dc:b3:98:49:6a:fe:0a:31:9d:b8:a0:8e: 83:61:98:23:c6:67:c9:28:5c:d7:69:2b:8a:9f:82:07:f8:62: da:b0:c8:c9:9d:42:92:19:1b:33:dd:49:c2:1c:fc:1d:cd:2b: 96:73:bf:25:a4:94:e6:cb:f4:42:30:4c:d5:b3:4a:c9:a0:9d: 5d:f5:08:de:b8:64:a3:2b:3e:69:4f:fe:ea:c8:f7:44:2f:4b: ac:90:45:26 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUK6ZEe6VtT9f55g6BtDgogQO7OwQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTVGQUMzOEE1Q0IyQ0VBM0U1RkZFMjQ5NTYyNkE3QkVB MzI4RDY4OTAeFw0yNTEwMjAwNDA2MjRaFw0yNTEwMjMwNzAwMjRaMDMxMTAvBgNV BAMTKEY1MUFGNjYwNEIzRjE5Q0EzRTVBNUM0NTY4OTQ3NzQ3NDlGNzNGMUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4yUydIauonOTnu2+aqbvzC6RN 1m0wV7kUZCuEmggaado0gNKgZuoq7RjNoVOQCk3HmbivcETLYNa7Vi2i0KNdJkQI 20EPKKPiOV+fXDDVyDLrbIRYIQvt7ODY628V+cAeUSAbk/ynJAgQp/a70LJMwZAV 7M34sx5etHoemhBzqz16+aNSAWecd1fW//97xX1tpTcc94OGts7mQLdrcfulh7vl eMy2TbJ419r96V+H3vyivT94fglQHVDFFe3af3lv2r+npPjdxoP3povv9CONK2mn SKl2By/YjUN82ftJ0wYxXeiLzqVlDo+Yr8fp45/uaGXkwmpYnzQWncU/YWohAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU9Rr2YEs/Gco+WlxFaJR3R0n3Px0wHwYDVR0j BBgwFoAUlfrDilyyzqPl/+JJVianvqMo1okwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 NGRhNDE1Yi01ZjE3LTQ2MDItOWJkOS1mZDg0YWMyY2FlODYvMC85NUZBQzM4QTVD QjJDRUEzRTVGRkUyNDk1NjI2QTdCRUEzMjhENjg5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvOTVGQUMzOEE1Q0IyQ0VBM0U1RkZFMjQ5NTYyNkE3QkVBMzI4 RDY4OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODRkYTQxNWItNWYxNy00NjAyLTli ZDktZmQ4NGFjMmNhZTg2LzAvOTVGQUMzOEE1Q0IyQ0VBM0U1RkZFMjQ5NTYyNkE3 QkVBMzI4RDY4OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADZCh4/qoyNqgfrLhqVB6tJ1XRxdRW9lD953 W63LEp/NjwEH/b/ShB3gL9aeCNvOys44F0SJ61VBZVCLz1gTPps74Kv5JXjTt6/q tAm55ctfG4Ivq5t6MzaD3tuLU0qL5Gh6t74ETNGvrK+GrAnDE21PwK0Nk1L89ynI /06P88pCvIEV5Oq/y/Ww1mtnUeDZ4nUeKVbL1S8fuZ6dIEdKHt+9HJC4x/svmdyz mElq/goxnbigjoNhmCPGZ8koXNdpK4qfggf4YtqwyMmdQpIZGzPdScIc/B3NK5Zz vyWklObL9EIwTNWzSsmgnV31CN64ZKMrPmlP/urI90QvS6yQRSY= -----END CERTIFICATE-----Generated at Tue Oct 21 07:21:01 2025 by rpki-client