$ rpki-client -vvf repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft File: 861DE86D91E4C7508D388EDBC70834681B43B5CA.mft (raw, json) Hash identifier: tgUj54YpcvRk1Okw3S0ca0rHHhQCJyNdNSfxOmNdon8= Subject key identifier: D0:76:34:94:26:FF:26:7B:09:9D:74:D8:02:74:1A:66:A3:F0:F2:8D Authority key identifier: 86:1D:E8:6D:91:E4:C7:50:8D:38:8E:DB:C7:08:34:68:1B:43:B5:CA Certificate issuer: /CN=861DE86D91E4C7508D388EDBC70834681B43B5CA Certificate serial: 41D0DA33AF818FFCAE1E1EDC82019DE2891DA78F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft Manifest number: 04B5 Signing time: Thu 21 Aug 2025 13:51:34 +0000 Manifest this update: Thu 21 Aug 2025 13:46:34 +0000 Manifest next update: Sun 24 Aug 2025 23:22:34 +0000 Files and hashes: 1: 861DE86D91E4C7508D388EDBC70834681B43B5CA.crl (hash: cfHrDoYsl3rqXdOsbaE6yjPDiRm80nlOeBwDokhOIB4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.crl rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 23:22:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:d0:da:33:af:81:8f:fc:ae:1e:1e:dc:82:01:9d:e2:89:1d:a7:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=861DE86D91E4C7508D388EDBC70834681B43B5CA Validity Not Before: Aug 21 13:46:34 2025 GMT Not After : Aug 24 23:22:34 2025 GMT Subject: CN=D076349426FF267B099D74D802741A66A3F0F28D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:af:dc:b8:b7:15:6a:ff:f9:e6:1c:df:c1:42: cc:69:5e:4f:2b:c2:43:7b:72:5a:d4:03:b1:b8:c5: bd:2c:b2:a2:9f:7f:48:0d:6b:d5:d0:7c:b0:3f:5c: 77:b2:49:27:ab:d1:4e:7c:4f:d1:d5:df:78:76:ea: 66:b7:53:ed:0b:c2:07:42:1f:a7:97:dd:7b:10:7f: 5f:32:0c:27:82:d9:4d:16:ce:48:46:f3:b3:82:d7: 39:d3:18:71:9b:1d:2e:15:01:7b:ae:f9:ff:b5:f0: 05:16:aa:c5:bc:11:9f:d5:76:03:85:a9:36:82:69: 17:27:4f:e3:2d:88:e7:93:4d:73:c0:df:1e:72:30: b6:7e:fd:4d:e7:be:ff:81:a9:18:60:a6:b1:04:cc: f2:fb:cd:e6:54:f4:ca:53:b0:91:15:04:b1:ad:14: fc:ab:7c:05:1f:00:fe:b7:20:dd:3f:df:c8:76:ec: 6d:bf:ff:c3:be:7f:8a:1f:ea:49:b9:c5:e0:be:5c: a9:42:8d:7f:b2:17:c6:69:6e:d9:b6:65:d5:46:7a: cf:b7:2f:10:c7:da:b6:14:e1:62:b9:6a:af:70:ec: 87:c4:b8:48:b4:5e:0e:b7:4e:0f:58:7e:ba:f9:05: ba:9d:e9:b9:25:d2:14:4b:1f:dd:19:ad:6e:f3:d3: 27:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:76:34:94:26:FF:26:7B:09:9D:74:D8:02:74:1A:66:A3:F0:F2:8D X509v3 Authority Key Identifier: keyid:86:1D:E8:6D:91:E4:C7:50:8D:38:8E:DB:C7:08:34:68:1B:43:B5:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:54:53:c1:cf:06:e9:b7:fd:9c:a4:1a:55:14:7c:e9:69:76: f5:18:24:59:5b:d7:ae:32:7a:ae:cc:78:5d:b3:4e:3c:7b:26: da:09:28:22:c0:23:a5:08:93:b6:c2:b1:c9:e9:b7:45:0c:9f: 82:b7:78:47:92:d3:b5:cb:8a:80:2b:e0:d9:37:ef:7a:1f:60: 32:e3:7d:bc:8d:04:26:b7:bb:df:d9:f1:7a:af:a9:60:cd:1b: 6d:6a:d0:c3:e7:a8:c5:d1:0c:ac:b5:1c:f1:b3:73:77:1c:48: 42:c9:52:d3:98:cf:2a:ad:c4:40:d8:ea:5c:c0:a4:3e:e2:97: 7c:8c:63:75:2c:79:13:6d:53:a6:84:58:78:8c:f2:d7:65:96: 40:7b:01:2d:b6:05:a9:3e:dc:97:04:8a:a1:4f:9f:69:6e:44: 41:74:ba:79:0c:a8:4f:e6:97:59:23:e7:d2:54:34:8f:3b:2a: b4:17:21:74:6c:ca:f8:ef:f0:98:cc:77:08:e7:01:07:27:80: 9c:7d:2b:d6:e1:5a:d7:27:cf:54:6f:47:5a:62:de:65:1a:72: 1f:07:88:56:ad:dc:48:c0:44:82:e2:b7:8b:f4:6d:14:65:bc: 82:00:4a:61:5d:b2:94:ed:a5:f6:55:0b:e7:3f:74:5f:06:80: fb:12:b5:b1 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQdDaM6+Bj/yuHh7cggGd4okdp48wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0Njgx QjQzQjVDQTAeFw0yNTA4MjExMzQ2MzRaFw0yNTA4MjQyMzIyMzRaMDMxMTAvBgNV BAMTKEQwNzYzNDk0MjZGRjI2N0IwOTlENzREODAyNzQxQTY2QTNGMEYyOEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNr9y4txVq//nmHN/BQsxpXk8r wkN7clrUA7G4xb0ssqKff0gNa9XQfLA/XHeySSer0U58T9HV33h26ma3U+0LwgdC H6eX3XsQf18yDCeC2U0WzkhG87OC1znTGHGbHS4VAXuu+f+18AUWqsW8EZ/VdgOF qTaCaRcnT+MtiOeTTXPA3x5yMLZ+/U3nvv+BqRhgprEEzPL7zeZU9MpTsJEVBLGt FPyrfAUfAP63IN0/38h27G2//8O+f4of6km5xeC+XKlCjX+yF8Zpbtm2ZdVGes+3 LxDH2rYU4WK5aq9w7IfEuEi0Xg63Tg9Yfrr5Bbqd6bkl0hRLH90ZrW7z0ydpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU0HY0lCb/JnsJnXTYAnQaZqPw8o0wHwYDVR0j BBgwFoAUhh3obZHkx1CNOI7bxwg0aBtDtcowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 NjlmMjk4OC1jYWIzLTQ1YWEtOTdlNS02Mzg1ZjA3ZmYxY2QvMC84NjFERTg2RDkx RTRDNzUwOEQzODhFREJDNzA4MzQ2ODFCNDNCNUNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0NjgxQjQz QjVDQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODY5ZjI5ODgtY2FiMy00NWFhLTk3 ZTUtNjM4NWYwN2ZmMWNkLzAvODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0 NjgxQjQzQjVDQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJpUU8HPBum3/ZykGlUUfOlpdvUYJFlb164y eq7MeF2zTjx7JtoJKCLAI6UIk7bCscnpt0UMn4K3eEeS07XLioAr4Nk373ofYDLj fbyNBCa3u9/Z8XqvqWDNG21q0MPnqMXRDKy1HPGzc3ccSELJUtOYzyqtxEDY6lzA pD7il3yMY3UseRNtU6aEWHiM8tdllkB7AS22Bak+3JcEiqFPn2luREF0unkMqE/m l1kj59JUNI87KrQXIXRsyvjv8JjMdwjnAQcngJx9K9bhWtcnz1RvR1pi3mUach8H iFat3EjARILit4v0bRRlvIIASmFdspTtpfZVC+c/dF8GgPsStbE= -----END CERTIFICATE-----Generated at Sat Aug 23 14:05:52 2025 by rpki-client