$ rpki-client -vvf repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft File: 861DE86D91E4C7508D388EDBC70834681B43B5CA.mft (raw, json) Hash identifier: M4eMD/lVaX60p6ekc9zMOBueQV6dfLMXPrUqtxxOpMo= Subject key identifier: 25:33:FC:B2:BE:29:FC:7A:24:F5:99:5A:9C:FE:EE:71:9A:20:36:9F Authority key identifier: 86:1D:E8:6D:91:E4:C7:50:8D:38:8E:DB:C7:08:34:68:1B:43:B5:CA Certificate issuer: /CN=861DE86D91E4C7508D388EDBC70834681B43B5CA Certificate serial: 6BF733A9A33B3C7676444F6732DA8AF9BE524E96 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft Manifest number: 04CF Signing time: Sun 19 Oct 2025 04:01:36 +0000 Manifest this update: Sun 19 Oct 2025 03:56:36 +0000 Manifest next update: Wed 22 Oct 2025 09:35:36 +0000 Files and hashes: 1: 861DE86D91E4C7508D388EDBC70834681B43B5CA.crl (hash: vtTlzQZJhdiDrHjEpP8x93ws3u4pzlQ0IfspvDczB+c=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.crl rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 09:35:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:f7:33:a9:a3:3b:3c:76:76:44:4f:67:32:da:8a:f9:be:52:4e:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=861DE86D91E4C7508D388EDBC70834681B43B5CA Validity Not Before: Oct 19 03:56:36 2025 GMT Not After : Oct 22 09:35:36 2025 GMT Subject: CN=2533FCB2BE29FC7A24F5995A9CFEEE719A20369F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:7f:a9:09:24:90:eb:45:cd:4b:8c:2d:9c:3d: 46:74:df:52:5b:e7:6a:0c:8a:47:84:a3:43:f6:4e: 64:cb:03:39:50:9c:51:bb:a3:12:c4:ff:c4:07:98: bc:6a:ab:a4:c9:b2:9a:d1:88:29:9b:aa:00:d9:0f: e7:15:9c:ed:8c:5d:e8:a2:84:4c:c2:f1:70:9a:77: ce:7c:49:5b:68:b6:c4:33:70:89:6d:bb:48:42:7d: ea:90:b7:12:60:24:1a:e7:ff:db:49:7a:7a:61:2e: 2e:38:de:62:db:e8:29:12:e6:3a:b8:a9:23:79:18: db:9d:7e:d9:4f:64:2a:e4:bf:32:50:28:89:f4:0f: 8d:03:ff:dc:df:9d:89:25:a8:f3:10:3b:27:10:6d: a0:aa:b4:3f:4d:36:47:e5:3f:c2:52:5b:84:d5:a1: 7e:a7:ff:30:22:7f:19:46:29:52:c3:58:19:6d:4d: f4:68:e5:77:62:62:bf:e6:f9:c6:07:b1:91:a7:f4: 99:68:6a:c7:58:95:96:ac:ae:cf:3a:95:1f:42:42: 4c:54:c2:7a:10:87:6e:3f:10:8b:1e:b0:97:bf:db: 1e:cd:f3:6a:c3:9a:15:b8:cf:f9:6a:71:bd:f2:f9: e1:77:61:28:af:e0:ca:b1:1f:83:5c:bd:8d:e4:b4: e5:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:33:FC:B2:BE:29:FC:7A:24:F5:99:5A:9C:FE:EE:71:9A:20:36:9F X509v3 Authority Key Identifier: keyid:86:1D:E8:6D:91:E4:C7:50:8D:38:8E:DB:C7:08:34:68:1B:43:B5:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ec:66:8e:4c:61:ee:74:1a:e7:c1:dd:bf:ad:99:d8:ad:97:9f: f1:c9:d0:a7:c7:f0:65:c6:99:9a:7b:1d:90:18:d7:b0:d1:d2: 18:c8:a5:3b:bd:c2:fc:d3:45:d5:91:5d:ca:c5:9f:dc:69:cf: 54:85:a1:fa:9d:9a:ac:71:51:62:f8:88:55:bd:61:35:dd:07: c4:ed:cc:16:0d:8a:46:32:86:6b:6c:33:57:d0:ab:92:77:61: 09:d0:fa:ce:ed:4f:be:70:77:6c:a4:66:ba:50:f2:3c:08:ff: d4:1d:83:24:6e:cb:ef:c6:3b:4a:0d:17:12:cf:1c:00:c2:e3: 09:a4:3e:48:04:b1:1f:00:04:fb:23:9f:57:77:6c:19:f0:23: 04:9a:ae:15:7b:de:1c:2b:6e:4a:0a:04:bf:02:a0:01:ec:d8: a7:a7:38:e1:ec:b7:39:fc:76:c1:13:f6:7e:97:4f:61:de:dd: c1:1c:f6:c1:13:93:79:1c:92:eb:98:48:55:ae:ce:99:06:37: 11:d0:62:22:1a:8d:6d:6e:e4:0c:b8:3e:4b:24:70:26:55:ee: a7:37:27:29:a4:c7:80:6c:57:9f:0c:9a:5d:9f:71:76:ae:23: f0:83:83:8e:2e:94:ab:38:0c:e1:d4:62:bb:29:6b:92:79:0c: 27:bf:c1:d7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUa/czqaM7PHZ2RE9nMtqK+b5STpYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0Njgx QjQzQjVDQTAeFw0yNTEwMTkwMzU2MzZaFw0yNTEwMjIwOTM1MzZaMDMxMTAvBgNV BAMTKDI1MzNGQ0IyQkUyOUZDN0EyNEY1OTk1QTlDRkVFRTcxOUEyMDM2OUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxf6kJJJDrRc1LjC2cPUZ031Jb 52oMikeEo0P2TmTLAzlQnFG7oxLE/8QHmLxqq6TJsprRiCmbqgDZD+cVnO2MXeii hEzC8XCad858SVtotsQzcIltu0hCfeqQtxJgJBrn/9tJenphLi443mLb6CkS5jq4 qSN5GNudftlPZCrkvzJQKIn0D40D/9zfnYklqPMQOycQbaCqtD9NNkflP8JSW4TV oX6n/zAifxlGKVLDWBltTfRo5XdiYr/m+cYHsZGn9JloasdYlZasrs86lR9CQkxU wnoQh24/EIsesJe/2x7N82rDmhW4z/lqcb3y+eF3YSiv4MqxH4NcvY3ktOW1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUJTP8sr4p/Hok9ZlanP7ucZogNp8wHwYDVR0j BBgwFoAUhh3obZHkx1CNOI7bxwg0aBtDtcowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 NjlmMjk4OC1jYWIzLTQ1YWEtOTdlNS02Mzg1ZjA3ZmYxY2QvMC84NjFERTg2RDkx RTRDNzUwOEQzODhFREJDNzA4MzQ2ODFCNDNCNUNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0NjgxQjQz QjVDQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODY5ZjI5ODgtY2FiMy00NWFhLTk3 ZTUtNjM4NWYwN2ZmMWNkLzAvODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0 NjgxQjQzQjVDQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAOxmjkxh7nQa58Hdv62Z2K2Xn/HJ0KfH8GXG mZp7HZAY17DR0hjIpTu9wvzTRdWRXcrFn9xpz1SFofqdmqxxUWL4iFW9YTXdB8Tt zBYNikYyhmtsM1fQq5J3YQnQ+s7tT75wd2ykZrpQ8jwI/9QdgyRuy+/GO0oNFxLP HADC4wmkPkgEsR8ABPsjn1d3bBnwIwSarhV73hwrbkoKBL8CoAHs2KenOOHstzn8 dsET9n6XT2He3cEc9sETk3kckuuYSFWuzpkGNxHQYiIajW1u5Ay4PkskcCZV7qc3 Jymkx4BsV58Mml2fcXauI/CDg44ulKs4DOHUYrspa5J5DCe/wdc= -----END CERTIFICATE-----Generated at Mon Oct 20 10:18:31 2025 by rpki-client