$ rpki-client -vvf repo-rpki.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/27B773A173E0400FBC0D7FEDFCFF7809B53695FC.mft File: 27B773A173E0400FBC0D7FEDFCFF7809B53695FC.mft (raw, json) Hash identifier: DrsdmGZaijS3tDK85NiAvIeEMJLVtCQLnMrEry8zYzI= Subject key identifier: 29:85:BA:BD:56:A7:F7:07:F2:3B:DB:AA:44:EB:7A:EF:08:F9:9E:94 Authority key identifier: 27:B7:73:A1:73:E0:40:0F:BC:0D:7F:ED:FC:FF:78:09:B5:36:95:FC Certificate issuer: /CN=27B773A173E0400FBC0D7FEDFCFF7809B53695FC Certificate serial: 1EB59838DCE9B9CF6E11B17DC875CF4489C03D79 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/27B773A173E0400FBC0D7FEDFCFF7809B53695FC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/27B773A173E0400FBC0D7FEDFCFF7809B53695FC.mft Manifest number: 01A2 Signing time: Sat 18 Oct 2025 10:51:15 +0000 Manifest this update: Sat 18 Oct 2025 10:46:15 +0000 Manifest next update: Tue 21 Oct 2025 19:43:15 +0000 Files and hashes: 1: 3130332e37302e31372e302f32342d3234203d3e20313335343632.roa (hash: 6gVzJ3lnoTzbRecAFAnRC8x24kDXXXW3lAWqPBdz2dw=) 2: 3130332e37302e31362e302f32342d3234203d3e20313335343632.roa (hash: JiNsqLJvEYFIyhrR6R0JR1hrj3KWiaaB75HG9L5QPcg=) 3: 3130332e37302e31382e302f32342d3234203d3e20313335343632.roa (hash: Q3xxSdQXC23vXFGFdHyLQV020HZB9BgH6IL3S5vtQAA=) 4: 27B773A173E0400FBC0D7FEDFCFF7809B53695FC.crl (hash: VQ8dbsjWypmGSunQV55VnwJxlPZMwbl1OvL/w2LuH9w=) 5: 3130332e37302e31392e302f32342d3234203d3e20313335343632.roa (hash: 6N2J2kg+Zlk+0sQHWC1BIhfECV5xjbZiRhQRFmUUNag=) 6: 3130332e37302e31362e302f32322d3232203d3e20313335343632.roa (hash: 1f4e1XEuXG9su40zHvwmNI+q39l2fKb22IFThBoIE0Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/27B773A173E0400FBC0D7FEDFCFF7809B53695FC.crl rsync://repo-rpki.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/27B773A173E0400FBC0D7FEDFCFF7809B53695FC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/27B773A173E0400FBC0D7FEDFCFF7809B53695FC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 19:43:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:b5:98:38:dc:e9:b9:cf:6e:11:b1:7d:c8:75:cf:44:89:c0:3d:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=27B773A173E0400FBC0D7FEDFCFF7809B53695FC Validity Not Before: Oct 18 10:46:15 2025 GMT Not After : Oct 21 19:43:15 2025 GMT Subject: CN=2985BABD56A7F707F23BDBAA44EB7AEF08F99E94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:2f:f0:80:ee:6d:f1:19:12:02:70:73:71:fc: 53:90:5b:11:cf:73:43:1f:89:61:fd:3b:ed:ce:d8: 29:d4:dc:75:de:9e:3f:68:36:59:52:f3:00:2a:e1: 5f:c8:ab:18:c6:2b:d1:8b:50:d1:f6:cf:54:b9:0b: 9d:af:ae:49:02:3b:24:30:a0:ac:8f:9e:6b:d5:82: dd:b4:3a:70:98:27:a0:f1:3a:34:be:f2:5a:e0:18: 16:2a:d1:d2:7e:cd:94:1e:0b:57:43:f1:05:fa:38: 39:37:38:00:61:9e:3f:c2:da:7c:31:f7:da:7b:6e: 11:4e:2f:3b:2c:50:e2:cc:9e:66:ed:ba:a0:26:85: 35:30:d3:c3:b8:db:4b:cb:f9:82:5e:dc:47:19:22: 7d:b6:ad:44:32:a7:97:c9:11:7f:76:2e:09:db:94: bd:47:49:2c:88:64:36:aa:b7:0e:ff:bd:b2:95:52: 9a:5b:8d:e4:10:8f:44:60:8d:6b:6a:80:c7:21:37: ae:d8:6a:bd:b3:4e:25:f0:01:36:23:e3:bd:3d:d8: 25:a2:14:b4:f7:50:99:be:66:21:97:b7:4f:1d:99: 95:d9:a0:9e:6e:8c:34:3a:8c:9f:4c:97:a9:5b:61: 23:b1:c0:3b:f2:e3:1f:a8:d3:15:3c:4e:ce:ea:17: 85:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:85:BA:BD:56:A7:F7:07:F2:3B:DB:AA:44:EB:7A:EF:08:F9:9E:94 X509v3 Authority Key Identifier: keyid:27:B7:73:A1:73:E0:40:0F:BC:0D:7F:ED:FC:FF:78:09:B5:36:95:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/27B773A173E0400FBC0D7FEDFCFF7809B53695FC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/27B773A173E0400FBC0D7FEDFCFF7809B53695FC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/27B773A173E0400FBC0D7FEDFCFF7809B53695FC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:a8:3c:92:be:72:e7:8f:e4:b2:cc:15:67:35:91:e0:44:7a: 34:65:a0:1b:bc:49:2f:6c:1d:e4:fe:63:e6:b8:55:4d:bf:fe: c8:2b:f8:1b:08:95:54:b9:84:d3:93:71:08:f5:c7:15:90:f2: ee:a9:fd:d5:13:45:d3:cf:1f:73:b2:cc:9a:32:fa:fe:fa:aa: 6a:d9:22:39:bc:ee:fe:60:82:53:a4:a0:34:3e:79:79:ba:3a: c2:86:55:e7:3c:8c:83:c0:57:b8:f8:82:96:c7:a6:9d:19:80: 19:ee:dd:bb:49:4b:b8:b6:15:57:ca:3b:b4:54:d5:1a:bd:c5: 35:17:a1:00:01:14:b9:b1:8c:42:a7:0a:1e:92:bf:01:ab:b1: fe:8e:87:dd:63:fb:4b:5f:3b:b6:cc:3c:64:6a:9e:e5:a6:d1: ef:ca:a9:98:04:f5:01:b9:91:e4:88:17:a0:5b:ee:97:60:78: a2:42:1e:c6:e9:06:32:0c:06:bd:8a:b6:a5:9f:ec:42:74:d1: 9d:48:26:2a:cf:87:e1:6e:fd:01:d1:09:eb:1e:70:31:e8:b3: 45:bb:2a:13:ae:36:3c:0e:cb:94:76:93:1b:8c:39:55:0f:e8: ac:78:49:4c:a5:e5:c2:fb:24:f5:61:91:f7:51:24:52:fe:7d: ee:2a:a4:45 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUHrWYONzpuc9uEbF9yHXPRInAPXkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjdCNzczQTE3M0UwNDAwRkJDMEQ3RkVERkNGRjc4MDlC NTM2OTVGQzAeFw0yNTEwMTgxMDQ2MTVaFw0yNTEwMjExOTQzMTVaMDMxMTAvBgNV BAMTKDI5ODVCQUJENTZBN0Y3MDdGMjNCREJBQTQ0RUI3QUVGMDhGOTlFOTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuL/CA7m3xGRICcHNx/FOQWxHP c0MfiWH9O+3O2CnU3HXenj9oNllS8wAq4V/IqxjGK9GLUNH2z1S5C52vrkkCOyQw oKyPnmvVgt20OnCYJ6DxOjS+8lrgGBYq0dJ+zZQeC1dD8QX6ODk3OABhnj/C2nwx 99p7bhFOLzssUOLMnmbtuqAmhTUw08O420vL+YJe3EcZIn22rUQyp5fJEX92Lgnb lL1HSSyIZDaqtw7/vbKVUppbjeQQj0RgjWtqgMchN67Yar2zTiXwATYj47092CWi FLT3UJm+ZiGXt08dmZXZoJ5ujDQ6jJ9Ml6lbYSOxwDvy4x+o0xU8Ts7qF4V1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUKYW6vVan9wfyO9uqROt67wj5npQwHwYDVR0j BBgwFoAUJ7dzoXPgQA+8DX/t/P94CbU2lfwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 NmY0ZDRmMS1iMzZjLTRhNDYtODg0NC00ZTZjN2EzYzk3ZDkvMC8yN0I3NzNBMTcz RTA0MDBGQkMwRDdGRURGQ0ZGNzgwOUI1MzY5NUZDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjdCNzczQTE3M0UwNDAwRkJDMEQ3RkVERkNGRjc4MDlCNTM2 OTVGQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODZmNGQ0ZjEtYjM2Yy00YTQ2LTg4 NDQtNGU2YzdhM2M5N2Q5LzAvMjdCNzczQTE3M0UwNDAwRkJDMEQ3RkVERkNGRjc4 MDlCNTM2OTVGQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEKoPJK+cueP5LLMFWc1keBEejRloBu8SS9s HeT+Y+a4VU2//sgr+BsIlVS5hNOTcQj1xxWQ8u6p/dUTRdPPH3OyzJoy+v76qmrZ Ijm87v5gglOkoDQ+eXm6OsKGVec8jIPAV7j4gpbHpp0ZgBnu3btJS7i2FVfKO7RU 1Rq9xTUXoQABFLmxjEKnCh6SvwGrsf6Oh91j+0tfO7bMPGRqnuWm0e/KqZgE9QG5 keSIF6Bb7pdgeKJCHsbpBjIMBr2KtqWf7EJ00Z1IJirPh+Fu/QHRCesecDHos0W7 KhOuNjwOy5R2kxuMOVUP6Kx4SUyl5cL7JPVhkfdRJFL+fe4qpEU= -----END CERTIFICATE-----Generated at Mon Oct 20 15:40:05 2025 by rpki-client