$ rpki-client -vvf repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.mft File: 36E68E2A264E18BFD9F49E472D0D267EE49E8A17.mft (raw, json) Hash identifier: u/CuQWAnVKtgLzsVm8rv9LESs7TQfY3FI3wxd5VGLhI= Subject key identifier: 87:F9:10:FD:CE:5D:8E:99:5C:2B:69:80:02:27:82:62:BD:1E:17:DB Authority key identifier: 36:E6:8E:2A:26:4E:18:BF:D9:F4:9E:47:2D:0D:26:7E:E4:9E:8A:17 Certificate issuer: /CN=36E68E2A264E18BFD9F49E472D0D267EE49E8A17 Certificate serial: 09A7B85D2646F07B324784BB95880E63A38D4DD6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.cer Subject info access: rsync://repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.mft Manifest number: 036F Signing time: Mon 20 Oct 2025 20:41:33 +0000 Manifest this update: Mon 20 Oct 2025 20:36:33 +0000 Manifest next update: Thu 23 Oct 2025 21:07:33 +0000 Files and hashes: 1: 36E68E2A264E18BFD9F49E472D0D267EE49E8A17.crl (hash: ZB6i6r/mb27GI1xYJCkGq6P+tmjfkMmQm99DZxMD5cs=) 2: 3130332e3136392e3133332e302f32342d3234203d3e20313432333431.roa (hash: XIli98cQ5DslYaylLZi+5Ts9pki82Z8fAKzqEWLUjbk=) 3: 3130332e3136392e3133322e302f32332d3233203d3e20313432333431.roa (hash: OqgAqdXTkd1D2NhPAZ/UZhCfurgUG69NUxmVZKteHcQ=) 4: 3130332e3136392e3133322e302f32342d3234203d3e20313432333431.roa (hash: mdAnNzPQX1fBQRxqx/liQc+y8HoOIQ1ZRmWeSXm/9lE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.crl rsync://repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 11:48:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:a7:b8:5d:26:46:f0:7b:32:47:84:bb:95:88:0e:63:a3:8d:4d:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36E68E2A264E18BFD9F49E472D0D267EE49E8A17 Validity Not Before: Oct 20 20:36:33 2025 GMT Not After : Oct 23 21:07:33 2025 GMT Subject: CN=87F910FDCE5D8E995C2B698002278262BD1E17DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b7:52:5a:fa:5b:67:fd:91:cc:06:42:ba:2b: 3d:7a:96:b8:56:57:49:98:5e:ea:8c:36:4c:3d:b6: 54:77:e4:b4:89:57:c5:83:a7:28:b5:3b:bd:95:4e: c3:57:c6:36:79:31:a3:53:16:c5:62:54:01:5e:fe: ee:16:92:76:ce:67:81:c9:eb:27:cc:1f:8f:b2:86: 81:fb:5c:47:7a:77:4a:b3:94:3d:d4:52:d5:85:dc: 86:6c:6d:01:9a:02:f2:bd:dd:c9:c7:bb:79:ee:b6: de:7f:a5:05:4e:db:fd:7a:ca:d5:50:92:c6:83:78: bb:01:e2:7b:96:6f:80:be:9c:bf:58:34:72:50:80: 31:82:57:45:95:81:c1:65:3f:34:5d:00:06:0c:eb: ec:45:da:94:70:34:27:70:d2:d9:87:e7:20:b4:62: a1:48:6e:d5:19:6a:80:47:a3:73:70:7b:0c:80:3f: 21:90:bd:b9:c9:e5:74:4a:b9:ff:b9:5c:35:7e:59: ad:7b:a6:9c:a8:c0:db:cc:68:65:f8:58:89:9d:f9: ed:94:ca:65:77:9a:76:88:36:92:71:f9:ab:96:cb: 97:39:13:e2:dd:0d:e5:4d:ae:24:14:47:c0:ea:d6: 74:e5:37:d6:1d:12:45:0c:1d:75:ae:d5:cb:48:9e: 00:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:F9:10:FD:CE:5D:8E:99:5C:2B:69:80:02:27:82:62:BD:1E:17:DB X509v3 Authority Key Identifier: keyid:36:E6:8E:2A:26:4E:18:BF:D9:F4:9E:47:2D:0D:26:7E:E4:9E:8A:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/87d2031b-2761-4c36-b690-5b69d1569bae/0/36E68E2A264E18BFD9F49E472D0D267EE49E8A17.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:80:5b:a4:6b:ef:13:02:23:8f:bd:d6:65:a2:df:13:cf:f4: ae:c7:04:9a:a4:fd:ae:4b:c0:02:ad:9b:c1:48:09:ec:ea:ce: 55:0a:97:3f:d7:b1:e4:dc:80:fa:8e:33:63:7f:56:02:72:fc: 6d:af:3a:21:9b:78:8a:8c:37:f6:9e:f6:98:2c:a6:5a:35:33: 42:b6:62:7d:c3:f8:b8:c5:b0:55:d4:5d:c9:ff:a5:e5:63:ec: f8:55:14:6b:1c:94:70:67:f1:b2:35:12:ea:a3:41:24:08:ef: d5:4b:5e:6b:8e:de:40:01:f0:77:1a:f2:83:dd:96:fc:b3:5c: 16:22:e4:61:c3:12:7b:d4:83:2a:2c:07:cf:f6:87:da:14:3f: 05:85:7e:fa:49:e2:b9:ec:ab:d6:37:ea:3e:89:d3:49:f2:47: 86:31:f9:52:8e:7c:4d:c3:88:b1:4a:b5:82:ca:d4:3a:82:a4: f8:9a:34:b8:98:4f:c7:60:71:23:32:07:f9:b7:d9:5c:6e:8c: 6f:e4:b1:18:b3:97:18:8d:20:80:48:cb:10:8b:02:e4:6b:99: f5:03:23:3d:51:e0:97:07:05:43:cc:3d:66:05:7c:3d:9c:be: f8:48:c2:93:70:39:6b:3c:dc:09:ed:39:90:01:5a:06:0e:74: 07:73:3f:d4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCae4XSZG8HsyR4S7lYgOY6ONTdYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzZFNjhFMkEyNjRFMThCRkQ5RjQ5RTQ3MkQwRDI2N0VF NDlFOEExNzAeFw0yNTEwMjAyMDM2MzNaFw0yNTEwMjMyMTA3MzNaMDMxMTAvBgNV BAMTKDg3RjkxMEZEQ0U1RDhFOTk1QzJCNjk4MDAyMjc4MjYyQkQxRTE3REIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOt1Ja+ltn/ZHMBkK6Kz16lrhW V0mYXuqMNkw9tlR35LSJV8WDpyi1O72VTsNXxjZ5MaNTFsViVAFe/u4WknbOZ4HJ 6yfMH4+yhoH7XEd6d0qzlD3UUtWF3IZsbQGaAvK93cnHu3nutt5/pQVO2/16ytVQ ksaDeLsB4nuWb4C+nL9YNHJQgDGCV0WVgcFlPzRdAAYM6+xF2pRwNCdw0tmH5yC0 YqFIbtUZaoBHo3NwewyAPyGQvbnJ5XRKuf+5XDV+Wa17ppyowNvMaGX4WImd+e2U ymV3mnaINpJx+auWy5c5E+LdDeVNriQUR8Dq1nTlN9YdEkUMHXWu1ctIngAzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUh/kQ/c5djplcK2mAAieCYr0eF9swHwYDVR0j BBgwFoAUNuaOKiZOGL/Z9J5HLQ0mfuSeihcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 N2QyMDMxYi0yNzYxLTRjMzYtYjY5MC01YjY5ZDE1NjliYWUvMC8zNkU2OEUyQTI2 NEUxOEJGRDlGNDlFNDcyRDBEMjY3RUU0OUU4QTE3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzZFNjhFMkEyNjRFMThCRkQ5RjQ5RTQ3MkQwRDI2N0VFNDlF OEExNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODdkMjAzMWItMjc2MS00YzM2LWI2 OTAtNWI2OWQxNTY5YmFlLzAvMzZFNjhFMkEyNjRFMThCRkQ5RjQ5RTQ3MkQwRDI2 N0VFNDlFOEExNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFSAW6Rr7xMCI4+91mWi3xPP9K7HBJqk/a5L wAKtm8FICezqzlUKlz/XseTcgPqOM2N/VgJy/G2vOiGbeIqMN/ae9pgsplo1M0K2 Yn3D+LjFsFXUXcn/peVj7PhVFGsclHBn8bI1EuqjQSQI79VLXmuO3kAB8Hca8oPd lvyzXBYi5GHDEnvUgyosB8/2h9oUPwWFfvpJ4rnsq9Y36j6J00nyR4Yx+VKOfE3D iLFKtYLK1DqCpPiaNLiYT8dgcSMyB/m32VxujG/ksRizlxiNIIBIyxCLAuRrmfUD Iz1R4JcHBUPMPWYFfD2cvvhIwpNwOWs83AntOZABWgYOdAdzP9Q= -----END CERTIFICATE-----Generated at Mon Oct 20 23:31:43 2025 by rpki-client