$ rpki-client -vvf repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft File: 8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft (raw, json) Hash identifier: +4DTdJGwy3RjkFc9rlOB1TkjSdQGdq+dmN2TE0yd0JQ= Subject key identifier: 03:E1:99:F2:78:5D:B6:BB:16:58:AD:78:B0:35:A0:F1:39:D8:03:65 Authority key identifier: 8B:A2:B5:E0:7F:AD:57:28:C7:DE:FB:F4:FC:10:BD:04:43:53:F6:FF Certificate issuer: /CN=8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF Certificate serial: 5F216282DD81FD344B232A6862E77B1F145CD46C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft Manifest number: DD Signing time: Mon 20 Oct 2025 07:21:09 +0000 Manifest this update: Mon 20 Oct 2025 07:16:09 +0000 Manifest next update: Thu 23 Oct 2025 15:56:09 +0000 Files and hashes: 1: 3130332e3133332e3134372e302f32342d3234203d3e20313338313339.roa (hash: aR62APrh1DccZKre5l7C6SLFps3TBPFdm3R3znGJ1fA=) 2: 323430343a346563303a3a2f33322d3438203d3e20313338313339.roa (hash: A2G6b+fxTo20QvHK7lUw9boisWwmFFcOlzGIN95UCMI=) 3: 323430343a346563303a313a3a2f34382d3438203d3e20313338313339.roa (hash: X/C9vXKY/TY9dLHbewA4tddP0TItlp1o/B62rHS1ZLs=) 4: 3130332e3133332e3134342e302f32342d3234203d3e20313338313339.roa (hash: 4N3xCB2x4rBoMiXQaq1TIxjQcspdHHBn4voGBhoXwMQ=) 5: 3130332e3133332e3134362e302f32342d3234203d3e20313338313339.roa (hash: nNqPduu/JjsIMhgAQMQxpm1Co5pg16TuoWu2Q/HzWgA=) 6: 8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl (hash: DpNG09AR5VtKpR3i5IGbHIdE13z1/QAvslbi3GywBNA=) 7: 3130332e3133332e3134352e302f32342d3234203d3e20313338313339.roa (hash: AZoy99OzaaD9x6sZSBHTE/6tOjO7s0t/ExrzVTGMWVY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 11:48:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:21:62:82:dd:81:fd:34:4b:23:2a:68:62:e7:7b:1f:14:5c:d4:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF Validity Not Before: Oct 20 07:16:09 2025 GMT Not After : Oct 23 15:56:09 2025 GMT Subject: CN=03E199F2785DB6BB1658AD78B035A0F139D80365 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:3e:36:87:65:0c:58:00:7a:2e:94:da:ad:70: 69:38:33:22:24:d5:6f:fa:b4:db:58:6f:3e:59:22: 5b:9c:35:d7:51:c5:50:bf:a4:55:18:fe:00:2e:3b: f0:59:fb:9c:56:2a:b2:c1:41:88:29:cb:58:06:2d: 47:1c:01:7d:56:c9:72:7c:09:81:3f:69:b1:3b:9d: 94:51:b3:ce:0c:f4:05:b4:56:dd:b1:80:14:41:f2: 26:51:17:39:ea:2a:07:8d:c9:23:9f:07:7b:a8:fc: c0:8f:d3:d4:48:7f:5f:27:2f:18:ae:7b:70:79:e9: b1:72:c2:1b:64:b2:3c:75:c1:00:54:ff:77:c6:56: 4b:ec:8e:48:aa:10:02:5a:dc:17:f3:ea:4b:61:a0: 7a:8f:4e:ff:64:04:9c:1d:e8:76:c3:7d:c7:03:c8: 23:5a:64:a7:a2:b5:d8:8a:9e:ac:9d:14:2c:59:bb: a9:16:5f:32:50:4d:4e:f0:16:8f:1c:f0:7f:03:4b: eb:ae:62:65:f0:58:f5:ce:69:bc:89:9f:f8:78:34: a4:35:b0:4f:89:d1:86:64:1b:23:c4:03:a5:36:14: 88:49:2a:7e:72:ee:9f:e8:55:0f:33:ea:b9:f8:71: eb:3f:ad:00:ab:89:90:5d:0e:ce:1b:c8:54:af:b8: 23:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:E1:99:F2:78:5D:B6:BB:16:58:AD:78:B0:35:A0:F1:39:D8:03:65 X509v3 Authority Key Identifier: keyid:8B:A2:B5:E0:7F:AD:57:28:C7:DE:FB:F4:FC:10:BD:04:43:53:F6:FF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:b7:01:12:2d:2d:97:27:6b:3a:68:7a:1b:0a:31:74:cd:09: 13:06:2d:89:f4:30:4c:a3:41:c1:56:1a:86:4d:cc:e2:50:89: 90:3b:9d:8f:e0:39:b3:5b:ff:35:39:eb:a7:f2:c0:62:4c:1d: 1a:ce:06:44:e1:9b:d6:1c:82:61:57:40:11:7e:d4:43:79:31: b2:01:01:c0:01:b0:e8:ee:9c:26:32:8a:ba:4e:39:3a:6c:6c: 4c:36:5e:3a:92:90:b1:74:e9:b8:b0:80:8f:00:4a:1c:a8:65: 67:78:ec:c3:fe:c3:9b:c8:b5:a2:ae:ab:97:30:b2:d8:c3:8d: b0:75:2d:a2:a0:7a:10:bb:d4:61:cf:91:3d:b9:fc:4c:32:de: 0d:59:be:34:81:33:14:47:ad:50:a9:40:e7:9d:f5:3b:ac:e7: 23:bd:64:ae:3c:a2:63:f0:39:8c:c3:31:75:7e:da:10:fe:93: b0:6d:23:9c:68:6c:c9:71:39:ec:bc:65:ab:1b:11:79:0c:4d: c3:86:9a:45:e7:09:e9:f2:a7:5f:df:88:20:af:75:2c:59:56: f0:67:c3:a2:63:ec:f8:c9:5f:89:38:5d:64:c1:b2:bc:b5:24: 6b:a9:c6:a9:5e:da:59:2c:f8:74:69:eb:19:e9:0c:5a:77:ae: 72:7f:0d:b5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXyFigt2B/TRLIypoYud7HxRc1GwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJEMDQ0 MzUzRjZGRjAeFw0yNTEwMjAwNzE2MDlaFw0yNTEwMjMxNTU2MDlaMDMxMTAvBgNV BAMTKDAzRTE5OUYyNzg1REI2QkIxNjU4QUQ3OEIwMzVBMEYxMzlEODAzNjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlPjaHZQxYAHoulNqtcGk4MyIk 1W/6tNtYbz5ZIlucNddRxVC/pFUY/gAuO/BZ+5xWKrLBQYgpy1gGLUccAX1WyXJ8 CYE/abE7nZRRs84M9AW0Vt2xgBRB8iZRFznqKgeNySOfB3uo/MCP09RIf18nLxiu e3B56bFywhtksjx1wQBU/3fGVkvsjkiqEAJa3Bfz6kthoHqPTv9kBJwd6HbDfccD yCNaZKeitdiKnqydFCxZu6kWXzJQTU7wFo8c8H8DS+uuYmXwWPXOabyJn/h4NKQ1 sE+J0YZkGyPEA6U2FIhJKn5y7p/oVQ8z6rn4ces/rQCriZBdDs4byFSvuCPdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUA+GZ8nhdtrsWWK14sDWg8TnYA2UwHwYDVR0j BBgwFoAUi6K14H+tVyjH3vv0/BC9BENT9v8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 Yzc2Yzg1Zi05YTRmLTRhZmMtOTY5Yi04ZGEyNTM2YzVjMjQvMC84QkEyQjVFMDdG QUQ1NzI4QzdERUZCRjRGQzEwQkQwNDQzNTNGNkZGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJEMDQ0MzUz RjZGRi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGM3NmM4NWYtOWE0Zi00YWZjLTk2 OWItOGRhMjUzNmM1YzI0LzAvOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJE MDQ0MzUzRjZGRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIm3ARItLZcnazpoehsKMXTNCRMGLYn0MEyj QcFWGoZNzOJQiZA7nY/gObNb/zU566fywGJMHRrOBkThm9YcgmFXQBF+1EN5MbIB AcABsOjunCYyirpOOTpsbEw2XjqSkLF06biwgI8AShyoZWd47MP+w5vItaKuq5cw stjDjbB1LaKgehC71GHPkT25/Ewy3g1ZvjSBMxRHrVCpQOed9Tus5yO9ZK48omPw OYzDMXV+2hD+k7BtI5xobMlxOey8ZasbEXkMTcOGmkXnCenyp1/fiCCvdSxZVvBn w6Jj7PjJX4k4XWTBsry1JGupxqle2lks+HRp6xnpDFp3rnJ/DbU= -----END CERTIFICATE-----Generated at Mon Oct 20 19:42:25 2025 by rpki-client