$ rpki-client -vvf repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft File: 2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft (raw, json) Hash identifier: BEYokrmmrhMgwIowP5HeSJPEbbOc5zxwFTs67pTiQzg= Subject key identifier: 35:D1:44:5A:77:30:51:F4:2A:22:EA:BF:8F:4F:93:7F:00:30:76:56 Authority key identifier: 26:64:CB:E1:0F:2B:9F:F1:BE:C5:0A:6A:85:DC:7A:A5:2B:9F:17:FA Certificate issuer: /CN=2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA Certificate serial: 0A40FFC72EC015C2727673E3BF71C87A1C0EDC6D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft Manifest number: 03C8 Signing time: Sat 18 Oct 2025 08:52:11 +0000 Manifest this update: Sat 18 Oct 2025 08:47:11 +0000 Manifest next update: Tue 21 Oct 2025 13:55:11 +0000 Files and hashes: 1: 2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl (hash: cmgc6JyYkgIAEkmZModKRsfYe75S3erd+cNwt/vajc8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 13:55:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:40:ff:c7:2e:c0:15:c2:72:76:73:e3:bf:71:c8:7a:1c:0e:dc:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA Validity Not Before: Oct 18 08:47:11 2025 GMT Not After : Oct 21 13:55:11 2025 GMT Subject: CN=35D1445A773051F42A22EABF8F4F937F00307656 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:ca:26:4a:11:43:d8:05:93:ab:e5:0f:2b:b9: c4:d2:f9:0f:bd:ad:03:ec:35:d7:a3:08:a8:4d:cd: 8f:1b:5c:3e:d2:49:45:db:49:39:20:d0:68:35:ae: 5f:c6:51:f3:ff:91:3f:c1:3d:53:bb:ae:fb:a4:c3: 2b:45:a8:ae:d0:c6:32:af:7c:f9:ae:ed:5c:03:a7: 5c:1c:7e:ea:9a:f8:fb:9b:0f:97:66:a9:60:48:06: 31:1f:b2:99:91:7d:f6:94:3e:df:0e:cb:d0:2a:a7: 74:48:ad:ab:e5:b3:6c:00:fa:03:8e:32:9e:e5:36: d2:10:5d:3d:86:a7:55:33:ea:f5:c4:be:65:b9:9c: e9:fb:fa:1d:f5:f4:8a:e3:ec:1e:90:ba:e3:29:0a: c8:40:56:06:52:20:5e:ce:4c:1a:33:0a:d5:81:71: 41:c4:ff:1d:9a:77:1f:39:9c:6b:46:ac:11:bb:5b: 49:62:d8:8f:ee:53:65:1c:e2:92:22:7a:b7:d0:f4: ba:3f:66:df:2b:30:0e:92:7f:2c:e0:97:7f:a6:e6: d0:17:da:c4:d9:25:40:57:10:88:c3:2d:3a:14:19: 28:a4:5d:d1:f1:e9:6a:72:8b:a7:cc:85:4f:06:e1: 1b:91:f1:09:c6:61:2f:40:cc:f6:bc:90:8f:48:1c: 96:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:D1:44:5A:77:30:51:F4:2A:22:EA:BF:8F:4F:93:7F:00:30:76:56 X509v3 Authority Key Identifier: keyid:26:64:CB:E1:0F:2B:9F:F1:BE:C5:0A:6A:85:DC:7A:A5:2B:9F:17:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:9e:37:01:3a:50:c5:02:f6:21:6a:04:7e:a5:86:8c:09:8f: af:e7:b9:70:8c:ad:e2:49:56:9c:8d:39:bb:f1:fc:69:c1:2d: 2f:c0:51:36:c2:fe:19:48:ec:35:38:1c:86:c0:9e:d0:61:95: cb:b6:db:08:3a:87:85:41:f7:27:39:ce:d1:21:69:26:34:48: 95:ae:e2:b5:50:cc:f5:ef:ff:3b:21:36:07:6f:b5:95:3d:68: aa:16:66:e1:60:5f:4f:fb:94:ab:de:44:3c:3e:0b:33:30:25: 91:10:8e:f6:e2:5a:da:31:5e:94:6c:f7:34:58:4d:55:3a:01: 0c:3a:7f:6d:da:f4:b0:71:5a:d3:14:6f:f6:d8:96:6e:e2:b5: 28:dd:b6:38:3a:d3:fb:c1:c1:52:60:b0:29:d1:d4:6f:42:96: f2:af:a4:3a:4b:da:60:16:50:9c:05:3d:71:14:8c:9d:35:86: 2e:b1:db:b6:25:e3:bc:68:bf:64:07:cc:d8:1f:97:51:73:65: f1:51:e5:08:2f:1b:08:95:dc:c5:17:48:b2:02:88:07:e6:bf: 0d:e4:61:91:9f:02:4c:20:0a:b2:1e:67:66:cb:86:ad:da:6d: 68:47:90:92:4f:5d:8d:50:18:4a:e9:0b:76:7d:a6:32:60:37: 83:95:b6:7b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCkD/xy7AFcJydnPjv3HIehwO3G0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdBQTUy QjlGMTdGQTAeFw0yNTEwMTgwODQ3MTFaFw0yNTEwMjExMzU1MTFaMDMxMTAvBgNV BAMTKDM1RDE0NDVBNzczMDUxRjQyQTIyRUFCRjhGNEY5MzdGMDAzMDc2NTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsyiZKEUPYBZOr5Q8rucTS+Q+9 rQPsNdejCKhNzY8bXD7SSUXbSTkg0Gg1rl/GUfP/kT/BPVO7rvukwytFqK7QxjKv fPmu7VwDp1wcfuqa+PubD5dmqWBIBjEfspmRffaUPt8Oy9Aqp3RIravls2wA+gOO Mp7lNtIQXT2Gp1Uz6vXEvmW5nOn7+h319Irj7B6QuuMpCshAVgZSIF7OTBozCtWB cUHE/x2adx85nGtGrBG7W0li2I/uU2Uc4pIierfQ9Lo/Zt8rMA6Sfyzgl3+m5tAX 2sTZJUBXEIjDLToUGSikXdHx6Wpyi6fMhU8G4RuR8QnGYS9AzPa8kI9IHJY7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUNdFEWncwUfQqIuq/j0+TfwAwdlYwHwYDVR0j BBgwFoAUJmTL4Q8rn/G+xQpqhdx6pSufF/owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 Y2YzYzIxMS0wNjQ1LTQ4ODItYTRmMS00NmJlODY3Yjc5ODMvMC8yNjY0Q0JFMTBG MkI5RkYxQkVDNTBBNkE4NURDN0FBNTJCOUYxN0ZBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdBQTUyQjlG MTdGQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGNmM2MyMTEtMDY0NS00ODgyLWE0 ZjEtNDZiZTg2N2I3OTgzLzAvMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdB QTUyQjlGMTdGQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHSeNwE6UMUC9iFqBH6lhowJj6/nuXCMreJJ VpyNObvx/GnBLS/AUTbC/hlI7DU4HIbAntBhlcu22wg6h4VB9yc5ztEhaSY0SJWu 4rVQzPXv/zshNgdvtZU9aKoWZuFgX0/7lKveRDw+CzMwJZEQjvbiWtoxXpRs9zRY TVU6AQw6f23a9LBxWtMUb/bYlm7itSjdtjg60/vBwVJgsCnR1G9ClvKvpDpL2mAW UJwFPXEUjJ01hi6x27Yl47xov2QHzNgfl1FzZfFR5QgvGwiV3MUXSLICiAfmvw3k YZGfAkwgCrIeZ2bLhq3abWhHkJJPXY1QGErpC3Z9pjJgN4OVtns= -----END CERTIFICATE-----Generated at Mon Oct 20 14:38:28 2025 by rpki-client