$ rpki-client -vvf repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft File: 2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft (raw, json) Hash identifier: 1ykN8VAeH7OobCRP+D0tZ/BowQWjce9MFJWXr0VzSaM= Subject key identifier: BE:F7:2D:4A:79:EE:7F:E2:67:67:47:9A:6C:F5:99:8D:B0:E1:A7:6E Authority key identifier: 26:64:CB:E1:0F:2B:9F:F1:BE:C5:0A:6A:85:DC:7A:A5:2B:9F:17:FA Certificate issuer: /CN=2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA Certificate serial: 376557050E2494DC60F1299FBF20D24DBC4B3746 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft Manifest number: 03AE Signing time: Fri 22 Aug 2025 04:32:09 +0000 Manifest this update: Fri 22 Aug 2025 04:27:08 +0000 Manifest next update: Mon 25 Aug 2025 04:46:08 +0000 Files and hashes: 1: 2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl (hash: f3P3RBapnHPXfinR8DqABUmJnPtW/QCSvq4KtXBrMh4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 04:46:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:65:57:05:0e:24:94:dc:60:f1:29:9f:bf:20:d2:4d:bc:4b:37:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA Validity Not Before: Aug 22 04:27:08 2025 GMT Not After : Aug 25 04:46:08 2025 GMT Subject: CN=BEF72D4A79EE7FE26767479A6CF5998DB0E1A76E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:4d:5a:82:9d:8e:43:2b:0c:bd:6c:74:b6:79: 43:7e:98:f7:26:6f:4d:ca:c9:65:ba:c4:45:0e:6e: 4e:6e:4b:db:e8:fb:51:c3:0a:92:85:a3:b3:a5:ab: ad:c7:9c:0c:88:e7:c3:51:04:cf:5f:15:0e:a2:83: 54:58:99:92:65:11:b5:1e:ff:f2:1b:57:ba:e3:40: cb:b8:94:be:92:7a:e8:a1:b0:b1:c8:fb:12:23:99: c1:9d:2a:98:a2:ca:2a:8a:fa:2a:99:4b:9d:dc:3d: ed:be:23:0e:31:89:53:eb:5f:14:c7:98:8d:2f:de: 13:6d:69:d7:ab:3c:41:67:1a:84:72:f3:12:36:39: 36:13:54:71:09:13:bd:e9:c3:9f:ef:a5:a0:84:bd: d0:44:c1:42:27:b4:e3:a4:d1:10:31:70:c8:dd:6a: 0d:5b:10:11:21:9e:3c:d6:94:1b:4a:56:77:9c:79: 11:dd:28:ab:6f:f0:88:bf:b0:14:de:a7:a3:3b:97: 48:1e:4d:f0:d2:0d:48:fc:af:46:54:da:00:62:2e: 3b:29:ac:36:55:04:bd:3b:3b:dd:f9:91:ba:27:9a: 50:61:9e:b1:4c:8b:7e:8b:f7:0f:5e:d4:7b:e9:1d: b8:ec:2f:df:5f:6e:0a:a4:b3:13:ba:b6:46:73:c9: 73:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:F7:2D:4A:79:EE:7F:E2:67:67:47:9A:6C:F5:99:8D:B0:E1:A7:6E X509v3 Authority Key Identifier: keyid:26:64:CB:E1:0F:2B:9F:F1:BE:C5:0A:6A:85:DC:7A:A5:2B:9F:17:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:46:e9:21:4c:85:30:3f:80:ab:41:85:19:ca:58:df:ae:44: 82:6b:1c:ac:68:a9:91:2c:15:13:18:0e:97:b4:25:28:43:64: 89:14:e1:c9:b8:b3:25:07:e5:cd:1d:d3:07:31:07:3f:97:94: ef:f9:2f:e1:a9:03:22:a0:62:ab:95:01:87:d2:2c:91:2b:0c: 14:fc:45:c1:73:c1:27:87:cb:ce:b1:2e:eb:97:d1:f7:e3:f6: 3c:40:9c:67:d3:fc:16:11:fa:2a:38:53:99:60:ba:c3:59:34: 1b:8d:c1:05:1f:d5:73:25:5f:c4:69:0b:46:74:a1:55:aa:cb: c5:e0:d7:04:9b:d5:74:36:5e:a1:03:89:ce:e5:6b:f5:f0:2c: b7:14:ee:56:c9:5a:a7:26:04:0c:58:00:40:9b:2a:88:b8:2e: 28:9b:0e:25:2f:16:99:7a:e2:de:71:59:d8:84:90:4b:06:88: a1:d6:0c:f6:5b:40:c7:f3:c6:ee:91:12:da:20:5a:7e:01:4e: 4a:b6:8f:77:a8:b2:e5:81:cf:cb:ed:5f:ed:fe:c9:09:9f:88: a4:94:a8:8e:af:0a:66:cb:57:9f:71:6c:b9:d1:99:0c:93:b6: 88:43:84:3e:3f:77:e6:44:53:f1:53:04:4e:84:bd:f2:8b:20: a7:31:f1:bc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUN2VXBQ4klNxg8SmfvyDSTbxLN0YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdBQTUy QjlGMTdGQTAeFw0yNTA4MjIwNDI3MDhaFw0yNTA4MjUwNDQ2MDhaMDMxMTAvBgNV BAMTKEJFRjcyRDRBNzlFRTdGRTI2NzY3NDc5QTZDRjU5OThEQjBFMUE3NkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFTVqCnY5DKwy9bHS2eUN+mPcm b03KyWW6xEUObk5uS9vo+1HDCpKFo7Olq63HnAyI58NRBM9fFQ6ig1RYmZJlEbUe //IbV7rjQMu4lL6SeuihsLHI+xIjmcGdKpiiyiqK+iqZS53cPe2+Iw4xiVPrXxTH mI0v3hNtaderPEFnGoRy8xI2OTYTVHEJE73pw5/vpaCEvdBEwUIntOOk0RAxcMjd ag1bEBEhnjzWlBtKVneceRHdKKtv8Ii/sBTep6M7l0geTfDSDUj8r0ZU2gBiLjsp rDZVBL07O935kbonmlBhnrFMi36L9w9e1HvpHbjsL99fbgqksxO6tkZzyXNpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUvvctSnnuf+JnZ0eabPWZjbDhp24wHwYDVR0j BBgwFoAUJmTL4Q8rn/G+xQpqhdx6pSufF/owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 Y2YzYzIxMS0wNjQ1LTQ4ODItYTRmMS00NmJlODY3Yjc5ODMvMC8yNjY0Q0JFMTBG MkI5RkYxQkVDNTBBNkE4NURDN0FBNTJCOUYxN0ZBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdBQTUyQjlG MTdGQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGNmM2MyMTEtMDY0NS00ODgyLWE0 ZjEtNDZiZTg2N2I3OTgzLzAvMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdB QTUyQjlGMTdGQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABBG6SFMhTA/gKtBhRnKWN+uRIJrHKxoqZEs FRMYDpe0JShDZIkU4cm4syUH5c0d0wcxBz+XlO/5L+GpAyKgYquVAYfSLJErDBT8 RcFzwSeHy86xLuuX0ffj9jxAnGfT/BYR+io4U5lgusNZNBuNwQUf1XMlX8RpC0Z0 oVWqy8Xg1wSb1XQ2XqEDic7la/XwLLcU7lbJWqcmBAxYAECbKoi4LiibDiUvFpl6 4t5xWdiEkEsGiKHWDPZbQMfzxu6REtogWn4BTkq2j3eosuWBz8vtX+3+yQmfiKSU qI6vCmbLV59xbLnRmQyTtohDhD4/d+ZEU/FTBE6EvfKLIKcx8bw= -----END CERTIFICATE-----Generated at Sat Aug 23 12:12:39 2025 by rpki-client