$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: 0ILPAXXv0WXD5Tl/Ag8Vf1jrZO+9GDbzWGw2/dYHvyg= Subject key identifier: B0:AD:F6:FA:10:68:BD:23:BB:23:AB:48:C3:3A:00:4A:3A:DF:81:0B Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 50FEC637AF1491CCE1B3A9580BB52A1577504D83 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 0518 Signing time: Sat 18 Oct 2025 14:22:03 +0000 Manifest this update: Sat 18 Oct 2025 14:17:03 +0000 Manifest next update: Tue 21 Oct 2025 16:38:03 +0000 Files and hashes: 1: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) 2: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: JY5X7Ni0FqjOLHL/IBAcPoDotTFSEzReZjChPfIbLws=) 3: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) 4: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 5: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) 6: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) 7: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: FI+zm57oE8uEVXISyYSU9jgg+h8NDxRScPodztxIYhA=) 8: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 16:38:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:fe:c6:37:af:14:91:cc:e1:b3:a9:58:0b:b5:2a:15:77:50:4d:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Oct 18 14:17:03 2025 GMT Not After : Oct 21 16:38:03 2025 GMT Subject: CN=B0ADF6FA1068BD23BB23AB48C33A004A3ADF810B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a7:21:77:cd:21:98:3e:d6:e1:b6:09:1d:63: 19:c2:0a:7f:9f:14:1e:41:0d:9c:a4:75:0a:7d:e2: 23:5e:aa:8d:dc:32:c7:65:7b:67:0a:3d:49:97:7d: 5d:86:15:b6:cd:e1:3b:4a:91:0e:f6:c6:6c:1d:e5: 9c:b4:cf:23:81:36:05:70:57:37:7c:43:10:68:49: 84:fd:24:68:ca:71:50:9e:f3:b6:23:fb:08:96:7f: 2b:cd:0c:13:51:ec:76:fc:db:c2:aa:aa:7b:7e:2e: 3c:94:aa:09:11:e4:25:35:da:3c:f4:3b:a2:81:0f: d2:b0:53:44:6e:81:c2:79:a8:d6:3b:83:77:b6:7e: b7:15:71:d5:32:3c:20:93:cf:bc:be:97:da:5f:ad: 79:85:32:09:d2:63:e6:5c:a2:db:25:79:8c:db:f9: 46:1e:12:26:17:e8:b1:e1:4d:02:41:1b:b8:95:5a: 08:d2:5d:dc:00:d4:9f:f7:fe:f9:91:30:3c:53:b2: 6b:ff:aa:e6:43:c4:30:2f:ff:9d:d2:05:e7:c5:e6: 53:71:cc:02:15:1c:60:5a:a2:3c:81:a7:c9:76:3a: c8:9f:c7:e3:f2:e0:96:91:31:eb:49:13:d4:f8:af: 1e:3c:2b:83:21:2c:3f:ec:3c:1a:52:3f:d3:f2:31: 5a:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:AD:F6:FA:10:68:BD:23:BB:23:AB:48:C3:3A:00:4A:3A:DF:81:0B X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c3:7f:b7:36:9c:10:94:3a:71:70:e3:42:04:9d:81:1c:b9:ef: 19:40:74:46:a8:90:a9:2e:93:41:bb:2d:9b:48:f4:64:ca:f1: da:ff:c0:ac:f5:86:13:51:d3:6f:e8:30:27:18:06:88:13:bc: 3e:84:0f:26:1d:9e:b9:3d:96:1f:91:a9:85:f1:43:b1:41:5a: 28:5f:74:18:ff:2d:e1:34:3b:85:c4:ef:50:8c:53:9a:be:88: 82:6b:c3:06:0f:7e:ad:cd:f7:4f:93:fe:30:1a:6d:8c:69:2e: 78:e0:38:c7:82:12:16:95:5f:47:06:7f:2a:1a:89:dd:ac:eb: 28:a7:83:ad:a8:8a:ca:bb:45:5f:83:04:56:bb:15:1d:49:56: 8a:01:38:4c:85:eb:03:bc:ac:cb:98:b9:ac:54:0f:f8:ad:85: 09:78:cb:4c:6f:1b:7a:8f:8e:ec:07:4d:f2:c7:71:2d:b0:19: 92:e5:f0:f1:60:6f:ae:b2:a9:bd:12:6a:00:da:2d:b6:ff:64: 98:1f:a8:cf:17:12:0c:84:f3:01:e6:3a:d2:e6:45:0a:2f:c1: dc:d8:39:3c:e1:f9:35:fb:dd:96:1c:ef:72:ad:4c:76:0b:3d: 31:02:95:20:a5:88:c1:c7:16:02:d8:9f:a6:1c:a7:70:f4:91: 09:c8:e6:dc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUUP7GN68Ukczhs6lYC7UqFXdQTYMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTEwMTgxNDE3MDNaFw0yNTEwMjExNjM4MDNaMDMxMTAvBgNV BAMTKEIwQURGNkZBMTA2OEJEMjNCQjIzQUI0OEMzM0EwMDRBM0FERjgxMEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqpyF3zSGYPtbhtgkdYxnCCn+f FB5BDZykdQp94iNeqo3cMsdle2cKPUmXfV2GFbbN4TtKkQ72xmwd5Zy0zyOBNgVw Vzd8QxBoSYT9JGjKcVCe87Yj+wiWfyvNDBNR7Hb828Kqqnt+LjyUqgkR5CU12jz0 O6KBD9KwU0RugcJ5qNY7g3e2frcVcdUyPCCTz7y+l9pfrXmFMgnSY+ZcotsleYzb +UYeEiYX6LHhTQJBG7iVWgjSXdwA1J/3/vmRMDxTsmv/quZDxDAv/53SBefF5lNx zAIVHGBaojyBp8l2Osifx+Py4JaRMetJE9T4rx48K4MhLD/sPBpSP9PyMVrNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUsK32+hBovSO7I6tIwzoASjrfgQswHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMN/tzacEJQ6cXDjQgSdgRy57xlAdEaokKku k0G7LZtI9GTK8dr/wKz1hhNR02/oMCcYBogTvD6EDyYdnrk9lh+RqYXxQ7FBWihf dBj/LeE0O4XE71CMU5q+iIJrwwYPfq3N90+T/jAabYxpLnjgOMeCEhaVX0cGfyoa id2s6ying62oisq7RV+DBFa7FR1JVooBOEyF6wO8rMuYuaxUD/ithQl4y0xvG3qP juwHTfLHcS2wGZLl8PFgb66yqb0SagDaLbb/ZJgfqM8XEgyE8wHmOtLmRQovwdzY OTzh+TX73ZYc73KtTHYLPTEClSCliMHHFgLYn6Ycp3D0kQnI5tw= -----END CERTIFICATE-----Generated at Mon Oct 20 18:06:44 2025 by rpki-client