$ rpki-client -vvf repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft File: 0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft (raw, json) Hash identifier: y9pvPNzNqfoiKy52W+iyX36ME78mHfvSYkpRTu0MbOc= Subject key identifier: 71:11:F6:90:A4:36:1C:E2:CD:EF:5B:9D:40:72:94:DF:44:7C:AA:AC Authority key identifier: 0A:FD:8F:6B:02:40:5F:4D:E9:A9:46:84:0C:C5:AE:2E:6A:C8:E4:0C Certificate issuer: /CN=0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C Certificate serial: 77205AA69131C66763555C95CF28D4FB16648CEC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft Manifest number: 0473 Signing time: Sat 18 Oct 2025 17:20:03 +0000 Manifest this update: Sat 18 Oct 2025 17:15:03 +0000 Manifest next update: Tue 21 Oct 2025 23:11:03 +0000 Files and hashes: 1: 0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl (hash: 3HU+SnS6GjmoKCUdgvItpnxh3OO9AHnFz8Z5uc4AhVg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 23:11:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:20:5a:a6:91:31:c6:67:63:55:5c:95:cf:28:d4:fb:16:64:8c:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C Validity Not Before: Oct 18 17:15:03 2025 GMT Not After : Oct 21 23:11:03 2025 GMT Subject: CN=7111F690A4361CE2CDEF5B9D407294DF447CAAAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:68:af:e2:d1:e1:bc:56:7d:a0:16:44:de:6f: 88:3c:a6:33:75:09:4f:da:d6:01:35:0f:3c:c3:b6: 8b:65:75:5b:4a:62:e0:b0:3b:ef:10:3f:c1:de:d9: 35:4a:3f:fc:6e:d9:ff:12:76:01:39:3e:da:0f:67: 44:c8:83:05:03:08:06:45:aa:f9:a2:71:e1:79:e0: 37:cc:bb:a1:ee:6f:3e:6e:e7:6a:a3:ea:21:4c:fb: 7f:83:b7:f4:bc:7f:e0:86:21:09:2a:1f:cc:21:ab: 52:77:dc:17:23:95:94:b8:1b:af:6a:48:f8:63:8c: a4:2b:b5:24:46:c5:71:4a:e3:cc:01:5c:6c:62:88: 07:07:0f:18:05:de:20:b0:1c:63:6a:af:49:5c:cb: 40:a4:e6:a5:d8:7b:f9:bb:cb:3a:d4:05:aa:ad:8d: 82:42:d6:5a:42:53:2a:ba:40:74:6c:84:67:a0:f1: 4b:bc:53:22:07:67:6e:15:a5:ff:52:e2:7e:b9:2f: 1b:be:8c:a7:f9:5e:32:00:04:b7:c3:7d:89:59:fe: 8b:b8:1f:d2:49:22:6e:73:8b:1a:86:54:98:c6:ad: cd:d1:f9:49:65:82:6b:8f:9b:0f:16:94:3d:a9:d2: b7:46:c7:ae:7c:49:ee:27:ba:d5:aa:c5:86:75:d6: 5a:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:11:F6:90:A4:36:1C:E2:CD:EF:5B:9D:40:72:94:DF:44:7C:AA:AC X509v3 Authority Key Identifier: keyid:0A:FD:8F:6B:02:40:5F:4D:E9:A9:46:84:0C:C5:AE:2E:6A:C8:E4:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c2:a9:c1:3b:c5:68:f6:a1:b7:1f:70:d5:9b:e0:5f:01:02:de: dc:e8:26:d3:48:89:a1:03:ca:0e:43:5e:c8:be:ca:89:23:29: 3f:e0:97:c3:d8:a1:e1:95:87:8c:92:b2:3d:33:f6:d7:a2:8c: 19:b5:19:ad:a2:15:d0:20:d5:cb:6d:35:9a:3c:34:9a:aa:66: 8f:94:07:3a:ee:69:cb:9e:4b:86:b8:4c:3d:cd:0c:e2:d1:8e: 0a:4d:15:26:9f:d6:0c:58:2f:58:23:51:9c:b2:06:4c:39:40: 7f:85:c4:59:b1:99:da:0f:83:3a:39:27:ff:4d:ae:ca:87:83: 57:96:49:92:57:6c:b1:e9:df:ad:bf:6b:8a:de:3d:24:fa:2f: ef:cf:d4:6b:3e:e5:0b:69:c0:a5:45:07:8c:d6:9d:bb:fd:de: 74:20:0f:8f:3d:a2:3e:9d:57:f8:67:2e:76:e7:a8:16:d3:fe: 56:bc:1a:21:12:79:ce:12:64:e8:fb:1f:ac:c3:4e:52:8c:f1: 08:60:eb:3a:52:4f:e5:33:d6:35:0a:73:28:f5:85:88:8e:ca: 1b:45:ef:08:31:75:37:39:2f:08:e7:f1:c4:28:83:41:69:75: 7c:f3:c5:80:93:53:aa:e4:50:65:f0:b0:f9:e2:f9:5c:be:61: 48:df:9e:e2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdyBappExxmdjVVyVzyjU+xZkjOwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFFMkU2 QUM4RTQwQzAeFw0yNTEwMTgxNzE1MDNaFw0yNTEwMjEyMzExMDNaMDMxMTAvBgNV BAMTKDcxMTFGNjkwQTQzNjFDRTJDREVGNUI5RDQwNzI5NERGNDQ3Q0FBQUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgaK/i0eG8Vn2gFkTeb4g8pjN1 CU/a1gE1DzzDtotldVtKYuCwO+8QP8He2TVKP/xu2f8SdgE5PtoPZ0TIgwUDCAZF qvmiceF54DfMu6Hubz5u52qj6iFM+3+Dt/S8f+CGIQkqH8whq1J33BcjlZS4G69q SPhjjKQrtSRGxXFK48wBXGxiiAcHDxgF3iCwHGNqr0lcy0Ck5qXYe/m7yzrUBaqt jYJC1lpCUyq6QHRshGeg8Uu8UyIHZ24Vpf9S4n65Lxu+jKf5XjIABLfDfYlZ/ou4 H9JJIm5zixqGVJjGrc3R+UllgmuPmw8WlD2p0rdGx658Se4nutWqxYZ11lrdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUcRH2kKQ2HOLN71udQHKU30R8qqwwHwYDVR0j BBgwFoAUCv2PawJAX03pqUaEDMWuLmrI5AwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDdjNmVjYi0wYmFlLTQ1YzMtYWFkYS00M2E2YTE3MWMwNDYvMC8wQUZEOEY2QjAy NDA1RjRERTlBOTQ2ODQwQ0M1QUUyRTZBQzhFNDBDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFFMkU2QUM4 RTQwQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQ3YzZlY2ItMGJhZS00NWMzLWFh ZGEtNDNhNmExNzFjMDQ2LzAvMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFF MkU2QUM4RTQwQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMKpwTvFaPahtx9w1ZvgXwEC3tzoJtNIiaED yg5DXsi+yokjKT/gl8PYoeGVh4ySsj0z9teijBm1Ga2iFdAg1cttNZo8NJqqZo+U BzruacueS4a4TD3NDOLRjgpNFSaf1gxYL1gjUZyyBkw5QH+FxFmxmdoPgzo5J/9N rsqHg1eWSZJXbLHp362/a4rePST6L+/P1Gs+5QtpwKVFB4zWnbv93nQgD489oj6d V/hnLnbnqBbT/la8GiESec4SZOj7H6zDTlKM8Qhg6zpST+Uz1jUKcyj1hYiOyhtF 7wgxdTc5Lwjn8cQog0FpdXzzxYCTU6rkUGXwsPni+Vy+YUjfnuI= -----END CERTIFICATE-----Generated at Tue Oct 21 00:39:15 2025 by rpki-client