$ rpki-client -vvf repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft File: B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft (raw, json) Hash identifier: 72mCXpRZYS2yTBMTqWOl0LCHRDajwuyDTp8TJBIILZs= Subject key identifier: 05:E4:B1:81:4C:B8:38:A8:CD:22:C9:3E:F0:A0:D3:A8:9B:7A:1D:79 Authority key identifier: B5:E9:7B:71:FA:FA:24:FF:8F:A2:B1:A3:35:58:D8:0A:98:25:4D:B2 Certificate issuer: /CN=B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2 Certificate serial: 05D705FD86D5A2D72BF65CD26A121D828698A15A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft Manifest number: 020C Signing time: Sun 19 Oct 2025 10:22:04 +0000 Manifest this update: Sun 19 Oct 2025 10:17:04 +0000 Manifest next update: Wed 22 Oct 2025 12:01:04 +0000 Files and hashes: 1: 3130332e3138382e3235332e302f32342d3234203d3e20313439373337.roa (hash: fMitGvSIMZKR/xojJDzG2iWApTg4bDt/1kqJnOfFiTo=) 2: B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl (hash: /Q6mqmTk5vEnQvT0qZokX7mbtwBw/DMVU57KTfdV1Do=) 3: 3130332e3138382e3235322e302f32332d3233203d3e20313439373337.roa (hash: SLcrpmMGhS+iLPHlXSc6GQF6hzriCb0znzXu+cnHQhI=) 4: 3130332e3138382e3235322e302f32342d3234203d3e20313439373337.roa (hash: kjCPg8CNqMlAMRebUqHb4gpHFMec5lXxDxlOd53bN+M=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 12:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:d7:05:fd:86:d5:a2:d7:2b:f6:5c:d2:6a:12:1d:82:86:98:a1:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2 Validity Not Before: Oct 19 10:17:04 2025 GMT Not After : Oct 22 12:01:04 2025 GMT Subject: CN=05E4B1814CB838A8CD22C93EF0A0D3A89B7A1D79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:ef:47:b9:e4:df:43:87:89:9d:4f:dd:10:f1: 72:6b:b1:a9:e4:72:b2:dc:1c:b3:99:48:89:f0:d7: 98:90:dc:28:f1:ad:2c:1d:bb:1f:20:d8:b7:5d:a9: 43:f0:f5:89:43:35:81:72:61:88:84:96:ad:08:7b: fa:29:fe:5e:bd:53:9e:f6:92:ad:46:ea:7e:6e:09: f8:23:09:7b:f8:dd:56:d5:b6:cf:75:6a:9b:71:b1: 60:84:a7:5a:3e:e7:a1:80:58:4f:9a:e4:46:f9:53: 0e:44:7e:0f:17:a2:b9:aa:0c:1f:92:9b:9f:96:02: 63:b1:3e:e3:21:17:8e:97:a8:44:90:63:74:7a:2a: a9:65:0e:d2:ac:67:a7:ae:33:cf:40:c2:31:b7:c7: b2:fa:87:38:2e:f2:15:ea:19:cc:f3:8b:69:c7:4f: 03:6d:1c:a3:4b:ae:70:2a:a5:3f:13:8b:d3:63:8d: f0:9b:3c:65:b8:32:0b:a2:d1:24:e1:e7:ae:c1:6e: 4b:6d:42:78:a0:dd:0e:5b:07:39:f1:b1:b7:1d:bc: 68:34:6e:e1:db:b9:3d:d0:b5:5c:3a:bd:33:2b:4f: cf:8e:20:19:32:c3:d8:e4:2b:52:7e:0a:0e:20:33: 57:f4:f9:8e:4c:ea:1c:ae:9b:0d:e6:3f:ef:da:d0: e6:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:E4:B1:81:4C:B8:38:A8:CD:22:C9:3E:F0:A0:D3:A8:9B:7A:1D:79 X509v3 Authority Key Identifier: keyid:B5:E9:7B:71:FA:FA:24:FF:8F:A2:B1:A3:35:58:D8:0A:98:25:4D:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:29:fa:73:81:bf:05:9b:89:ac:e7:b7:36:ae:4b:6a:a1:a6: 4d:e5:0a:c6:de:ca:8e:4b:1e:1d:cc:00:c9:e8:e9:f4:7e:54: 46:8b:b8:75:8b:29:05:03:9e:3b:2b:c0:6e:7c:32:56:6d:38: 33:04:36:72:96:9c:1c:bf:b7:4b:64:fa:bc:6d:6e:92:94:06: b8:3c:3e:b0:f9:f0:7e:75:db:8d:27:6a:1f:e3:9e:af:7e:0a: da:6e:db:92:ff:ce:18:3b:59:1a:bc:15:9d:75:70:89:05:37: 67:5a:88:f9:71:31:f0:5b:88:99:ec:97:dd:ea:7b:61:a7:85: 01:c2:43:80:b9:6c:08:f8:8f:bb:36:49:e5:ae:94:5b:30:62: 97:b4:86:15:31:49:d6:b2:db:e3:65:33:8b:4f:0a:03:a4:f4: a2:38:3c:71:4d:15:cb:d2:53:35:23:e5:22:87:87:ab:ec:82: 7a:c8:cb:91:83:b4:58:39:a2:a0:de:b8:15:4a:3d:f4:a4:1f: bc:6e:db:8e:11:b8:6a:25:5e:7d:fd:4e:da:02:b5:23:64:88: 7c:61:f5:a6:f8:78:f1:ca:c8:86:07:72:82:d5:34:fa:81:29: 28:f6:2a:c9:cf:b3:d1:2a:df:f0:39:59:a5:22:d3:30:37:bd: 23:cb:c4:43 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBdcF/YbVotcr9lzSahIdgoaYoVowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4MEE5 ODI1NERCMjAeFw0yNTEwMTkxMDE3MDRaFw0yNTEwMjIxMjAxMDRaMDMxMTAvBgNV BAMTKDA1RTRCMTgxNENCODM4QThDRDIyQzkzRUYwQTBEM0E4OUI3QTFENzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc70e55N9Dh4mdT90Q8XJrsank crLcHLOZSInw15iQ3CjxrSwdux8g2LddqUPw9YlDNYFyYYiElq0Ie/op/l69U572 kq1G6n5uCfgjCXv43VbVts91aptxsWCEp1o+56GAWE+a5Eb5Uw5Efg8XormqDB+S m5+WAmOxPuMhF46XqESQY3R6KqllDtKsZ6euM89AwjG3x7L6hzgu8hXqGczzi2nH TwNtHKNLrnAqpT8Ti9NjjfCbPGW4Mgui0STh567BbkttQnig3Q5bBznxsbcdvGg0 buHbuT3QtVw6vTMrT8+OIBkyw9jkK1J+Cg4gM1f0+Y5M6hyumw3mP+/a0OZ1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUBeSxgUy4OKjNIsk+8KDTqJt6HXkwHwYDVR0j BBgwFoAUtel7cfr6JP+PorGjNVjYCpglTbIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 YWVkMDk4Yi00OWIxLTRmNTMtYjc1YS0yNzNlMTFjMjUxNDkvMC9CNUU5N0I3MUZB RkEyNEZGOEZBMkIxQTMzNTU4RDgwQTk4MjU0REIyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4MEE5ODI1 NERCMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOWFlZDA5OGItNDliMS00ZjUzLWI3 NWEtMjczZTExYzI1MTQ5LzAvQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4 MEE5ODI1NERCMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAH4p+nOBvwWbiazntzauS2qhpk3lCsbeyo5L Hh3MAMno6fR+VEaLuHWLKQUDnjsrwG58MlZtODMENnKWnBy/t0tk+rxtbpKUBrg8 PrD58H51240nah/jnq9+Ctpu25L/zhg7WRq8FZ11cIkFN2daiPlxMfBbiJnsl93q e2GnhQHCQ4C5bAj4j7s2SeWulFswYpe0hhUxSday2+NlM4tPCgOk9KI4PHFNFcvS UzUj5SKHh6vsgnrIy5GDtFg5oqDeuBVKPfSkH7xu244RuGolXn39TtoCtSNkiHxh 9ab4ePHKyIYHcoLVNPqBKSj2KsnPs9Eq3/A5WaUi0zA3vSPLxEM= -----END CERTIFICATE-----Generated at Mon Oct 20 12:08:22 2025 by rpki-client