$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: VC36kIJHdox2UXj7MCaZ84Q91Wlk2YPK02KE3sIJwd0= Subject key identifier: 45:8C:3E:1A:BB:3B:18:79:53:F6:1A:56:8C:30:D9:F5:D4:FB:AE:B0 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 1F13C8A378270BB346E38C451724D802C9A7926F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 01FD Signing time: Sun 19 Oct 2025 06:51:52 +0000 Manifest this update: Sun 19 Oct 2025 06:46:52 +0000 Manifest next update: Wed 22 Oct 2025 10:53:52 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: wYEZL1uYIMmBReTl+6LXLYJYzNhpsM4uv3VDvh53HdQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 10:53:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:13:c8:a3:78:27:0b:b3:46:e3:8c:45:17:24:d8:02:c9:a7:92:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Oct 19 06:46:52 2025 GMT Not After : Oct 22 10:53:52 2025 GMT Subject: CN=458C3E1ABB3B187953F61A568C30D9F5D4FBAEB0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:c9:40:58:1a:4b:a9:bc:ec:2e:cf:a8:91:92: ad:3e:db:4c:d8:32:41:88:9e:92:20:33:2e:4c:cf: 99:24:e8:82:7a:a8:f5:73:e0:2d:22:fd:a7:61:2c: 10:16:99:92:49:2e:ce:bf:1f:3d:01:b6:e5:25:8c: 18:82:38:a7:a4:2b:68:d0:60:1a:47:f9:7d:c4:a8: 5c:d9:ed:dd:02:22:02:19:41:86:57:f1:22:46:66: f6:08:64:b2:91:8d:42:7d:58:3a:72:b2:bc:0c:04: b6:2e:4e:66:a4:f2:0f:17:30:36:bc:14:d3:be:6e: f0:82:c6:91:f3:bf:ff:80:17:e5:3b:f3:5e:8e:76: 3f:f4:77:5d:79:b8:86:e5:9f:17:25:0a:ca:f1:54: fb:32:90:a6:df:6c:56:a3:fc:01:f4:a9:a2:c1:ea: ce:01:f8:9a:99:4d:92:25:1c:07:a7:2f:10:09:23: 9a:1b:73:4b:27:4f:ef:0b:b3:c2:55:04:de:68:db: ad:ed:8a:74:f7:8b:36:c0:0c:d1:0b:a0:b0:bb:0e: bc:27:37:ad:ce:7b:fe:28:30:f8:94:ce:65:a7:6d: 32:05:e5:27:c3:b4:58:78:18:25:02:95:f7:e2:c2: eb:08:5f:d3:9b:29:f9:9e:74:8b:c0:1e:85:0b:d3: a5:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:8C:3E:1A:BB:3B:18:79:53:F6:1A:56:8C:30:D9:F5:D4:FB:AE:B0 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:76:d3:08:8a:85:da:37:3a:a8:cc:7d:25:4b:b3:21:7a:57: bc:93:e6:5a:61:92:0d:c9:8b:e2:d8:6c:50:28:1e:0f:ab:f0: 57:44:35:98:1b:0d:1d:6f:ee:38:7c:0f:32:78:0e:95:26:d0: 7d:20:15:71:27:f0:8e:3e:34:df:62:95:b5:90:98:77:4f:61: bd:32:70:0b:2e:4b:09:e8:41:fe:a3:6b:85:c8:b7:e1:81:02: 51:33:dc:c3:22:0e:19:b7:84:f2:f6:74:3e:a0:86:7c:09:6b: 2b:5e:4d:d2:a2:b6:48:3c:96:ca:f9:d8:38:c5:aa:4a:9c:aa: 19:53:c2:09:a0:f8:cf:0d:3e:99:4f:7d:36:bd:85:5c:90:04: 7c:bb:3f:a2:0f:ee:07:44:07:59:aa:1d:45:9f:d2:14:17:80: 14:7d:54:ac:65:d0:03:0f:bb:4f:2d:2b:05:59:51:c5:8f:22: 8e:5e:c4:02:f3:25:8f:a4:8f:3b:96:70:4d:af:0f:49:c3:dc: f8:73:cb:a6:8f:37:26:b6:28:9b:9a:8f:3b:34:6b:59:da:20: 5a:27:1c:ad:c4:ed:ef:8e:8b:36:c7:a9:64:0e:a8:9f:42:f0: 55:85:db:99:32:c8:c6:3c:5d:71:79:e6:35:31:2f:9a:ee:a0: c2:78:e9:90 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUHxPIo3gnC7NG44xFFyTYAsmnkm8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNTEwMTkwNjQ2NTJaFw0yNTEwMjIxMDUzNTJaMDMxMTAvBgNV BAMTKDQ1OEMzRTFBQkIzQjE4Nzk1M0Y2MUE1NjhDMzBEOUY1RDRGQkFFQjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeyUBYGkupvOwuz6iRkq0+20zY MkGInpIgMy5Mz5kk6IJ6qPVz4C0i/adhLBAWmZJJLs6/Hz0BtuUljBiCOKekK2jQ YBpH+X3EqFzZ7d0CIgIZQYZX8SJGZvYIZLKRjUJ9WDpysrwMBLYuTmak8g8XMDa8 FNO+bvCCxpHzv/+AF+U7816Odj/0d115uIblnxclCsrxVPsykKbfbFaj/AH0qaLB 6s4B+JqZTZIlHAenLxAJI5obc0snT+8Ls8JVBN5o263tinT3izbADNELoLC7Drwn N63Oe/4oMPiUzmWnbTIF5SfDtFh4GCUClffiwusIX9ObKfmedIvAHoUL06UDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQURYw+Grs7GHlT9hpWjDDZ9dT7rrAwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIF20wiKhdo3OqjMfSVLsyF6V7yT5lphkg3J i+LYbFAoHg+r8FdENZgbDR1v7jh8DzJ4DpUm0H0gFXEn8I4+NN9ilbWQmHdPYb0y cAsuSwnoQf6ja4XIt+GBAlEz3MMiDhm3hPL2dD6ghnwJayteTdKitkg8lsr52DjF qkqcqhlTwgmg+M8NPplPfTa9hVyQBHy7P6IP7gdEB1mqHUWf0hQXgBR9VKxl0AMP u08tKwVZUcWPIo5exALzJY+kjzuWcE2vD0nD3Phzy6aPNya2KJuajzs0a1naIFon HK3E7e+OizbHqWQOqJ9C8FWF25kyyMY8XXF55jUxL5ruoMJ46ZA= -----END CERTIFICATE-----Generated at Mon Oct 20 09:23:32 2025 by rpki-client