$ rpki-client -vvf repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft File: 20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft (raw, json) Hash identifier: TD39C1iTx3XCCgdGEPDRPMMEHIyZJtFDFLDEflKQ9mU= Subject key identifier: 10:B6:04:ED:F5:8A:12:6E:29:E7:43:51:45:B5:58:FA:7F:52:36:2D Authority key identifier: 20:A4:A2:CE:A0:09:88:40:AF:6A:1C:5B:F3:D8:4E:41:5D:7F:18:D5 Certificate issuer: /CN=20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5 Certificate serial: 0B5CB89C7AE49B276C43A1396344B6CEF8E44649 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft Manifest number: 9B Signing time: Sat 23 Aug 2025 05:00:00 +0000 Manifest this update: Sat 23 Aug 2025 04:55:00 +0000 Manifest next update: Tue 26 Aug 2025 07:16:00 +0000 Files and hashes: 1: 20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.crl (hash: D5Ui1SJo3eXetbm4reaNqaVIo6a9lmHqHz4o8t2uqTI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.crl rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 07:16:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:5c:b8:9c:7a:e4:9b:27:6c:43:a1:39:63:44:b6:ce:f8:e4:46:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5 Validity Not Before: Aug 23 04:55:00 2025 GMT Not After : Aug 26 07:16:00 2025 GMT Subject: CN=10B604EDF58A126E29E7435145B558FA7F52362D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:19:e1:67:ff:9f:75:10:a3:7a:81:c9:e2:d5: 61:99:ef:5d:c9:b7:c3:de:75:54:1f:41:7d:1a:4a: f4:38:b7:3b:bb:cd:06:45:f0:e3:8c:f2:ad:22:6d: 5e:3b:46:b4:c5:69:f2:f1:e2:11:fc:e6:17:7f:ce: e8:4d:54:41:cd:6e:d8:9a:02:15:54:35:6e:91:2a: fe:dd:bd:97:fd:b4:74:e5:26:91:4b:3c:45:e5:a4: 4a:f2:67:ce:98:c1:41:29:08:f6:a3:9f:63:a7:04: f5:90:6d:a2:82:26:b1:7d:61:8c:4d:39:9b:c5:60: 30:6c:40:53:03:05:a0:d2:e5:f1:03:97:af:50:2d: 22:01:c0:fa:c6:c3:f6:51:05:2a:3d:17:02:be:a0: 20:a2:b8:31:90:5e:cc:bc:9d:8a:51:ef:1c:19:0c: 4f:f9:34:4e:5f:9a:bd:39:fe:08:57:32:36:87:54: 5e:15:6f:d0:a7:13:ed:f3:ea:e3:1b:88:95:98:af: 3e:b3:80:ce:f3:d8:57:c3:95:4f:2f:fd:9e:25:08: 98:ec:24:2b:22:3f:d0:66:1e:5d:98:fe:cd:08:4a: 99:55:2b:85:f3:9c:aa:f0:b4:54:52:62:b8:7b:d9: 1a:e5:33:ad:62:17:83:e0:b1:19:e7:a7:77:81:ec: 53:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:B6:04:ED:F5:8A:12:6E:29:E7:43:51:45:B5:58:FA:7F:52:36:2D X509v3 Authority Key Identifier: keyid:20:A4:A2:CE:A0:09:88:40:AF:6A:1C:5B:F3:D8:4E:41:5D:7F:18:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:37:2a:de:9f:f3:e4:74:b7:54:bb:eb:5a:7d:40:32:3d:03: 23:7a:e7:a3:70:3c:69:c4:f4:1c:bf:a8:49:91:a5:63:21:62: 5e:08:1a:8c:44:4d:52:36:2d:75:1c:7c:56:6c:ed:b4:16:cd: 40:09:85:55:5a:6c:61:b4:e9:52:ce:1c:6d:c3:5d:d9:a5:14: 7f:48:76:82:f0:51:0e:c8:09:a3:7b:fa:71:c8:97:39:78:70: 53:51:b0:3c:b6:2b:67:ed:5b:8f:b5:d2:05:36:03:6f:fc:02: 38:61:6e:5d:f8:bf:09:f4:ed:de:86:dd:31:5c:5a:72:cd:fd: dd:ac:67:a2:b5:98:36:c0:ec:be:87:db:fb:3c:72:e5:67:d0: 61:0c:cd:e3:2f:15:fa:5b:0f:4d:d2:06:e7:da:9c:63:31:48: 13:80:6b:71:9d:cc:36:94:e8:cf:ac:10:df:35:97:9c:5b:fd: c8:a5:9d:9e:11:d9:49:a3:bd:9d:b5:24:94:d4:92:b4:d5:4f: 4f:ef:8e:c5:1e:d3:fe:90:a1:5e:22:71:97:0c:d4:d8:30:81: ff:96:21:33:27:88:3f:6d:0f:c4:e3:39:42:67:ce:84:04:5c: fc:0f:89:e5:85:55:00:d7:c7:09:b6:2f:21:db:ce:07:fc:5f: ff:c3:8b:1c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUC1y4nHrkmydsQ6E5Y0S2zvjkRkkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBBNEEyQ0VBMDA5ODg0MEFGNkExQzVCRjNEODRFNDE1 RDdGMThENTAeFw0yNTA4MjMwNDU1MDBaFw0yNTA4MjYwNzE2MDBaMDMxMTAvBgNV BAMTKDEwQjYwNEVERjU4QTEyNkUyOUU3NDM1MTQ1QjU1OEZBN0Y1MjM2MkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHGeFn/591EKN6gcni1WGZ713J t8PedVQfQX0aSvQ4tzu7zQZF8OOM8q0ibV47RrTFafLx4hH85hd/zuhNVEHNbtia AhVUNW6RKv7dvZf9tHTlJpFLPEXlpEryZ86YwUEpCPajn2OnBPWQbaKCJrF9YYxN OZvFYDBsQFMDBaDS5fEDl69QLSIBwPrGw/ZRBSo9FwK+oCCiuDGQXsy8nYpR7xwZ DE/5NE5fmr05/ghXMjaHVF4Vb9CnE+3z6uMbiJWYrz6zgM7z2FfDlU8v/Z4lCJjs JCsiP9BmHl2Y/s0ISplVK4XznKrwtFRSYrh72RrlM61iF4PgsRnnp3eB7FMRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUELYE7fWKEm4p50NRRbVY+n9SNi0wHwYDVR0j BBgwFoAUIKSizqAJiECvahxb89hOQV1/GNUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h YzgxZTZlYy1jODdiLTRmZGItYTJmYS1lY2M0NzBjNDFkNTMvMC8yMEE0QTJDRUEw MDk4ODQwQUY2QTFDNUJGM0Q4NEU0MTVEN0YxOEQ1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjBBNEEyQ0VBMDA5ODg0MEFGNkExQzVCRjNEODRFNDE1RDdG MThENS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYWM4MWU2ZWMtYzg3Yi00ZmRiLWEy ZmEtZWNjNDcwYzQxZDUzLzAvMjBBNEEyQ0VBMDA5ODg0MEFGNkExQzVCRjNEODRF NDE1RDdGMThENS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFs3Kt6f8+R0t1S761p9QDI9AyN656NwPGnE 9By/qEmRpWMhYl4IGoxETVI2LXUcfFZs7bQWzUAJhVVabGG06VLOHG3DXdmlFH9I doLwUQ7ICaN7+nHIlzl4cFNRsDy2K2ftW4+10gU2A2/8Ajhhbl34vwn07d6G3TFc WnLN/d2sZ6K1mDbA7L6H2/s8cuVn0GEMzeMvFfpbD03SBufanGMxSBOAa3GdzDaU 6M+sEN81l5xb/cilnZ4R2UmjvZ21JJTUkrTVT0/vjsUe0/6QoV4icZcM1Ngwgf+W ITMniD9tD8TjOUJnzoQEXPwPieWFVQDXxwm2LyHbzgf8X//Dixw= -----END CERTIFICATE-----Generated at Sat Aug 23 10:04:41 2025 by rpki-client