$ rpki-client -vvf repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft File: 20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft (raw, json) Hash identifier: aIhW2VAgcPI6jbVgs7BcLMSFquUVdPpJ3zRryyLpkvo= Subject key identifier: 34:AF:24:E8:6D:59:9A:C8:5D:3F:7B:5B:C0:8B:25:10:C2:AA:3E:1E Authority key identifier: 20:A4:A2:CE:A0:09:88:40:AF:6A:1C:5B:F3:D8:4E:41:5D:7F:18:D5 Certificate issuer: /CN=20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5 Certificate serial: 25ADF94694B2BCE5FA027EDBA1EFB5A7F19F6673 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft Manifest number: B5 Signing time: Sun 19 Oct 2025 08:40:00 +0000 Manifest this update: Sun 19 Oct 2025 08:35:00 +0000 Manifest next update: Wed 22 Oct 2025 17:34:00 +0000 Files and hashes: 1: 20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.crl (hash: GWru5WtSe0PEkpUdjyycYathdo1oBLHL9jrti+P+xN8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.crl rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 17:34:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:ad:f9:46:94:b2:bc:e5:fa:02:7e:db:a1:ef:b5:a7:f1:9f:66:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5 Validity Not Before: Oct 19 08:35:00 2025 GMT Not After : Oct 22 17:34:00 2025 GMT Subject: CN=34AF24E86D599AC85D3F7B5BC08B2510C2AA3E1E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:32:9a:bf:37:2b:9a:76:ea:2d:7b:bf:11:10: ec:57:5d:28:f8:11:1b:e4:b7:65:43:92:93:ee:5f: c9:dc:f1:3d:d2:14:2a:3d:ce:55:95:96:2d:d7:e1: 47:d4:28:7c:ed:e0:24:e4:01:2c:50:71:b6:de:c7: 73:70:20:73:39:26:e4:7e:1f:3d:c9:f2:9b:d4:76: 4e:72:8c:f8:40:cf:33:33:86:f1:4c:98:eb:8d:19: 79:f7:af:ab:41:e0:26:ab:36:e8:5b:65:51:a0:66: a5:66:de:9e:a4:b3:35:03:56:86:49:e2:b9:1c:99: 7e:fd:ec:34:a0:cc:22:ae:fa:6f:38:91:c2:b4:67: a0:2a:a6:61:2c:af:68:37:d0:a5:c8:97:db:21:d4: d2:90:81:b2:f0:20:55:97:f7:39:e4:aa:51:38:95: 6f:80:12:4b:f3:d2:12:88:93:26:54:e1:bf:a0:97: f4:10:67:f8:ed:26:b7:67:ab:6a:1f:22:ee:65:59: bf:0e:ac:64:aa:f6:fd:38:90:ba:b6:64:3d:5a:fb: 2a:98:4c:d0:d9:44:15:a1:59:98:54:8e:9d:78:d2: 39:7f:b5:df:d1:5e:44:9b:0f:c1:82:70:df:6f:15: 8b:2c:8b:a2:9a:32:30:fc:f9:3d:31:c1:a9:3e:fd: ec:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:AF:24:E8:6D:59:9A:C8:5D:3F:7B:5B:C0:8B:25:10:C2:AA:3E:1E X509v3 Authority Key Identifier: keyid:20:A4:A2:CE:A0:09:88:40:AF:6A:1C:5B:F3:D8:4E:41:5D:7F:18:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:47:78:76:80:55:81:7b:2b:33:35:61:91:4f:9c:ec:83:7b: 00:9d:b3:ac:12:00:e6:c2:95:70:51:1b:e4:7b:66:9f:cc:46: 12:2f:fc:84:17:b1:fd:b1:7c:3f:fc:8d:24:9b:7d:0b:d2:97: 35:c6:e9:c4:c7:79:5c:2d:32:00:79:f7:78:c7:4f:28:5d:c2: e7:af:d8:b1:f0:c7:6d:8b:8b:0c:5c:5f:11:fd:1a:2c:97:31: 21:9e:dc:37:61:41:42:67:72:0a:8d:f3:a7:5c:16:64:86:51: de:26:ab:89:6f:d5:95:e1:d2:f6:9e:f8:ea:56:08:92:20:5f: 1a:31:d7:e2:2c:7e:92:39:fa:2a:59:0a:5a:50:c8:c6:26:03: 32:f3:f0:3f:0c:ab:b8:e6:ed:2a:82:16:d3:b3:ff:7d:b2:2f: 82:b7:e4:bc:37:0f:78:54:8a:00:ce:fc:86:b4:89:dc:41:b1: 92:93:c8:9a:d2:ce:a3:07:04:44:ae:cd:eb:73:0d:a8:8f:f5: ae:f2:14:b5:0d:0c:52:5e:43:c9:6c:6f:06:a1:8a:ed:71:e7: 30:87:99:28:f5:83:a9:0b:5b:11:41:27:a6:71:65:d6:b6:b3: ce:25:65:59:92:82:62:90:60:96:5a:a0:2e:05:09:de:e0:73: 44:30:6b:2f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJa35RpSyvOX6An7boe+1p/GfZnMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBBNEEyQ0VBMDA5ODg0MEFGNkExQzVCRjNEODRFNDE1 RDdGMThENTAeFw0yNTEwMTkwODM1MDBaFw0yNTEwMjIxNzM0MDBaMDMxMTAvBgNV BAMTKDM0QUYyNEU4NkQ1OTlBQzg1RDNGN0I1QkMwOEIyNTEwQzJBQTNFMUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmMpq/Nyuaduote78REOxXXSj4 ERvkt2VDkpPuX8nc8T3SFCo9zlWVli3X4UfUKHzt4CTkASxQcbbex3NwIHM5JuR+ Hz3J8pvUdk5yjPhAzzMzhvFMmOuNGXn3r6tB4CarNuhbZVGgZqVm3p6kszUDVoZJ 4rkcmX797DSgzCKu+m84kcK0Z6AqpmEsr2g30KXIl9sh1NKQgbLwIFWX9znkqlE4 lW+AEkvz0hKIkyZU4b+gl/QQZ/jtJrdnq2ofIu5lWb8OrGSq9v04kLq2ZD1a+yqY TNDZRBWhWZhUjp140jl/td/RXkSbD8GCcN9vFYssi6KaMjD8+T0xwak+/ew1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUNK8k6G1ZmshdP3tbwIslEMKqPh4wHwYDVR0j BBgwFoAUIKSizqAJiECvahxb89hOQV1/GNUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h YzgxZTZlYy1jODdiLTRmZGItYTJmYS1lY2M0NzBjNDFkNTMvMC8yMEE0QTJDRUEw MDk4ODQwQUY2QTFDNUJGM0Q4NEU0MTVEN0YxOEQ1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjBBNEEyQ0VBMDA5ODg0MEFGNkExQzVCRjNEODRFNDE1RDdG MThENS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYWM4MWU2ZWMtYzg3Yi00ZmRiLWEy ZmEtZWNjNDcwYzQxZDUzLzAvMjBBNEEyQ0VBMDA5ODg0MEFGNkExQzVCRjNEODRF NDE1RDdGMThENS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAH1HeHaAVYF7KzM1YZFPnOyDewCds6wSAObC lXBRG+R7Zp/MRhIv/IQXsf2xfD/8jSSbfQvSlzXG6cTHeVwtMgB593jHTyhdwuev 2LHwx22LiwxcXxH9GiyXMSGe3DdhQUJncgqN86dcFmSGUd4mq4lv1ZXh0vae+OpW CJIgXxox1+IsfpI5+ipZClpQyMYmAzLz8D8Mq7jm7SqCFtOz/32yL4K35Lw3D3hU igDO/Ia0idxBsZKTyJrSzqMHBESuzetzDaiP9a7yFLUNDFJeQ8lsbwahiu1x5zCH mSj1g6kLWxFBJ6ZxZda2s84lZVmSgmKQYJZaoC4FCd7gc0Qway8= -----END CERTIFICATE-----Generated at Mon Oct 20 12:27:14 2025 by rpki-client