$ rpki-client -vvf repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft File: 0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft (raw, json) Hash identifier: J915wIfvNpDYmuP/sRkENnQ8t3JmOR0Odll+sN2UScE= Subject key identifier: 85:4B:EE:7F:A9:CD:24:E7:03:4A:44:41:43:6C:14:A8:1D:E2:F8:E0 Authority key identifier: 0C:E1:E1:11:46:E2:51:D0:CD:52:BD:83:7A:1A:0A:CD:B7:E0:BA:0C Certificate issuer: /CN=0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C Certificate serial: 5F8638DE5EAD11C2E29C90D845964E909E77A781 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft Manifest number: 0131 Signing time: Sat 23 Aug 2025 16:31:49 +0000 Manifest this update: Sat 23 Aug 2025 16:26:49 +0000 Manifest next update: Wed 27 Aug 2025 00:36:49 +0000 Files and hashes: 1: 3130332e3139302e3131332e302f32342d3234203d3e20313439393037.roa (hash: 3qwvc0M9032XGDH7vraV4T7cy4QhAdHQHEpVds7HICk=) 2: 323030313a6466303a663963303a3a2f34382d3438203d3e20313439393037.roa (hash: dQqh/UiHoQw/70mJd+ZId7SvE382IQVHD0RnWmbxwtI=) 3: 3130332e3139302e3131322e302f32332d3234203d3e20313439393037.roa (hash: ki0hIXEeGo8cU77Xr7lKfx7zoFMhB4mSH2tdcqcaUcQ=) 4: 0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.crl (hash: VYXRUVniKISdT1ztW3LstpMAFX2msyR7mfCXmSy34EU=) 5: 3130332e3139302e3131322e302f32342d3234203d3e20313439393037.roa (hash: RiJQOn+iteWsGaHDQ7CJgxTOw5x3cmMgsW4Cbj99H/E=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.crl rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 23:42:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:86:38:de:5e:ad:11:c2:e2:9c:90:d8:45:96:4e:90:9e:77:a7:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C Validity Not Before: Aug 23 16:26:49 2025 GMT Not After : Aug 27 00:36:49 2025 GMT Subject: CN=854BEE7FA9CD24E7034A4441436C14A81DE2F8E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:c3:a0:5a:84:bb:64:fa:35:3c:a0:8d:4b:cd: 3d:e4:e2:ba:90:c0:bb:6f:cc:d4:8d:72:c4:09:61: c7:79:38:30:98:ba:8e:b1:ed:9c:16:23:ba:d0:21: cf:b8:da:10:3a:2b:61:0f:32:52:df:5a:4f:9f:34: 01:70:0c:f2:0e:77:97:df:51:27:c4:b7:3e:56:87: d6:3f:97:61:c9:61:d6:c9:d6:3f:9b:fe:6a:d7:e0: 81:d1:6c:0c:a6:a3:2e:3f:25:a5:81:02:b8:59:aa: 3c:b2:2d:ff:4d:f9:3a:2c:fb:fc:68:96:d9:47:65: d7:44:28:69:89:bd:0f:2f:2b:c5:f8:b8:09:9b:2c: 5a:9d:dd:1a:83:83:fd:06:3d:7f:c9:a6:23:37:d3: 00:64:54:67:68:64:38:b8:4b:e0:86:97:8f:90:35: 2f:15:f4:55:c4:6a:b1:64:92:63:03:1d:06:7c:c8: 1b:42:b2:16:00:56:2f:1a:6a:24:be:f3:c6:66:7f: 66:20:84:d7:2f:67:d6:50:80:a0:74:86:b7:40:14: f7:a8:b8:ac:48:6c:7f:d6:4d:69:c5:0a:3c:1a:eb: 39:04:50:d2:3a:1a:0a:e3:07:58:f7:f4:22:a9:d5: 75:16:ec:79:76:76:05:45:9e:40:c7:e4:9a:0b:5a: d9:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:4B:EE:7F:A9:CD:24:E7:03:4A:44:41:43:6C:14:A8:1D:E2:F8:E0 X509v3 Authority Key Identifier: keyid:0C:E1:E1:11:46:E2:51:D0:CD:52:BD:83:7A:1A:0A:CD:B7:E0:BA:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:fe:07:55:4e:44:0a:71:df:0e:e7:b7:59:5a:7f:a1:74:fe: e3:3a:7a:3e:7f:2e:f1:4b:e4:b3:04:df:a8:f2:18:6a:24:8d: da:28:68:7b:dd:e6:55:50:71:1d:2c:51:a2:6e:bc:ec:d3:b7: 5e:3b:11:c5:84:cc:fa:a1:72:c5:65:d7:16:54:cb:3c:ed:c6: 45:b0:f5:39:56:cb:ad:a0:1e:09:70:31:07:33:f9:00:99:f1: 64:ef:65:07:a7:33:37:e2:24:f4:75:44:12:c7:f5:d6:be:fa: aa:51:68:e4:ce:c7:b4:2d:55:81:ee:93:69:08:2d:6f:20:16: 33:7c:49:e8:a0:ba:72:1c:66:f9:79:8e:33:06:e2:77:dd:5d: 68:7d:95:80:ae:a5:c4:90:d3:61:61:2a:28:3e:9e:f2:f6:63: 3c:27:6c:2d:85:9e:18:98:a8:ab:59:e7:a4:d7:8c:ba:96:34: ee:4b:b5:3f:88:56:39:48:d7:3d:68:81:aa:a9:66:62:55:11: a4:cf:c0:f6:03:47:46:6f:00:c9:57:53:ed:df:68:6b:17:e7: 20:1c:44:fa:f7:2a:65:c3:bc:6e:2a:fe:f6:13:cc:92:49:2f: d5:e2:55:ee:5e:87:87:c6:84:bf:89:70:fd:7c:58:68:a8:eb: f4:10:f6:cc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUX4Y43l6tEcLinJDYRZZOkJ53p4EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMENFMUUxMTE0NkUyNTFEMENENTJCRDgzN0ExQTBBQ0RC N0UwQkEwQzAeFw0yNTA4MjMxNjI2NDlaFw0yNTA4MjcwMDM2NDlaMDMxMTAvBgNV BAMTKDg1NEJFRTdGQTlDRDI0RTcwMzRBNDQ0MTQzNkMxNEE4MURFMkY4RTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqw6BahLtk+jU8oI1LzT3k4rqQ wLtvzNSNcsQJYcd5ODCYuo6x7ZwWI7rQIc+42hA6K2EPMlLfWk+fNAFwDPIOd5ff USfEtz5Wh9Y/l2HJYdbJ1j+b/mrX4IHRbAymoy4/JaWBArhZqjyyLf9N+Tos+/xo ltlHZddEKGmJvQ8vK8X4uAmbLFqd3RqDg/0GPX/JpiM30wBkVGdoZDi4S+CGl4+Q NS8V9FXEarFkkmMDHQZ8yBtCshYAVi8aaiS+88Zmf2YghNcvZ9ZQgKB0hrdAFPeo uKxIbH/WTWnFCjwa6zkEUNI6GgrjB1j39CKp1XUW7Hl2dgVFnkDH5JoLWtktAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhUvuf6nNJOcDSkRBQ2wUqB3i+OAwHwYDVR0j BBgwFoAUDOHhEUbiUdDNUr2DehoKzbfgugwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MDUxNmE3YS00MTk1LTQ0YjMtYTI0ZS1jZjhlZDU3OGQ3OTEvMC8wQ0UxRTExMTQ2 RTI1MUQwQ0Q1MkJEODM3QTFBMEFDREI3RTBCQTBDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMENFMUUxMTE0NkUyNTFEMENENTJCRDgzN0ExQTBBQ0RCN0Uw QkEwQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjA1MTZhN2EtNDE5NS00NGIzLWEy NGUtY2Y4ZWQ1NzhkNzkxLzAvMENFMUUxMTE0NkUyNTFEMENENTJCRDgzN0ExQTBB Q0RCN0UwQkEwQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAr+B1VORApx3w7nt1laf6F0/uM6ej5/LvFL 5LME36jyGGokjdooaHvd5lVQcR0sUaJuvOzTt147EcWEzPqhcsVl1xZUyzztxkWw 9TlWy62gHglwMQcz+QCZ8WTvZQenMzfiJPR1RBLH9da++qpRaOTOx7QtVYHuk2kI LW8gFjN8SeigunIcZvl5jjMG4nfdXWh9lYCupcSQ02FhKig+nvL2YzwnbC2FnhiY qKtZ56TXjLqWNO5LtT+IVjlI1z1ogaqpZmJVEaTPwPYDR0ZvAMlXU+3faGsX5yAc RPr3KmXDvG4q/vYTzJJJL9XiVe5eh4fGhL+JcP18WGio6/QQ9sw= -----END CERTIFICATE-----Generated at Sat Aug 23 20:50:36 2025 by rpki-client