$ rpki-client -vvf repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft File: 0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft (raw, json) Hash identifier: uwCyQ6BOBm0mT6T8r+/+0Ng5/WJUWsjAt3q69LauxEU= Subject key identifier: E8:FB:05:80:12:18:44:6B:46:08:02:F8:99:F1:9E:58:59:38:35:F8 Authority key identifier: 0C:E1:E1:11:46:E2:51:D0:CD:52:BD:83:7A:1A:0A:CD:B7:E0:BA:0C Certificate issuer: /CN=0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C Certificate serial: 34F2D9770947C9D925C1A574D82B4435DA6A5CC5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft Manifest number: 014A Signing time: Sun 19 Oct 2025 04:11:48 +0000 Manifest this update: Sun 19 Oct 2025 04:06:48 +0000 Manifest next update: Wed 22 Oct 2025 08:58:48 +0000 Files and hashes: 1: 3130332e3139302e3131332e302f32342d3234203d3e20313439393037.roa (hash: 3qwvc0M9032XGDH7vraV4T7cy4QhAdHQHEpVds7HICk=) 2: 323030313a6466303a663963303a3a2f34382d3438203d3e20313439393037.roa (hash: dQqh/UiHoQw/70mJd+ZId7SvE382IQVHD0RnWmbxwtI=) 3: 3130332e3139302e3131322e302f32332d3234203d3e20313439393037.roa (hash: ki0hIXEeGo8cU77Xr7lKfx7zoFMhB4mSH2tdcqcaUcQ=) 4: 3130332e3139302e3131322e302f32342d3234203d3e20313439393037.roa (hash: RiJQOn+iteWsGaHDQ7CJgxTOw5x3cmMgsW4Cbj99H/E=) 5: 0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.crl (hash: Tv98iXQErl4kNFFBj3Lrxzr/rdNpDyMzjgqIdbv9ln0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.crl rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 08:58:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:f2:d9:77:09:47:c9:d9:25:c1:a5:74:d8:2b:44:35:da:6a:5c:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C Validity Not Before: Oct 19 04:06:48 2025 GMT Not After : Oct 22 08:58:48 2025 GMT Subject: CN=E8FB05801218446B460802F899F19E58593835F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:87:f4:00:03:43:a2:43:8d:24:7f:20:cf:2d: c2:70:90:b9:0f:f5:92:12:2a:b3:e7:bd:20:7e:1c: 32:1c:3c:73:5f:ad:9e:d8:2c:fa:53:3b:18:4e:6a: a5:2d:99:97:78:e2:d5:0c:94:06:b2:e2:12:8e:ed: d4:d2:a5:0f:e4:eb:12:28:d3:1f:8d:df:bf:40:4a: 6a:c1:a8:03:ff:58:33:52:86:31:52:43:d9:0e:b4: 88:d1:c8:dd:e9:38:71:96:15:1d:3b:4d:55:12:43: bc:4f:05:bf:c2:cd:15:b8:e6:89:b7:4b:8e:83:a7: 7d:10:cf:5c:03:57:9d:33:be:ee:ee:72:97:2b:50: ba:03:a9:e0:3a:65:98:1e:de:0e:0f:cb:36:5d:84: a6:82:86:da:78:27:0d:ff:95:cb:c1:d9:67:7f:f1: dd:55:90:62:b2:07:a8:00:2b:9e:e5:30:c0:44:17: 87:51:5e:bb:78:97:2c:6e:80:ae:2b:c7:70:51:9d: eb:73:a8:b1:be:cb:b0:b2:7b:3b:6e:bb:0f:48:45: 22:00:2b:0e:5c:7c:7d:1a:54:f9:7b:8f:d6:ba:45: 26:36:1b:0d:92:a9:96:bb:1d:2f:7f:28:ea:f0:5d: d7:9c:16:60:c3:0a:b3:f1:12:ea:6d:15:c8:2f:95: cd:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:FB:05:80:12:18:44:6B:46:08:02:F8:99:F1:9E:58:59:38:35:F8 X509v3 Authority Key Identifier: keyid:0C:E1:E1:11:46:E2:51:D0:CD:52:BD:83:7A:1A:0A:CD:B7:E0:BA:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:e4:cf:c9:c9:9d:12:d0:40:6e:bd:db:cc:b1:11:40:93:67: 1a:95:08:64:a7:9e:a3:64:66:37:ac:80:a9:a7:b8:e8:a7:f2: 13:05:09:e8:21:e5:f4:e8:15:13:0d:38:68:ae:e5:13:98:05: 55:3f:54:7f:dd:bf:3c:63:c3:7a:6f:c2:44:5c:46:03:d0:b7: 46:10:08:1f:77:6f:98:08:42:10:04:f8:49:e1:0a:55:b7:98: d3:b0:7e:8f:e1:ce:af:bc:9b:36:9e:9f:07:35:e3:ff:e0:2d: f4:23:a6:b6:ad:6a:3e:b5:56:7e:4d:95:26:39:90:fe:b1:1c: 12:56:ac:b6:53:d5:a4:4e:22:e4:f0:dc:51:19:19:2d:fe:db: 68:ec:21:3d:64:ca:a7:a6:89:ac:7c:d4:1e:24:ad:76:40:d6: c9:66:56:0d:8c:74:a5:b9:9f:51:fb:d8:2c:9e:d2:e5:3b:0f: 10:79:9f:8f:80:74:59:7c:ef:e0:71:01:0d:fc:a6:d9:92:00: fc:4a:b6:08:02:a9:93:9f:30:14:74:4b:fd:ef:2e:18:0f:96: 11:57:e9:d8:1a:27:bd:55:7f:54:5e:c9:43:c5:b0:2c:1f:21: 60:c0:f7:eb:a9:c1:01:69:0b:88:e0:64:f3:61:33:04:f1:92: 06:57:3c:db -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNPLZdwlHydklwaV02CtENdpqXMUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMENFMUUxMTE0NkUyNTFEMENENTJCRDgzN0ExQTBBQ0RC N0UwQkEwQzAeFw0yNTEwMTkwNDA2NDhaFw0yNTEwMjIwODU4NDhaMDMxMTAvBgNV BAMTKEU4RkIwNTgwMTIxODQ0NkI0NjA4MDJGODk5RjE5RTU4NTkzODM1RjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWh/QAA0OiQ40kfyDPLcJwkLkP 9ZISKrPnvSB+HDIcPHNfrZ7YLPpTOxhOaqUtmZd44tUMlAay4hKO7dTSpQ/k6xIo 0x+N379ASmrBqAP/WDNShjFSQ9kOtIjRyN3pOHGWFR07TVUSQ7xPBb/CzRW45om3 S46Dp30Qz1wDV50zvu7ucpcrULoDqeA6ZZge3g4PyzZdhKaChtp4Jw3/lcvB2Wd/ 8d1VkGKyB6gAK57lMMBEF4dRXrt4lyxugK4rx3BRnetzqLG+y7Cyeztuuw9IRSIA Kw5cfH0aVPl7j9a6RSY2Gw2SqZa7HS9/KOrwXdecFmDDCrPxEuptFcgvlc0vAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU6PsFgBIYRGtGCAL4mfGeWFk4NfgwHwYDVR0j BBgwFoAUDOHhEUbiUdDNUr2DehoKzbfgugwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MDUxNmE3YS00MTk1LTQ0YjMtYTI0ZS1jZjhlZDU3OGQ3OTEvMC8wQ0UxRTExMTQ2 RTI1MUQwQ0Q1MkJEODM3QTFBMEFDREI3RTBCQTBDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMENFMUUxMTE0NkUyNTFEMENENTJCRDgzN0ExQTBBQ0RCN0Uw QkEwQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjA1MTZhN2EtNDE5NS00NGIzLWEy NGUtY2Y4ZWQ1NzhkNzkxLzAvMENFMUUxMTE0NkUyNTFEMENENTJCRDgzN0ExQTBB Q0RCN0UwQkEwQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGnkz8nJnRLQQG6928yxEUCTZxqVCGSnnqNk ZjesgKmnuOin8hMFCegh5fToFRMNOGiu5ROYBVU/VH/dvzxjw3pvwkRcRgPQt0YQ CB93b5gIQhAE+EnhClW3mNOwfo/hzq+8mzaenwc14//gLfQjprataj61Vn5NlSY5 kP6xHBJWrLZT1aROIuTw3FEZGS3+22jsIT1kyqemiax81B4krXZA1slmVg2MdKW5 n1H72Cye0uU7DxB5n4+AdFl87+BxAQ38ptmSAPxKtggCqZOfMBR0S/3vLhgPlhFX 6dgaJ71Vf1ReyUPFsCwfIWDA9+upwQFpC4jgZPNhMwTxkgZXPNs= -----END CERTIFICATE-----Generated at Mon Oct 20 23:22:14 2025 by rpki-client