$ rpki-client -vvf repo-rpki.idnic.net/repo/b1a77add-a49a-4c8f-a735-ef96c33ab29f/0/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.mft File: D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.mft (raw, json) Hash identifier: Q3fppkBWcH0xDNIJSoW30NlpR2D4Mh61U2r2xYt91YQ= Subject key identifier: 1C:58:4C:DC:E1:BD:34:F5:D2:4D:A8:DE:D4:51:AC:E7:10:16:6B:DA Authority key identifier: D9:CD:40:47:4B:DD:0C:07:07:76:6C:ED:BA:F0:B6:A1:86:CF:58:2F Certificate issuer: /CN=D9CD40474BDD0C0707766CEDBAF0B6A186CF582F Certificate serial: 16844F60B80D02E912139FF2938937E1A3636F8B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b1a77add-a49a-4c8f-a735-ef96c33ab29f/0/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.mft Manifest number: 0529 Signing time: Sun 19 Oct 2025 21:21:20 +0000 Manifest this update: Sun 19 Oct 2025 21:16:20 +0000 Manifest next update: Wed 22 Oct 2025 23:02:20 +0000 Files and hashes: 1: 3130332e3233352e37332e302f32342d3234203d3e20313335333630.roa (hash: Gss2BFwCvkYMrYmTDPR8XZwGfdbzMzVTFBRvuPZp/uA=) 2: D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.crl (hash: XtvnFogRDCoXGlyX0ssZev4ZHKS9ef2qu0l5tVZYI+0=) 3: 323030313a6466323a356130303a3a2f34382d3438203d3e20313335343434.roa (hash: TiFQ5+3RDDZw3hEMovau4FHuHmfphOknHBNZEgIPquo=) 4: 3130332e3233352e37352e302f32342d3234203d3e20313335343434.roa (hash: lz/aRA5xwGbvGMSgXL70n8EEkKYV5RNTgznI5gnec7Q=) 5: 3130332e3231392e3234382e302f32322d3234203d3e20313335343434.roa (hash: lX6yK5ZXngZW7ELU3wR8WQZxB1PZNhMXdAdxnRkfpzY=) 6: 3130332e3233352e37342e302f32342d3234203d3e20313431313230.roa (hash: e9uiS3KNGlZ+EQjSXY4m6NwJ9lRr8aifmafZU96mQ7k=) 7: 3130332e3233352e37322e302f32342d3234203d3e20313335343434.roa (hash: OjdsG/TdDn+RUWERJayMK04SkHQ7zRmm5hb518X40Eo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b1a77add-a49a-4c8f-a735-ef96c33ab29f/0/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.crl rsync://repo-rpki.idnic.net/repo/b1a77add-a49a-4c8f-a735-ef96c33ab29f/0/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 23:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:84:4f:60:b8:0d:02:e9:12:13:9f:f2:93:89:37:e1:a3:63:6f:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D9CD40474BDD0C0707766CEDBAF0B6A186CF582F Validity Not Before: Oct 19 21:16:20 2025 GMT Not After : Oct 22 23:02:20 2025 GMT Subject: CN=1C584CDCE1BD34F5D24DA8DED451ACE710166BDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:6b:a0:fe:4a:cd:38:37:fb:ff:b0:70:2b:b0: 8b:da:3e:2a:a7:40:bf:ec:6c:17:e6:19:6b:41:ea: 41:09:5e:98:4a:b7:e5:99:e7:25:52:47:27:52:15: 37:a2:40:59:7b:bb:0c:32:0a:c6:7b:7b:e7:9f:39: dd:95:52:fa:a9:a0:7d:5b:28:71:54:5c:32:b3:0e: f8:2c:85:2b:91:41:98:d7:06:77:43:66:0f:70:10: 2f:1b:b7:a4:33:df:09:3f:99:7b:01:73:4b:ac:7f: 94:c8:84:bf:47:af:6b:dd:75:97:4e:2c:b1:04:fa: f4:2c:db:6b:18:52:40:92:d4:ca:2c:7f:d9:3f:86: 25:82:1a:58:68:9e:a2:fb:33:44:bb:8d:25:2a:65: 13:04:a9:5e:15:b2:77:01:36:e0:6c:47:59:2a:84: dc:54:6a:be:39:3c:d8:63:85:82:b5:4c:38:51:f1: 7d:b5:1b:bb:4a:86:62:0a:a7:b3:d7:a9:8b:e1:31: 6b:4b:11:8a:59:c0:a4:3b:af:a6:d5:2e:2b:b8:b6: 04:48:fb:88:a0:3c:7b:41:72:0c:3f:06:2b:ce:cd: 96:10:d7:51:a9:97:d2:19:01:49:d5:ea:ed:3a:fe: d0:fc:a7:11:c8:b0:74:96:2c:2f:bb:05:f6:ef:46: 78:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:58:4C:DC:E1:BD:34:F5:D2:4D:A8:DE:D4:51:AC:E7:10:16:6B:DA X509v3 Authority Key Identifier: keyid:D9:CD:40:47:4B:DD:0C:07:07:76:6C:ED:BA:F0:B6:A1:86:CF:58:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b1a77add-a49a-4c8f-a735-ef96c33ab29f/0/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b1a77add-a49a-4c8f-a735-ef96c33ab29f/0/D9CD40474BDD0C0707766CEDBAF0B6A186CF582F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:fd:fb:ac:1f:71:bf:4c:0b:c5:46:0c:2b:00:9d:38:c5:c5: db:bf:d4:79:b2:a8:c9:b3:b2:d4:ad:6e:00:f2:cf:2a:13:51: f7:98:3d:16:38:db:49:8a:37:d1:20:b5:eb:ad:32:de:99:05: 44:16:e2:04:0f:94:41:d4:64:a3:04:dd:91:32:c5:af:41:79: 84:0c:38:3d:3e:5f:51:1f:8e:d4:5d:7d:94:92:29:9e:5e:ea: 93:f8:8a:d2:08:23:ba:da:cc:40:5f:77:5c:d5:65:84:1e:55: f8:13:15:35:bf:43:1a:77:e2:aa:15:3f:c9:56:5f:4c:01:35: 7b:d4:38:e9:eb:5f:53:48:90:45:dc:e3:05:62:e2:9f:7e:29: af:f6:35:b9:5b:1d:94:23:3f:5b:89:a8:75:b1:f3:a9:77:6d: 70:6d:56:1d:79:82:79:8e:d5:59:7b:2a:b7:40:c6:0b:58:b3: 6f:72:37:de:d8:01:df:53:93:d5:09:7b:c7:f6:23:e7:bb:06: ef:41:c9:59:e4:8d:f1:7c:62:e8:1c:36:b7:82:7f:83:1c:5c: 51:62:ff:e9:30:0e:a6:d3:0c:a8:77:98:43:56:26:57:24:00: bf:b7:98:3f:5c:ca:eb:00:2f:db:af:82:3b:88:5a:f3:9f:8a: 23:2d:3f:43 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFoRPYLgNAukSE5/yk4k34aNjb4swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDlDRDQwNDc0QkREMEMwNzA3NzY2Q0VEQkFGMEI2QTE4 NkNGNTgyRjAeFw0yNTEwMTkyMTE2MjBaFw0yNTEwMjIyMzAyMjBaMDMxMTAvBgNV BAMTKDFDNTg0Q0RDRTFCRDM0RjVEMjREQThERUQ0NTFBQ0U3MTAxNjZCREEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTa6D+Ss04N/v/sHArsIvaPiqn QL/sbBfmGWtB6kEJXphKt+WZ5yVSRydSFTeiQFl7uwwyCsZ7e+efOd2VUvqpoH1b KHFUXDKzDvgshSuRQZjXBndDZg9wEC8bt6Qz3wk/mXsBc0usf5TIhL9Hr2vddZdO LLEE+vQs22sYUkCS1Mosf9k/hiWCGlhonqL7M0S7jSUqZRMEqV4VsncBNuBsR1kq hNxUar45PNhjhYK1TDhR8X21G7tKhmIKp7PXqYvhMWtLEYpZwKQ7r6bVLiu4tgRI +4igPHtBcgw/BivOzZYQ11Gpl9IZAUnV6u06/tD8pxHIsHSWLC+7BfbvRnhPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUHFhM3OG9NPXSTaje1FGs5xAWa9owHwYDVR0j BBgwFoAU2c1AR0vdDAcHdmztuvC2oYbPWC8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MWE3N2FkZC1hNDlhLTRjOGYtYTczNS1lZjk2YzMzYWIyOWYvMC9EOUNENDA0NzRC REQwQzA3MDc3NjZDRURCQUYwQjZBMTg2Q0Y1ODJGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDlDRDQwNDc0QkREMEMwNzA3NzY2Q0VEQkFGMEI2QTE4NkNG NTgyRi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjFhNzdhZGQtYTQ5YS00YzhmLWE3 MzUtZWY5NmMzM2FiMjlmLzAvRDlDRDQwNDc0QkREMEMwNzA3NzY2Q0VEQkFGMEI2 QTE4NkNGNTgyRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEz9+6wfcb9MC8VGDCsAnTjFxdu/1HmyqMmz stStbgDyzyoTUfeYPRY420mKN9EgteutMt6ZBUQW4gQPlEHUZKME3ZEyxa9BeYQM OD0+X1EfjtRdfZSSKZ5e6pP4itIII7razEBfd1zVZYQeVfgTFTW/Qxp34qoVP8lW X0wBNXvUOOnrX1NIkEXc4wVi4p9+Ka/2NblbHZQjP1uJqHWx86l3bXBtVh15gnmO 1Vl7KrdAxgtYs29yN97YAd9Tk9UJe8f2I+e7Bu9ByVnkjfF8YugcNreCf4McXFFi /+kwDqbTDKh3mENWJlckAL+3mD9cyusAL9uvgjuIWvOfiiMtP0M= -----END CERTIFICATE-----Generated at Mon Oct 20 14:58:23 2025 by rpki-client