$ rpki-client -vvf repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.mft File: 210BE7BD512F122FD63FE9057A7F1522DC9B81A7.mft (raw, json) Hash identifier: tk3vrQkVnDprYltPbQW3GsY5XL71vhTH2tC1Z5vOGkI= Subject key identifier: AA:BE:7A:9D:8F:F4:A4:93:89:FE:27:1F:EB:2C:9F:E6:D8:FB:FF:E7 Authority key identifier: 21:0B:E7:BD:51:2F:12:2F:D6:3F:E9:05:7A:7F:15:22:DC:9B:81:A7 Certificate issuer: /CN=210BE7BD512F122FD63FE9057A7F1522DC9B81A7 Certificate serial: 59E4E6FB7D45C443D0D100AF79825F3CFECFDD3D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.mft Manifest number: 01EC Signing time: Thu 21 Aug 2025 19:31:26 +0000 Manifest this update: Thu 21 Aug 2025 19:26:26 +0000 Manifest next update: Sun 24 Aug 2025 23:13:26 +0000 Files and hashes: 1: 3130332e3139332e3136362e302f32332d3233203d3e20313530313835.roa (hash: 6gMRYCDTA91uCrSpOJHQwzXcDUzZZQ/fPopmQLU54uQ=) 2: 210BE7BD512F122FD63FE9057A7F1522DC9B81A7.crl (hash: W713FOw9pX6/dKrGnWmlvp3Hn9d5KIow+hXC08u+27Y=) 3: 3130332e3139332e3136372e302f32342d3234203d3e20313530313835.roa (hash: GK6TjIFHP3OKYpdF9mQ2NlZ0xI3zyr1c1AWcP5mkKcw=) 4: 3130332e3139332e3136362e302f32342d3234203d3e20313530313835.roa (hash: jkr10nu1KheD3rFITjZKu8+8qzjxbIrM8OjPSducB+Q=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.crl rsync://repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 23:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:e4:e6:fb:7d:45:c4:43:d0:d1:00:af:79:82:5f:3c:fe:cf:dd:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=210BE7BD512F122FD63FE9057A7F1522DC9B81A7 Validity Not Before: Aug 21 19:26:26 2025 GMT Not After : Aug 24 23:13:26 2025 GMT Subject: CN=AABE7A9D8FF4A49389FE271FEB2C9FE6D8FBFFE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d1:52:bb:76:f6:71:ba:76:41:48:71:0f:88: f3:7b:c0:31:5a:97:b3:5b:a6:ff:7a:8a:cb:86:13: 8e:64:8a:40:39:f0:af:d4:e5:58:ef:fd:1c:58:c2: c4:8c:8a:34:52:90:95:55:0a:2f:05:6c:89:ce:d7: 1d:00:7d:16:63:1b:ad:0f:5d:55:0c:66:00:e2:21: 4e:c8:2d:12:e5:9b:7c:f6:35:02:d5:42:eb:0b:5e: 6f:d6:71:45:09:bd:00:ed:5f:61:05:33:7c:14:bf: 4e:04:c6:96:c6:ff:a0:d5:6b:f3:54:68:d5:d9:e5: 7a:28:b5:7b:3d:19:5c:26:b2:40:3b:25:14:fb:bf: 86:0c:f5:96:46:88:d8:8c:57:ba:46:71:0b:1f:68: 8a:71:45:b4:98:4f:6e:b2:c8:a1:9e:c8:ad:3c:c4: 4e:fa:c5:28:da:c2:f7:73:23:3b:7d:9b:9a:39:81: c6:9c:77:63:74:6d:31:2e:92:e6:8f:76:d0:fd:5b: f4:3d:d2:cd:eb:4b:e4:15:bb:c0:30:87:9f:e1:e2: ee:31:43:37:44:ab:07:38:c4:20:a9:04:25:c1:16: 7e:34:98:99:b7:20:a6:b5:33:27:60:86:1f:72:16: 41:8f:95:d7:51:cd:fc:b3:a9:ab:52:be:34:42:93: 66:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:BE:7A:9D:8F:F4:A4:93:89:FE:27:1F:EB:2C:9F:E6:D8:FB:FF:E7 X509v3 Authority Key Identifier: keyid:21:0B:E7:BD:51:2F:12:2F:D6:3F:E9:05:7A:7F:15:22:DC:9B:81:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:27:e7:93:1f:16:ed:f5:5e:57:f0:dc:ce:8e:04:cd:ce:d1: 7f:30:7c:f1:63:16:d7:fb:f5:af:39:68:fd:82:df:5f:7f:3a: 02:00:97:b6:4f:96:0d:b6:2a:3f:95:5c:af:86:6a:88:09:b6: 8a:85:46:1f:a5:7f:ce:2d:c3:8b:51:44:b5:96:d6:3e:92:53: 84:84:8c:99:ef:fb:2d:97:e9:80:f2:3b:c9:2a:63:68:c3:2d: ad:5e:f1:10:30:e3:ad:a6:8e:ec:f8:f7:d0:3b:55:42:a6:11: e0:a4:73:31:7b:f9:76:78:b0:5f:14:23:d5:47:a6:f7:e4:a8: 74:94:d4:7d:b5:53:94:dd:4e:c6:94:d0:ab:73:ee:e3:6f:4a: e9:2f:22:2a:d6:85:77:c3:28:1a:85:2f:c1:bd:fd:5f:d5:07: 3e:01:93:13:57:6a:c4:64:b0:91:77:92:a5:90:dd:51:b1:c7: 07:07:8e:3a:2e:ad:4d:60:a9:fa:17:ec:0c:1d:9a:e1:d4:9a: 13:9f:39:d7:fe:2a:57:9e:b8:37:cf:f1:46:83:c2:5e:b5:7e: 1b:1e:5b:66:a6:57:e5:dd:bd:e1:01:96:99:d9:ee:01:45:bb: 86:23:6e:1e:4c:49:32:77:42:48:71:31:0e:ce:bb:49:52:ec: 49:a7:4d:cc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWeTm+31FxEPQ0QCveYJfPP7P3T0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjEwQkU3QkQ1MTJGMTIyRkQ2M0ZFOTA1N0E3RjE1MjJE QzlCODFBNzAeFw0yNTA4MjExOTI2MjZaFw0yNTA4MjQyMzEzMjZaMDMxMTAvBgNV BAMTKEFBQkU3QTlEOEZGNEE0OTM4OUZFMjcxRkVCMkM5RkU2RDhGQkZGRTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ0VK7dvZxunZBSHEPiPN7wDFa l7Nbpv96isuGE45kikA58K/U5Vjv/RxYwsSMijRSkJVVCi8FbInO1x0AfRZjG60P XVUMZgDiIU7ILRLlm3z2NQLVQusLXm/WcUUJvQDtX2EFM3wUv04ExpbG/6DVa/NU aNXZ5XootXs9GVwmskA7JRT7v4YM9ZZGiNiMV7pGcQsfaIpxRbSYT26yyKGeyK08 xE76xSjawvdzIzt9m5o5gcacd2N0bTEukuaPdtD9W/Q90s3rS+QVu8Awh5/h4u4x QzdEqwc4xCCpBCXBFn40mJm3IKa1Mydghh9yFkGPlddRzfyzqatSvjRCk2bXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUqr56nY/0pJOJ/icf6yyf5tj7/+cwHwYDVR0j BBgwFoAUIQvnvVEvEi/WP+kFen8VItybgacwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i NzAzNjk3NC04MTMxLTQ1YWYtOTRjZS1mNDliNDgxMWMxNzMvMC8yMTBCRTdCRDUx MkYxMjJGRDYzRkU5MDU3QTdGMTUyMkRDOUI4MUE3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjEwQkU3QkQ1MTJGMTIyRkQ2M0ZFOTA1N0E3RjE1MjJEQzlC ODFBNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjcwMzY5NzQtODEzMS00NWFmLTk0 Y2UtZjQ5YjQ4MTFjMTczLzAvMjEwQkU3QkQ1MTJGMTIyRkQ2M0ZFOTA1N0E3RjE1 MjJEQzlCODFBNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALgn55MfFu31Xlfw3M6OBM3O0X8wfPFjFtf7 9a85aP2C319/OgIAl7ZPlg22Kj+VXK+GaogJtoqFRh+lf84tw4tRRLWW1j6SU4SE jJnv+y2X6YDyO8kqY2jDLa1e8RAw462mjuz499A7VUKmEeCkczF7+XZ4sF8UI9VH pvfkqHSU1H21U5TdTsaU0Ktz7uNvSukvIirWhXfDKBqFL8G9/V/VBz4BkxNXasRk sJF3kqWQ3VGxxwcHjjourU1gqfoX7AwdmuHUmhOfOdf+KleeuDfP8UaDwl61fhse W2amV+XdveEBlpnZ7gFFu4Yjbh5MSTJ3QkhxMQ7Ou0lS7EmnTcw= -----END CERTIFICATE-----Generated at Sat Aug 23 19:26:01 2025 by rpki-client