$ rpki-client -vvf repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.mft File: 210BE7BD512F122FD63FE9057A7F1522DC9B81A7.mft (raw, json) Hash identifier: UO3w51oYqI3jY3tePAw5UiHJWyf+il6ikUYW+wR0cX0= Subject key identifier: D8:7F:56:A8:1B:47:71:52:EA:D6:A1:0A:CB:57:4F:67:2E:EF:BC:23 Authority key identifier: 21:0B:E7:BD:51:2F:12:2F:D6:3F:E9:05:7A:7F:15:22:DC:9B:81:A7 Certificate issuer: /CN=210BE7BD512F122FD63FE9057A7F1522DC9B81A7 Certificate serial: 5A981B9E7FA442256E9A7A65D92F3B1537B3B1A2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.mft Manifest number: 0207 Signing time: Tue 21 Oct 2025 01:01:23 +0000 Manifest this update: Tue 21 Oct 2025 00:56:23 +0000 Manifest next update: Fri 24 Oct 2025 06:59:23 +0000 Files and hashes: 1: 3130332e3139332e3136362e302f32332d3233203d3e20313530313835.roa (hash: 6gMRYCDTA91uCrSpOJHQwzXcDUzZZQ/fPopmQLU54uQ=) 2: 3130332e3139332e3136362e302f32342d3234203d3e20313530313835.roa (hash: jkr10nu1KheD3rFITjZKu8+8qzjxbIrM8OjPSducB+Q=) 3: 3130332e3139332e3136372e302f32342d3234203d3e20313530313835.roa (hash: GK6TjIFHP3OKYpdF9mQ2NlZ0xI3zyr1c1AWcP5mkKcw=) 4: 210BE7BD512F122FD63FE9057A7F1522DC9B81A7.crl (hash: xSQpR8qh4v3ZmPx4wqkALl+F8OxPK6D8zuT1ZX8pWoA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.crl rsync://repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 06:59:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:98:1b:9e:7f:a4:42:25:6e:9a:7a:65:d9:2f:3b:15:37:b3:b1:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=210BE7BD512F122FD63FE9057A7F1522DC9B81A7 Validity Not Before: Oct 21 00:56:23 2025 GMT Not After : Oct 24 06:59:23 2025 GMT Subject: CN=D87F56A81B477152EAD6A10ACB574F672EEFBC23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:98:9d:0c:42:8d:58:02:57:76:58:96:2b:e1: e8:22:42:82:bb:d6:f7:8a:e1:1d:94:ca:0e:03:18: 0b:03:09:27:45:12:1f:54:76:b6:bb:7b:91:4c:a6: 4b:ef:e6:79:22:e2:5f:dc:6b:89:30:fc:ae:2c:a5: 84:12:dc:5a:6e:ae:96:32:b7:d4:d1:3d:d2:ca:f3: 8e:38:3b:9e:dd:8d:49:e3:13:fd:7c:31:d1:19:49: 36:f3:0b:f3:06:ef:4e:8d:3d:76:ab:dd:d5:bc:42: 9d:86:b5:6d:be:74:e1:fd:61:e0:d7:4e:97:47:f2: e5:99:15:33:8e:ca:0e:67:6e:b9:86:ac:ea:06:48: 1a:2f:8b:de:77:ae:69:be:a6:62:ce:e9:0f:b2:f3: 18:69:47:ca:fa:09:b5:40:6d:25:87:4e:08:c0:75: 7a:fa:d6:38:74:be:d7:81:41:14:63:30:68:95:d6: 44:e8:13:83:c0:45:23:c0:ec:e2:0c:46:22:ae:7c: a5:03:22:74:0a:3e:54:1f:f2:d0:5d:5e:08:d4:19: dc:9e:d0:27:90:68:f9:3d:00:f4:b5:89:f0:d6:48: 1b:3d:57:fa:4b:8f:ee:ec:24:4c:2b:06:2c:fa:a9: 76:1f:9f:00:51:4e:5c:cf:27:3f:76:0f:ca:a8:f6: 96:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:7F:56:A8:1B:47:71:52:EA:D6:A1:0A:CB:57:4F:67:2E:EF:BC:23 X509v3 Authority Key Identifier: keyid:21:0B:E7:BD:51:2F:12:2F:D6:3F:E9:05:7A:7F:15:22:DC:9B:81:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b7036974-8131-45af-94ce-f49b4811c173/0/210BE7BD512F122FD63FE9057A7F1522DC9B81A7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:70:c3:fb:80:13:5d:44:56:8c:4f:2f:52:22:6e:6a:fc:0a: b1:3f:a9:1c:3d:cd:07:77:d5:d7:ca:78:eb:6d:c6:1a:be:6d: da:f8:fe:12:98:bd:81:02:83:fd:0c:7b:81:8b:14:9b:3a:82: 56:30:85:21:d9:db:96:80:06:b2:97:8a:ae:26:89:81:b4:96: 05:de:86:fe:37:31:c9:b7:a9:fc:3a:c5:cd:88:e7:5b:93:f7: b4:95:c0:95:b8:a5:8d:93:4a:c2:a1:3e:63:2b:5f:4a:96:37: e5:0e:79:c3:5b:57:2b:1c:1e:f0:7f:de:a0:73:5e:f6:07:d2: 1c:d8:f9:55:29:98:9a:57:f0:68:9b:25:9a:54:0c:12:17:ea: 48:d1:5f:ab:4c:49:3e:e1:93:e6:58:d5:8f:76:d0:77:f5:58: df:8a:8d:df:5d:18:41:90:ac:87:bb:e4:d6:19:56:c2:85:fb: 31:86:5e:88:4e:e8:26:13:19:cf:18:5f:2b:ef:ef:8d:fc:76: 5b:ad:69:ea:74:0b:7d:4b:e2:9e:4b:48:2b:53:a3:ef:ee:b6: 9e:72:54:8c:18:78:2c:e3:02:45:6f:9f:5c:a1:e8:b5:2b:29: f6:41:1d:0d:42:7c:37:3a:68:d3:f7:d3:c9:3e:a0:c6:6e:25: ac:fb:7f:4f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWpgbnn+kQiVumnpl2S87FTezsaIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjEwQkU3QkQ1MTJGMTIyRkQ2M0ZFOTA1N0E3RjE1MjJE QzlCODFBNzAeFw0yNTEwMjEwMDU2MjNaFw0yNTEwMjQwNjU5MjNaMDMxMTAvBgNV BAMTKEQ4N0Y1NkE4MUI0NzcxNTJFQUQ2QTEwQUNCNTc0RjY3MkVFRkJDMjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrmJ0MQo1YAld2WJYr4egiQoK7 1veK4R2Uyg4DGAsDCSdFEh9Udra7e5FMpkvv5nki4l/ca4kw/K4spYQS3FpurpYy t9TRPdLK8444O57djUnjE/18MdEZSTbzC/MG706NPXar3dW8Qp2GtW2+dOH9YeDX TpdH8uWZFTOOyg5nbrmGrOoGSBovi953rmm+pmLO6Q+y8xhpR8r6CbVAbSWHTgjA dXr61jh0vteBQRRjMGiV1kToE4PARSPA7OIMRiKufKUDInQKPlQf8tBdXgjUGdye 0CeQaPk9APS1ifDWSBs9V/pLj+7sJEwrBiz6qXYfnwBRTlzPJz92D8qo9pYNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU2H9WqBtHcVLq1qEKy1dPZy7vvCMwHwYDVR0j BBgwFoAUIQvnvVEvEi/WP+kFen8VItybgacwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i NzAzNjk3NC04MTMxLTQ1YWYtOTRjZS1mNDliNDgxMWMxNzMvMC8yMTBCRTdCRDUx MkYxMjJGRDYzRkU5MDU3QTdGMTUyMkRDOUI4MUE3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjEwQkU3QkQ1MTJGMTIyRkQ2M0ZFOTA1N0E3RjE1MjJEQzlC ODFBNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjcwMzY5NzQtODEzMS00NWFmLTk0 Y2UtZjQ5YjQ4MTFjMTczLzAvMjEwQkU3QkQ1MTJGMTIyRkQ2M0ZFOTA1N0E3RjE1 MjJEQzlCODFBNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHpww/uAE11EVoxPL1Iibmr8CrE/qRw9zQd3 1dfKeOttxhq+bdr4/hKYvYECg/0Me4GLFJs6glYwhSHZ25aABrKXiq4miYG0lgXe hv43Mcm3qfw6xc2I51uT97SVwJW4pY2TSsKhPmMrX0qWN+UOecNbVyscHvB/3qBz XvYH0hzY+VUpmJpX8GibJZpUDBIX6kjRX6tMST7hk+ZY1Y920Hf1WN+Kjd9dGEGQ rIe75NYZVsKF+zGGXohO6CYTGc8YXyvv7438dlutaep0C31L4p5LSCtTo+/utp5y VIwYeCzjAkVvn1yh6LUrKfZBHQ1CfDc6aNP308k+oMZuJaz7f08= -----END CERTIFICATE-----Generated at Tue Oct 21 09:47:06 2025 by rpki-client