$ rpki-client -vvf repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft File: 2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft (raw, json) Hash identifier: kssNnyR4bSUWe75lz5fv9tjhtztg2oUtqkzd92lXR8k= Subject key identifier: C1:A9:58:FB:E9:B4:A4:38:74:66:D8:03:AC:DB:BA:15:5E:17:83:C7 Authority key identifier: 25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 Certificate issuer: /CN=2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2 Certificate serial: 390B221A87B172D759E87F007EA6CBDAAF85B3BE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft Manifest number: EB Signing time: Mon 20 Oct 2025 07:41:35 +0000 Manifest this update: Mon 20 Oct 2025 07:36:35 +0000 Manifest next update: Thu 23 Oct 2025 09:36:35 +0000 Files and hashes: 1: 3136302e31392e38342e302f32342d3234203d3e20313532373534.roa (hash: THBM8LqDnCB9g6mrX4v3sCaW9RltHiaa0G5I3swxXAw=) 2: 3136302e31392e38342e302f32332d3233203d3e20313532373534.roa (hash: 5HetFGZszR8N+jVJsMmxP9KoRUdy7YyfVMX9PkmHTvY=) 3: 2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl (hash: sMzwJNm8NbZj4S+HdwQuMiAi4dmKYy7G5XVtHAmay9M=) 4: 3136302e31392e38352e302f32342d3234203d3e20313532373534.roa (hash: 93YYxDDq8+f/Khx/2GnLN/kmjkNijzZ2VSNum/bWLqg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:0b:22:1a:87:b1:72:d7:59:e8:7f:00:7e:a6:cb:da:af:85:b3:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2 Validity Not Before: Oct 20 07:36:35 2025 GMT Not After : Oct 23 09:36:35 2025 GMT Subject: CN=C1A958FBE9B4A4387466D803ACDBBA155E1783C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ed:92:04:ea:a3:9c:8e:66:51:fb:de:87:6d: e4:8f:81:4a:96:ca:22:f2:e1:f8:21:27:33:06:52: 9f:11:8c:6b:86:61:9b:de:d3:23:15:44:8c:7d:7d: cf:1b:7e:a0:05:ca:b1:b4:79:06:2d:cf:eb:84:88: a2:ee:16:eb:ce:96:33:17:18:bf:f7:20:9e:eb:06: e3:5c:34:97:44:8c:fc:f1:3c:e7:02:eb:ba:21:c9: 78:ef:f3:b5:ff:a4:29:6c:fa:d4:dd:c2:50:40:6d: f7:d6:97:16:42:a6:8e:46:f8:58:34:c3:80:05:ee: 94:0d:a3:7b:c7:fb:f8:c0:94:2d:9e:3c:92:fc:a2: 47:e7:cf:7d:6c:69:ed:af:04:6f:9b:51:31:cc:af: c9:84:a7:66:f0:a9:80:bb:3a:15:73:52:67:4d:85: 82:ec:da:45:ff:a8:6b:bf:48:d7:07:49:20:a8:a6: c6:23:20:25:80:7e:97:5a:8b:e3:4d:4e:8a:6d:0e: 4f:59:20:a6:08:be:bc:ea:17:8d:c2:b4:c3:55:e7: 9f:4d:d2:fe:b2:91:76:76:62:47:75:5a:57:c1:15: 9c:33:35:d0:fb:e6:95:73:a8:52:9d:62:99:66:60: 15:43:90:ee:af:25:da:c3:e3:f5:5d:41:25:93:cf: 08:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:A9:58:FB:E9:B4:A4:38:74:66:D8:03:AC:DB:BA:15:5E:17:83:C7 X509v3 Authority Key Identifier: keyid:25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:4a:45:37:17:e3:64:f9:7c:3c:39:f0:c0:3a:09:a8:98:ce: f6:e5:ac:d8:3d:e7:e0:5d:1f:f8:7a:10:d8:29:a8:56:f3:a6: 5c:f4:39:c2:61:5b:a9:96:0b:16:ff:62:23:c8:a0:66:23:ed: 95:4b:eb:75:f2:88:d1:7f:90:68:0a:6f:c4:f3:77:64:fc:68: 3a:89:37:98:9b:4c:40:59:fc:39:e2:12:c2:bd:e1:da:4a:97: b8:a9:6a:3a:2f:05:0b:c7:12:a7:e8:7d:3f:2a:5f:21:94:dc: 57:eb:97:0b:39:31:49:37:e1:a6:36:99:38:8a:d9:fe:14:a8: 0f:71:cd:4c:ed:28:33:2c:69:e8:05:ea:cb:1e:0a:2b:cb:f7: e2:d6:9e:b8:48:ed:04:eb:8d:7d:e6:c8:b4:99:7f:26:2f:a2: 73:26:a5:ca:d3:16:c7:71:ac:23:d3:c5:cd:b8:47:38:c2:dd: d5:bf:90:81:87:13:37:81:9f:f1:a0:5f:49:13:c6:d5:fb:d2: 24:ff:2b:3b:78:6f:ce:33:23:88:23:26:f4:ec:6d:c1:f8:f4: 54:35:5f:da:82:ee:07:05:1f:cc:ee:cd:ff:18:96:84:61:e2: aa:d5:95:f2:e8:45:b7:32:0a:30:68:82:6e:3e:42:c6:77:44: 59:16:0a:51 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOQsiGoexctdZ6H8AfqbL2q+Fs74wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZGMTdE Q0Q2RkRDMjAeFw0yNTEwMjAwNzM2MzVaFw0yNTEwMjMwOTM2MzVaMDMxMTAvBgNV BAMTKEMxQTk1OEZCRTlCNEE0Mzg3NDY2RDgwM0FDREJCQTE1NUUxNzgzQzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR7ZIE6qOcjmZR+96HbeSPgUqW yiLy4fghJzMGUp8RjGuGYZve0yMVRIx9fc8bfqAFyrG0eQYtz+uEiKLuFuvOljMX GL/3IJ7rBuNcNJdEjPzxPOcC67ohyXjv87X/pCls+tTdwlBAbffWlxZCpo5G+Fg0 w4AF7pQNo3vH+/jAlC2ePJL8okfnz31sae2vBG+bUTHMr8mEp2bwqYC7OhVzUmdN hYLs2kX/qGu/SNcHSSCopsYjICWAfpdai+NNToptDk9ZIKYIvrzqF43CtMNV559N 0v6ykXZ2Ykd1WlfBFZwzNdD75pVzqFKdYplmYBVDkO6vJdrD4/VdQSWTzwgRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUwalY++m0pDh0ZtgDrNu6FV4Xg8cwHwYDVR0j BBgwFoAUJRXUv573quWuvCL1LBf/F9zW/cIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i YTA5OGYwMC1hMGEwLTRiNWMtOWU4My02MDY3MzcxMjhjYjEvMC8yNTE1RDRCRjlF RjdBQUU1QUVCQzIyRjUyQzE3RkYxN0RDRDZGREMyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZGMTdEQ0Q2 RkRDMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmEwOThmMDAtYTBhMC00YjVjLTll ODMtNjA2NzM3MTI4Y2IxLzAvMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZG MTdEQ0Q2RkRDMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAANKRTcX42T5fDw58MA6CaiYzvblrNg95+Bd H/h6ENgpqFbzplz0OcJhW6mWCxb/YiPIoGYj7ZVL63XyiNF/kGgKb8Tzd2T8aDqJ N5ibTEBZ/DniEsK94dpKl7ipajovBQvHEqfofT8qXyGU3Ffrlws5MUk34aY2mTiK 2f4UqA9xzUztKDMsaegF6sseCivL9+LWnrhI7QTrjX3myLSZfyYvonMmpcrTFsdx rCPTxc24RzjC3dW/kIGHEzeBn/GgX0kTxtX70iT/Kzt4b84zI4gjJvTsbcH49FQ1 X9qC7gcFH8zuzf8YloRh4qrVlfLoRbcyCjBogm4+QsZ3RFkWClE= -----END CERTIFICATE-----Generated at Mon Oct 20 13:45:56 2025 by rpki-client