$ rpki-client -vvf repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft File: 2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft (raw, json) Hash identifier: G7/uLJpqP0mG4o6BPahgEVef1OW0vFgYV0Xmxhs0DEg= Subject key identifier: 29:D0:52:B7:74:03:10:59:F6:A1:05:F7:EC:BC:08:A0:7C:A8:19:F6 Authority key identifier: 25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 Certificate issuer: /CN=2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2 Certificate serial: 3001DE74FA8F6A2A00DD08A2705C64E7C323D895 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft Manifest number: D1 Signing time: Fri 22 Aug 2025 13:31:32 +0000 Manifest this update: Fri 22 Aug 2025 13:26:32 +0000 Manifest next update: Tue 26 Aug 2025 00:03:32 +0000 Files and hashes: 1: 3136302e31392e38342e302f32332d3233203d3e20313532373534.roa (hash: 5HetFGZszR8N+jVJsMmxP9KoRUdy7YyfVMX9PkmHTvY=) 2: 3136302e31392e38352e302f32342d3234203d3e20313532373534.roa (hash: 93YYxDDq8+f/Khx/2GnLN/kmjkNijzZ2VSNum/bWLqg=) 3: 3136302e31392e38342e302f32342d3234203d3e20313532373534.roa (hash: THBM8LqDnCB9g6mrX4v3sCaW9RltHiaa0G5I3swxXAw=) 4: 2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl (hash: ZS8z68WNK1mlg/KtlQH2nLreeZgJ3kM5iimHTlGendk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 00:03:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:01:de:74:fa:8f:6a:2a:00:dd:08:a2:70:5c:64:e7:c3:23:d8:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2 Validity Not Before: Aug 22 13:26:32 2025 GMT Not After : Aug 26 00:03:32 2025 GMT Subject: CN=29D052B774031059F6A105F7ECBC08A07CA819F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:86:55:17:9c:fc:e6:68:8d:b9:d6:f3:f1:ec: f8:50:2d:c1:bc:e3:91:80:d6:9f:38:bf:f7:91:b2: 5d:23:5a:e1:5e:09:81:07:b9:2a:b5:ba:ef:9b:7d: 98:fe:7d:db:30:99:e2:1b:4f:4b:3b:e2:76:0d:32: 17:29:0a:2a:02:15:a6:3e:60:6a:58:63:b2:3b:17: ee:41:b3:c7:fa:8f:ca:cc:10:66:80:74:5f:a6:b6: 84:e9:36:8e:81:29:84:99:17:61:ef:90:61:b6:b6: 82:bd:03:ef:38:c1:68:aa:18:53:da:f3:5a:47:fa: 1b:4c:58:54:32:2c:e2:c3:7e:f8:27:97:2e:fb:ae: f3:8f:42:47:c1:ab:30:39:6d:4e:3d:72:1f:29:b0: a4:17:1c:ea:6d:4f:37:d1:40:58:7c:5b:47:fe:07: 9b:72:84:9a:fa:9b:9c:ec:a9:8f:6d:25:69:36:b5: 4c:57:fc:c3:da:b5:b6:ef:55:93:df:ba:22:ef:97: 04:47:fd:86:a2:69:58:30:25:dd:d7:64:ec:4c:e1: 2e:0b:04:60:04:c4:70:2f:bf:3f:47:0f:70:34:d3: 12:84:06:21:cb:8e:4b:38:a7:c2:db:32:d8:c1:20: da:e9:2d:2a:1c:1a:38:b8:c3:13:33:b9:c1:96:3e: fe:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:D0:52:B7:74:03:10:59:F6:A1:05:F7:EC:BC:08:A0:7C:A8:19:F6 X509v3 Authority Key Identifier: keyid:25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:4b:d8:19:f0:a2:dd:1e:6b:41:e7:49:01:ec:ae:f7:2d:d0: 81:b3:f3:f1:07:f2:9e:3a:bb:3b:76:92:cd:9d:bc:7f:17:b1: d8:00:44:10:1e:de:d8:27:5b:bd:25:64:9e:6c:f1:35:a4:cb: dd:75:0c:10:f2:51:c9:02:ea:a6:fb:8c:33:a6:d9:54:cc:ba: ca:4c:c7:be:9a:df:4b:95:76:85:3c:35:e6:cf:04:3c:77:fd: 3f:e7:1a:29:9a:62:a7:10:71:ec:33:6d:57:36:6e:60:af:a7: e3:ce:20:71:94:1f:b6:dd:ea:06:77:92:6e:2f:d6:66:ac:8f: a0:72:11:bb:a1:bd:1a:5b:94:fd:13:1e:25:52:97:a9:67:20: ff:bf:a2:8d:b9:4e:8c:9e:98:4a:76:b7:99:a4:f0:38:36:63: 14:9d:fe:35:5b:b1:55:39:31:98:65:ad:a6:e2:0a:73:c4:f2: 5c:f6:de:db:83:6a:dd:8b:e8:9a:d6:49:57:c3:9e:73:0e:f3: 1b:13:2b:e3:3e:40:4a:32:7f:21:5d:7f:87:f0:50:05:55:7c: d7:97:60:f2:77:5c:eb:ff:95:26:f8:d3:b7:17:31:22:df:49: c4:81:34:38:5a:26:24:52:36:ea:1a:d0:bf:12:7a:7e:4e:eb: 48:43:cf:f5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMAHedPqPaioA3QiicFxk58Mj2JUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZGMTdE Q0Q2RkRDMjAeFw0yNTA4MjIxMzI2MzJaFw0yNTA4MjYwMDAzMzJaMDMxMTAvBgNV BAMTKDI5RDA1MkI3NzQwMzEwNTlGNkExMDVGN0VDQkMwOEEwN0NBODE5RjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfhlUXnPzmaI251vPx7PhQLcG8 45GA1p84v/eRsl0jWuFeCYEHuSq1uu+bfZj+fdswmeIbT0s74nYNMhcpCioCFaY+ YGpYY7I7F+5Bs8f6j8rMEGaAdF+mtoTpNo6BKYSZF2HvkGG2toK9A+84wWiqGFPa 81pH+htMWFQyLOLDfvgnly77rvOPQkfBqzA5bU49ch8psKQXHOptTzfRQFh8W0f+ B5tyhJr6m5zsqY9tJWk2tUxX/MPatbbvVZPfuiLvlwRH/YaiaVgwJd3XZOxM4S4L BGAExHAvvz9HD3A00xKEBiHLjks4p8LbMtjBINrpLSocGji4wxMzucGWPv5TAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUKdBSt3QDEFn2oQX37LwIoHyoGfYwHwYDVR0j BBgwFoAUJRXUv573quWuvCL1LBf/F9zW/cIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i YTA5OGYwMC1hMGEwLTRiNWMtOWU4My02MDY3MzcxMjhjYjEvMC8yNTE1RDRCRjlF RjdBQUU1QUVCQzIyRjUyQzE3RkYxN0RDRDZGREMyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZGMTdEQ0Q2 RkRDMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmEwOThmMDAtYTBhMC00YjVjLTll ODMtNjA2NzM3MTI4Y2IxLzAvMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZG MTdEQ0Q2RkRDMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKhL2Bnwot0ea0HnSQHsrvct0IGz8/EH8p46 uzt2ks2dvH8XsdgARBAe3tgnW70lZJ5s8TWky911DBDyUckC6qb7jDOm2VTMuspM x76a30uVdoU8NebPBDx3/T/nGimaYqcQcewzbVc2bmCvp+POIHGUH7bd6gZ3km4v 1masj6ByEbuhvRpblP0THiVSl6lnIP+/oo25ToyemEp2t5mk8Dg2YxSd/jVbsVU5 MZhlrabiCnPE8lz23tuDat2L6JrWSVfDnnMO8xsTK+M+QEoyfyFdf4fwUAVVfNeX YPJ3XOv/lSb407cXMSLfScSBNDhaJiRSNuoa0L8Sen5O60hDz/U= -----END CERTIFICATE-----Generated at Sun Aug 24 02:53:23 2025 by rpki-client