$ rpki-client -vvf repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft File: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft (raw, json) Hash identifier: 5/M7qXj8RX7Jd68xW4EJ71oQhjeSS2FnhNVriSta3tw= Subject key identifier: DD:D6:23:CB:13:DC:E3:CA:77:2D:A9:E8:75:56:D2:78:FD:54:EF:D4 Authority key identifier: 3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 Certificate issuer: /CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Certificate serial: 31FF70F7A6527D2C774CBE4A8488E09ED163DF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft Manifest number: 0488 Signing time: Fri 22 Aug 2025 17:12:19 +0000 Manifest this update: Fri 22 Aug 2025 17:07:19 +0000 Manifest next update: Mon 25 Aug 2025 19:58:19 +0000 Files and hashes: 1: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: qMdSXe2z67bVJOmODSeb4BQMQ40LX9lF9FYmIAv+p7A=) 2: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: 0GSE1PDB0X1nNRLhLL+YFIj25TLvzXb3P+1q7y2DYeY=) 3: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: WgrIRzdaFJ0g4e27LMgAxhh+yicucERWndK+pSX36cg=) 4: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: bPWP0OQUIp2Y9GGXuX0UNuWcLsy7WT1L06MXLwlNCSg=) 5: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: Y2PTe5fMMDYclXsLhLsiwjVncBgzuq5ROa1U1eOC/Wc=) 6: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: yg0Ga2BI5N+zhlTssMp6B5+VROj1HXmBfDxoTWvqgpA=) 7: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl (hash: JheCFSLWReyG+Am+fwC0aOVzrV3SuZDVFbSgn4xNfC4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Aug 2025 19:58:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:ff:70:f7:a6:52:7d:2c:77:4c:be:4a:84:88:e0:9e:d1:63:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Validity Not Before: Aug 22 17:07:19 2025 GMT Not After : Aug 25 19:58:19 2025 GMT Subject: CN=DDD623CB13DCE3CA772DA9E87556D278FD54EFD4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:94:5d:3a:25:30:8f:14:f2:a0:95:39:f1:eb: 64:3a:ce:48:26:49:78:88:e8:b0:51:a8:04:c2:eb: 29:a7:6e:e3:b4:83:22:d7:b6:9f:7d:4a:dd:1f:e6: 29:fa:36:a2:41:59:d5:84:92:ba:66:d9:b0:ae:7c: 31:65:d3:c7:52:ff:2d:3d:fd:cd:a1:6c:f9:df:46: b1:ec:33:3e:b6:4b:a5:07:e6:d9:ce:a1:12:3a:08: 94:38:45:95:4f:1c:1a:54:a5:c4:99:55:c4:d7:67: 19:c6:93:cf:63:f0:bc:b9:3d:bd:b7:02:35:a5:7d: 4e:cc:26:d8:7c:9c:b5:e4:24:ef:ef:1c:a5:e6:0b: d1:3a:41:0b:fb:c9:95:d8:b1:e1:3d:b5:86:2c:01: 8a:84:dd:32:2b:90:2c:95:45:64:40:fb:a5:28:9a: f2:6e:51:30:c9:e4:19:7b:82:e2:7d:53:b4:27:87: bc:68:88:ae:24:b4:f0:b4:e5:6c:29:bc:ba:78:b3: 4b:ca:7a:b0:ed:82:2e:ad:84:46:0a:40:28:03:24: 84:03:28:70:82:15:c2:a8:5f:4b:be:e5:89:0f:4b: 0b:cf:a7:28:60:93:51:79:3f:29:e5:fa:2b:d9:19: 23:b4:3e:c0:16:69:7c:a1:5e:03:b6:3e:b0:1f:3d: 26:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:D6:23:CB:13:DC:E3:CA:77:2D:A9:E8:75:56:D2:78:FD:54:EF:D4 X509v3 Authority Key Identifier: keyid:3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:46:24:23:71:29:ec:10:50:90:23:d7:5a:64:3d:08:9c:08: b4:ea:2d:a6:ca:4d:2d:dc:2d:00:5f:31:8d:03:76:4c:54:d2: 89:c4:7f:9b:8e:ba:e1:38:09:67:81:fb:13:7d:02:ac:85:4b: ce:b5:d1:f0:62:c5:ad:5c:60:cf:7a:0d:91:a7:e7:cb:d6:e3: 88:ba:ef:4b:3b:ba:d7:8b:b0:5b:db:97:c8:b2:54:3d:d8:ef: 37:20:e9:59:25:25:3a:f6:fc:6d:c0:73:de:11:6f:56:a3:11: 13:78:ff:4c:30:2b:b6:8a:6b:08:ab:c0:a0:1c:fe:64:a6:26: 3a:af:ac:83:6f:ad:cc:9a:0a:92:a0:c2:f1:92:00:4a:ff:9e: 31:18:27:d5:aa:13:59:80:5a:68:87:86:1c:15:c2:97:d8:be: 8f:dd:5c:8a:03:2a:7a:87:56:39:d7:75:4a:2a:25:97:ea:d8: 27:1a:7a:2c:6e:48:83:20:99:7f:5d:dd:fd:14:8b:fb:08:4c: 8b:19:f9:17:f5:f5:59:c4:96:e3:7e:22:b9:ea:63:26:69:7f: ae:2d:0d:6f:3c:a7:28:1b:0e:f4:8c:3a:c4:27:dd:ec:2b:01: be:f1:17:80:06:ba:27:64:3c:80:92:f3:2f:31:9d:b4:f8:74: 1f:eb:05:d4 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgITMf9w96ZSfSx3TL5KhIjgntFj3zANBgkqhkiG9w0BAQsF ADAzMTEwLwYDVQQDEygzRDEzQzZGQjlEQjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURD OUExMjY5MB4XDTI1MDgyMjE3MDcxOVoXDTI1MDgyNTE5NTgxOVowMzExMC8GA1UE AxMoRERENjIzQ0IxM0RDRTNDQTc3MkRBOUU4NzU1NkQyNzhGRDU0RUZENDCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKuUXTolMI8U8qCVOfHrZDrOSCZJ eIjosFGoBMLrKadu47SDIte2n31K3R/mKfo2okFZ1YSSumbZsK58MWXTx1L/LT39 zaFs+d9GsewzPrZLpQfm2c6hEjoIlDhFlU8cGlSlxJlVxNdnGcaTz2PwvLk9vbcC NaV9Tswm2HycteQk7+8cpeYL0TpBC/vJldix4T21hiwBioTdMiuQLJVFZED7pSia 8m5RMMnkGXuC4n1TtCeHvGiIriS08LTlbCm8unizS8p6sO2CLq2ERgpAKAMkhAMo cIIVwqhfS77liQ9LC8+nKGCTUXk/KeX6K9kZI7Q+wBZpfKFeA7Y+sB89Jh0CAwEA AaOCAjwwggI4MB0GA1UdDgQWBBTd1iPLE9zjynctqeh1VtJ4/VTv1DAfBgNVHSME GDAWgBQ9E8b7nbIs4TRwYyU1fCDh3JoSaTAOBgNVHQ8BAf8EBAMCB4AwgYUGA1Ud HwR+MHwweqB4oHaGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Jk MWVlNWUyLTMzOGMtNGQyMC04MDdlLWU1MGI3NTU4M2RiOC8wLzNEMTNDNkZCOURC MjJDRTEzNDcwNjMyNTM1N0MyMEUxREM5QTEyNjkuY3JsMHQGCCsGAQUFBwEBBGgw ZjBkBggrBgEFBQcwAoZYcnN5bmM6Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8v SUROSUMtSUQvMi8zRDEzQzZGQjlEQjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURDOUEx MjY5LmNlcjCBkwYIKwYBBQUHAQsEgYYwgYMwgYAGCCsGAQUFBzALhnRyc3luYzov L3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9iZDFlZTVlMi0zMzhjLTRkMjAtODA3 ZS1lNTBiNzU1ODNkYjgvMC8zRDEzQzZGQjlEQjIyQ0UxMzQ3MDYzMjUzNTdDMjBF MURDOUExMjY5Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADANBgkqhkiG9w0BAQsFAAOCAQEAjEYkI3Ep7BBQkCPXWmQ9CJwItOotpspNLdwt AF8xjQN2TFTSicR/m4664TgJZ4H7E30CrIVLzrXR8GLFrVxgz3oNkafny9bjiLrv Szu614uwW9uXyLJUPdjvNyDpWSUlOvb8bcBz3hFvVqMRE3j/TDArtoprCKvAoBz+ ZKYmOq+sg2+tzJoKkqDC8ZIASv+eMRgn1aoTWYBaaIeGHBXCl9i+j91cigMqeodW Odd1Sioll+rYJxp6LG5IgyCZf13d/RSL+whMixn5F/X1WcSW434iuepjJml/ri0N bzynKBsO9Iw6xCfd7CsBvvEXgAa6J2Q8gJLzLzGdtPh0H+sF1A== -----END CERTIFICATE-----Generated at Sat Aug 23 10:21:57 2025 by rpki-client