$ rpki-client -vvf repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft File: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft (raw, json) Hash identifier: rGe8Bluh+ILwV3tKJc5FV9+/6DtM/TRfMRwsaXlALzY= Subject key identifier: 80:0C:5D:64:B7:12:70:06:FE:51:AB:00:8B:BC:AD:90:72:00:60:A8 Authority key identifier: 3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 Certificate issuer: /CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Certificate serial: 188EE8A5A21A7658030A8C6E03DB1FD215CDA13B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft Manifest number: 04A4 Signing time: Sun 19 Oct 2025 14:22:15 +0000 Manifest this update: Sun 19 Oct 2025 14:17:15 +0000 Manifest next update: Wed 22 Oct 2025 15:28:15 +0000 Files and hashes: 1: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: ceA/XjkZTjtckNNE+B0y8t16H7RYtmT+yFrD+MsXpYk=) 2: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: QKBrvi0RsDMYjSNqwszDPfOesbOlEOIHdE8u3xcyVKM=) 3: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: 0yCL5KXTraWL90iq30pQr9XlRbIvmMrP24hOvDxVdWE=) 4: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: rkHE7dCGWjwiXKSo5AmkFhmGB4j/W88po8KuTJD9fS0=) 5: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: q/CV3YIPQOm1aZYip5fIR1K9i7bDSVO+nIFF+ycG0Go=) 6: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: zCUg4ypvv2GlwnHN93OEr6YWYy+0fl7UKwqXyrw+mYs=) 7: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl (hash: BKlWyHHaYuzRqsbhLGwFugtfrAciLxsxufJdCAIb6ao=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 15:28:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:8e:e8:a5:a2:1a:76:58:03:0a:8c:6e:03:db:1f:d2:15:cd:a1:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Validity Not Before: Oct 19 14:17:15 2025 GMT Not After : Oct 22 15:28:15 2025 GMT Subject: CN=800C5D64B7127006FE51AB008BBCAD90720060A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:1d:5f:32:9b:40:e6:1f:2f:03:fa:8f:cd:b2: ed:18:6e:b6:41:50:4c:32:3f:0a:ff:55:e3:1a:cd: 0a:bd:50:6f:89:b9:a7:53:e2:14:8f:b9:95:0b:0d: 49:b2:bf:34:0f:e5:c5:b6:e3:d1:25:92:0f:63:18: a8:a6:d0:70:d2:11:b4:f7:36:dc:05:e8:cf:67:b9: 59:62:24:f3:fe:97:72:26:a3:3e:53:01:78:f6:48: 4e:a4:c3:46:26:42:bf:22:34:d3:30:41:08:4a:9f: a0:1f:a2:cc:a6:6e:81:68:c6:17:c0:16:ff:f8:85: 51:20:f5:0f:f0:67:91:e9:ac:2a:41:3b:e2:0e:52: f4:5b:1d:a8:d1:70:8d:3b:91:1d:59:e1:f6:f6:6f: 43:87:6b:d6:08:37:8d:50:16:3d:d6:1c:36:7e:42: 0c:2a:9f:20:2d:8b:e0:46:f3:88:26:7d:dd:6d:70: 10:f4:32:82:97:9b:68:42:4e:a3:d0:27:05:56:54: 0a:9b:57:9a:23:ed:f5:6f:57:c0:3f:ae:26:2e:64: 23:c6:70:dc:6d:57:a6:58:11:a3:f5:c0:8d:27:ee: 23:f6:b4:2e:80:34:36:39:bf:db:43:26:ec:12:ae: b3:2b:d7:6c:87:72:b5:6b:c9:29:7a:5b:13:8d:82: 58:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:0C:5D:64:B7:12:70:06:FE:51:AB:00:8B:BC:AD:90:72:00:60:A8 X509v3 Authority Key Identifier: keyid:3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:82:74:b7:9b:97:f9:ef:ba:07:33:86:d4:23:76:a8:89:7e: e6:76:fe:99:3e:23:a4:ac:61:99:f9:7c:57:a0:05:1b:26:62: 64:fb:74:1b:c0:63:5a:65:c8:b0:52:f2:33:a1:c8:fc:47:2b: d5:bc:c7:50:52:1f:55:3e:55:95:25:65:b7:33:f9:24:2a:78: 0c:24:bd:9b:0b:ee:2a:eb:34:84:82:3c:dd:47:b9:d7:74:9d: ba:24:98:ed:24:d8:b3:d5:63:45:0b:d1:ab:ff:14:b0:d9:a0: 5b:01:83:4b:77:71:06:f8:c2:b5:c6:82:4f:32:55:8d:fb:5d: 5c:0c:37:44:19:61:9f:a4:5e:1b:90:69:87:33:d4:a2:94:20: 7b:31:a9:76:be:77:c4:2e:6f:c6:c7:dd:2a:f4:4f:a3:6c:e3: ec:52:96:8d:b2:81:9a:9e:58:1e:7c:45:11:38:ea:78:14:00: 00:d2:e5:7d:3a:67:ac:76:42:73:ce:99:f8:99:79:fd:3d:d1: b6:21:40:91:b7:d5:0a:e6:4d:d3:88:62:d6:03:07:54:cd:2a: ee:cb:13:16:22:8f:fb:29:d1:48:d2:51:cb:71:31:2e:45:dc: 7a:4f:c2:02:00:43:e6:a6:97:fa:6d:40:59:a6:a6:41:dc:0c: fa:53:31:44 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGI7opaIadlgDCoxuA9sf0hXNoTswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFE QzlBMTI2OTAeFw0yNTEwMTkxNDE3MTVaFw0yNTEwMjIxNTI4MTVaMDMxMTAvBgNV BAMTKDgwMEM1RDY0QjcxMjcwMDZGRTUxQUIwMDhCQkNBRDkwNzIwMDYwQTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBHV8ym0DmHy8D+o/Nsu0YbrZB UEwyPwr/VeMazQq9UG+JuadT4hSPuZULDUmyvzQP5cW249Elkg9jGKim0HDSEbT3 NtwF6M9nuVliJPP+l3Imoz5TAXj2SE6kw0YmQr8iNNMwQQhKn6AfosymboFoxhfA Fv/4hVEg9Q/wZ5HprCpBO+IOUvRbHajRcI07kR1Z4fb2b0OHa9YIN41QFj3WHDZ+ QgwqnyAti+BG84gmfd1tcBD0MoKXm2hCTqPQJwVWVAqbV5oj7fVvV8A/riYuZCPG cNxtV6ZYEaP1wI0n7iP2tC6ANDY5v9tDJuwSrrMr12yHcrVrySl6WxONgliRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUgAxdZLcScAb+UasAi7ytkHIAYKgwHwYDVR0j BBgwFoAUPRPG+52yLOE0cGMlNXwg4dyaEmkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZDFlZTVlMi0zMzhjLTRkMjAtODA3ZS1lNTBiNzU1ODNkYjgvMC8zRDEzQzZGQjlE QjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURDOUExMjY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFEQzlB MTI2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmQxZWU1ZTItMzM4Yy00ZDIwLTgw N2UtZTUwYjc1NTgzZGI4LzAvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIw RTFEQzlBMTI2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJqCdLebl/nvugczhtQjdqiJfuZ2/pk+I6Ss YZn5fFegBRsmYmT7dBvAY1plyLBS8jOhyPxHK9W8x1BSH1U+VZUlZbcz+SQqeAwk vZsL7irrNISCPN1Hudd0nbokmO0k2LPVY0UL0av/FLDZoFsBg0t3cQb4wrXGgk8y VY37XVwMN0QZYZ+kXhuQaYcz1KKUIHsxqXa+d8Qub8bH3Sr0T6Ns4+xSlo2ygZqe WB58RRE46ngUAADS5X06Z6x2QnPOmfiZef090bYhQJG31QrmTdOIYtYDB1TNKu7L ExYij/sp0UjSUctxMS5F3HpPwgIAQ+aml/ptQFmmpkHcDPpTMUQ= -----END CERTIFICATE-----Generated at Mon Oct 20 12:34:05 2025 by rpki-client