$ rpki-client -vvf repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft File: CA978B7ACEF55A251B74721E04A034CA3601A88B.mft (raw, json) Hash identifier: hBf6qZaHlOSlodG8eYCBI8OXAKAXe0IXMJ6gvmcpvtE= Subject key identifier: 35:CB:33:5E:11:99:D1:54:9A:5F:D9:46:37:AC:56:48:23:6F:66:DA Authority key identifier: CA:97:8B:7A:CE:F5:5A:25:1B:74:72:1E:04:A0:34:CA:36:01:A8:8B Certificate issuer: /CN=CA978B7ACEF55A251B74721E04A034CA3601A88B Certificate serial: 19810D1CABD8C691851C44E1AEE60B527F90794F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA978B7ACEF55A251B74721E04A034CA3601A88B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft Manifest number: 0133 Signing time: Sun 19 Oct 2025 03:41:28 +0000 Manifest this update: Sun 19 Oct 2025 03:36:28 +0000 Manifest next update: Wed 22 Oct 2025 06:13:28 +0000 Files and hashes: 1: 3130332e38332e3233362e302f32342d3234203d3e20313530353430.roa (hash: IHqcErbm/jh+8G9ITpkeHubYhwRm77oQuURliUYMdFs=) 2: CA978B7ACEF55A251B74721E04A034CA3601A88B.crl (hash: 3389XQc/J/kgl+I2vihP2qt1LLjBothDYPHN6uJOduA=) 3: 3130332e38332e3233372e302f32342d3234203d3e20313530353430.roa (hash: qSzxrfqd29Pg9HOqmUjPO7crmnWP/zs2luJUdYRC76s=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.crl rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA978B7ACEF55A251B74721E04A034CA3601A88B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 06:13:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:81:0d:1c:ab:d8:c6:91:85:1c:44:e1:ae:e6:0b:52:7f:90:79:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA978B7ACEF55A251B74721E04A034CA3601A88B Validity Not Before: Oct 19 03:36:28 2025 GMT Not After : Oct 22 06:13:28 2025 GMT Subject: CN=35CB335E1199D1549A5FD94637AC5648236F66DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:37:04:6f:cd:f1:26:e6:fc:90:66:dc:59:7a: 19:21:e9:7a:98:96:5b:a7:99:c2:ad:2c:fd:9e:84: 52:7b:dc:5c:fa:d1:a4:95:ae:da:9c:4f:b7:52:5f: 35:82:1b:83:8d:02:75:e0:e2:78:4f:7c:9f:40:23: df:6e:16:37:45:92:3c:44:02:ba:85:59:11:e6:1a: 30:97:76:f0:d6:fe:b3:f2:3b:ae:6d:cd:72:f2:c2: 94:87:39:54:7f:65:a7:a8:d3:e7:20:e3:49:31:dd: 6f:d6:5e:ed:23:f3:49:5a:1f:9c:9e:92:01:c2:85: 2c:bb:29:7f:cf:e6:b5:09:23:ca:3b:de:6f:84:c5: 0b:1c:10:d7:49:dc:93:4c:62:78:15:45:ff:c6:45: 3f:ef:fe:63:d4:3c:cc:df:fc:26:a2:fc:44:5c:7a: 58:2b:e2:89:81:55:bd:4d:25:0e:02:ed:d3:f9:60: 4b:7d:04:4d:8b:ab:60:19:33:85:cb:60:6e:f9:37: 9d:c1:d1:4b:db:fe:9d:2c:50:f6:f2:9d:1e:31:68: 57:78:ec:22:cd:bd:db:e0:3a:3f:1e:70:b8:8f:28: fc:24:38:6d:94:12:73:a5:0f:3e:9e:c8:fb:d2:0f: 30:54:d1:4b:25:30:13:ff:9a:84:b1:c7:e9:4d:2a: bc:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:CB:33:5E:11:99:D1:54:9A:5F:D9:46:37:AC:56:48:23:6F:66:DA X509v3 Authority Key Identifier: keyid:CA:97:8B:7A:CE:F5:5A:25:1B:74:72:1E:04:A0:34:CA:36:01:A8:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA978B7ACEF55A251B74721E04A034CA3601A88B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:0c:45:92:2b:b0:bc:7e:28:33:71:ad:99:a5:fa:2c:d7:cf: ba:3b:0a:d2:d4:69:0d:6c:40:00:d0:84:9e:db:70:e8:8a:8c: 9a:10:a1:42:88:dd:07:de:5e:ec:96:80:4f:b3:a5:18:fa:35: 51:fa:2b:95:1a:31:5e:d8:7a:76:9a:87:dc:86:7f:4a:64:90: 49:91:f5:82:ab:8b:76:df:1e:b5:fc:f4:d8:28:ae:f3:09:38: ec:69:b7:16:11:9f:c2:e6:05:2e:15:3d:ec:8e:a7:62:0b:ae: 64:84:2e:8d:b1:e8:b3:11:40:11:dc:22:42:b3:3b:e4:04:20: 84:0d:e4:09:28:ca:58:05:b9:4a:dd:47:e5:83:cf:c1:bb:85: ea:c7:35:10:d2:1b:11:74:90:98:cb:84:be:ea:d7:5d:70:f2: 42:f2:02:e9:23:5d:da:ea:c3:60:c8:0a:68:7f:44:6d:68:0f: 50:68:36:67:f0:1d:7f:4b:f5:3d:6b:62:2a:94:ad:7a:66:76: 64:67:0a:2f:4d:47:f3:e6:a6:cd:b3:0a:77:b6:bb:ad:e0:fb: 98:5c:2b:f5:ed:b6:8a:a5:8f:64:17:9e:7f:b0:10:c1:19:f5: b1:1f:0a:6d:86:42:4c:a5:95:3f:c5:64:99:d0:d4:42:71:2d: ca:c3:d3:f1 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGYENHKvYxpGFHEThruYLUn+QeU8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0E5NzhCN0FDRUY1NUEyNTFCNzQ3MjFFMDRBMDM0Q0Ez NjAxQTg4QjAeFw0yNTEwMTkwMzM2MjhaFw0yNTEwMjIwNjEzMjhaMDMxMTAvBgNV BAMTKDM1Q0IzMzVFMTE5OUQxNTQ5QTVGRDk0NjM3QUM1NjQ4MjM2RjY2REEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0NwRvzfEm5vyQZtxZehkh6XqY llunmcKtLP2ehFJ73Fz60aSVrtqcT7dSXzWCG4ONAnXg4nhPfJ9AI99uFjdFkjxE ArqFWRHmGjCXdvDW/rPyO65tzXLywpSHOVR/Zaeo0+cg40kx3W/WXu0j80laH5ye kgHChSy7KX/P5rUJI8o73m+ExQscENdJ3JNMYngVRf/GRT/v/mPUPMzf/Cai/ERc elgr4omBVb1NJQ4C7dP5YEt9BE2Lq2AZM4XLYG75N53B0Uvb/p0sUPbynR4xaFd4 7CLNvdvgOj8ecLiPKPwkOG2UEnOlDz6eyPvSDzBU0UslMBP/moSxx+lNKrzhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUNcszXhGZ0VSaX9lGN6xWSCNvZtowHwYDVR0j BBgwFoAUypeLes71WiUbdHIeBKA0yjYBqIswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZmEzY2ZmNy0yYWExLTQ0ZGYtOTE0Yy1mMTkxODRmNmYzYjEvMC9DQTk3OEI3QUNF RjU1QTI1MUI3NDcyMUUwNEEwMzRDQTM2MDFBODhCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0E5NzhCN0FDRUY1NUEyNTFCNzQ3MjFFMDRBMDM0Q0EzNjAx QTg4Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmZhM2NmZjctMmFhMS00NGRmLTkx NGMtZjE5MTg0ZjZmM2IxLzAvQ0E5NzhCN0FDRUY1NUEyNTFCNzQ3MjFFMDRBMDM0 Q0EzNjAxQTg4Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAQMRZIrsLx+KDNxrZml+izXz7o7CtLUaQ1s QADQhJ7bcOiKjJoQoUKI3QfeXuyWgE+zpRj6NVH6K5UaMV7Yenaah9yGf0pkkEmR 9YKri3bfHrX89NgorvMJOOxptxYRn8LmBS4VPeyOp2ILrmSELo2x6LMRQBHcIkKz O+QEIIQN5AkoylgFuUrdR+WDz8G7herHNRDSGxF0kJjLhL7q111w8kLyAukjXdrq w2DICmh/RG1oD1BoNmfwHX9L9T1rYiqUrXpmdmRnCi9NR/Pmps2zCne2u63g+5hc K/Xttoqlj2QXnn+wEMEZ9bEfCm2GQkyllT/FZJnQ1EJxLcrD0/E= -----END CERTIFICATE-----Generated at Mon Oct 20 22:22:02 2025 by rpki-client