$ rpki-client -vvf repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft File: 21F5E152BA3E25561EA4D2E2986546412F44F15B.mft (raw, json) Hash identifier: mCuCIyGhhNwUTe7KAI+jtw17JAE+1YWNXzvXefjOheA= Subject key identifier: E4:40:83:0B:66:94:F3:6F:91:57:62:92:23:1D:97:09:D6:FF:EB:74 Authority key identifier: 21:F5:E1:52:BA:3E:25:56:1E:A4:D2:E2:98:65:46:41:2F:44:F1:5B Certificate issuer: /CN=21F5E152BA3E25561EA4D2E2986546412F44F15B Certificate serial: 68C4D61067A2B7E816434E6D1DC36B37FF9D3C85 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft Manifest number: A6 Signing time: Sat 18 Oct 2025 16:31:53 +0000 Manifest this update: Sat 18 Oct 2025 16:26:53 +0000 Manifest next update: Tue 21 Oct 2025 19:44:53 +0000 Files and hashes: 1: 3130332e3130362e37362e302f32332d3233203d3e203436303233.roa (hash: NaHe5YrxTvb1T+B86yAscpluwifFSNcBhISUAGBKlIw=) 2: 3130332e3130362e37382e302f32332d3233203d3e203436303233.roa (hash: WYN4mrwjKunsGp4uZVpUx9nBxwBDSeavyWVXTw8bEXE=) 3: 3130332e3130362e37392e302f32342d3234203d3e203436303233.roa (hash: aO0x+zXgbPOIjgzHxX0fAcf+6eJJ6z747uBT9dWocuM=) 4: 3130332e3130362e37362e302f32322d3232203d3e203436303233.roa (hash: juQ/cwjH1toIUGh+4Z6y41hGaf2rFqJaltHbfzkfdBc=) 5: 21F5E152BA3E25561EA4D2E2986546412F44F15B.crl (hash: MiZjKkJD0FkQoj3Kl2TuKHr2ZQjo9ttN9nyxuRhyG4o=) 6: 3130332e3130362e37362e302f32342d3234203d3e203436303233.roa (hash: +PmFbdoieOm1HYaiDNoJSgRpm6MfVAVtuXNpglouU7g=) 7: 3130332e3130362e37382e302f32342d3234203d3e203436303233.roa (hash: iSq6NwogxUEJNuToH4CRAdLPA94Ifhymd/i0qK2RpFY=) 8: 3130332e3130362e37372e302f32342d3234203d3e203436303233.roa (hash: CbiBxaX9ddBH1o7nomW/iHw3KqeexSYJrX7KRnYKypE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.crl rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 19:44:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:c4:d6:10:67:a2:b7:e8:16:43:4e:6d:1d:c3:6b:37:ff:9d:3c:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21F5E152BA3E25561EA4D2E2986546412F44F15B Validity Not Before: Oct 18 16:26:53 2025 GMT Not After : Oct 21 19:44:53 2025 GMT Subject: CN=E440830B6694F36F91576292231D9709D6FFEB74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:2b:c6:f5:ca:f2:c4:d0:b5:89:25:0c:96:bc: 31:3c:b4:81:c9:59:d6:38:51:f1:44:12:a7:4c:a9: a5:84:d3:25:68:a4:a0:0f:ea:d2:f0:04:0c:cc:e3: 54:2c:a7:ef:13:2c:e8:a3:fa:79:04:15:1d:da:a6: 47:17:5d:ee:4b:af:54:92:6b:da:b7:81:f0:bb:92: ca:fb:ab:13:d6:ac:35:52:a9:58:9b:63:e3:41:d3: 34:c6:bd:3d:e4:15:f5:42:47:a7:f6:c0:82:0d:30: 75:55:37:4b:cd:64:de:40:e7:57:bc:ce:97:bf:6e: 2e:e4:85:e5:11:13:a3:cd:34:23:6b:7f:f0:87:4b: 88:d1:44:f7:0c:b1:3f:80:3d:34:6b:c9:03:66:0a: a3:42:92:98:9c:4d:57:3f:8c:94:1c:19:ec:25:2d: 0c:68:35:ee:1c:4e:0d:19:37:9c:12:32:5f:50:00: c7:13:b4:4a:af:75:74:da:b6:0c:24:15:cb:3e:27: 12:8f:c7:bc:6f:be:a0:16:37:b7:51:87:e3:6d:87: 6e:af:40:14:df:02:cc:ff:09:ac:5b:67:b8:03:15: 0d:75:35:7f:22:e2:33:b6:8a:3e:30:8f:f3:5b:a2: 60:64:5a:2a:4d:a4:e1:f0:dc:e0:4f:7b:d3:b3:f1: 67:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:40:83:0B:66:94:F3:6F:91:57:62:92:23:1D:97:09:D6:FF:EB:74 X509v3 Authority Key Identifier: keyid:21:F5:E1:52:BA:3E:25:56:1E:A4:D2:E2:98:65:46:41:2F:44:F1:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:f0:4c:c9:aa:62:75:0b:1a:ef:3d:48:1c:ae:65:81:60:eb: ab:b6:87:1e:c5:a5:f8:60:2a:b6:4a:cd:59:b1:61:06:da:41: a6:2d:0d:67:b8:1f:6a:02:d0:aa:31:80:6a:b1:15:df:b9:10: d3:d4:5c:ae:e6:25:33:d3:e9:0d:1f:a5:de:63:86:33:40:b4: 88:ab:4d:e3:b4:eb:10:99:9b:83:e9:5f:d6:4f:08:a3:b7:5a: fd:04:1a:14:59:d3:24:62:5e:f6:54:d1:2c:42:49:24:71:b4: fd:ae:f0:01:fe:29:ca:18:06:98:0c:8e:b6:f4:88:b9:97:1a: f8:42:b0:66:91:6b:27:a3:27:a0:8f:8d:ed:d0:6b:41:fa:18: 6a:ff:a0:80:89:5f:29:09:ae:6a:b6:46:3e:e1:20:66:ce:f3: 4b:7b:d7:51:1e:08:26:b6:64:ed:8f:6c:e2:15:1e:12:fc:89: f5:2e:bc:c1:c3:9a:71:0a:76:a8:1c:82:18:6c:0d:bd:dd:ca: 5b:69:ae:8b:62:32:f6:a2:76:93:e9:0a:f2:c5:7b:3e:55:79: 34:9d:a3:c2:e6:4e:99:a0:fa:08:71:fc:66:9b:a7:78:16:8f: 54:a2:da:3b:bf:3a:c5:2a:27:93:08:9b:ee:74:e7:65:38:b8: 0e:65:32:7f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaMTWEGeit+gWQ05tHcNrN/+dPIUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2NDEy RjQ0RjE1QjAeFw0yNTEwMTgxNjI2NTNaFw0yNTEwMjExOTQ0NTNaMDMxMTAvBgNV BAMTKEU0NDA4MzBCNjY5NEYzNkY5MTU3NjI5MjIzMUQ5NzA5RDZGRkVCNzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9K8b1yvLE0LWJJQyWvDE8tIHJ WdY4UfFEEqdMqaWE0yVopKAP6tLwBAzM41Qsp+8TLOij+nkEFR3apkcXXe5Lr1SS a9q3gfC7ksr7qxPWrDVSqVibY+NB0zTGvT3kFfVCR6f2wIINMHVVN0vNZN5A51e8 zpe/bi7kheURE6PNNCNrf/CHS4jRRPcMsT+APTRryQNmCqNCkpicTVc/jJQcGewl LQxoNe4cTg0ZN5wSMl9QAMcTtEqvdXTatgwkFcs+JxKPx7xvvqAWN7dRh+Nth26v QBTfAsz/CaxbZ7gDFQ11NX8i4jO2ij4wj/NbomBkWipNpOHw3OBPe9Oz8WfTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU5ECDC2aU82+RV2KSIx2XCdb/63QwHwYDVR0j BBgwFoAUIfXhUro+JVYepNLimGVGQS9E8VswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j M2RkNjEzNS01NDhjLTQ4ODEtYWY3OC05M2FmOWYyYTI1MTYvMC8yMUY1RTE1MkJB M0UyNTU2MUVBNEQyRTI5ODY1NDY0MTJGNDRGMTVCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2NDEyRjQ0 RjE1Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYzNkZDYxMzUtNTQ4Yy00ODgxLWFm NzgtOTNhZjlmMmEyNTE2LzAvMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2 NDEyRjQ0RjE1Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABfwTMmqYnULGu89SByuZYFg66u2hx7Fpfhg KrZKzVmxYQbaQaYtDWe4H2oC0KoxgGqxFd+5ENPUXK7mJTPT6Q0fpd5jhjNAtIir TeO06xCZm4PpX9ZPCKO3Wv0EGhRZ0yRiXvZU0SxCSSRxtP2u8AH+KcoYBpgMjrb0 iLmXGvhCsGaRayejJ6CPje3Qa0H6GGr/oICJXykJrmq2Rj7hIGbO80t711EeCCa2 ZO2PbOIVHhL8ifUuvMHDmnEKdqgcghhsDb3dyltprotiMvaidpPpCvLFez5VeTSd o8LmTpmg+ghx/Gabp3gWj1Si2ju/OsUqJ5MIm+5052U4uA5lMn8= -----END CERTIFICATE-----Generated at Mon Oct 20 09:46:16 2025 by rpki-client