$ rpki-client -vvf repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.mft File: 10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.mft (raw, json) Hash identifier: 66/Xpm/omWOTaaTvlCYYWjNyanJKQhXH+ZRVmJ0ufWM= Subject key identifier: 1D:36:43:C3:CA:9B:79:73:10:5D:4F:A3:74:BC:13:89:E5:EF:2C:B4 Authority key identifier: 10:D3:53:6F:3D:0B:F7:F7:AC:CE:8A:68:50:5E:C0:31:4C:FA:31:7B Certificate issuer: /CN=10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B Certificate serial: 3A7B2821808CD69784220ECC292E9F99BE8E60E2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.mft Manifest number: A4 Signing time: Sat 18 Oct 2025 20:31:41 +0000 Manifest this update: Sat 18 Oct 2025 20:26:41 +0000 Manifest next update: Wed 22 Oct 2025 06:04:41 +0000 Files and hashes: 1: 10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.crl (hash: vIrbcuriCUeIF4HYoZwjg8s2BvWftNFK6OkAdotJTN0=) 2: 3130332e3137312e3235352e302f32342d3234203d3e20313432333939.roa (hash: HSGQJXythRbZW0WejIr3eu8cpvINsUXbBgpQ3Hdpzbo=) 3: 3130332e3137312e3235342e302f32342d3234203d3e20313432333939.roa (hash: lR/hW+eaZsPiXrhVudMo+pOinjFXG0anTiMBOASqmGk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.crl rsync://repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 06:04:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:7b:28:21:80:8c:d6:97:84:22:0e:cc:29:2e:9f:99:be:8e:60:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B Validity Not Before: Oct 18 20:26:41 2025 GMT Not After : Oct 22 06:04:41 2025 GMT Subject: CN=1D3643C3CA9B7973105D4FA374BC1389E5EF2CB4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:73:d9:09:f9:45:47:e4:dd:2e:f1:f4:03:45: 61:9a:98:9e:43:68:63:2b:07:cd:0e:42:03:08:bb: cf:20:a5:bc:87:a8:04:f0:25:60:b7:a1:c3:18:c8: ee:2f:1e:58:51:5a:40:95:d6:dc:66:84:2d:12:80: cd:58:94:0c:78:b6:3d:97:4c:bd:12:1c:80:d9:de: ae:a1:93:0f:ed:fa:fc:85:1d:39:47:09:23:a5:c4: f8:35:72:6f:4f:04:77:af:b4:4c:58:e1:71:20:97: e0:05:76:cc:64:b6:15:9b:b8:b5:28:93:93:77:41: 36:d4:48:df:b7:62:04:94:5c:44:59:57:27:3a:79: 9b:c9:dd:8b:b1:3f:3b:d9:f2:9b:90:8c:08:44:d4: 4d:f7:f5:8c:f3:5a:19:c0:2e:5c:8e:3f:23:c8:79: 71:87:5c:47:8e:73:73:2b:f8:eb:58:90:e4:fa:df: 04:fe:e9:99:c9:10:45:f9:40:ef:ca:ab:00:19:a3: f0:44:c1:d5:04:d2:67:f3:09:b1:14:c7:41:81:45: 53:3e:80:b4:bf:15:05:15:f2:92:1f:58:68:5b:46: 96:c9:87:e3:2d:56:3e:57:de:d8:f8:25:76:ca:8c: c9:e5:96:d1:da:7d:18:e9:4b:00:16:2a:07:32:77: 6c:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:36:43:C3:CA:9B:79:73:10:5D:4F:A3:74:BC:13:89:E5:EF:2C:B4 X509v3 Authority Key Identifier: keyid:10:D3:53:6F:3D:0B:F7:F7:AC:CE:8A:68:50:5E:C0:31:4C:FA:31:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:63:2f:d8:3d:ba:ac:01:c0:26:20:22:4a:bd:40:07:db:fa: 1c:1e:49:c4:39:95:c8:c6:a9:93:dc:d9:a2:31:4a:5f:93:3f: 34:37:1e:87:0b:e0:d8:7d:61:cf:79:ba:ee:d8:d4:73:58:11: cb:12:ad:23:05:2f:f9:17:c7:ee:33:c1:83:d4:02:b3:41:67: 95:b1:c3:ca:7a:33:3a:2a:24:ca:e6:47:0e:d3:50:82:f4:b3: cd:e5:bb:af:62:5c:84:03:e6:18:92:e0:5b:7d:d6:a5:55:52: 25:fc:0c:29:5a:38:ef:37:a0:59:57:b1:b5:b8:ae:99:73:b6: 8c:cb:55:ad:2e:ff:1b:8f:a1:1e:fd:7e:8f:7f:b8:d7:a9:7b: ac:06:98:ab:07:01:09:c8:bb:7e:0b:96:c2:db:d8:35:45:83: f3:a4:00:ce:20:8e:aa:ca:28:f0:7f:7c:e8:b7:38:3b:d2:7d: 8e:de:7a:f8:c9:78:86:04:31:6d:2b:4c:3e:9a:0f:80:88:93: a5:4e:43:1f:0d:c2:d8:11:56:38:2c:18:79:c3:d4:25:b7:94: 2c:91:49:4e:8f:f1:c0:4f:78:40:08:a5:7d:5a:eb:c7:25:0a: 9b:9a:1a:ab:ad:82:a0:b6:3d:41:3a:af:d4:75:a7:b5:b6:92: 0a:47:2d:dc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOnsoIYCM1peEIg7MKS6fmb6OYOIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTBEMzUzNkYzRDBCRjdGN0FDQ0U4QTY4NTA1RUMwMzE0 Q0ZBMzE3QjAeFw0yNTEwMTgyMDI2NDFaFw0yNTEwMjIwNjA0NDFaMDMxMTAvBgNV BAMTKDFEMzY0M0MzQ0E5Qjc5NzMxMDVENEZBMzc0QkMxMzg5RTVFRjJDQjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEc9kJ+UVH5N0u8fQDRWGamJ5D aGMrB80OQgMIu88gpbyHqATwJWC3ocMYyO4vHlhRWkCV1txmhC0SgM1YlAx4tj2X TL0SHIDZ3q6hkw/t+vyFHTlHCSOlxPg1cm9PBHevtExY4XEgl+AFdsxkthWbuLUo k5N3QTbUSN+3YgSUXERZVyc6eZvJ3YuxPzvZ8puQjAhE1E339YzzWhnALlyOPyPI eXGHXEeOc3Mr+OtYkOT63wT+6ZnJEEX5QO/KqwAZo/BEwdUE0mfzCbEUx0GBRVM+ gLS/FQUV8pIfWGhbRpbJh+MtVj5X3tj4JXbKjMnlltHafRjpSwAWKgcyd2zjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUHTZDw8qbeXMQXU+jdLwTieXvLLQwHwYDVR0j BBgwFoAUENNTbz0L9/eszopoUF7AMUz6MXswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j YjAxYzk2Ny05OWQwLTRjMjEtOTY0Mi04N2FkYTY3MTU1YzgvMC8xMEQzNTM2RjNE MEJGN0Y3QUNDRThBNjg1MDVFQzAzMTRDRkEzMTdCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTBEMzUzNkYzRDBCRjdGN0FDQ0U4QTY4NTA1RUMwMzE0Q0ZB MzE3Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vY2IwMWM5NjctOTlkMC00YzIxLTk2 NDItODdhZGE2NzE1NWM4LzAvMTBEMzUzNkYzRDBCRjdGN0FDQ0U4QTY4NTA1RUMw MzE0Q0ZBMzE3Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIZjL9g9uqwBwCYgIkq9QAfb+hweScQ5lcjG qZPc2aIxSl+TPzQ3HocL4Nh9Yc95uu7Y1HNYEcsSrSMFL/kXx+4zwYPUArNBZ5Wx w8p6MzoqJMrmRw7TUIL0s83lu69iXIQD5hiS4Ft91qVVUiX8DClaOO83oFlXsbW4 rplztozLVa0u/xuPoR79fo9/uNepe6wGmKsHAQnIu34LlsLb2DVFg/OkAM4gjqrK KPB/fOi3ODvSfY7eevjJeIYEMW0rTD6aD4CIk6VOQx8NwtgRVjgsGHnD1CW3lCyR SU6P8cBPeEAIpX1a68clCpuaGqutgqC2PUE6r9R1p7W2kgpHLdw= -----END CERTIFICATE-----Generated at Mon Oct 20 10:06:29 2025 by rpki-client