$ rpki-client -vvf repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft File: 20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft (raw, json) Hash identifier: xT+iOynSMRqCWfX3vOUb7IPEEJhlFky6X0kcmS9/iNo= Subject key identifier: C6:9B:93:D2:A4:B6:3E:FA:79:FF:DE:C5:0E:1C:10:9F:C8:39:3C:4E Authority key identifier: 20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 Certificate issuer: /CN=20B15C95FA3351402D60E968AD1D9ECD289ABFF9 Certificate serial: 439222016E1191EF8495C55FB995B0B0BCB6EEF6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft Manifest number: 049D Signing time: Mon 20 Oct 2025 23:10:48 +0000 Manifest this update: Mon 20 Oct 2025 23:05:48 +0000 Manifest next update: Fri 24 Oct 2025 02:00:48 +0000 Files and hashes: 1: 3130332e3136322e312e302f32342d3234203d3e20313431363334.roa (hash: qNe08ONmrtJrbqnJHhzOzL4yLMKznA4CGtzFIsSxWok=) 2: 3130332e3136322e302e302f32342d3234203d3e20313431363334.roa (hash: mrVcWkYKkNNL+5Z0dua06HvGJVSXAbMBn3dbcArjm/g=) 3: 3130332e3136322e312e302f32342d3234203d3e2036393339.roa (hash: fzXYj+/Wlk2+pHJ1gJZrQ6X0Tnu8HMMmPoocnHTOJ8E=) 4: 20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl (hash: RO2y4Iq6RltMX2DekMdpc0LI1gb5EGyyEvmQNavWaog=) 5: 3130332e3136322e302e302f32332d3233203d3e20313431363334.roa (hash: BUWXw4dtky6u3IS1OVmdebvECXrPIBW5iPpOPegzgSU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 11:48:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:92:22:01:6e:11:91:ef:84:95:c5:5f:b9:95:b0:b0:bc:b6:ee:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20B15C95FA3351402D60E968AD1D9ECD289ABFF9 Validity Not Before: Oct 20 23:05:48 2025 GMT Not After : Oct 24 02:00:48 2025 GMT Subject: CN=C69B93D2A4B63EFA79FFDEC50E1C109FC8393C4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:94:18:30:79:68:de:55:a5:56:9c:52:7c:d4: 42:58:2c:2f:c4:95:0e:61:a0:e0:c4:8c:0d:9e:75: 14:7a:81:72:77:7b:ab:f8:6c:58:18:14:1b:50:a4: d4:fa:58:6b:66:ee:e8:9b:d3:34:5f:8c:21:b0:eb: f7:01:49:bc:cb:23:c4:9b:10:10:d3:4e:7e:2e:e5: 00:3a:e7:c7:7b:8c:f9:8b:9f:9f:4b:95:b3:f8:1e: 3b:35:5f:5b:29:ba:06:92:ba:11:b0:3a:12:18:4c: 29:80:8e:ff:f3:a5:b1:7f:03:42:24:38:ec:27:01: e3:f0:e7:ea:47:88:53:3c:39:56:7a:de:67:81:d6: a4:fd:6b:89:7e:7e:47:80:ba:39:c5:2f:de:be:6d: 6c:30:8a:cd:fd:01:de:87:d4:8c:f9:81:ec:43:52: c8:8a:ad:58:00:da:ca:e1:c3:e6:92:58:77:41:2a: 43:eb:aa:0b:78:41:bf:3c:33:29:2e:ab:f5:b6:7a: c5:3c:60:d9:7f:9e:d3:95:cd:eb:c9:4d:b6:91:e0: 4c:55:8b:ed:da:ed:43:05:21:b3:eb:91:e5:d2:8b: 33:bc:bf:0e:e8:66:c0:c5:0a:fc:59:be:04:f9:9e: 60:f9:9d:6d:d1:cd:b2:8d:34:f3:aa:56:5e:7e:c9: c3:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:9B:93:D2:A4:B6:3E:FA:79:FF:DE:C5:0E:1C:10:9F:C8:39:3C:4E X509v3 Authority Key Identifier: keyid:20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:da:65:8a:8f:ae:9a:fb:35:3d:80:5b:73:34:e2:74:46:0b: f7:1f:1c:e4:7c:20:2b:5f:22:3c:35:21:05:9d:2d:49:57:05: 38:9e:c5:dd:ff:db:a0:0a:40:b8:7d:a0:96:f9:64:2c:d5:2a: a8:5c:a7:d6:b7:c4:34:18:e6:bb:7e:9a:04:f0:81:f5:e7:bb: 7b:fa:08:3e:93:aa:8e:d4:01:47:f4:f2:e8:cb:95:f5:cd:c5: fb:c2:6b:53:f8:24:90:cc:c7:3f:1d:31:cd:83:49:8b:d5:ce: 67:56:9c:25:d3:b3:c3:91:18:42:be:35:db:bd:0b:ab:b9:aa: a6:b6:15:e9:f2:bf:05:3e:93:20:35:e5:71:02:70:36:3d:a5: 04:98:b5:8c:29:03:8d:78:f3:48:01:44:5c:0e:30:68:07:d0: 90:0b:9d:ed:0e:96:4e:46:ec:36:9d:a7:e4:53:10:62:ae:15: 3e:60:d3:e4:94:65:75:4d:8c:8c:fa:d2:5b:23:9a:d2:ff:1f: e7:4e:f1:1a:ad:c2:ee:ec:b4:f0:4d:dd:55:af:30:a6:44:c2: fc:5e:85:2d:02:5c:1b:d4:5d:9f:fd:9e:a1:65:13:b4:98:82: e1:2e:4a:eb:f3:d5:74:f2:0e:5c:64:75:99:51:b9:2c:65:6f: 43:04:93:41 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQ5IiAW4Rke+ElcVfuZWwsLy27vYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlFQ0Qy ODlBQkZGOTAeFw0yNTEwMjAyMzA1NDhaFw0yNTEwMjQwMjAwNDhaMDMxMTAvBgNV BAMTKEM2OUI5M0QyQTRCNjNFRkE3OUZGREVDNTBFMUMxMDlGQzgzOTNDNEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8lBgweWjeVaVWnFJ81EJYLC/E lQ5hoODEjA2edRR6gXJ3e6v4bFgYFBtQpNT6WGtm7uib0zRfjCGw6/cBSbzLI8Sb EBDTTn4u5QA658d7jPmLn59LlbP4Hjs1X1spugaSuhGwOhIYTCmAjv/zpbF/A0Ik OOwnAePw5+pHiFM8OVZ63meB1qT9a4l+fkeAujnFL96+bWwwis39Ad6H1Iz5gexD UsiKrVgA2srhw+aSWHdBKkPrqgt4Qb88Mykuq/W2esU8YNl/ntOVzevJTbaR4ExV i+3a7UMFIbPrkeXSizO8vw7oZsDFCvxZvgT5nmD5nW3RzbKNNPOqVl5+ycMFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUxpuT0qS2Pvp5/97FDhwQn8g5PE4wHwYDVR0j BBgwFoAUILFclfozUUAtYOlorR2ezSiav/kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MTQxOTNjNC00YWJkLTRlMmMtYTFkMC0xYjVjZTMyZTQyMGIvMC8yMEIxNUM5NUZB MzM1MTQwMkQ2MEU5NjhBRDFEOUVDRDI4OUFCRkY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlFQ0QyODlB QkZGOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDE0MTkzYzQtNGFiZC00ZTJjLWEx ZDAtMWI1Y2UzMmU0MjBiLzAvMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlF Q0QyODlBQkZGOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKXaZYqPrpr7NT2AW3M04nRGC/cfHOR8ICtf Ijw1IQWdLUlXBTiexd3/26AKQLh9oJb5ZCzVKqhcp9a3xDQY5rt+mgTwgfXnu3v6 CD6Tqo7UAUf08ujLlfXNxfvCa1P4JJDMxz8dMc2DSYvVzmdWnCXTs8ORGEK+Ndu9 C6u5qqa2FenyvwU+kyA15XECcDY9pQSYtYwpA41480gBRFwOMGgH0JALne0Olk5G 7Dadp+RTEGKuFT5g0+SUZXVNjIz60lsjmtL/H+dO8Rqtwu7stPBN3VWvMKZEwvxe hS0CXBvUXZ/9nqFlE7SYguEuSuvz1XTyDlxkdZlRuSxlb0MEk0E= -----END CERTIFICATE-----Generated at Tue Oct 21 01:36:06 2025 by rpki-client