$ rpki-client -vvf repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft File: B891A45840F824B9F116CBEAA3574A68343F5538.mft (raw, json) Hash identifier: +ohR/wRPykcaeXV7NsVrynNVRVlb58Gn2XgSMs3prn4= Subject key identifier: 94:AD:85:A4:FC:60:39:CB:48:8D:7C:4E:B8:9B:36:8C:73:53:08:55 Authority key identifier: B8:91:A4:58:40:F8:24:B9:F1:16:CB:EA:A3:57:4A:68:34:3F:55:38 Certificate issuer: /CN=B891A45840F824B9F116CBEAA3574A68343F5538 Certificate serial: 3264C95887E08A01C1CCE7A42A1635ABC8466F2C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft Manifest number: 8B Signing time: Sat 18 Oct 2025 05:02:11 +0000 Manifest this update: Sat 18 Oct 2025 04:57:11 +0000 Manifest next update: Tue 21 Oct 2025 12:42:11 +0000 Files and hashes: 1: B891A45840F824B9F116CBEAA3574A68343F5538.crl (hash: JFBWjutygxWVvZMMiFoqOeX/ptlsAGRj3wCvMFUy1bk=) 2: 3130332e3234362e3136392e302f32342d3234203d3e203538333835.roa (hash: 8meh4qssPriL64kBvXs5YtBumf6ArWnflJaVktjo3Fo=) 3: 3131302e39322e37342e302f32332d3234203d3e203538333835.roa (hash: XgxFmfrvLr/HS422k6dRWPfIUiiCoQbGouQtaJJQX4Y=) 4: 3130332e32332e3131362e302f32332d3234203d3e203538333835.roa (hash: 5UewkM1pAbLnP65YZLTVxzSYU/L1g1J84e5HTrwnd3M=) 5: 3130332e32382e3231382e302f32342d3234203d3e203538333835.roa (hash: cMJACG+wJYTKnGt0rpeqO/b7Kbn+Qvg12TrUivh9cCk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.crl rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 12:42:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:64:c9:58:87:e0:8a:01:c1:cc:e7:a4:2a:16:35:ab:c8:46:6f:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B891A45840F824B9F116CBEAA3574A68343F5538 Validity Not Before: Oct 18 04:57:11 2025 GMT Not After : Oct 21 12:42:11 2025 GMT Subject: CN=94AD85A4FC6039CB488D7C4EB89B368C73530855 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:7d:99:27:a5:8e:d2:36:61:54:1a:37:4b:01: 18:59:4f:7a:25:24:e3:7f:aa:37:f1:f0:8a:7d:e2: 53:c3:61:7d:10:ea:71:59:62:a9:41:5c:c9:46:53: b7:2f:8b:9c:60:9e:a7:df:84:dc:3c:8a:3f:8a:1f: d3:2a:dc:4d:b0:55:bd:51:1a:fb:e0:43:a2:41:10: 49:69:9a:81:13:31:3a:a1:b1:3b:1a:16:9e:6c:6b: ce:a3:b5:e5:6f:5e:eb:9e:79:b7:77:a7:05:dc:28: d4:2b:28:2b:9d:9b:58:0c:76:a2:68:57:56:19:a4: 8f:66:9f:05:55:7d:d3:b0:2c:dd:72:89:78:ea:bc: 95:60:27:87:d1:64:4c:da:59:dd:00:26:e2:75:73: c5:12:37:23:53:aa:e5:92:cd:1a:a5:b1:f8:14:19: 95:53:66:0b:07:03:d6:b1:5f:c6:fc:c9:75:7e:29: b9:84:49:64:f4:97:ad:87:55:e5:99:b0:f9:00:d3: fa:3b:1d:81:4d:e5:be:dc:10:34:7c:88:e5:0e:db: 19:25:7a:25:78:65:e9:63:c6:c0:ec:32:0f:4d:1c: 45:77:e3:da:2b:34:fc:d2:96:82:fb:37:74:f1:52: 2c:b4:58:f9:ba:53:68:8a:ea:41:4f:2d:6e:6d:c8: 63:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:AD:85:A4:FC:60:39:CB:48:8D:7C:4E:B8:9B:36:8C:73:53:08:55 X509v3 Authority Key Identifier: keyid:B8:91:A4:58:40:F8:24:B9:F1:16:CB:EA:A3:57:4A:68:34:3F:55:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:84:6a:84:f2:a2:bd:ae:f5:f3:bd:f3:03:be:7f:60:bd:5c: f2:93:f1:fc:62:74:52:4c:b2:a3:d2:f3:09:fa:22:db:f5:85: e2:dc:76:de:09:df:36:1b:4a:e1:ad:cd:64:4b:7f:a7:16:93: 53:36:6f:89:48:e2:38:f0:10:ac:0f:6e:7f:05:74:80:a2:c2: f2:a6:e8:08:be:ee:11:04:ef:61:56:35:23:65:47:4e:0e:9d: e4:9b:ad:3a:e4:51:b0:d1:90:d4:6d:17:0c:27:bb:7e:4c:aa: 53:8b:b7:8e:ad:62:cf:6c:4d:89:1c:5d:63:89:5d:d5:de:aa: 52:62:7b:6d:d2:47:a3:9f:22:0d:41:db:3d:b0:6a:11:55:74: dc:06:e5:6c:92:ef:21:9e:e9:ac:fa:77:19:25:2c:b1:79:83: c7:ec:01:a3:0d:c6:e7:32:af:1c:93:79:96:73:e3:91:00:76: 09:ba:27:8a:94:ad:e0:9d:91:c2:ee:7b:13:dc:00:ea:19:c4: 82:de:4e:19:de:89:02:fb:bd:22:38:44:ad:34:e0:75:fa:c6: 44:c1:28:cc:ae:c6:6b:4e:29:84:90:f7:e5:9b:d2:a0:97:3b: f6:d5:0b:80:5f:55:71:03:e4:d9:30:4a:c1:53:bf:85:c1:01: 5c:0c:b5:71 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMmTJWIfgigHBzOekKhY1q8hGbywwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRBNjgz NDNGNTUzODAeFw0yNTEwMTgwNDU3MTFaFw0yNTEwMjExMjQyMTFaMDMxMTAvBgNV BAMTKDk0QUQ4NUE0RkM2MDM5Q0I0ODhEN0M0RUI4OUIzNjhDNzM1MzA4NTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDifZknpY7SNmFUGjdLARhZT3ol JON/qjfx8Ip94lPDYX0Q6nFZYqlBXMlGU7cvi5xgnqffhNw8ij+KH9Mq3E2wVb1R GvvgQ6JBEElpmoETMTqhsTsaFp5sa86jteVvXuueebd3pwXcKNQrKCudm1gMdqJo V1YZpI9mnwVVfdOwLN1yiXjqvJVgJ4fRZEzaWd0AJuJ1c8USNyNTquWSzRqlsfgU GZVTZgsHA9axX8b8yXV+KbmESWT0l62HVeWZsPkA0/o7HYFN5b7cEDR8iOUO2xkl eiV4ZeljxsDsMg9NHEV349orNPzSloL7N3TxUiy0WPm6U2iK6kFPLW5tyGNHAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUlK2FpPxgOctIjXxOuJs2jHNTCFUwHwYDVR0j BBgwFoAUuJGkWED4JLnxFsvqo1dKaDQ/VTgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MzkyNTM4OC0zNWM2LTQxZDctOWRjNC1kYjRkMTE4ZDEzNWEvMC9CODkxQTQ1ODQw RjgyNEI5RjExNkNCRUFBMzU3NEE2ODM0M0Y1NTM4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRBNjgzNDNG NTUzOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDM5MjUzODgtMzVjNi00MWQ3LTlk YzQtZGI0ZDExOGQxMzVhLzAvQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRB NjgzNDNGNTUzOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAC2EaoTyor2u9fO98wO+f2C9XPKT8fxidFJM sqPS8wn6Itv1heLcdt4J3zYbSuGtzWRLf6cWk1M2b4lI4jjwEKwPbn8FdICiwvKm 6Ai+7hEE72FWNSNlR04OneSbrTrkUbDRkNRtFwwnu35MqlOLt46tYs9sTYkcXWOJ XdXeqlJie23SR6OfIg1B2z2wahFVdNwG5WyS7yGe6az6dxklLLF5g8fsAaMNxucy rxyTeZZz45EAdgm6J4qUreCdkcLuexPcAOoZxILeThneiQL7vSI4RK004HX6xkTB KMyuxmtOKYSQ9+Wb0qCXO/bVC4BfVXED5NkwSsFTv4XBAVwMtXE= -----END CERTIFICATE-----Generated at Mon Oct 20 09:44:59 2025 by rpki-client