$ rpki-client -vvf repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft File: 401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft (raw, json) Hash identifier: gN9hSLIMAK6dFbNifJIG78ob7557/OMDruMR3GhpKbk= Subject key identifier: 2D:A9:A5:54:BF:20:A2:52:1A:A4:D5:D5:DD:CA:AD:6F:57:FE:85:E0 Authority key identifier: 40:1A:A5:6A:F5:99:CC:A2:CD:71:A6:84:FF:CF:53:FF:F9:DD:E3:DD Certificate issuer: /CN=401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD Certificate serial: 473B38B3BE42409DD0890C38ECB10770D3C4B7D7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft Manifest number: 01FD Signing time: Sun 19 Oct 2025 17:31:52 +0000 Manifest this update: Sun 19 Oct 2025 17:26:52 +0000 Manifest next update: Wed 22 Oct 2025 22:11:52 +0000 Files and hashes: 1: 3130332e3136302e36382e302f32342d3234203d3e203438343635.roa (hash: s3cZDsm3eCD/zirL0oonykymWlAaugzxDIFPlg5sAUQ=) 2: 3130332e3136302e36392e302f32342d3234203d3e203438343635.roa (hash: K+vQljm+ExeOXd+J7K26cCdQKnYakCROUmRDg3WOiF4=) 3: 401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.crl (hash: sl+tEqa6oDIKhOqF0W2ZnD8pNhk48ZE0oGc+x3Y03Ww=) 4: 3130332e3136302e36392e302f32342d3234203d3e20313431363037.roa (hash: HLjZFq4/Jnmag82Gv7W9QKBRIGp+gW90e9wOgTOi2PE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.crl rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 22:11:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:3b:38:b3:be:42:40:9d:d0:89:0c:38:ec:b1:07:70:d3:c4:b7:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD Validity Not Before: Oct 19 17:26:52 2025 GMT Not After : Oct 22 22:11:52 2025 GMT Subject: CN=2DA9A554BF20A2521AA4D5D5DDCAAD6F57FE85E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:56:ba:1f:08:21:41:55:98:16:a5:af:6a:39: d5:34:c1:74:1c:65:18:61:c8:00:c1:2c:cc:8b:de: d9:3f:05:08:0b:0c:d8:bb:1a:16:c8:11:b4:e0:92: d3:b9:e4:5e:eb:23:e9:eb:05:39:7c:06:03:fd:db: 5b:d2:2d:89:5c:ae:0f:71:41:f7:5d:78:eb:3b:da: 98:be:1a:f6:93:aa:f3:f3:76:09:9f:2b:06:c2:d5: 27:2f:90:e5:4a:65:e3:ad:59:2b:a9:4c:f2:97:15: 30:04:f3:1a:04:22:86:19:78:45:e6:1d:f5:ec:b2: 9b:9d:9e:4d:4e:2f:a7:97:f2:11:dc:3b:6f:7d:cb: 76:86:97:e5:9e:06:03:9b:8a:77:ba:44:9a:f7:4d: f8:b6:bb:86:11:76:09:a5:50:da:e6:9c:09:0e:42: 4d:c3:97:8b:af:24:ba:8d:6f:9b:bb:ca:41:18:54: d0:3c:10:fb:de:8c:e9:77:c8:40:e2:2a:98:69:fd: ef:17:be:de:b9:a6:72:c4:67:91:34:47:06:48:9d: 0b:ad:c1:9b:c4:c1:3d:62:24:53:0f:8b:50:4e:91: 83:4e:80:fc:6d:79:b9:04:73:7e:26:9f:01:59:9d: 72:dd:c1:11:48:52:5b:2c:fb:40:a4:fb:ac:d4:7f: ff:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:A9:A5:54:BF:20:A2:52:1A:A4:D5:D5:DD:CA:AD:6F:57:FE:85:E0 X509v3 Authority Key Identifier: keyid:40:1A:A5:6A:F5:99:CC:A2:CD:71:A6:84:FF:CF:53:FF:F9:DD:E3:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:d3:c8:45:3e:1e:58:96:d9:c6:fe:ae:a0:d9:a0:b8:a4:ed: ea:85:e0:78:42:4e:46:9d:31:5f:3f:1b:7c:f0:37:b2:c5:27: 26:f7:39:d8:68:75:97:01:d3:89:c3:1a:65:27:40:80:d2:0c: 60:8f:01:a3:a8:8c:80:dd:5c:31:0f:d3:06:46:3b:d1:22:9b: d7:dd:be:82:35:c9:b9:43:e8:d8:27:2b:f6:7d:aa:9a:a3:69: 2b:21:71:1b:9c:7e:62:8d:55:47:e4:30:07:e4:52:e3:8b:fe: d8:78:22:8d:f3:ea:4e:7d:8d:61:3e:58:bd:5f:e2:6a:c6:c3: 1e:6e:d0:10:cc:6d:73:ab:b5:32:0c:34:61:ce:35:94:d0:d2: 74:05:56:fe:30:50:cb:a8:91:61:39:6a:d5:e1:a9:82:f0:7e: 70:5b:f1:64:55:1f:c1:ca:69:c3:c5:74:c3:4c:64:bc:53:49: 19:ec:33:c0:d4:e6:41:31:3f:ec:de:e1:82:d0:48:71:81:8a: 22:88:89:37:25:c0:10:a2:55:6e:be:2b:c5:ef:e1:04:31:04: a6:1f:09:10:9f:8d:ab:db:b2:fe:2a:16:c5:88:17:89:21:c8: fb:3f:0e:50:4a:f1:f6:51:40:73:50:6b:3c:7f:8a:d3:fa:0a: f6:6f:9c:2b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURzs4s75CQJ3QiQw47LEHcNPEt9cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDAxQUE1NkFGNTk5Q0NBMkNENzFBNjg0RkZDRjUzRkZG OURERTNERDAeFw0yNTEwMTkxNzI2NTJaFw0yNTEwMjIyMjExNTJaMDMxMTAvBgNV BAMTKDJEQTlBNTU0QkYyMEEyNTIxQUE0RDVENUREQ0FBRDZGNTdGRTg1RTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoVrofCCFBVZgWpa9qOdU0wXQc ZRhhyADBLMyL3tk/BQgLDNi7GhbIEbTgktO55F7rI+nrBTl8BgP921vSLYlcrg9x QfddeOs72pi+GvaTqvPzdgmfKwbC1ScvkOVKZeOtWSupTPKXFTAE8xoEIoYZeEXm HfXsspudnk1OL6eX8hHcO299y3aGl+WeBgObine6RJr3Tfi2u4YRdgmlUNrmnAkO Qk3Dl4uvJLqNb5u7ykEYVNA8EPvejOl3yEDiKphp/e8Xvt65pnLEZ5E0RwZInQut wZvEwT1iJFMPi1BOkYNOgPxtebkEc34mnwFZnXLdwRFIUlss+0Ck+6zUf/9jAgMB AAGjggI8MIICODAdBgNVHQ4EFgQULamlVL8golIapNXV3cqtb1f+heAwHwYDVR0j BBgwFoAUQBqlavWZzKLNcaaE/89T//nd490wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k YWM3OWZiZS00NzkwLTQ2YmUtYjliMi0wMzU5YjFhMThlMzMvMC80MDFBQTU2QUY1 OTlDQ0EyQ0Q3MUE2ODRGRkNGNTNGRkY5RERFM0RELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDAxQUE1NkFGNTk5Q0NBMkNENzFBNjg0RkZDRjUzRkZGOURE RTNERC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGFjNzlmYmUtNDc5MC00NmJlLWI5 YjItMDM1OWIxYTE4ZTMzLzAvNDAxQUE1NkFGNTk5Q0NBMkNENzFBNjg0RkZDRjUz RkZGOURERTNERC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKzTyEU+HliW2cb+rqDZoLik7eqF4HhCTkad MV8/G3zwN7LFJyb3OdhodZcB04nDGmUnQIDSDGCPAaOojIDdXDEP0wZGO9Eim9fd voI1yblD6NgnK/Z9qpqjaSshcRucfmKNVUfkMAfkUuOL/th4Io3z6k59jWE+WL1f 4mrGwx5u0BDMbXOrtTIMNGHONZTQ0nQFVv4wUMuokWE5atXhqYLwfnBb8WRVH8HK acPFdMNMZLxTSRnsM8DU5kExP+ze4YLQSHGBiiKIiTclwBCiVW6+K8Xv4QQxBKYf CRCfjavbsv4qFsWIF4khyPs/DlBK8fZRQHNQazx/itP6CvZvnCs= -----END CERTIFICATE-----Generated at Mon Oct 20 15:13:49 2025 by rpki-client