$ rpki-client -vvf repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.mft File: 85EA86756371BA89BB1AE846B5C30DDB816ACDB9.mft (raw, json) Hash identifier: 9Kgb0B07TLWQTDfuALck3zYnOWQTXWk9BARrIZh4hlU= Subject key identifier: 35:55:6D:5C:3A:82:F7:54:99:A2:CD:4C:71:29:92:64:4F:23:4F:AD Authority key identifier: 85:EA:86:75:63:71:BA:89:BB:1A:E8:46:B5:C3:0D:DB:81:6A:CD:B9 Certificate issuer: /CN=85EA86756371BA89BB1AE846B5C30DDB816ACDB9 Certificate serial: 60DA364CFCC83231E1A87BC4C546F37162C94EF7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.mft Manifest number: 0216 Signing time: Mon 20 Oct 2025 00:20:03 +0000 Manifest this update: Mon 20 Oct 2025 00:15:03 +0000 Manifest next update: Thu 23 Oct 2025 10:43:03 +0000 Files and hashes: 1: 3130332e3137342e37392e302f32342d3234203d3e203338333230.roa (hash: AGvpCXR8gQBspf5FohNx3ipHrwnlCs57tuOOE5KVIPk=) 2: 85EA86756371BA89BB1AE846B5C30DDB816ACDB9.crl (hash: PqahJ5HA31MuPHh4Mc0PmW71lsa9fjezZE3BsYWBHYU=) 3: 3130332e3137342e37382e302f32342d3234203d3e20313331363939.roa (hash: lKFSHdHF3wWJIcTGvyjieSUWfDWF+TAqKVs638owOUk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.crl rsync://repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 10:43:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:da:36:4c:fc:c8:32:31:e1:a8:7b:c4:c5:46:f3:71:62:c9:4e:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85EA86756371BA89BB1AE846B5C30DDB816ACDB9 Validity Not Before: Oct 20 00:15:03 2025 GMT Not After : Oct 23 10:43:03 2025 GMT Subject: CN=35556D5C3A82F75499A2CD4C712992644F234FAD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:59:19:db:d4:cc:e6:8a:de:4c:f8:71:33:69: 74:6e:54:a8:23:9a:7d:01:8b:04:16:80:88:ac:e6: 3f:db:97:8e:b1:30:59:e7:ff:47:76:2d:71:d2:fc: e4:45:63:5a:95:5b:0e:70:fe:9f:4b:b8:87:51:63: 8d:28:af:e4:3c:c5:df:fa:3f:cf:8e:86:24:61:07: 56:96:61:94:f7:dd:6c:9b:4a:6e:2f:94:06:c0:9d: 20:01:cd:43:f7:64:9a:f5:66:19:61:a8:6d:52:90: 6d:6e:48:e2:9c:b1:78:81:f8:18:45:84:6b:ce:d4: 07:e0:92:42:c2:2b:73:f4:e0:29:02:93:06:32:bf: b9:a7:74:f3:cb:51:4a:8c:00:55:76:41:12:3a:bd: 3b:99:a4:55:ae:a5:69:dd:75:6f:05:30:eb:3e:10: 3f:36:df:fa:d4:c2:93:86:25:f8:be:3c:17:11:b2: 9e:24:e7:da:17:02:fb:a5:42:83:f5:63:4b:20:7e: cd:62:d9:3e:8d:e1:99:95:03:56:c1:2c:73:5a:da: 8f:eb:ac:18:de:d2:72:d1:b3:7c:95:72:65:14:04: 76:49:9c:48:2d:b9:2a:0c:22:36:78:b9:49:d7:ac: 5c:4d:8e:44:5d:b5:44:be:e5:40:a7:bb:66:d0:e0: f6:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:55:6D:5C:3A:82:F7:54:99:A2:CD:4C:71:29:92:64:4F:23:4F:AD X509v3 Authority Key Identifier: keyid:85:EA:86:75:63:71:BA:89:BB:1A:E8:46:B5:C3:0D:DB:81:6A:CD:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:48:f2:0e:76:ee:34:0a:f0:06:77:5c:71:cf:04:a5:9e:2c: 75:e6:08:25:90:52:6e:a8:24:8c:88:60:1a:de:08:f6:b1:2a: 62:bd:eb:0e:cb:f9:90:9e:8e:bf:35:3a:25:a5:ad:83:9b:74: 0b:11:09:3b:81:2a:e0:cb:99:76:04:67:d2:79:a9:17:f9:9c: 3a:81:6c:10:9e:cf:cb:e6:44:87:e1:8d:3e:b1:b8:1f:e6:8e: 52:52:2c:0d:02:b4:21:a7:16:48:85:7b:07:f2:56:47:5c:af: 60:74:63:e9:bf:1f:c7:1a:b9:90:c5:93:85:7b:94:a2:34:0b: d4:46:88:cc:73:0e:0f:36:a4:7c:6c:e4:f1:fe:ba:41:10:bd: df:f5:e3:e5:5a:1a:f3:d1:59:32:ff:1c:61:e2:23:95:6d:48: b9:25:00:ef:0d:4b:92:2d:76:1e:6e:4a:07:bb:16:4c:27:63: 9f:df:e6:d5:8e:8e:c1:a7:4d:f9:23:5c:7a:75:08:a8:77:ca: 1f:b2:59:19:ad:62:38:07:af:2b:b3:6e:98:bd:92:55:76:a5: 45:a4:cc:60:f9:9b:42:d8:e3:36:d6:4c:73:92:42:c4:14:46: 07:27:c4:6d:5b:87:f4:11:02:46:f3:0f:80:48:d1:50:f6:04: f3:e9:61:81 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYNo2TPzIMjHhqHvExUbzcWLJTvcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODVFQTg2NzU2MzcxQkE4OUJCMUFFODQ2QjVDMzBEREI4 MTZBQ0RCOTAeFw0yNTEwMjAwMDE1MDNaFw0yNTEwMjMxMDQzMDNaMDMxMTAvBgNV BAMTKDM1NTU2RDVDM0E4MkY3NTQ5OUEyQ0Q0QzcxMjk5MjY0NEYyMzRGQUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrWRnb1Mzmit5M+HEzaXRuVKgj mn0BiwQWgIis5j/bl46xMFnn/0d2LXHS/ORFY1qVWw5w/p9LuIdRY40or+Q8xd/6 P8+OhiRhB1aWYZT33WybSm4vlAbAnSABzUP3ZJr1ZhlhqG1SkG1uSOKcsXiB+BhF hGvO1AfgkkLCK3P04CkCkwYyv7mndPPLUUqMAFV2QRI6vTuZpFWupWnddW8FMOs+ ED823/rUwpOGJfi+PBcRsp4k59oXAvulQoP1Y0sgfs1i2T6N4ZmVA1bBLHNa2o/r rBje0nLRs3yVcmUUBHZJnEgtuSoMIjZ4uUnXrFxNjkRdtUS+5UCnu2bQ4PYTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUNVVtXDqC91SZos1McSmSZE8jT60wHwYDVR0j BBgwFoAUheqGdWNxuom7GuhGtcMN24FqzbkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k YmM2ZGExOS04NGJlLTRhNTAtYjQ2Ni0xZTg2ZGRiY2MzNWYvMC84NUVBODY3NTYz NzFCQTg5QkIxQUU4NDZCNUMzMEREQjgxNkFDREI5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODVFQTg2NzU2MzcxQkE4OUJCMUFFODQ2QjVDMzBEREI4MTZB Q0RCOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGJjNmRhMTktODRiZS00YTUwLWI0 NjYtMWU4NmRkYmNjMzVmLzAvODVFQTg2NzU2MzcxQkE4OUJCMUFFODQ2QjVDMzBE REI4MTZBQ0RCOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAK5I8g527jQK8AZ3XHHPBKWeLHXmCCWQUm6o JIyIYBreCPaxKmK96w7L+ZCejr81OiWlrYObdAsRCTuBKuDLmXYEZ9J5qRf5nDqB bBCez8vmRIfhjT6xuB/mjlJSLA0CtCGnFkiFewfyVkdcr2B0Y+m/H8cauZDFk4V7 lKI0C9RGiMxzDg82pHxs5PH+ukEQvd/14+VaGvPRWTL/HGHiI5VtSLklAO8NS5It dh5uSge7FkwnY5/f5tWOjsGnTfkjXHp1CKh3yh+yWRmtYjgHryuzbpi9klV2pUWk zGD5m0LY4zbWTHOSQsQURgcnxG1bh/QRAkbzD4BI0VD2BPPpYYE= -----END CERTIFICATE-----Generated at Mon Oct 20 09:26:45 2025 by rpki-client