$ rpki-client -vvf repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft File: CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft (raw, json) Hash identifier: 1GYQuB9Zd5Fxe/QVba159IQrII7NU5apTSl9V27uuas= Subject key identifier: B9:62:B3:A7:E9:7F:F9:CB:56:E7:BB:C5:B9:EA:F8:C8:38:DA:7F:A6 Authority key identifier: CB:96:62:73:31:53:C0:2E:4C:41:1B:7D:2F:2B:9E:22:D2:F0:EB:85 Certificate issuer: /CN=CB9662733153C02E4C411B7D2F2B9E22D2F0EB85 Certificate serial: 0D7C0FAD51C8A5F5465D201BCB20129702AF9855 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft Manifest number: 019A Signing time: Sat 18 Oct 2025 07:11:10 +0000 Manifest this update: Sat 18 Oct 2025 07:06:10 +0000 Manifest next update: Tue 21 Oct 2025 12:25:10 +0000 Files and hashes: 1: 3130332e3133322e34302e302f32342d3234203d3e20313432333836.roa (hash: 7CbGL2bVFpRfzWEmJ1nxU8TaU3ck1Im05psWj/JHkPU=) 2: CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl (hash: CcSQOsrGDNZCY/wXdjAc2pyUZ9F77uyGcybF+bbzDBA=) 3: 3130332e3133322e34312e302f32342d3234203d3e20313530393730.roa (hash: tzY1XNU5cVp0pp1q9NAQ2OMSeEZ2zfRfv6jNIeP9/Ac=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 12:25:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:7c:0f:ad:51:c8:a5:f5:46:5d:20:1b:cb:20:12:97:02:af:98:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB9662733153C02E4C411B7D2F2B9E22D2F0EB85 Validity Not Before: Oct 18 07:06:10 2025 GMT Not After : Oct 21 12:25:10 2025 GMT Subject: CN=B962B3A7E97FF9CB56E7BBC5B9EAF8C838DA7FA6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:54:de:78:96:be:d7:d0:e9:58:69:bc:c1:51: c7:9b:95:88:42:b3:dd:d6:c8:4e:6f:fe:cb:c6:a7: 21:c5:69:cf:0e:27:6e:10:a5:8e:85:e0:c6:2a:fb: 3e:85:36:92:cb:03:f7:81:9a:cf:62:ff:7c:aa:f2: 8a:86:64:b4:23:9a:51:d2:4a:0a:1b:87:d0:fb:fc: d9:d3:06:af:47:9d:ca:1f:02:fd:a7:3c:31:d7:a8: 11:de:e5:b2:84:35:80:d7:5c:4f:0c:84:68:a8:dd: f1:c4:00:b1:55:69:e5:fc:80:78:44:a1:51:10:18: 7e:81:f6:ad:ea:5b:41:b7:75:ce:75:30:2d:5a:45: 56:60:9b:4e:1c:46:24:98:82:0d:cb:68:b0:de:48: 5d:54:34:44:0a:d3:57:d0:45:8e:8e:1a:6f:3b:73: 54:ef:83:20:f0:72:35:07:4d:63:92:a3:0b:fd:f9: 95:3d:77:24:f2:ee:bf:54:97:02:ed:0f:6a:87:ee: 1b:5b:e9:32:6b:8f:99:48:31:5b:bc:f8:a2:c6:ef: 0e:b2:64:72:da:2b:d6:4c:48:cf:a0:5e:da:8c:78: 92:00:77:16:fb:c6:54:2d:c3:a2:35:27:08:4f:f6: 21:ba:66:2e:2e:4c:9d:f3:16:88:04:12:5a:f2:ed: a3:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:62:B3:A7:E9:7F:F9:CB:56:E7:BB:C5:B9:EA:F8:C8:38:DA:7F:A6 X509v3 Authority Key Identifier: keyid:CB:96:62:73:31:53:C0:2E:4C:41:1B:7D:2F:2B:9E:22:D2:F0:EB:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ddf2ffda-05d1-4085-a135-03987a07f39e/0/CB9662733153C02E4C411B7D2F2B9E22D2F0EB85.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:cd:8c:b6:ab:a6:99:95:df:2a:fe:b3:02:3c:4f:fb:6e:f6: ee:ad:52:52:6a:71:5a:f0:e9:18:5b:dc:42:45:8c:cc:79:73: 0a:8e:ce:7c:cf:32:12:f8:e1:71:10:c6:cd:62:15:0e:b7:62: 8e:18:5a:dc:ba:55:54:35:e2:ed:f8:49:7d:07:a7:f9:38:28: 71:f2:64:72:dd:23:ce:2a:73:6d:bd:68:87:2b:79:fb:07:18: 5e:61:0c:d1:33:15:8b:91:2a:9f:22:e5:6d:89:27:8f:be:57: ff:4b:c4:24:bb:0c:43:79:4e:7b:09:6f:03:10:18:12:3d:dd: 9c:c2:29:5a:77:f7:86:3f:e1:ff:3c:de:b7:fa:85:11:f4:4c: 86:b9:23:8e:94:b9:81:5e:18:fc:12:ff:84:3a:09:36:7a:dc: 8e:39:de:de:8c:40:ef:4a:c2:0f:c2:d5:ac:a5:ae:4e:6d:22: 1b:ba:85:f2:b6:59:66:e1:f6:c4:e8:7d:90:7a:16:a8:e9:d5: 7c:8f:57:91:44:a6:15:8f:2f:e2:3b:30:2b:d0:87:f7:f0:bf: 86:88:47:67:9e:9c:94:89:73:78:18:01:cf:ad:d6:9e:91:2d: d9:ff:1e:82:6e:98:38:8b:a8:35:1c:8b:9f:fb:bf:ff:a6:d4: 39:19:77:e6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUDXwPrVHIpfVGXSAbyyASlwKvmFUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlFMjJE MkYwRUI4NTAeFw0yNTEwMTgwNzA2MTBaFw0yNTEwMjExMjI1MTBaMDMxMTAvBgNV BAMTKEI5NjJCM0E3RTk3RkY5Q0I1NkU3QkJDNUI5RUFGOEM4MzhEQTdGQTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnVN54lr7X0OlYabzBUceblYhC s93WyE5v/svGpyHFac8OJ24QpY6F4MYq+z6FNpLLA/eBms9i/3yq8oqGZLQjmlHS Sgobh9D7/NnTBq9HncofAv2nPDHXqBHe5bKENYDXXE8MhGio3fHEALFVaeX8gHhE oVEQGH6B9q3qW0G3dc51MC1aRVZgm04cRiSYgg3LaLDeSF1UNEQK01fQRY6OGm87 c1TvgyDwcjUHTWOSowv9+ZU9dyTy7r9UlwLtD2qH7htb6TJrj5lIMVu8+KLG7w6y ZHLaK9ZMSM+gXtqMeJIAdxb7xlQtw6I1JwhP9iG6Zi4uTJ3zFogEElry7aNpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUuWKzp+l/+ctW57vFuer4yDjaf6YwHwYDVR0j BBgwFoAUy5ZiczFTwC5MQRt9LyueItLw64UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k ZGYyZmZkYS0wNWQxLTQwODUtYTEzNS0wMzk4N2EwN2YzOWUvMC9DQjk2NjI3MzMx NTNDMDJFNEM0MTFCN0QyRjJCOUUyMkQyRjBFQjg1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlFMjJEMkYw RUI4NS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGRmMmZmZGEtMDVkMS00MDg1LWEx MzUtMDM5ODdhMDdmMzllLzAvQ0I5NjYyNzMzMTUzQzAyRTRDNDExQjdEMkYyQjlF MjJEMkYwRUI4NS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIrNjLarppmV3yr+swI8T/tu9u6tUlJqcVrw 6Rhb3EJFjMx5cwqOznzPMhL44XEQxs1iFQ63Yo4YWty6VVQ14u34SX0Hp/k4KHHy ZHLdI84qc229aIcrefsHGF5hDNEzFYuRKp8i5W2JJ4++V/9LxCS7DEN5TnsJbwMQ GBI93ZzCKVp394Y/4f883rf6hRH0TIa5I46UuYFeGPwS/4Q6CTZ63I453t6MQO9K wg/C1aylrk5tIhu6hfK2WWbh9sTofZB6Fqjp1XyPV5FEphWPL+I7MCvQh/fwv4aI R2eenJSJc3gYAc+t1p6RLdn/HoJumDiLqDUci5/7v/+m1DkZd+Y= -----END CERTIFICATE-----Generated at Mon Oct 20 09:45:11 2025 by rpki-client