$ rpki-client -vvf repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.mft File: 16889A9053AE7EB169CF822E9EE670A5C618F97E.mft (raw, json) Hash identifier: Bru8D74a7U9ZC/t7Y7hOuZWik8nHeD2OBjt05GuU3RU= Subject key identifier: 17:30:76:2E:A4:A6:DD:36:02:F0:66:A9:8E:19:C7:AD:47:47:8A:AE Authority key identifier: 16:88:9A:90:53:AE:7E:B1:69:CF:82:2E:9E:E6:70:A5:C6:18:F9:7E Certificate issuer: /CN=16889A9053AE7EB169CF822E9EE670A5C618F97E Certificate serial: 2DA54DF8827B0566C81AA8F96B7B3496ED34676C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/16889A9053AE7EB169CF822E9EE670A5C618F97E.cer Subject info access: rsync://repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.mft Manifest number: 013C Signing time: Sat 18 Oct 2025 20:11:12 +0000 Manifest this update: Sat 18 Oct 2025 20:06:12 +0000 Manifest next update: Wed 22 Oct 2025 07:24:12 +0000 Files and hashes: 1: 3130332e36372e38302e302f32332d3233203d3e20313532303031.roa (hash: dOd/WmcL1O2XqOSnpwsMSYP0+oN55Jz82rLt6CdY2eM=) 2: 3130332e36372e38312e302f32342d3234203d3e20313532303031.roa (hash: VUXxXSjdw/tewePYso0nLi7PuBiFv1hIb0UmgFSc+fg=) 3: 3130332e36372e38302e302f32342d3234203d3e20313532303031.roa (hash: km/J3O6wA+/+giyqpUHqvd0x617eyhN+dq0ZwqMW8PA=) 4: 16889A9053AE7EB169CF822E9EE670A5C618F97E.crl (hash: zTp/2gkuEJ82dTZBjudgJIuVMcQ/poWNDKokmVwW7ys=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.crl rsync://repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/16889A9053AE7EB169CF822E9EE670A5C618F97E.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 07:24:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:a5:4d:f8:82:7b:05:66:c8:1a:a8:f9:6b:7b:34:96:ed:34:67:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=16889A9053AE7EB169CF822E9EE670A5C618F97E Validity Not Before: Oct 18 20:06:12 2025 GMT Not After : Oct 22 07:24:12 2025 GMT Subject: CN=1730762EA4A6DD3602F066A98E19C7AD47478AAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:81:e3:6b:52:2d:55:fb:7f:d9:2e:43:b2:a0: ba:6a:4a:f1:e8:f3:6c:06:a9:6a:38:cd:0b:ea:32: 53:d2:a8:6e:1c:d8:3f:71:60:d9:59:2c:22:98:93: 5c:2b:8f:8a:77:81:0b:49:5c:29:51:a5:e7:80:e8: 43:30:1a:69:ec:76:8e:fc:6a:4b:dc:56:17:8e:a1: 86:16:7c:46:02:88:67:7f:e3:2e:3c:71:0b:25:84: ec:72:71:c4:b8:f4:eb:60:bc:58:a3:6d:dc:c4:bc: be:3f:7b:ea:ac:f7:2c:09:a2:da:03:38:8f:a3:e8: 71:a4:c2:5b:9f:59:e6:7b:f0:5a:fb:5f:c9:8a:4d: 14:8b:f7:39:19:81:79:55:db:ed:84:db:b5:7e:e1: ed:08:9c:c9:fe:ec:f8:9e:c9:2f:e8:b5:38:44:16: 4a:b6:28:14:11:08:41:39:66:d9:b6:cd:8e:a0:ca: 43:47:51:37:02:8f:cf:c3:fc:2d:4a:3c:e3:2c:40: 00:63:b8:fb:45:d8:f2:a2:b7:41:e7:e8:d8:e9:c8: c7:72:fd:6f:1a:ea:b9:eb:a6:f3:ce:9c:3b:63:9c: 9b:e7:30:8a:09:a2:df:ca:91:e3:8d:af:d3:10:1d: bb:c3:d8:3b:fb:b8:f6:73:92:02:21:9d:4c:b2:94: 85:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:30:76:2E:A4:A6:DD:36:02:F0:66:A9:8E:19:C7:AD:47:47:8A:AE X509v3 Authority Key Identifier: keyid:16:88:9A:90:53:AE:7E:B1:69:CF:82:2E:9E:E6:70:A5:C6:18:F9:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/16889A9053AE7EB169CF822E9EE670A5C618F97E.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/de3f2e9b-1068-4fa9-ba1d-59d071a412a2/0/16889A9053AE7EB169CF822E9EE670A5C618F97E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:1e:e2:14:b8:97:68:bf:2e:e3:1c:04:ba:14:70:84:d3:4e: f6:d2:34:2b:b1:f4:09:16:58:29:20:9c:be:de:62:84:2f:4b: 05:23:93:19:8c:4b:95:f8:6a:11:c8:e7:1a:82:c5:f7:61:66: 6f:2a:bd:17:b1:9e:e4:1f:93:d4:e0:2f:82:a9:07:fa:79:ab: 21:f7:1a:45:b6:af:3b:0a:c6:e7:82:91:ac:18:31:0b:73:08: 44:f6:21:90:fa:93:3e:3c:9c:dc:ac:04:b4:10:02:1d:b0:3b: 1c:a7:27:c4:de:9f:e8:11:9e:5a:ca:5f:ba:9c:8b:84:f8:cc: 2a:cd:c6:7c:ea:2c:27:07:bc:0c:ef:b6:80:19:a7:83:89:09: fc:ae:f9:a7:53:32:f7:1c:d8:05:3f:bf:c7:12:e6:1e:3b:b2: 3f:a8:ae:74:e8:0f:c5:96:7d:b3:c3:13:8a:a3:aa:89:75:88: d0:00:f5:a4:38:13:75:9e:c7:93:79:ef:8b:7e:00:1b:33:1b: 10:d9:83:68:7c:28:32:7c:b7:9f:2a:91:05:68:66:c8:52:7c: 2d:06:1d:68:c7:6b:43:83:b3:8a:a3:9e:ea:ca:90:79:0f:c9: 1e:bb:8f:34:f3:61:a6:ba:51:87:4d:3b:52:64:79:aa:68:86: 3c:3c:33:fc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULaVN+IJ7BWbIGqj5a3s0lu00Z2wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTY4ODlBOTA1M0FFN0VCMTY5Q0Y4MjJFOUVFNjcwQTVD NjE4Rjk3RTAeFw0yNTEwMTgyMDA2MTJaFw0yNTEwMjIwNzI0MTJaMDMxMTAvBgNV BAMTKDE3MzA3NjJFQTRBNkREMzYwMkYwNjZBOThFMTlDN0FENDc0NzhBQUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbgeNrUi1V+3/ZLkOyoLpqSvHo 82wGqWo4zQvqMlPSqG4c2D9xYNlZLCKYk1wrj4p3gQtJXClRpeeA6EMwGmnsdo78 akvcVheOoYYWfEYCiGd/4y48cQslhOxyccS49OtgvFijbdzEvL4/e+qs9ywJotoD OI+j6HGkwlufWeZ78Fr7X8mKTRSL9zkZgXlV2+2E27V+4e0InMn+7PieyS/otThE Fkq2KBQRCEE5Ztm2zY6gykNHUTcCj8/D/C1KPOMsQABjuPtF2PKit0Hn6NjpyMdy /W8a6rnrpvPOnDtjnJvnMIoJot/KkeONr9MQHbvD2Dv7uPZzkgIhnUyylIVfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUFzB2LqSm3TYC8GapjhnHrUdHiq4wHwYDVR0j BBgwFoAUFoiakFOufrFpz4IunuZwpcYY+X4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k ZTNmMmU5Yi0xMDY4LTRmYTktYmExZC01OWQwNzFhNDEyYTIvMC8xNjg4OUE5MDUz QUU3RUIxNjlDRjgyMkU5RUU2NzBBNUM2MThGOTdFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTY4ODlBOTA1M0FFN0VCMTY5Q0Y4MjJFOUVFNjcwQTVDNjE4 Rjk3RS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGUzZjJlOWItMTA2OC00ZmE5LWJh MWQtNTlkMDcxYTQxMmEyLzAvMTY4ODlBOTA1M0FFN0VCMTY5Q0Y4MjJFOUVFNjcw QTVDNjE4Rjk3RS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJ8e4hS4l2i/LuMcBLoUcITTTvbSNCux9AkW WCkgnL7eYoQvSwUjkxmMS5X4ahHI5xqCxfdhZm8qvRexnuQfk9TgL4KpB/p5qyH3 GkW2rzsKxueCkawYMQtzCET2IZD6kz48nNysBLQQAh2wOxynJ8Ten+gRnlrKX7qc i4T4zCrNxnzqLCcHvAzvtoAZp4OJCfyu+adTMvcc2AU/v8cS5h47sj+ornToD8WW fbPDE4qjqol1iNAA9aQ4E3Wex5N574t+ABszGxDZg2h8KDJ8t58qkQVoZshSfC0G HWjHa0ODs4qjnurKkHkPyR67jzTzYaa6UYdNO1Jkeapohjw8M/w= -----END CERTIFICATE-----Generated at Mon Oct 20 14:45:36 2025 by rpki-client