$ rpki-client -vvf repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.mft File: FA86E23853549D2EF1D9F9C9222147A550E36A38.mft (raw, json) Hash identifier: +jDuNqCc47osJ8WyztsGIyUWbwpWkv/zvh60YMnExhw= Subject key identifier: F9:F0:2D:EB:D5:1D:37:7C:11:3F:85:F4:8D:61:0C:1A:BD:7C:91:51 Authority key identifier: FA:86:E2:38:53:54:9D:2E:F1:D9:F9:C9:22:21:47:A5:50:E3:6A:38 Certificate issuer: /CN=FA86E23853549D2EF1D9F9C9222147A550E36A38 Certificate serial: 17D4C3E4D898EAEC34B78BFD85614EFB1860FB7A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA86E23853549D2EF1D9F9C9222147A550E36A38.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.mft Manifest number: 01DF Signing time: Sat 18 Oct 2025 08:00:44 +0000 Manifest this update: Sat 18 Oct 2025 07:55:44 +0000 Manifest next update: Tue 21 Oct 2025 19:50:44 +0000 Files and hashes: 1: 3130332e35352e32382e302f32342d3234203d3e20313530343837.roa (hash: RjVxvxxbyDiQSv718+JovDu9zNSEKhSMEBDdXzJXwvE=) 2: 3130332e35352e32392e302f32342d3234203d3e20313530343837.roa (hash: Zcui17ZIB7y9MI9lypagYjRYe4mnYqSwkXUNcZtsFwo=) 3: FA86E23853549D2EF1D9F9C9222147A550E36A38.crl (hash: Tqr206wla4XMCB2NhnGCD4kEMjQ3t6QBFzPyQpQDkOA=) 4: 3130332e35352e32382e302f32332d3234203d3e20313530343837.roa (hash: 8iSBjCuogDhcUBYZIPXuvYllDkYyp+uiEvzE8S7/ER4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.crl rsync://repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA86E23853549D2EF1D9F9C9222147A550E36A38.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 19:50:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:d4:c3:e4:d8:98:ea:ec:34:b7:8b:fd:85:61:4e:fb:18:60:fb:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FA86E23853549D2EF1D9F9C9222147A550E36A38 Validity Not Before: Oct 18 07:55:44 2025 GMT Not After : Oct 21 19:50:44 2025 GMT Subject: CN=F9F02DEBD51D377C113F85F48D610C1ABD7C9151 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:1a:30:c6:93:05:b3:af:c9:4d:e1:a1:34:d8: 51:5c:51:97:d2:f2:cc:99:a0:b3:de:77:6b:47:1a: 3c:78:f4:ec:85:28:eb:fb:1d:e5:b7:13:5f:f9:56: f8:b3:34:f0:27:e7:dd:d7:95:22:a2:b2:14:27:29: f2:16:f5:1b:18:c0:63:6f:f2:92:8a:73:f0:9f:da: d1:16:d1:9a:b1:78:78:14:32:9c:ad:82:d5:e9:48: 16:28:73:6f:ca:b9:3b:3d:2c:94:a2:c8:47:77:d4: c8:2a:91:04:97:d1:b9:c5:ad:e9:29:f4:5d:f5:10: d3:97:59:13:0d:85:8b:00:9d:3f:97:c8:2c:f3:8c: 11:4d:0c:40:58:24:99:0e:96:ce:f0:d3:6f:36:18: 5c:c2:99:3c:e1:56:61:e1:c3:a6:d3:25:77:fe:0d: 43:dc:ce:b9:a7:27:cd:91:7e:09:e3:15:d6:87:43: c4:31:43:23:ee:3e:8d:d1:d0:0f:b0:73:d8:84:8f: 13:02:c2:44:31:bd:f9:05:ea:66:92:03:5a:16:0b: a3:12:ea:9f:66:f2:cf:06:87:fc:6f:da:4c:e5:35: b3:9f:0e:ab:eb:06:4a:c3:00:91:f9:37:e5:7a:8f: 37:f2:26:c0:3e:ac:19:90:da:f3:5e:28:3c:0c:6c: 98:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:F0:2D:EB:D5:1D:37:7C:11:3F:85:F4:8D:61:0C:1A:BD:7C:91:51 X509v3 Authority Key Identifier: keyid:FA:86:E2:38:53:54:9D:2E:F1:D9:F9:C9:22:21:47:A5:50:E3:6A:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA86E23853549D2EF1D9F9C9222147A550E36A38.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:f2:a4:e3:c4:e6:51:30:95:e6:b9:4c:ec:b3:b1:0c:21:de: f5:aa:87:f6:01:a6:a9:b6:df:07:5b:1b:bb:77:b2:60:fd:d9: 89:ad:ac:c5:c6:cc:0a:66:aa:ed:dc:3f:72:c9:32:41:f4:58: a6:92:6d:9b:72:ba:88:cc:8f:d5:52:bb:7e:9f:27:5e:62:e8: a3:61:75:72:84:66:cc:83:09:ff:64:79:47:09:7a:6c:4a:d0: 63:81:f2:7e:7d:a0:33:79:b2:08:78:bc:3a:dd:61:2e:8c:d2: 30:18:ca:87:f2:fb:6f:90:aa:74:a8:a4:75:4c:c7:f9:11:02: 2c:45:7f:bb:f8:f3:12:24:a2:49:64:05:f1:38:68:57:78:3d: 84:cb:f4:c7:a0:55:5f:b8:7d:91:74:bc:7a:8d:55:5b:b3:62: 9c:fe:32:87:20:40:b9:71:71:1c:90:3e:60:39:c9:b4:b2:d1: db:6f:79:91:9b:44:ea:ef:d2:00:83:e3:df:b4:71:53:37:5b: 41:54:e4:92:a5:6b:b7:88:8f:dc:34:6c:67:ba:c8:8f:51:e2: 82:d4:2a:73:ac:63:0d:12:dc:44:74:69:60:df:8c:49:ed:97: 9e:03:2f:1a:4d:ae:72:72:17:41:ea:91:ee:67:62:0d:4b:5c: e1:57:bb:23 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUF9TD5NiY6uw0t4v9hWFO+xhg+3owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkE4NkUyMzg1MzU0OUQyRUYxRDlGOUM5MjIyMTQ3QTU1 MEUzNkEzODAeFw0yNTEwMTgwNzU1NDRaFw0yNTEwMjExOTUwNDRaMDMxMTAvBgNV BAMTKEY5RjAyREVCRDUxRDM3N0MxMTNGODVGNDhENjEwQzFBQkQ3QzkxNTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDGjDGkwWzr8lN4aE02FFcUZfS 8syZoLPed2tHGjx49OyFKOv7HeW3E1/5VvizNPAn593XlSKishQnKfIW9RsYwGNv 8pKKc/Cf2tEW0ZqxeHgUMpytgtXpSBYoc2/KuTs9LJSiyEd31MgqkQSX0bnFrekp 9F31ENOXWRMNhYsAnT+XyCzzjBFNDEBYJJkOls7w0282GFzCmTzhVmHhw6bTJXf+ DUPczrmnJ82RfgnjFdaHQ8QxQyPuPo3R0A+wc9iEjxMCwkQxvfkF6maSA1oWC6MS 6p9m8s8Gh/xv2kzlNbOfDqvrBkrDAJH5N+V6jzfyJsA+rBmQ2vNeKDwMbJinAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU+fAt69UdN3wRP4X0jWEMGr18kVEwHwYDVR0j BBgwFoAU+obiOFNUnS7x2fnJIiFHpVDjajgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l NTA0NzkzYy1jMjA5LTQ2OWEtOGUzYy1lYjNmNWE4Mzg2M2YvMC9GQTg2RTIzODUz NTQ5RDJFRjFEOUY5QzkyMjIxNDdBNTUwRTM2QTM4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRkE4NkUyMzg1MzU0OUQyRUYxRDlGOUM5MjIyMTQ3QTU1MEUz NkEzOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZTUwNDc5M2MtYzIwOS00NjlhLThl M2MtZWIzZjVhODM4NjNmLzAvRkE4NkUyMzg1MzU0OUQyRUYxRDlGOUM5MjIyMTQ3 QTU1MEUzNkEzOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHjypOPE5lEwlea5TOyzsQwh3vWqh/YBpqm2 3wdbG7t3smD92YmtrMXGzApmqu3cP3LJMkH0WKaSbZtyuojMj9VSu36fJ15i6KNh dXKEZsyDCf9keUcJemxK0GOB8n59oDN5sgh4vDrdYS6M0jAYyofy+2+QqnSopHVM x/kRAixFf7v48xIkoklkBfE4aFd4PYTL9MegVV+4fZF0vHqNVVuzYpz+MocgQLlx cRyQPmA5ybSy0dtveZGbROrv0gCD49+0cVM3W0FU5JKla7eIj9w0bGe6yI9R4oLU KnOsYw0S3ER0aWDfjEntl54DLxpNrnJyF0Hqke5nYg1LXOFXuyM= -----END CERTIFICATE-----Generated at Mon Oct 20 10:08:09 2025 by rpki-client