$ rpki-client -vvf repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.mft File: D4DD8244BC2EB2B187B4181226714505DF8F4452.mft (raw, json) Hash identifier: BYw7ewqqpp1kxLkVF8MYONiDR78iBwTQHGrrArl49K4= Subject key identifier: 20:66:FB:2D:2D:1C:B3:52:11:F0:E1:78:B3:4B:A4:57:8E:B8:E1:A7 Authority key identifier: D4:DD:82:44:BC:2E:B2:B1:87:B4:18:12:26:71:45:05:DF:8F:44:52 Certificate issuer: /CN=D4DD8244BC2EB2B187B4181226714505DF8F4452 Certificate serial: 3491DFA2F367D8B50A4FDAD19D1C2DC388733E28 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4DD8244BC2EB2B187B4181226714505DF8F4452.cer Subject info access: rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.mft Manifest number: 020B Signing time: Sat 18 Oct 2025 22:11:10 +0000 Manifest this update: Sat 18 Oct 2025 22:06:10 +0000 Manifest next update: Tue 21 Oct 2025 22:13:10 +0000 Files and hashes: 1: 3130332e3137302e3138362e302f32332d3234203d3e20313432333635.roa (hash: wbDj2qVwWojdiwUQq1leoVbmSXtniu4/S6z44a48QLw=) 2: D4DD8244BC2EB2B187B4181226714505DF8F4452.crl (hash: hMRl7m6sICG9CjbNlZkdZ0u7WgBegJE2dol8njz7b/E=) 3: 3130332e3137302e3138362e302f32342d3234203d3e20313432333635.roa (hash: OXRZ526Vg7TmkLT93n/Qe4MisAG7vaUJuVBZqKmzdzU=) 4: 3130332e3137302e3138372e302f32342d3234203d3e20313432333635.roa (hash: WbsQ68Cu40oqUa2yh2wFEKvkhfxO2KVKndxoFM4DO5k=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.crl rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4DD8244BC2EB2B187B4181226714505DF8F4452.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 22:13:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:91:df:a2:f3:67:d8:b5:0a:4f:da:d1:9d:1c:2d:c3:88:73:3e:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4DD8244BC2EB2B187B4181226714505DF8F4452 Validity Not Before: Oct 18 22:06:10 2025 GMT Not After : Oct 21 22:13:10 2025 GMT Subject: CN=2066FB2D2D1CB35211F0E178B34BA4578EB8E1A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:3d:3f:be:0c:1a:76:5d:70:ac:f5:38:e6:07: 4b:2f:d3:eb:58:6c:a1:9a:e7:4d:b1:d5:d2:ba:12: 77:87:30:6a:61:1c:e8:37:a2:7f:67:68:af:53:9a: dd:b3:50:5f:fe:4b:66:51:2c:48:88:3f:ad:3f:3b: 8d:19:ad:7b:23:4e:cc:1b:4b:c6:76:fb:77:20:45: c7:67:cc:1a:17:25:3a:60:5f:3a:38:97:19:f2:8b: ce:cd:dd:a1:4c:e8:ae:ff:94:38:07:49:79:77:f3: 22:04:96:a7:3b:88:ce:dd:19:ad:f7:27:bb:26:ac: f3:ba:d2:68:cc:b6:85:86:76:be:9d:a9:c8:60:99: 38:c0:6f:55:87:98:e8:51:55:fd:ee:e9:47:e6:aa: 0e:64:80:dc:95:9d:7b:01:21:39:ba:82:e5:b4:55: 0f:df:a1:08:2d:93:17:f2:79:62:36:26:2a:50:04: c1:1f:0e:af:db:fa:50:e0:fb:16:04:81:23:1c:d4: a6:75:d0:e2:44:5f:77:47:c2:c1:0f:a4:0b:2e:84: a9:76:d2:14:71:74:7f:1f:f9:69:99:74:91:09:cb: 02:a5:83:0a:3f:a2:76:87:c4:b2:5b:ca:6f:0c:ef: 40:06:0e:b8:17:32:d0:3c:7f:2d:00:b2:71:6f:26: 62:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:66:FB:2D:2D:1C:B3:52:11:F0:E1:78:B3:4B:A4:57:8E:B8:E1:A7 X509v3 Authority Key Identifier: keyid:D4:DD:82:44:BC:2E:B2:B1:87:B4:18:12:26:71:45:05:DF:8F:44:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4DD8244BC2EB2B187B4181226714505DF8F4452.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:cf:5d:76:1c:21:2c:fd:5e:b8:be:f1:ad:85:cf:c8:b9:ac: c8:6a:99:af:3a:c2:ac:ea:0d:b6:e1:a1:1c:4b:4a:02:52:04: 6e:92:ba:7d:70:44:1c:d4:42:9c:f0:31:af:d4:e3:3d:3d:39: db:24:f3:8d:06:93:09:24:4a:79:0d:cc:14:16:7d:08:80:82: 0c:e9:07:4a:21:f5:87:20:78:30:4a:30:cd:dd:e1:2c:80:b3: 6c:79:5e:b6:af:19:18:65:6e:99:2e:e9:91:cd:73:08:59:17: 54:57:2b:f7:1c:50:d5:5a:00:96:31:55:bf:83:41:a3:45:8e: 2e:b9:bd:db:47:17:6e:5a:6b:c8:be:64:08:0b:de:3b:90:82: 5e:22:91:07:c8:d3:30:af:fb:f9:45:f4:e9:a7:0c:f7:5e:90: 5e:68:f1:c5:0c:73:01:1b:43:7c:5d:ec:fc:f1:93:ba:da:16: 1a:f7:39:32:99:ae:fc:b0:6f:21:6c:bb:8e:31:89:0d:38:86: e7:3b:82:6a:b5:9d:b4:2f:70:c2:9d:a0:5f:2d:ce:c9:f0:c4: 52:ad:23:7a:62:88:ec:b2:93:33:da:c1:87:40:07:3a:6e:64: 87:78:17:dd:bd:62:52:5f:06:03:e9:c3:7a:f6:f4:b1:97:fa: f8:27:70:0c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNJHfovNn2LUKT9rRnRwtw4hzPigwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDRERDgyNDRCQzJFQjJCMTg3QjQxODEyMjY3MTQ1MDVE RjhGNDQ1MjAeFw0yNTEwMTgyMjA2MTBaFw0yNTEwMjEyMjEzMTBaMDMxMTAvBgNV BAMTKDIwNjZGQjJEMkQxQ0IzNTIxMUYwRTE3OEIzNEJBNDU3OEVCOEUxQTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDPT++DBp2XXCs9TjmB0sv0+tY bKGa502x1dK6EneHMGphHOg3on9naK9Tmt2zUF/+S2ZRLEiIP60/O40ZrXsjTswb S8Z2+3cgRcdnzBoXJTpgXzo4lxnyi87N3aFM6K7/lDgHSXl38yIElqc7iM7dGa33 J7smrPO60mjMtoWGdr6dqchgmTjAb1WHmOhRVf3u6Ufmqg5kgNyVnXsBITm6guW0 VQ/foQgtkxfyeWI2JipQBMEfDq/b+lDg+xYEgSMc1KZ10OJEX3dHwsEPpAsuhKl2 0hRxdH8f+WmZdJEJywKlgwo/onaHxLJbym8M70AGDrgXMtA8fy0AsnFvJmK1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUIGb7LS0cs1IR8OF4s0ukV4644acwHwYDVR0j BBgwFoAU1N2CRLwusrGHtBgSJnFFBd+PRFIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l YWYwZjQyMy0zYmVkLTQ5MzgtOWY4OS0xNWU2MjY5YmRkY2EvMC9ENEREODI0NEJD MkVCMkIxODdCNDE4MTIyNjcxNDUwNURGOEY0NDUyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDRERDgyNDRCQzJFQjJCMTg3QjQxODEyMjY3MTQ1MDVERjhG NDQ1Mi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWFmMGY0MjMtM2JlZC00OTM4LTlm ODktMTVlNjI2OWJkZGNhLzAvRDRERDgyNDRCQzJFQjJCMTg3QjQxODEyMjY3MTQ1 MDVERjhGNDQ1Mi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACrPXXYcISz9Xri+8a2Fz8i5rMhqma86wqzq DbbhoRxLSgJSBG6Sun1wRBzUQpzwMa/U4z09Odsk840GkwkkSnkNzBQWfQiAggzp B0oh9YcgeDBKMM3d4SyAs2x5XravGRhlbpku6ZHNcwhZF1RXK/ccUNVaAJYxVb+D QaNFji65vdtHF25aa8i+ZAgL3juQgl4ikQfI0zCv+/lF9OmnDPdekF5o8cUMcwEb Q3xd7Pzxk7raFhr3OTKZrvywbyFsu44xiQ04huc7gmq1nbQvcMKdoF8tzsnwxFKt I3piiOyykzPawYdABzpuZId4F929YlJfBgPpw3r29LGX+vgncAw= -----END CERTIFICATE-----Generated at Mon Oct 20 07:55:06 2025 by rpki-client