$ rpki-client -vvf repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft File: AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft (raw, json) Hash identifier: O8Sk7NWCfwKuPm1a2eY1QPN4rDWw+DWgLPoddwxhs/k= Subject key identifier: 70:2E:C9:F8:41:F4:15:FB:3E:47:A6:73:14:AD:E3:38:C3:F6:EE:80 Authority key identifier: AA:72:76:8F:DD:0C:61:5A:05:E4:A3:2A:06:F9:CC:B5:CA:7E:0D:93 Certificate issuer: /CN=AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93 Certificate serial: 6A8F2BF566276A359533EAAB33D9B725DC6F8AC7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft Manifest number: CF Signing time: Sat 18 Oct 2025 03:12:05 +0000 Manifest this update: Sat 18 Oct 2025 03:07:05 +0000 Manifest next update: Tue 21 Oct 2025 13:58:05 +0000 Files and hashes: 1: 3136302e32352e3137342e302f32342d3234203d3e20313533303733.roa (hash: UbbhlYQNDi6JszbpEsabaohj0lI6X/p1NOF16+0hgH0=) 2: 3136302e32352e3137352e302f32342d3234203d3e20313533303733.roa (hash: Yq8Q6JYOVHESjvKiauFlSKUKL9dSlIZbiu5ayrjEea4=) 3: AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.crl (hash: ZHwSUY010PKbLSuZrKIb7GwcGBjfCghP/AMBnjxONW0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.crl rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 13:58:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:8f:2b:f5:66:27:6a:35:95:33:ea:ab:33:d9:b7:25:dc:6f:8a:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93 Validity Not Before: Oct 18 03:07:05 2025 GMT Not After : Oct 21 13:58:05 2025 GMT Subject: CN=702EC9F841F415FB3E47A67314ADE338C3F6EE80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:d3:11:4a:56:d5:c3:4e:ef:8e:1b:a6:72:bc: 2a:4b:b9:e7:78:7c:24:8c:a4:bd:26:db:bd:1e:21: bd:59:fb:19:66:ef:d3:10:5f:df:86:e8:c4:e0:0d: 43:2c:83:21:dd:5f:2d:11:6d:2d:e2:4a:08:eb:db: d7:57:b8:5b:85:1f:c3:b9:2c:08:ec:d1:ba:4b:db: ee:fd:22:b6:a4:22:10:d7:e6:e7:2d:f4:3f:e5:32: b9:83:de:16:d1:9e:27:ff:6f:c1:57:38:04:a5:ca: 05:ad:08:c3:ef:f2:b2:38:66:cf:3b:2e:8f:1f:7a: 87:a5:0a:56:d1:f3:6f:da:94:34:cd:c5:3d:e1:74: e6:b5:4e:69:dd:6e:92:1c:b2:83:3c:f3:4e:93:c5: 18:05:42:95:f9:4c:4e:27:36:5e:16:86:00:92:31: 79:8f:0a:16:09:af:30:94:2b:d6:94:77:35:6b:ca: f9:35:d7:12:65:00:e3:75:d2:37:b0:0f:7c:18:b3: 6f:99:23:42:1b:ee:71:d4:ae:99:c1:5a:2d:1d:c7: 19:53:0f:12:59:8e:07:4c:85:62:40:9a:ee:08:4b: 57:fd:0b:73:86:f4:c1:50:38:16:a3:22:d3:b2:7c: c3:31:ec:7a:81:9d:55:15:08:5f:f2:e3:67:bb:ef: c9:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:2E:C9:F8:41:F4:15:FB:3E:47:A6:73:14:AD:E3:38:C3:F6:EE:80 X509v3 Authority Key Identifier: keyid:AA:72:76:8F:DD:0C:61:5A:05:E4:A3:2A:06:F9:CC:B5:CA:7E:0D:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:86:06:05:93:6e:c9:40:ae:4a:90:93:38:dd:84:9a:6c:3f: dd:77:93:18:07:41:9f:7b:95:dd:e0:fa:71:5c:c5:97:77:60: 72:6f:95:bf:e8:9e:67:10:42:07:dc:0e:93:00:6c:62:4f:92: 21:ef:fc:de:89:22:4b:b9:e1:5f:b8:92:37:af:d1:9b:17:f7: ba:dc:b1:8b:f9:63:4e:6b:25:3a:92:57:52:46:3e:ab:bb:2f: 4d:f7:f9:05:c4:a2:3b:e7:a6:84:a8:05:11:89:59:a0:78:72: 1e:76:5b:63:11:bb:01:c8:da:87:f3:99:44:b7:83:a3:e3:e4: 61:83:c7:0d:c2:02:d5:80:dc:b5:0e:7a:87:58:42:84:9c:ec: 8c:a9:6d:cf:10:4c:ed:59:95:b9:2d:0c:d3:1d:ff:ec:a2:52: a5:22:02:22:0b:96:15:f5:f6:2a:3d:3b:c9:00:8f:e6:54:6a: 0f:94:2c:a3:7a:2f:8c:0f:80:75:b6:d3:ee:83:58:6e:f8:d4: 8c:2f:73:ee:b0:72:6a:1e:ed:a7:c1:dd:6a:96:a7:3b:26:97: 45:61:7b:d7:4d:b5:90:28:42:66:62:a7:5e:f5:33:f8:4d:d6: cf:23:2a:84:8f:aa:64:54:fa:8a:8a:83:4c:8d:44:ed:71:98: 6e:fc:11:19 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUao8r9WYnajWVM+qrM9m3JdxviscwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUE3Mjc2OEZERDBDNjE1QTA1RTRBMzJBMDZGOUNDQjVD QTdFMEQ5MzAeFw0yNTEwMTgwMzA3MDVaFw0yNTEwMjExMzU4MDVaMDMxMTAvBgNV BAMTKDcwMkVDOUY4NDFGNDE1RkIzRTQ3QTY3MzE0QURFMzM4QzNGNkVFODAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR0xFKVtXDTu+OG6ZyvCpLued4 fCSMpL0m270eIb1Z+xlm79MQX9+G6MTgDUMsgyHdXy0RbS3iSgjr29dXuFuFH8O5 LAjs0bpL2+79IrakIhDX5uct9D/lMrmD3hbRnif/b8FXOASlygWtCMPv8rI4Zs87 Lo8feoelClbR82/alDTNxT3hdOa1TmndbpIcsoM8806TxRgFQpX5TE4nNl4WhgCS MXmPChYJrzCUK9aUdzVryvk11xJlAON10jewD3wYs2+ZI0Ib7nHUrpnBWi0dxxlT DxJZjgdMhWJAmu4IS1f9C3OG9MFQOBajItOyfMMx7HqBnVUVCF/y42e778kpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUcC7J+EH0Ffs+R6ZzFK3jOMP27oAwHwYDVR0j BBgwFoAUqnJ2j90MYVoF5KMqBvnMtcp+DZMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l YzcyZWUzYy1lMTgwLTQyOTYtOWRhZC05NTAwZWZkOTQ4OTAvMC9BQTcyNzY4RkRE MEM2MTVBMDVFNEEzMkEwNkY5Q0NCNUNBN0UwRDkzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUE3Mjc2OEZERDBDNjE1QTA1RTRBMzJBMDZGOUNDQjVDQTdF MEQ5My5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWM3MmVlM2MtZTE4MC00Mjk2LTlk YWQtOTUwMGVmZDk0ODkwLzAvQUE3Mjc2OEZERDBDNjE1QTA1RTRBMzJBMDZGOUND QjVDQTdFMEQ5My5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAA6GBgWTbslArkqQkzjdhJpsP913kxgHQZ97 ld3g+nFcxZd3YHJvlb/onmcQQgfcDpMAbGJPkiHv/N6JIku54V+4kjev0ZsX97rc sYv5Y05rJTqSV1JGPqu7L033+QXEojvnpoSoBRGJWaB4ch52W2MRuwHI2ofzmUS3 g6Pj5GGDxw3CAtWA3LUOeodYQoSc7Iypbc8QTO1ZlbktDNMd/+yiUqUiAiILlhX1 9io9O8kAj+ZUag+ULKN6L4wPgHW20+6DWG741Iwvc+6wcmoe7afB3WqWpzsml0Vh e9dNtZAoQmZip171M/hN1s8jKoSPqmRU+oqKg0yNRO1xmG78ERk= -----END CERTIFICATE-----Generated at Mon Oct 20 13:55:44 2025 by rpki-client