
$ rpki-client -vvf repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft
File: 821049BBD22C335A50850F16AB159C0C6BCC28E5.mft (raw, json)
Hash identifier: B/2oU5eeDjgqaMmAShReKbzLeOU7ti7zKDiGeltFAxI=
Subject key identifier: CA:36:95:5A:18:DE:E6:FD:88:B6:81:D2:C2:D5:9E:07:9F:09:F5:87
Authority key identifier: 82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5
Certificate issuer: /CN=821049BBD22C335A50850F16AB159C0C6BCC28E5
Certificate serial: 1DFBB718F6E677F35B0FF4440CFC43414B18FCA1
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft
Manifest number: 024E
Signing time: Sun 19 Oct 2025 21:01:42 +0000
Manifest this update: Sun 19 Oct 2025 20:56:42 +0000
Manifest next update: Thu 23 Oct 2025 01:36:42 +0000
Files and hashes: 1: 3130332e32312e39322e302f32342d3234203d3e20313331373338.roa (hash: ndyvXGLmi+s4jvx/l0C4JrK1SIn52emjpfzG2w+2lsw=)
2: 821049BBD22C335A50850F16AB159C0C6BCC28E5.crl (hash: GesOL+krsez6wDKtvABkhaJuDQumIP+Br6wjuYX2/Vw=)
3: 3130332e32312e39352e302f32342d3234203d3e203435323935.roa (hash: WHp6+633q2Em0ghmTjJeCMByUXIoDLeS8IvSNmEh0gE=)
4: 3130332e32312e39332e302f32342d3234203d3e20313331373338.roa (hash: Hx5e9eX/0MDiWg+S8NREaCwOHPQ1Onm3jq45DAvThoc=)
5: 3130332e32312e39342e302f32342d3234203d3e20313331373338.roa (hash: KCUnGn0DyBychM59+lv18yYznYr1wdm5Tf5W0sYTxbE=)
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl
rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 Oct 2025 01:36:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:fb:b7:18:f6:e6:77:f3:5b:0f:f4:44:0c:fc:43:41:4b:18:fc:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821049BBD22C335A50850F16AB159C0C6BCC28E5
Validity
Not Before: Oct 19 20:56:42 2025 GMT
Not After : Oct 23 01:36:42 2025 GMT
Subject: CN=CA36955A18DEE6FD88B681D2C2D59E079F09F587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:be:ea:4e:d3:c8:f2:71:75:5e:e1:95:ee:0e:
26:b2:11:d0:28:f1:d2:3f:ea:f9:cb:8c:53:8d:5f:
af:3d:d2:68:02:24:3a:7e:7d:ed:9a:fc:43:99:78:
f4:e0:34:80:01:ed:95:02:e7:d2:14:84:83:25:ec:
a6:09:5c:f8:a7:9b:32:7a:8b:16:68:2d:ce:47:16:
a7:83:49:58:33:c0:44:c8:77:db:17:0f:6e:00:40:
87:3e:67:2d:d3:0e:e3:41:db:65:82:91:18:56:af:
72:e0:96:36:25:e9:0e:23:d8:ab:66:a7:7d:07:a0:
50:b5:56:59:e6:09:0e:d5:0e:63:0c:b0:f8:d9:ce:
31:9f:a7:56:70:26:e4:d0:35:ae:f3:6f:a7:16:1c:
5c:c4:85:de:67:32:61:63:83:ea:c0:5e:07:4c:0e:
81:b5:f1:03:a5:96:70:5c:51:51:09:fb:34:31:00:
a6:78:10:6a:db:5b:54:14:22:51:38:65:f3:22:94:
93:86:68:0e:c8:e2:89:20:d0:a9:bf:32:cc:03:7c:
5c:1f:13:c0:4d:0d:cc:62:77:17:d8:8c:0e:9a:0c:
4c:54:9d:82:e3:5a:61:6f:50:81:77:21:36:e7:f5:
b6:1f:00:b1:7b:87:57:19:2a:08:69:72:93:bc:5b:
1f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:36:95:5A:18:DE:E6:FD:88:B6:81:D2:C2:D5:9E:07:9F:09:F5:87
X509v3 Authority Key Identifier:
keyid:82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:74:71:b0:ee:4b:38:df:76:fa:f2:16:df:d6:4d:97:25:80:
8d:4b:65:b4:23:ba:a6:b5:10:ad:52:79:04:02:3b:83:30:18:
6c:12:da:4a:a6:2b:17:02:35:69:cf:63:d9:31:01:17:ee:11:
1a:dc:5a:69:a2:49:39:3b:bb:47:36:09:c5:9d:19:77:7d:35:
f3:8a:af:e7:17:a9:1a:af:78:50:02:d6:a5:83:dd:04:b2:6a:
d6:fe:ef:f4:04:b7:6e:bf:ca:32:80:2b:cf:14:da:a3:af:43:
4c:08:8e:24:dc:82:03:75:7b:48:e0:57:34:7d:9b:c8:a7:d6:
2e:ed:92:75:bd:5f:cf:87:5b:35:9c:b3:03:b0:1c:0a:85:34:
95:41:ee:f7:4d:23:b1:78:a6:58:84:41:72:0f:28:93:c4:9c:
81:9e:98:af:49:85:20:61:9c:57:8a:fb:67:fd:54:25:51:36:
42:59:c1:20:a6:d1:91:3a:d2:e3:79:97:3c:90:e4:5e:c5:59:
67:fc:76:0c:dd:2b:4f:d6:e7:88:13:09:5e:03:3c:16:f3:10:
40:c9:4e:64:88:7f:32:2f:98:6f:8c:43:06:52:a8:81:c9:dd:
ec:3c:08:4a:04:37:f1:42:f0:7d:b8:33:2e:58:c6:30:af:47:
1f:3c:5d:7e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUHfu3GPbmd/NbD/REDPxDQUsY/KEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2
QkNDMjhFNTAeFw0yNTEwMTkyMDU2NDJaFw0yNTEwMjMwMTM2NDJaMDMxMTAvBgNV
BAMTKENBMzY5NTVBMThERUU2RkQ4OEI2ODFEMkMyRDU5RTA3OUYwOUY1ODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7vupO08jycXVe4ZXuDiayEdAo
8dI/6vnLjFONX6890mgCJDp+fe2a/EOZePTgNIAB7ZUC59IUhIMl7KYJXPinmzJ6
ixZoLc5HFqeDSVgzwETId9sXD24AQIc+Zy3TDuNB22WCkRhWr3LgljYl6Q4j2Ktm
p30HoFC1VlnmCQ7VDmMMsPjZzjGfp1ZwJuTQNa7zb6cWHFzEhd5nMmFjg+rAXgdM
DoG18QOllnBcUVEJ+zQxAKZ4EGrbW1QUIlE4ZfMilJOGaA7I4okg0Km/MswDfFwf
E8BNDcxidxfYjA6aDExUnYLjWmFvUIF3ITbn9bYfALF7h1cZKghpcpO8Wx8pAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUyjaVWhje5v2ItoHSwtWeB58J9YcwHwYDVR0j
BBgwFoAUghBJu9IsM1pQhQ8WqxWcDGvMKOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
ZGU4ZTE4ZC1hMDQ3LTQ1OTAtOWU1Ni00NjRhNzNlMjNjNmMvMC84MjEwNDlCQkQy
MkMzMzVBNTA4NTBGMTZBQjE1OUMwQzZCQ0MyOEU1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2QkND
MjhFNS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWRlOGUxOGQtYTA0Ny00NTkwLTll
NTYtNDY0YTczZTIzYzZjLzAvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlD
MEM2QkNDMjhFNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAAZ0cbDuSzjfdvryFt/WTZclgI1LZbQjuqa1
EK1SeQQCO4MwGGwS2kqmKxcCNWnPY9kxARfuERrcWmmiSTk7u0c2CcWdGXd9NfOK
r+cXqRqveFAC1qWD3QSyatb+7/QEt26/yjKAK88U2qOvQ0wIjiTcggN1e0jgVzR9
m8in1i7tknW9X8+HWzWcswOwHAqFNJVB7vdNI7F4pliEQXIPKJPEnIGemK9JhSBh
nFeK+2f9VCVRNkJZwSCm0ZE60uN5lzyQ5F7FWWf8dgzdK0/W54gTCV4DPBbzEEDJ
TmSIfzIvmG+MQwZSqIHJ3ew8CEoEN/FC8H24My5YxjCvRx88XX4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:21:24 2025 by rpki-client