$ rpki-client -vvf repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft File: 821049BBD22C335A50850F16AB159C0C6BCC28E5.mft (raw, json) Hash identifier: B/2oU5eeDjgqaMmAShReKbzLeOU7ti7zKDiGeltFAxI= Subject key identifier: CA:36:95:5A:18:DE:E6:FD:88:B6:81:D2:C2:D5:9E:07:9F:09:F5:87 Authority key identifier: 82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 Certificate issuer: /CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Certificate serial: 1DFBB718F6E677F35B0FF4440CFC43414B18FCA1 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft Manifest number: 024E Signing time: Sun 19 Oct 2025 21:01:42 +0000 Manifest this update: Sun 19 Oct 2025 20:56:42 +0000 Manifest next update: Thu 23 Oct 2025 01:36:42 +0000 Files and hashes: 1: 3130332e32312e39322e302f32342d3234203d3e20313331373338.roa (hash: ndyvXGLmi+s4jvx/l0C4JrK1SIn52emjpfzG2w+2lsw=) 2: 821049BBD22C335A50850F16AB159C0C6BCC28E5.crl (hash: GesOL+krsez6wDKtvABkhaJuDQumIP+Br6wjuYX2/Vw=) 3: 3130332e32312e39352e302f32342d3234203d3e203435323935.roa (hash: WHp6+633q2Em0ghmTjJeCMByUXIoDLeS8IvSNmEh0gE=) 4: 3130332e32312e39332e302f32342d3234203d3e20313331373338.roa (hash: Hx5e9eX/0MDiWg+S8NREaCwOHPQ1Onm3jq45DAvThoc=) 5: 3130332e32312e39342e302f32342d3234203d3e20313331373338.roa (hash: KCUnGn0DyBychM59+lv18yYznYr1wdm5Tf5W0sYTxbE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 01:36:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:fb:b7:18:f6:e6:77:f3:5b:0f:f4:44:0c:fc:43:41:4b:18:fc:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Validity Not Before: Oct 19 20:56:42 2025 GMT Not After : Oct 23 01:36:42 2025 GMT Subject: CN=CA36955A18DEE6FD88B681D2C2D59E079F09F587 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:be:ea:4e:d3:c8:f2:71:75:5e:e1:95:ee:0e: 26:b2:11:d0:28:f1:d2:3f:ea:f9:cb:8c:53:8d:5f: af:3d:d2:68:02:24:3a:7e:7d:ed:9a:fc:43:99:78: f4:e0:34:80:01:ed:95:02:e7:d2:14:84:83:25:ec: a6:09:5c:f8:a7:9b:32:7a:8b:16:68:2d:ce:47:16: a7:83:49:58:33:c0:44:c8:77:db:17:0f:6e:00:40: 87:3e:67:2d:d3:0e:e3:41:db:65:82:91:18:56:af: 72:e0:96:36:25:e9:0e:23:d8:ab:66:a7:7d:07:a0: 50:b5:56:59:e6:09:0e:d5:0e:63:0c:b0:f8:d9:ce: 31:9f:a7:56:70:26:e4:d0:35:ae:f3:6f:a7:16:1c: 5c:c4:85:de:67:32:61:63:83:ea:c0:5e:07:4c:0e: 81:b5:f1:03:a5:96:70:5c:51:51:09:fb:34:31:00: a6:78:10:6a:db:5b:54:14:22:51:38:65:f3:22:94: 93:86:68:0e:c8:e2:89:20:d0:a9:bf:32:cc:03:7c: 5c:1f:13:c0:4d:0d:cc:62:77:17:d8:8c:0e:9a:0c: 4c:54:9d:82:e3:5a:61:6f:50:81:77:21:36:e7:f5: b6:1f:00:b1:7b:87:57:19:2a:08:69:72:93:bc:5b: 1f:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:36:95:5A:18:DE:E6:FD:88:B6:81:D2:C2:D5:9E:07:9F:09:F5:87 X509v3 Authority Key Identifier: keyid:82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:74:71:b0:ee:4b:38:df:76:fa:f2:16:df:d6:4d:97:25:80: 8d:4b:65:b4:23:ba:a6:b5:10:ad:52:79:04:02:3b:83:30:18: 6c:12:da:4a:a6:2b:17:02:35:69:cf:63:d9:31:01:17:ee:11: 1a:dc:5a:69:a2:49:39:3b:bb:47:36:09:c5:9d:19:77:7d:35: f3:8a:af:e7:17:a9:1a:af:78:50:02:d6:a5:83:dd:04:b2:6a: d6:fe:ef:f4:04:b7:6e:bf:ca:32:80:2b:cf:14:da:a3:af:43: 4c:08:8e:24:dc:82:03:75:7b:48:e0:57:34:7d:9b:c8:a7:d6: 2e:ed:92:75:bd:5f:cf:87:5b:35:9c:b3:03:b0:1c:0a:85:34: 95:41:ee:f7:4d:23:b1:78:a6:58:84:41:72:0f:28:93:c4:9c: 81:9e:98:af:49:85:20:61:9c:57:8a:fb:67:fd:54:25:51:36: 42:59:c1:20:a6:d1:91:3a:d2:e3:79:97:3c:90:e4:5e:c5:59: 67:fc:76:0c:dd:2b:4f:d6:e7:88:13:09:5e:03:3c:16:f3:10: 40:c9:4e:64:88:7f:32:2f:98:6f:8c:43:06:52:a8:81:c9:dd: ec:3c:08:4a:04:37:f1:42:f0:7d:b8:33:2e:58:c6:30:af:47: 1f:3c:5d:7e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUHfu3GPbmd/NbD/REDPxDQUsY/KEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2 QkNDMjhFNTAeFw0yNTEwMTkyMDU2NDJaFw0yNTEwMjMwMTM2NDJaMDMxMTAvBgNV BAMTKENBMzY5NTVBMThERUU2RkQ4OEI2ODFEMkMyRDU5RTA3OUYwOUY1ODcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7vupO08jycXVe4ZXuDiayEdAo 8dI/6vnLjFONX6890mgCJDp+fe2a/EOZePTgNIAB7ZUC59IUhIMl7KYJXPinmzJ6 ixZoLc5HFqeDSVgzwETId9sXD24AQIc+Zy3TDuNB22WCkRhWr3LgljYl6Q4j2Ktm p30HoFC1VlnmCQ7VDmMMsPjZzjGfp1ZwJuTQNa7zb6cWHFzEhd5nMmFjg+rAXgdM DoG18QOllnBcUVEJ+zQxAKZ4EGrbW1QUIlE4ZfMilJOGaA7I4okg0Km/MswDfFwf E8BNDcxidxfYjA6aDExUnYLjWmFvUIF3ITbn9bYfALF7h1cZKghpcpO8Wx8pAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUyjaVWhje5v2ItoHSwtWeB58J9YcwHwYDVR0j BBgwFoAUghBJu9IsM1pQhQ8WqxWcDGvMKOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l ZGU4ZTE4ZC1hMDQ3LTQ1OTAtOWU1Ni00NjRhNzNlMjNjNmMvMC84MjEwNDlCQkQy MkMzMzVBNTA4NTBGMTZBQjE1OUMwQzZCQ0MyOEU1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2QkND MjhFNS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWRlOGUxOGQtYTA0Ny00NTkwLTll NTYtNDY0YTczZTIzYzZjLzAvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlD MEM2QkNDMjhFNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAZ0cbDuSzjfdvryFt/WTZclgI1LZbQjuqa1 EK1SeQQCO4MwGGwS2kqmKxcCNWnPY9kxARfuERrcWmmiSTk7u0c2CcWdGXd9NfOK r+cXqRqveFAC1qWD3QSyatb+7/QEt26/yjKAK88U2qOvQ0wIjiTcggN1e0jgVzR9 m8in1i7tknW9X8+HWzWcswOwHAqFNJVB7vdNI7F4pliEQXIPKJPEnIGemK9JhSBh nFeK+2f9VCVRNkJZwSCm0ZE60uN5lzyQ5F7FWWf8dgzdK0/W54gTCV4DPBbzEEDJ TmSIfzIvmG+MQwZSqIHJ3ew8CEoEN/FC8H24My5YxjCvRx88XX4= -----END CERTIFICATE-----Generated at Mon Oct 20 21:21:24 2025 by rpki-client