$ rpki-client -vvf repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft File: 8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft (raw, json) Hash identifier: hAMeQfqrw943gktqziOtITVP5jPdD/f1XHl9uiNoAgw= Subject key identifier: 1E:8C:3A:B6:99:A0:66:D3:D7:00:2B:28:7C:0A:1D:E4:44:64:ED:32 Authority key identifier: 8C:DF:71:6F:25:D6:4D:EB:3E:10:36:E6:A3:6D:B7:24:CD:E1:E5:D0 Certificate issuer: /CN=8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0 Certificate serial: 7501ED6A7F3274A80A43C24415093EDE5E9A7543 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft Manifest number: 0396 Signing time: Sat 18 Oct 2025 19:50:41 +0000 Manifest this update: Sat 18 Oct 2025 19:45:41 +0000 Manifest next update: Wed 22 Oct 2025 04:16:41 +0000 Files and hashes: 1: 8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.crl (hash: 2m8B6LJVSc9yGQsChrGkxdv3JQ6oePIufz4tPBKxQ48=) 2: 3130332e3136322e3134362e302f32332d3234203d3e203137393935.roa (hash: glmRxvHF4g4HTvz1muaudxYOmNWHdjodUPYRc5xhUvY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.crl rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 04:16:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:01:ed:6a:7f:32:74:a8:0a:43:c2:44:15:09:3e:de:5e:9a:75:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0 Validity Not Before: Oct 18 19:45:41 2025 GMT Not After : Oct 22 04:16:41 2025 GMT Subject: CN=1E8C3AB699A066D3D7002B287C0A1DE44464ED32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:eb:7b:30:e0:3a:a2:20:cb:3f:56:df:57:c5: 05:58:33:ec:75:9e:cf:4a:9c:e5:0b:44:f2:df:3e: 36:9f:87:41:e1:9b:81:cb:b2:e9:57:7b:61:cc:0f: d9:4c:5d:b6:3f:e6:20:18:47:1c:21:40:1b:9f:58: 5d:ef:01:2b:de:f7:9e:0f:fd:cb:62:cb:87:85:df: 67:c1:f1:15:14:85:03:a8:ec:85:ed:d3:af:d2:16: 07:82:21:7e:75:2d:5b:a5:41:47:1b:ca:1d:b2:0e: 2b:7d:d4:79:53:51:0c:72:b7:10:ec:b2:3e:ee:f4: b6:05:76:05:4c:ce:e6:b9:eb:01:fa:08:2e:26:00: 7d:9b:b2:d1:23:f6:f8:e3:5f:32:b4:3b:6c:59:54: a3:3b:78:bc:0a:f9:64:dd:58:6d:bc:44:1a:eb:91: f4:63:21:89:bc:a2:ff:9d:aa:50:48:80:eb:cd:5f: 2a:52:24:14:3e:5c:9d:a0:bf:d2:17:15:42:12:e1: 71:65:be:73:56:06:e3:8a:4c:1b:af:37:42:21:d2: e2:c2:b7:bf:10:a4:dc:33:0f:07:45:4c:91:fe:17: ff:7f:68:8c:d7:23:56:db:a9:6d:0f:e5:9d:40:24: 47:2c:33:0e:b6:3d:32:0f:69:c8:04:6a:d0:94:a8: f8:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:8C:3A:B6:99:A0:66:D3:D7:00:2B:28:7C:0A:1D:E4:44:64:ED:32 X509v3 Authority Key Identifier: keyid:8C:DF:71:6F:25:D6:4D:EB:3E:10:36:E6:A3:6D:B7:24:CD:E1:E5:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:82:1b:50:13:7e:aa:58:44:6b:11:c2:4f:e4:66:ee:64:31: ae:bf:83:5e:f3:e6:5f:e7:7c:27:fa:3b:77:6e:6f:3c:96:2a: 45:c2:12:ff:4f:1e:2b:60:1b:a5:66:de:b1:1a:a6:2d:4e:9c: 5d:f0:42:17:11:41:ec:90:35:7e:f6:e3:c6:36:4b:e7:14:6a: 36:d2:75:f8:52:9d:a0:c1:b1:9c:aa:52:6f:a0:fe:2c:a2:4b: a6:40:fc:cb:0f:a0:eb:0a:ef:d5:2b:db:6e:77:a8:c3:67:32: b8:d1:32:9d:de:47:d7:a1:0c:f5:09:4d:ea:1f:85:57:9f:42: b2:fa:e2:52:64:05:48:a4:fc:e5:d2:12:6e:f8:a6:a7:ca:44: ac:34:3c:f4:8f:14:c8:9c:f1:b8:e4:6e:ab:ce:b8:58:e1:96: e3:64:81:e4:c8:05:10:0b:24:3a:36:02:1c:07:a9:7d:42:b1: 2f:08:c2:d0:d7:e4:cd:4e:e1:74:de:9a:2f:39:69:84:9b:2e: f3:14:68:fc:76:2e:97:39:e7:55:76:ff:8a:ea:97:25:d9:22: 88:02:2c:b9:d2:57:0c:4c:70:11:d1:ab:a9:f4:15:ad:76:08: 93:99:7d:69:db:60:df:9d:e7:60:1e:f6:8b:2b:ae:8d:ee:d2: 40:cc:b1:76 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdQHtan8ydKgKQ8JEFQk+3l6adUMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOENERjcxNkYyNUQ2NERFQjNFMTAzNkU2QTM2REI3MjRD REUxRTVEMDAeFw0yNTEwMTgxOTQ1NDFaFw0yNTEwMjIwNDE2NDFaMDMxMTAvBgNV BAMTKDFFOEMzQUI2OTlBMDY2RDNENzAwMkIyODdDMEExREU0NDQ2NEVEMzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb63sw4DqiIMs/Vt9XxQVYM+x1 ns9KnOULRPLfPjafh0Hhm4HLsulXe2HMD9lMXbY/5iAYRxwhQBufWF3vASve954P /ctiy4eF32fB8RUUhQOo7IXt06/SFgeCIX51LVulQUcbyh2yDit91HlTUQxytxDs sj7u9LYFdgVMzua56wH6CC4mAH2bstEj9vjjXzK0O2xZVKM7eLwK+WTdWG28RBrr kfRjIYm8ov+dqlBIgOvNXypSJBQ+XJ2gv9IXFUIS4XFlvnNWBuOKTBuvN0Ih0uLC t78QpNwzDwdFTJH+F/9/aIzXI1bbqW0P5Z1AJEcsMw62PTIPacgEatCUqPhBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUHow6tpmgZtPXACsofAod5ERk7TIwHwYDVR0j BBgwFoAUjN9xbyXWTes+EDbmo223JM3h5dAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m MDUyMGI1NC0zYmE3LTQ2MzEtYWYwYi01NTk4NGIwYmE3ZjIvMC84Q0RGNzE2RjI1 RDY0REVCM0UxMDM2RTZBMzZEQjcyNENERTFFNUQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOENERjcxNkYyNUQ2NERFQjNFMTAzNkU2QTM2REI3MjRDREUx RTVEMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZjA1MjBiNTQtM2JhNy00NjMxLWFm MGItNTU5ODRiMGJhN2YyLzAvOENERjcxNkYyNUQ2NERFQjNFMTAzNkU2QTM2REI3 MjRDREUxRTVEMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAACCG1ATfqpYRGsRwk/kZu5kMa6/g17z5l/n fCf6O3dubzyWKkXCEv9PHitgG6Vm3rEapi1OnF3wQhcRQeyQNX7248Y2S+cUajbS dfhSnaDBsZyqUm+g/iyiS6ZA/MsPoOsK79Ur2253qMNnMrjRMp3eR9ehDPUJTeof hVefQrL64lJkBUik/OXSEm74pqfKRKw0PPSPFMic8bjkbqvOuFjhluNkgeTIBRAL JDo2AhwHqX1CsS8IwtDX5M1O4XTemi85aYSbLvMUaPx2Lpc551V2/4rqlyXZIogC LLnSVwxMcBHRq6n0Fa12CJOZfWnbYN+d52Ae9osrro3u0kDMsXY= -----END CERTIFICATE-----Generated at Mon Oct 20 18:42:53 2025 by rpki-client