$ rpki-client -vvf repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.mft File: BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.mft (raw, json) Hash identifier: Yd8KLRMJedxfKnY4/c1jmRTQTIMsuCNkUxCf57u3vWk= Subject key identifier: 36:CF:70:88:D3:24:AA:E3:82:18:B2:4A:F5:43:C9:4F:C4:B3:60:51 Authority key identifier: BC:0E:CF:DD:D0:81:CE:51:32:BE:C9:CF:DC:1A:39:0A:9A:F3:BC:BE Certificate issuer: /CN=BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE Certificate serial: 7FDEFFAEB6305F45976774DA6B13D4494D6A3BC8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.mft Manifest number: 0209 Signing time: Sat 18 Oct 2025 06:41:26 +0000 Manifest this update: Sat 18 Oct 2025 06:36:26 +0000 Manifest next update: Tue 21 Oct 2025 18:36:26 +0000 Files and hashes: 1: BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.crl (hash: PoJOwCkSkCKy67k7wSGYHN1qa4zMLGG0KyAbLg6twRA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.crl rsync://repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 18:36:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:de:ff:ae:b6:30:5f:45:97:67:74:da:6b:13:d4:49:4d:6a:3b:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE Validity Not Before: Oct 18 06:36:26 2025 GMT Not After : Oct 21 18:36:26 2025 GMT Subject: CN=36CF7088D324AAE38218B24AF543C94FC4B36051 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:d9:ba:ad:a2:38:3c:17:16:a0:1b:92:3e:49: ae:fe:4d:bc:66:c4:03:df:2f:c4:ab:08:98:d1:ec: 59:1c:7a:db:f8:26:66:c7:22:ed:59:3b:ac:8b:87: b0:1c:db:9a:f6:fc:e9:59:98:a2:67:7a:cb:b4:9f: 3f:bf:10:db:fa:09:86:73:e4:e8:4c:92:09:1e:4c: a8:72:af:59:ed:1f:fe:18:0f:00:b9:99:8e:4a:4e: 74:d3:60:ce:e8:05:31:a7:23:29:4f:fc:7f:17:01: c1:77:90:fc:d9:ed:e4:a2:42:f0:85:4a:a6:91:0a: c7:32:b5:dd:03:8c:e7:08:d6:ba:20:8c:af:ce:42: 77:d2:c6:7f:db:7c:de:d2:44:5c:5b:b9:15:61:90: ae:7c:71:87:6c:5f:81:22:7f:db:c6:ed:e2:bc:63: 8e:87:e3:3c:1e:0b:9e:3d:f6:67:37:76:fc:4f:d3: a9:69:c3:f6:53:85:fd:fa:52:e3:43:be:d2:65:87: 19:60:93:7c:ac:ef:1a:e0:73:be:0e:47:06:9f:0f: 17:4d:ce:9c:63:62:31:87:b5:99:50:81:7f:ff:01: 24:d1:48:9d:09:58:00:05:3b:78:19:6a:b1:a0:1e: 80:96:0a:68:b0:e2:0b:32:f6:19:5f:0f:7f:5d:4f: 20:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:CF:70:88:D3:24:AA:E3:82:18:B2:4A:F5:43:C9:4F:C4:B3:60:51 X509v3 Authority Key Identifier: keyid:BC:0E:CF:DD:D0:81:CE:51:32:BE:C9:CF:DC:1A:39:0A:9A:F3:BC:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:55:6b:79:1c:a8:86:82:03:92:4c:8b:22:f4:11:d3:2f:cd: 4b:93:a1:14:02:f6:de:28:7c:0e:e4:8b:68:d4:83:97:c8:8d: 91:4e:4f:6e:c0:da:6e:18:b0:05:99:9d:bb:d9:6e:ed:87:90: f8:64:1f:37:f0:b1:e2:f5:e4:3a:b8:3d:65:c1:f5:80:18:0c: 31:c7:41:2f:3a:28:a1:e2:16:32:89:45:b3:64:70:f0:76:90: de:9d:24:72:8b:13:a0:17:3c:4c:fa:24:d0:7b:ab:a0:6f:30: 9e:84:82:56:4c:a7:a5:bc:11:6a:b8:fe:4b:62:5b:2c:1f:c5: d1:f8:6d:7b:09:4c:62:2e:77:d5:4a:a2:10:ea:97:cb:6a:4f: b7:96:51:ee:0e:3b:f5:ec:37:25:b2:b1:be:f8:95:f5:3d:f9: 3d:ce:d1:9b:1c:27:b6:5d:39:48:9e:47:0e:a2:9c:82:c0:c2: ad:c8:ea:3a:cc:6f:9e:20:3e:63:39:7f:61:1a:b7:56:75:32: 07:a0:5c:a7:6a:7c:83:1a:37:8f:59:bd:4d:d1:72:c9:72:7c: a2:01:2f:e6:3c:45:d9:71:16:d2:c3:ca:bb:3a:59:f2:da:2d: cf:6e:fb:e6:88:a6:6e:b9:de:64:ae:46:58:09:8e:3b:af:c6: 63:3b:4d:94 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUf97/rrYwX0WXZ3TaaxPUSU1qO8gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkMwRUNGREREMDgxQ0U1MTMyQkVDOUNGREMxQTM5MEE5 QUYzQkNCRTAeFw0yNTEwMTgwNjM2MjZaFw0yNTEwMjExODM2MjZaMDMxMTAvBgNV BAMTKDM2Q0Y3MDg4RDMyNEFBRTM4MjE4QjI0QUY1NDNDOTRGQzRCMzYwNTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN2bqtojg8FxagG5I+Sa7+Tbxm xAPfL8SrCJjR7Fkcetv4JmbHIu1ZO6yLh7Ac25r2/OlZmKJnesu0nz+/ENv6CYZz 5OhMkgkeTKhyr1ntH/4YDwC5mY5KTnTTYM7oBTGnIylP/H8XAcF3kPzZ7eSiQvCF SqaRCscytd0DjOcI1rogjK/OQnfSxn/bfN7SRFxbuRVhkK58cYdsX4Eif9vG7eK8 Y46H4zweC5499mc3dvxP06lpw/ZThf36UuNDvtJlhxlgk3ys7xrgc74ORwafDxdN zpxjYjGHtZlQgX//ASTRSJ0JWAAFO3gZarGgHoCWCmiw4gsy9hlfD39dTyCHAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUNs9wiNMkquOCGLJK9UPJT8SzYFEwHwYDVR0j BBgwFoAUvA7P3dCBzlEyvsnP3Bo5CprzvL4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m ODZhMTNiZC1iNzlhLTQ1MGUtOWJlMy0zZDVhMDNhYjkzYjEvMC9CQzBFQ0ZEREQw ODFDRTUxMzJCRUM5Q0ZEQzFBMzkwQTlBRjNCQ0JFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkMwRUNGREREMDgxQ0U1MTMyQkVDOUNGREMxQTM5MEE5QUYz QkNCRS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZjg2YTEzYmQtYjc5YS00NTBlLTli ZTMtM2Q1YTAzYWI5M2IxLzAvQkMwRUNGREREMDgxQ0U1MTMyQkVDOUNGREMxQTM5 MEE5QUYzQkNCRS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAE5Va3kcqIaCA5JMiyL0EdMvzUuToRQC9t4o fA7ki2jUg5fIjZFOT27A2m4YsAWZnbvZbu2HkPhkHzfwseL15Dq4PWXB9YAYDDHH QS86KKHiFjKJRbNkcPB2kN6dJHKLE6AXPEz6JNB7q6BvMJ6EglZMp6W8EWq4/kti WywfxdH4bXsJTGIud9VKohDql8tqT7eWUe4OO/XsNyWysb74lfU9+T3O0ZscJ7Zd OUieRw6inILAwq3I6jrMb54gPmM5f2Eat1Z1MgegXKdqfIMaN49ZvU3RcslyfKIB L+Y8RdlxFtLDyrs6WfLaLc9u++aIpm653mSuRlgJjjuvxmM7TZQ= -----END CERTIFICATE-----Generated at Mon Oct 20 09:47:07 2025 by rpki-client