$ rpki-client -vvf repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft File: D237DEA20D73B3F216B98336BA8307D913DDB257.mft (raw, json) Hash identifier: KDrAk3AQonu7fQRKj7eR4nxR5ot3zgtmVzFHg2/yYSo= Subject key identifier: 77:A3:DE:78:D2:08:1B:9C:80:C3:C9:3C:DC:AB:01:04:46:D2:25:E7 Authority key identifier: D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 Certificate issuer: /CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Certificate serial: 026B81C5CBFC8A4F2C12626CFE45071093E4B0DB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject info access: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft Manifest number: D4 Signing time: Sun 19 Oct 2025 12:41:05 +0000 Manifest this update: Sun 19 Oct 2025 12:36:05 +0000 Manifest next update: Wed 22 Oct 2025 21:35:05 +0000 Files and hashes: 1: D237DEA20D73B3F216B98336BA8307D913DDB257.crl (hash: 2gtvu5K0R9GBh0sAaib4VE+P5Lon8WSDSpii28JT0Ao=) 2: 3136302e32302e3130342e302f32342d3234203d3e20313532373930.roa (hash: /XQcveyg4jv0OLVMXGF7RkM1OgqinZHYHqjopRTiyzg=) 3: 3136302e32302e3130342e302f32332d3233203d3e20313532373930.roa (hash: 6GiaOKLyqPYX/f1R6Pzjd3Rq6FZr1+gkkd5RuGl5VaI=) 4: 3136302e32302e3130352e302f32342d3234203d3e20313532373930.roa (hash: eyJcLgwqfLDN5yf54+8qcXB3Eo84ClH1ySCmSpCcr34=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 21:35:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:6b:81:c5:cb:fc:8a:4f:2c:12:62:6c:fe:45:07:10:93:e4:b0:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Validity Not Before: Oct 19 12:36:05 2025 GMT Not After : Oct 22 21:35:05 2025 GMT Subject: CN=77A3DE78D2081B9C80C3C93CDCAB010446D225E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:4e:36:fe:26:f1:7d:90:76:3e:90:0f:4b:ef: 8f:08:24:ca:f3:00:fe:b6:03:75:7f:d0:bc:00:8a: af:fe:b8:49:8a:57:31:2d:24:1f:2a:24:ad:9c:c7: 2b:fa:90:f0:6d:ae:04:be:18:6a:11:f5:ff:43:d1: 4b:00:89:46:2c:94:f8:07:71:41:67:1d:b5:36:c1: 0a:0b:8c:f2:13:28:af:2d:ad:3e:90:36:bd:5d:0e: 1e:9a:85:d7:a2:4a:91:08:56:42:71:db:13:9b:4d: c7:fe:ab:9c:d3:4a:f8:ac:a1:85:0d:c6:99:f9:e6: 88:8a:26:74:c1:94:1d:e0:ba:93:fe:5c:48:3c:4b: fc:b3:ad:38:ad:77:32:30:fc:50:43:9f:74:94:89: 93:0f:5e:0f:0b:dc:a4:14:f5:29:8d:67:97:d7:4d: a4:5b:7e:23:06:d4:f6:2f:e1:53:52:fd:5b:15:7d: eb:61:d1:5a:3c:c2:26:4a:b1:25:db:14:01:43:9d: 15:a5:4c:74:16:a4:aa:66:87:56:c6:2f:5b:b0:8c: f7:02:d6:4c:6e:15:4d:85:ea:d7:79:af:75:d2:4c: 62:66:9b:e6:87:45:be:44:52:fc:9e:19:e6:61:70: 00:36:bf:c6:10:d3:66:6a:a2:38:4b:20:38:26:eb: a2:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:A3:DE:78:D2:08:1B:9C:80:C3:C9:3C:DC:AB:01:04:46:D2:25:E7 X509v3 Authority Key Identifier: keyid:D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:5a:b6:eb:11:44:bc:59:03:01:4f:c2:ec:d7:a6:d6:fd:ca: 09:bd:8e:aa:0c:02:28:10:ab:c2:db:30:5b:13:c4:f8:72:8a: f1:8e:67:8d:f7:05:5c:f9:6b:fc:25:ff:0b:7f:0f:f4:4a:ff: a4:4d:8c:f0:4e:3f:65:66:ea:c0:47:33:2f:95:d2:48:8f:aa: 27:a2:ab:03:ad:aa:ec:56:e3:97:ca:f8:e6:b0:e2:ed:d0:b7: fc:d4:1f:43:72:8a:8b:eb:43:cf:c5:ff:2f:f8:34:ea:82:37: e3:41:0d:16:24:1b:9d:bf:a0:40:36:90:60:bf:e1:f7:dd:d5: bc:1b:75:8b:c1:14:d6:fb:39:f5:1c:5c:71:2e:b5:81:0f:83: e3:7e:01:c4:e5:6e:33:65:ad:75:23:bb:6f:27:16:21:51:10: 98:9f:1f:09:87:2a:f8:4d:0b:ed:5c:ad:6d:2c:50:d8:57:c2: 65:33:eb:53:5f:4a:e5:64:7d:e7:01:d7:6a:02:df:94:70:55: 50:88:d4:fc:3a:47:3c:4c:b3:95:81:85:27:88:2d:cf:03:e3: f8:c5:d0:61:45:fc:d6:3f:e3:01:b7:2d:e3:0d:28:50:e6:ee: 26:93:5e:01:6f:cc:30:0c:1e:98:da:95:95:23:43:8b:44:62: 53:16:a3:a2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUAmuBxcv8ik8sEmJs/kUHEJPksNswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkx M0REQjI1NzAeFw0yNTEwMTkxMjM2MDVaFw0yNTEwMjIyMTM1MDVaMDMxMTAvBgNV BAMTKDc3QTNERTc4RDIwODFCOUM4MEMzQzkzQ0RDQUIwMTA0NDZEMjI1RTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4Tjb+JvF9kHY+kA9L748IJMrz AP62A3V/0LwAiq/+uEmKVzEtJB8qJK2cxyv6kPBtrgS+GGoR9f9D0UsAiUYslPgH cUFnHbU2wQoLjPITKK8trT6QNr1dDh6ahdeiSpEIVkJx2xObTcf+q5zTSvisoYUN xpn55oiKJnTBlB3gupP+XEg8S/yzrTitdzIw/FBDn3SUiZMPXg8L3KQU9SmNZ5fX TaRbfiMG1PYv4VNS/VsVfeth0Vo8wiZKsSXbFAFDnRWlTHQWpKpmh1bGL1uwjPcC 1kxuFU2F6td5r3XSTGJmm+aHRb5EUvyeGeZhcAA2v8YQ02ZqojhLIDgm66KRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUd6PeeNIIG5yAw8k83KsBBEbSJecwHwYDVR0j BBgwFoAU0jfeog1zs/IWuYM2uoMH2RPdslcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m YmI1ZmE0YS1iZWE2LTQ2NGYtYjQwOS0xMWQ5YTM3NjFhNmMvMC9EMjM3REVBMjBE NzNCM0YyMTZCOTgzMzZCQTgzMDdEOTEzRERCMjU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkxM0RE QjI1Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZmJiNWZhNGEtYmVhNi00NjRmLWI0 MDktMTFkOWEzNzYxYTZjLzAvRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3 RDkxM0REQjI1Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACRatusRRLxZAwFPwuzXptb9ygm9jqoMAigQ q8LbMFsTxPhyivGOZ433BVz5a/wl/wt/D/RK/6RNjPBOP2Vm6sBHMy+V0kiPqiei qwOtquxW45fK+Oaw4u3Qt/zUH0NyiovrQ8/F/y/4NOqCN+NBDRYkG52/oEA2kGC/ 4ffd1bwbdYvBFNb7OfUcXHEutYEPg+N+AcTlbjNlrXUju28nFiFREJifHwmHKvhN C+1crW0sUNhXwmUz61NfSuVkfecB12oC35RwVVCI1Pw6RzxMs5WBhSeILc8D4/jF 0GFF/NY/4wG3LeMNKFDm7iaTXgFvzDAMHpjalZUjQ4tEYlMWo6I= -----END CERTIFICATE-----Generated at Mon Oct 20 21:31:15 2025 by rpki-client