$ rpki-client -vvf repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft File: D237DEA20D73B3F216B98336BA8307D913DDB257.mft (raw, json) Hash identifier: /o6JFi6UX6s8TtqMXU1KaJew36To0Vre6o8Axipynhk= Subject key identifier: EA:41:9A:6E:B6:CD:0F:75:39:7B:70:E6:BD:EE:73:C4:8C:D2:A9:56 Authority key identifier: D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 Certificate issuer: /CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Certificate serial: 7D193635C76A2358414E964123AB25BC8BB9DC9F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject info access: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft Manifest number: BA Signing time: Fri 22 Aug 2025 19:01:16 +0000 Manifest this update: Fri 22 Aug 2025 18:56:16 +0000 Manifest next update: Tue 26 Aug 2025 04:39:16 +0000 Files and hashes: 1: 3136302e32302e3130352e302f32342d3234203d3e20313532373930.roa (hash: Jit+uJIEyqjGrv7HRmDwiYsYuySfB8Lk478TOnlXVFM=) 2: D237DEA20D73B3F216B98336BA8307D913DDB257.crl (hash: GDltygswv5EzDJdfSWeVtVBNn6EmYTCx/OQ3N/1lIus=) 3: 3136302e32302e3130342e302f32332d3233203d3e20313532373930.roa (hash: 6GiaOKLyqPYX/f1R6Pzjd3Rq6FZr1+gkkd5RuGl5VaI=) 4: 3136302e32302e3130342e302f32342d3234203d3e20313532373930.roa (hash: 5TysUWdf//ijZZADQg/kyk1hPl8L9rMcShCWekWYvss=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 04:39:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:19:36:35:c7:6a:23:58:41:4e:96:41:23:ab:25:bc:8b:b9:dc:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Validity Not Before: Aug 22 18:56:16 2025 GMT Not After : Aug 26 04:39:16 2025 GMT Subject: CN=EA419A6EB6CD0F75397B70E6BDEE73C48CD2A956 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:c8:ca:c1:28:0c:e9:b9:82:eb:da:57:74:d2: 4c:58:60:53:72:51:cb:3a:e7:d4:c6:20:20:d9:eb: 4d:3a:10:cc:d6:0c:be:95:f3:e0:8d:eb:3c:50:28: 17:70:2f:8a:d0:3b:df:63:2c:ad:89:fa:42:d5:f4: 68:ab:c5:e4:2a:f0:01:0b:0e:9c:51:29:d7:ef:06: d1:66:dc:ff:f3:c6:d6:09:db:c3:cc:39:8f:c1:38: 0c:8d:5a:f8:6d:b1:2a:0c:67:38:98:9c:b3:37:f4: 3a:62:55:eb:9c:d2:b8:36:cf:48:c3:87:37:a2:57: 7a:fc:17:ab:95:cb:69:1e:5b:b0:44:17:e4:4c:d6: 59:e8:84:da:70:f8:ad:56:25:37:47:95:ba:13:9c: 5d:45:ad:f7:6e:d6:c4:c0:5b:d4:30:2e:2b:ce:54: 7c:db:1f:d2:e7:36:65:ee:7a:ec:12:69:ae:33:71: 19:6d:37:9f:0d:d0:1c:0c:d9:c0:46:c0:cc:d3:9d: c6:67:3d:0e:e6:f5:df:7a:cb:c5:9f:b8:19:01:b5: 7f:7f:bd:79:aa:b8:6a:03:76:23:c6:8b:1f:1d:72: ef:06:8e:31:6b:7d:5f:93:83:c2:3a:5b:b5:a9:a0: f3:51:d6:81:59:47:7b:38:98:b8:9f:8a:2d:5c:6a: ca:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:41:9A:6E:B6:CD:0F:75:39:7B:70:E6:BD:EE:73:C4:8C:D2:A9:56 X509v3 Authority Key Identifier: keyid:D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:fd:b8:74:0f:1b:b5:e5:05:15:dc:19:b2:db:91:1a:3c:7b: 40:9b:6e:05:89:3a:a9:2a:9f:90:16:3c:e2:f3:80:e9:ab:aa: e7:ec:60:7a:59:6e:46:f5:80:79:a8:d4:d1:d5:0b:59:24:17: 70:e4:1f:c5:15:59:18:b0:98:61:df:5d:60:f9:98:cf:08:2d: c5:34:b1:f8:ae:9e:f5:22:19:d3:17:d0:c8:d6:5b:87:fd:fb: 25:a4:b0:a9:03:e0:93:72:a6:50:a4:49:81:63:78:07:1d:99: 14:ec:8e:8b:c2:c8:bf:3b:8b:6f:c8:f4:87:78:f0:74:70:e6: 6a:bb:5d:4a:a2:b6:69:68:25:7a:e7:1b:29:02:75:3c:89:dd: 78:7a:e0:c2:77:33:7d:26:f8:0b:85:33:b7:8b:cb:75:bf:1e: 69:b2:91:5b:3b:ec:65:cd:9e:df:a1:6b:b4:a7:99:07:29:9e: 7d:e1:36:04:49:51:30:02:7f:b2:98:f3:76:b4:95:d5:e8:39: 0c:72:e4:c1:1e:db:0c:83:6f:7a:57:6b:5c:b1:1d:84:bd:57: 30:97:8e:cd:92:7a:4c:d2:63:bb:86:61:67:8f:b7:38:29:7f: 45:5c:d3:b9:74:54:9c:5e:76:9c:f0:16:9a:3a:98:4a:9c:b5: 26:00:68:17 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfRk2NcdqI1hBTpZBI6slvIu53J8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkx M0REQjI1NzAeFw0yNTA4MjIxODU2MTZaFw0yNTA4MjYwNDM5MTZaMDMxMTAvBgNV BAMTKEVBNDE5QTZFQjZDRDBGNzUzOTdCNzBFNkJERUU3M0M0OENEMkE5NTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeyMrBKAzpuYLr2ld00kxYYFNy Ucs659TGICDZ6006EMzWDL6V8+CN6zxQKBdwL4rQO99jLK2J+kLV9GirxeQq8AEL DpxRKdfvBtFm3P/zxtYJ28PMOY/BOAyNWvhtsSoMZziYnLM39DpiVeuc0rg2z0jD hzeiV3r8F6uVy2keW7BEF+RM1lnohNpw+K1WJTdHlboTnF1Frfdu1sTAW9QwLivO VHzbH9LnNmXueuwSaa4zcRltN58N0BwM2cBGwMzTncZnPQ7m9d96y8WfuBkBtX9/ vXmquGoDdiPGix8dcu8GjjFrfV+Tg8I6W7WpoPNR1oFZR3s4mLifii1casppAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU6kGabrbND3U5e3Dmve5zxIzSqVYwHwYDVR0j BBgwFoAU0jfeog1zs/IWuYM2uoMH2RPdslcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m YmI1ZmE0YS1iZWE2LTQ2NGYtYjQwOS0xMWQ5YTM3NjFhNmMvMC9EMjM3REVBMjBE NzNCM0YyMTZCOTgzMzZCQTgzMDdEOTEzRERCMjU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkxM0RE QjI1Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZmJiNWZhNGEtYmVhNi00NjRmLWI0 MDktMTFkOWEzNzYxYTZjLzAvRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3 RDkxM0REQjI1Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAB79uHQPG7XlBRXcGbLbkRo8e0CbbgWJOqkq n5AWPOLzgOmrqufsYHpZbkb1gHmo1NHVC1kkF3DkH8UVWRiwmGHfXWD5mM8ILcU0 sfiunvUiGdMX0MjWW4f9+yWksKkD4JNyplCkSYFjeAcdmRTsjovCyL87i2/I9Id4 8HRw5mq7XUqitmloJXrnGykCdTyJ3Xh64MJ3M30m+AuFM7eLy3W/HmmykVs77GXN nt+ha7SnmQcpnn3hNgRJUTACf7KY83a0ldXoOQxy5MEe2wyDb3pXa1yxHYS9VzCX js2SekzSY7uGYWePtzgpf0Vc07l0VJxedpzwFpo6mEqctSYAaBc= -----END CERTIFICATE-----Generated at Sat Aug 23 19:44:10 2025 by rpki-client