$ rpki-client -vvf repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft File: 25D788BD2A450C01354B9AB70826895FDFF56208.mft (raw, json) Hash identifier: UfKZUnQbZL+9aE7Zz74pXttnykx7B7aZQHmXEYk2r4E= Subject key identifier: 2A:FF:E4:A3:8C:48:62:1B:79:07:75:C0:57:FC:8F:52:1D:CE:0B:E6 Authority key identifier: 25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08 Certificate issuer: /CN=25D788BD2A450C01354B9AB70826895FDFF56208 Certificate serial: 21BB269EC7D92A63A5269615754207FF6D684735 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer Subject info access: rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft Manifest number: 033F Signing time: Sat 19 Jul 2025 06:41:01 +0000 Manifest this update: Sat 19 Jul 2025 06:36:01 +0000 Manifest next update: Tue 22 Jul 2025 11:22:01 +0000 Files and hashes: 1: 323030313a6466303a663530303a3a2f34382d3438203d3e20313432333739.roa (hash: wuLvX+Xgm0i3AJgZLRAJ8zSBRz4zFDFFXcC9P9aZOYA=) 2: 25D788BD2A450C01354B9AB70826895FDFF56208.crl (hash: QPRMMyxEelpPj6/Eg0GAPqedwCKQ12P7h9sTW5tXdLU=) 3: 3132332e3235332e3234382e302f32332d3234203d3e20313432333739.roa (hash: T9vPzFVrVbtfkOIbIR0gBtReDHG4KgAtDeHT2T3EGwQ=) 4: 3132332e3235332e3234382e302f32332d3234203d3e20313336383235.roa (hash: g29pf8GRD5KEsQ3xMiXcjqqLaCsv5cRFguqUqUNSeQU=) 5: 3130332e39312e32342e302f32322d3234203d3e20313432333739.roa (hash: AU2BjjxLKOB7x1afsJypIVoDqfBt5Pa++/i1Uy3JBXs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 11:22:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:bb:26:9e:c7:d9:2a:63:a5:26:96:15:75:42:07:ff:6d:68:47:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25D788BD2A450C01354B9AB70826895FDFF56208 Validity Not Before: Jul 19 06:36:01 2025 GMT Not After : Jul 22 11:22:01 2025 GMT Subject: CN=2AFFE4A38C48621B790775C057FC8F521DCE0BE6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:8f:23:1a:50:45:ea:41:cd:f9:5f:30:83:fe: 60:c8:04:5b:53:53:0a:ea:71:36:4c:d1:d4:23:55: f5:8b:22:bb:f5:b7:21:f3:08:82:1d:99:3e:f5:ac: c0:dc:2c:e2:2c:70:58:52:36:88:74:12:4a:87:a4: 76:15:01:3e:bd:ed:8f:49:1e:82:c0:38:6f:2d:4d: 22:8e:fc:6e:30:a0:fc:e5:8f:d2:97:19:f7:da:b1: 3a:c9:7d:4e:a5:f8:0f:39:f7:ac:82:d1:fc:72:5e: e6:94:11:04:4c:5f:fa:36:c6:99:f0:54:1a:f2:6c: 05:5c:ba:8d:55:07:4b:20:b7:cb:e0:99:0d:e0:71: b6:2b:86:66:80:8f:15:02:a7:51:40:e4:5c:57:4a: c2:2d:7a:c4:28:f4:ff:ab:df:c2:99:ee:da:73:40: 0d:53:77:d7:e3:2a:84:d6:b9:01:fc:e9:82:e6:a8: 7a:80:06:ea:a6:64:ab:f7:43:85:83:d1:c6:a1:db: 08:7b:d4:22:44:87:06:87:04:1f:cb:e3:35:b2:cc: a7:1f:2a:02:b6:25:ef:88:3f:63:d4:01:e2:ce:28: 7f:c3:d6:d9:0a:e9:45:31:b3:81:3c:6b:61:59:d4: f1:11:fd:39:af:08:0d:93:20:00:63:42:88:fb:b2: ec:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:FF:E4:A3:8C:48:62:1B:79:07:75:C0:57:FC:8F:52:1D:CE:0B:E6 X509v3 Authority Key Identifier: keyid:25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:af:a6:23:f3:54:bd:91:ee:a0:75:ba:93:a0:2f:2e:5c:9d: b8:c0:af:da:28:4d:54:4f:c9:b5:f2:21:49:92:97:7d:ee:f8: ab:95:e1:75:b9:e7:17:29:5a:d5:bd:89:34:fa:4a:9f:22:13: 63:fa:c7:33:1d:61:ca:4c:07:1b:f5:0a:9d:3d:97:cb:ad:72: 24:e9:49:59:6f:9b:e9:06:5a:e7:e2:9b:ec:14:09:df:36:30: 45:90:f3:2e:c0:31:20:d4:4d:c1:40:93:39:13:50:79:4c:b2: 63:66:17:69:f8:9d:3c:bc:84:67:85:46:f7:45:f0:f9:9c:af: 79:27:60:12:f4:fe:f1:96:44:0b:5e:1f:7a:44:df:80:3c:38: 31:1b:fc:dc:c0:16:ae:d8:b5:22:22:a7:a3:82:45:ac:c4:66: db:8b:23:8f:73:82:59:17:c5:72:0a:00:60:d1:84:50:e4:4d: 2a:22:95:8a:1d:99:dc:b9:16:c4:0c:72:e9:ea:87:a7:cc:bc: 1f:d2:81:a4:a8:fb:c0:e8:d6:3d:5a:6f:04:47:cb:5d:11:2b: cc:6a:8f:18:d7:39:bd:b9:31:ec:55:4a:10:63:d6:b3:ba:ac: 4b:ac:c0:8e:d1:3e:0f:4e:35:65:d4:e9:4a:7d:58:92:65:04: 43:6d:04:37 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIbsmnsfZKmOlJpYVdUIH/21oRzUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZE RkY1NjIwODAeFw0yNTA3MTkwNjM2MDFaFw0yNTA3MjIxMTIyMDFaMDMxMTAvBgNV BAMTKDJBRkZFNEEzOEM0ODYyMUI3OTA3NzVDMDU3RkM4RjUyMURDRTBCRTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+jyMaUEXqQc35XzCD/mDIBFtT UwrqcTZM0dQjVfWLIrv1tyHzCIIdmT71rMDcLOIscFhSNoh0EkqHpHYVAT697Y9J HoLAOG8tTSKO/G4woPzlj9KXGffasTrJfU6l+A8596yC0fxyXuaUEQRMX/o2xpnw VBrybAVcuo1VB0sgt8vgmQ3gcbYrhmaAjxUCp1FA5FxXSsItesQo9P+r38KZ7tpz QA1Td9fjKoTWuQH86YLmqHqABuqmZKv3Q4WD0cah2wh71CJEhwaHBB/L4zWyzKcf KgK2Je+IP2PUAeLOKH/D1tkK6UUxs4E8a2FZ1PER/TmvCA2TIABjQoj7suzdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUKv/ko4xIYht5B3XAV/yPUh3OC+YwHwYDVR0j BBgwFoAUJdeIvSpFDAE1S5q3CCaJX9/1YggwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NmE3NjY1YS1iNTBiLTRhNDUtYThmOS0wZDY5YmQ3ZDc0M2QvMC8yNUQ3ODhCRDJB NDUwQzAxMzU0QjlBQjcwODI2ODk1RkRGRjU2MjA4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZERkY1 NjIwOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDZhNzY2NWEtYjUwYi00YTQ1LWE4 ZjktMGQ2OWJkN2Q3NDNkLzAvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5 NUZERkY1NjIwOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADivpiPzVL2R7qB1upOgLy5cnbjAr9ooTVRP ybXyIUmSl33u+KuV4XW55xcpWtW9iTT6Sp8iE2P6xzMdYcpMBxv1Cp09l8utciTp SVlvm+kGWufim+wUCd82MEWQ8y7AMSDUTcFAkzkTUHlMsmNmF2n4nTy8hGeFRvdF 8Pmcr3knYBL0/vGWRAteH3pE34A8ODEb/NzAFq7YtSIip6OCRazEZtuLI49zglkX xXIKAGDRhFDkTSoilYodmdy5FsQMcunqh6fMvB/SgaSo+8Do1j1abwRHy10RK8xq jxjXOb25MexVShBj1rO6rEuswI7RPg9ONWXU6Up9WJJlBENtBDc= -----END CERTIFICATE-----Generated at Mon Jul 21 07:24:52 2025 by rpki-client