$ rpki-client -vvf repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft File: 25D788BD2A450C01354B9AB70826895FDFF56208.mft (raw, json) Hash identifier: WzLFUZ0PTa/2I8D3B6yH0iQp5+zjyJ9eYT7KUQYPU+Y= Subject key identifier: 1A:02:A5:B9:53:F0:2A:C7:4C:CA:98:16:5B:B8:4D:87:79:B9:17:D6 Authority key identifier: 25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08 Certificate issuer: /CN=25D788BD2A450C01354B9AB70826895FDFF56208 Certificate serial: 35B42CF52B1C3CFD56A5012A2B890F169C9C1829 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer Subject info access: rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft Manifest number: 036A Signing time: Thu 23 Oct 2025 12:01:05 +0000 Manifest this update: Thu 23 Oct 2025 11:56:05 +0000 Manifest next update: Sun 26 Oct 2025 17:04:05 +0000 Files and hashes: 1: 25D788BD2A450C01354B9AB70826895FDFF56208.crl (hash: TqZRucSMNFp2AEVziKpLprHpWZQwRrXDwCfEIPFtVcU=) 2: 3132332e3235332e3234382e302f32332d3234203d3e20313432333739.roa (hash: T9vPzFVrVbtfkOIbIR0gBtReDHG4KgAtDeHT2T3EGwQ=) 3: 3130332e39312e32342e302f32322d3234203d3e20313432333739.roa (hash: AU2BjjxLKOB7x1afsJypIVoDqfBt5Pa++/i1Uy3JBXs=) 4: 323030313a6466303a663530303a3a2f34382d3438203d3e20313432333739.roa (hash: BfvR/So226bitOLhPr9CHxhxgb1Q7qOXOhbe2UXDXlU=) 5: 3132332e3235332e3234382e302f32332d3234203d3e20313336383235.roa (hash: g29pf8GRD5KEsQ3xMiXcjqqLaCsv5cRFguqUqUNSeQU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 17:04:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:b4:2c:f5:2b:1c:3c:fd:56:a5:01:2a:2b:89:0f:16:9c:9c:18:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25D788BD2A450C01354B9AB70826895FDFF56208 Validity Not Before: Oct 23 11:56:05 2025 GMT Not After : Oct 26 17:04:05 2025 GMT Subject: CN=1A02A5B953F02AC74CCA98165BB84D8779B917D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:d8:35:53:5a:3d:83:5e:75:88:16:9c:5c:92: 97:cc:f8:10:2d:58:98:39:c2:46:16:80:87:48:13: 37:73:0a:11:0b:50:72:66:3d:2a:41:48:98:ef:dd: cb:b8:5f:2f:f2:71:59:52:1d:47:67:b1:e0:9e:d4: f5:a3:61:93:6c:89:5d:08:a5:ae:d5:7a:f2:2d:dd: b6:74:a8:66:b1:c9:97:52:f2:9d:42:a0:e2:91:cf: 17:f8:64:31:b7:a3:06:15:15:59:4e:78:bb:aa:49: 8c:94:de:29:ba:09:0a:84:be:20:f2:e0:64:bd:3b: 71:a7:f3:47:6d:79:ee:27:ea:7d:97:2a:5d:8d:a9: fd:60:a1:79:01:08:f6:df:af:90:5a:b0:32:bb:a9: ea:ba:59:a0:9c:5b:b2:77:53:6a:b5:be:d0:6c:1d: dc:67:00:5c:f7:96:99:ca:b4:22:ed:4f:63:79:e5: 3e:42:c2:64:f9:b7:7d:fb:42:36:cf:93:5a:d3:f7: af:56:78:11:bb:19:05:ea:69:8e:89:df:be:e9:e2: a5:79:59:00:86:fd:0f:45:b8:3f:39:28:cf:02:37: eb:67:63:87:c8:b2:61:32:91:18:78:57:d7:20:a6: 3c:84:83:2a:39:33:1e:d0:2f:25:6e:ba:5f:a4:0b: 6a:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:02:A5:B9:53:F0:2A:C7:4C:CA:98:16:5B:B8:4D:87:79:B9:17:D6 X509v3 Authority Key Identifier: keyid:25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:01:83:13:b8:3b:88:6b:0e:b2:ca:c1:d0:21:c5:83:23:0e: a0:cb:ed:a8:8c:1b:8f:a5:89:f6:7a:5b:a9:3b:61:7e:59:ac: 69:6c:e7:d2:80:d1:35:17:2b:49:5c:86:7f:b2:8c:79:ba:50: 25:7d:b7:74:20:ff:5f:e0:24:2d:d0:25:31:0d:8f:59:bc:e5: c8:51:77:d1:37:7e:30:8a:7b:8d:35:0a:3e:f1:57:82:1f:85: c0:0a:dc:d7:2a:6c:51:f1:06:6b:b1:56:99:17:ec:94:c4:43: 5d:88:1c:b6:55:0e:0b:54:ff:55:49:6c:ac:83:92:53:e2:b4: 28:d6:5f:dd:a6:10:20:02:49:46:52:69:ed:dc:0b:51:f2:29: 65:a0:44:6e:43:21:bf:b3:25:00:7b:78:3b:23:9e:06:bf:d3: 7a:8c:fe:a6:ca:d1:89:af:6b:cc:e7:8b:45:90:b0:be:9e:75: 5a:d3:00:9d:bf:72:f1:b6:62:63:f5:3e:27:f4:84:e8:0f:36: 45:a5:f6:36:9e:98:be:57:af:07:87:06:c4:79:28:f3:b6:a9: 7e:57:65:82:5b:21:ae:d0:c6:f2:3f:83:a5:05:0a:8c:7d:5d: 2d:a2:14:c6:62:5a:fa:45:4e:90:bb:22:7d:6b:f3:88:37:b3: 46:8f:33:2f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNbQs9SscPP1WpQEqK4kPFpycGCkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZE RkY1NjIwODAeFw0yNTEwMjMxMTU2MDVaFw0yNTEwMjYxNzA0MDVaMDMxMTAvBgNV BAMTKDFBMDJBNUI5NTNGMDJBQzc0Q0NBOTgxNjVCQjg0RDg3NzlCOTE3RDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp2DVTWj2DXnWIFpxckpfM+BAt WJg5wkYWgIdIEzdzChELUHJmPSpBSJjv3cu4Xy/ycVlSHUdnseCe1PWjYZNsiV0I pa7VevIt3bZ0qGaxyZdS8p1CoOKRzxf4ZDG3owYVFVlOeLuqSYyU3im6CQqEviDy 4GS9O3Gn80dtee4n6n2XKl2Nqf1goXkBCPbfr5BasDK7qeq6WaCcW7J3U2q1vtBs HdxnAFz3lpnKtCLtT2N55T5CwmT5t337QjbPk1rT969WeBG7GQXqaY6J377p4qV5 WQCG/Q9FuD85KM8CN+tnY4fIsmEykRh4V9cgpjyEgyo5Mx7QLyVuul+kC2rNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUGgKluVPwKsdMypgWW7hNh3m5F9YwHwYDVR0j BBgwFoAUJdeIvSpFDAE1S5q3CCaJX9/1YggwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NmE3NjY1YS1iNTBiLTRhNDUtYThmOS0wZDY5YmQ3ZDc0M2QvMC8yNUQ3ODhCRDJB NDUwQzAxMzU0QjlBQjcwODI2ODk1RkRGRjU2MjA4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZERkY1 NjIwOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDZhNzY2NWEtYjUwYi00YTQ1LWE4 ZjktMGQ2OWJkN2Q3NDNkLzAvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5 NUZERkY1NjIwOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFEBgxO4O4hrDrLKwdAhxYMjDqDL7aiMG4+l ifZ6W6k7YX5ZrGls59KA0TUXK0lchn+yjHm6UCV9t3Qg/1/gJC3QJTENj1m85chR d9E3fjCKe401Cj7xV4IfhcAK3NcqbFHxBmuxVpkX7JTEQ12IHLZVDgtU/1VJbKyD klPitCjWX92mECACSUZSae3cC1HyKWWgRG5DIb+zJQB7eDsjnga/03qM/qbK0Ymv a8zni0WQsL6edVrTAJ2/cvG2YmP1Pif0hOgPNkWl9jaemL5XrweHBsR5KPO2qX5X ZYJbIa7QxvI/g6UFCox9XS2iFMZiWvpFTpC7In1r84g3s0aPMy8= -----END CERTIFICATE-----Generated at Thu Oct 23 18:58:34 2025 by rpki-client