$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: F+QPSSnoT5mbvT4CJGa5GHSQEfrTMXrm0xNQXUaECI4= Subject key identifier: AB:89:D3:2E:42:B2:D5:7D:F8:3F:F8:D2:55:07:36:28:E0:82:4C:65 Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 26D1344FDAD3A232AAFF63B6D5AFEC7F3DFE93F3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 0519 Signing time: Wed 22 Oct 2025 20:30:57 +0000 Manifest this update: Wed 22 Oct 2025 20:25:57 +0000 Manifest next update: Sun 26 Oct 2025 03:07:57 +0000 Files and hashes: 1: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) 2: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) 3: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: 3Dg3Jod6hbvnmKY2BUv7/zrVbhFotpWEmej9L2S14cM=) 4: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) 5: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: 43ScMK1xGJHkc43OYqRAxNw2Nmb59FaJi1G0FFtsD2M=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 03:07:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:d1:34:4f:da:d3:a2:32:aa:ff:63:b6:d5:af:ec:7f:3d:fe:93:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Oct 22 20:25:57 2025 GMT Not After : Oct 26 03:07:57 2025 GMT Subject: CN=AB89D32E42B2D57DF83FF8D255073628E0824C65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:df:a1:3b:d2:63:f7:ca:ca:4e:ff:6c:c6:05: f5:ab:5c:65:59:73:20:73:6d:65:6b:55:ca:58:30: f2:f3:c5:b7:e7:62:68:bd:14:f5:90:a6:94:50:86: d4:09:59:9d:a7:c8:ea:be:d6:33:f3:42:73:d8:d5: 9c:69:a8:e0:b7:c9:8b:85:55:8f:c6:e5:23:27:d2: e5:4c:aa:ec:13:24:b5:aa:b0:0c:a1:cc:01:7c:bb: 83:11:02:41:da:9f:d0:02:5a:ae:71:37:1f:de:0e: 41:f8:1d:84:5b:0c:0d:1b:c7:d9:5d:8d:50:1d:b7: 55:a0:28:5d:71:60:30:69:c7:c3:7e:ab:b1:1d:10: 91:11:e5:fb:73:12:8e:6c:70:9a:d7:34:00:17:35: 12:e4:96:a4:bd:3a:9b:cb:67:04:b2:44:b0:be:2d: 51:68:42:f6:a8:e8:60:ad:4a:74:17:d5:c1:0f:0a: 5c:ee:9a:4b:34:2b:79:4f:90:33:fb:82:40:0d:98: a7:ae:75:da:34:15:63:26:85:ec:f6:3a:0b:bc:8f: f2:cf:e2:58:35:23:83:45:f6:1b:ae:c6:7d:a0:18: 20:7f:c0:c5:06:a0:38:3c:ce:74:6c:46:27:0c:bf: d3:67:86:76:e2:3d:1e:93:11:5f:b9:69:d1:7d:66: 36:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:89:D3:2E:42:B2:D5:7D:F8:3F:F8:D2:55:07:36:28:E0:82:4C:65 X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:31:00:68:e3:6b:2f:21:25:ec:70:8f:90:18:63:ad:03:52: cd:44:51:03:1f:cd:8a:46:56:44:c9:cc:f0:29:e2:b7:ff:4f: 7e:6d:89:5d:b2:97:41:45:cb:0d:61:2b:c1:0d:98:19:d3:31: 90:29:52:92:da:bc:a9:61:a8:75:0e:2b:b3:a3:4e:cd:06:7c: ef:41:a0:aa:b1:a2:f0:d4:52:27:31:90:fd:de:4a:82:40:52: 50:48:bf:d9:db:df:5d:8d:4d:f1:7f:3c:0f:62:13:58:ee:25: ee:06:a5:3f:a2:ef:af:56:f5:c0:98:94:1f:ae:a4:01:84:53: 77:c3:65:37:c9:05:f6:54:81:43:c4:73:ff:e3:19:93:d8:7c: 5a:90:8a:c3:5f:84:0b:dc:5f:92:25:06:38:85:97:9e:ca:6e: fd:93:6b:86:8d:68:02:31:14:de:24:9c:69:0b:a3:73:0e:61: 9f:5c:c6:c3:39:98:d9:73:cb:80:eb:39:86:b3:29:58:83:fa: f2:c1:85:7b:d5:82:ef:7f:9a:05:10:54:9e:f8:d9:12:6b:ba: 4e:94:0a:4e:32:1c:e2:99:59:3d:17:17:83:24:b2:aa:d2:fe: 30:4f:89:7b:9f:d3:5f:bb:69:46:9f:66:15:29:68:76:a8:00: c5:52:04:f1 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJtE0T9rTojKq/2O21a/sfz3+k/MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTEwMjIyMDI1NTdaFw0yNTEwMjYwMzA3NTdaMDMxMTAvBgNV BAMTKEFCODlEMzJFNDJCMkQ1N0RGODNGRjhEMjU1MDczNjI4RTA4MjRDNjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV36E70mP3yspO/2zGBfWrXGVZ cyBzbWVrVcpYMPLzxbfnYmi9FPWQppRQhtQJWZ2nyOq+1jPzQnPY1ZxpqOC3yYuF VY/G5SMn0uVMquwTJLWqsAyhzAF8u4MRAkHan9ACWq5xNx/eDkH4HYRbDA0bx9ld jVAdt1WgKF1xYDBpx8N+q7EdEJER5ftzEo5scJrXNAAXNRLklqS9OpvLZwSyRLC+ LVFoQvao6GCtSnQX1cEPClzumks0K3lPkDP7gkANmKeuddo0FWMmhez2Ogu8j/LP 4lg1I4NF9huuxn2gGCB/wMUGoDg8znRsRicMv9NnhnbiPR6TEV+5adF9ZjZHAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUq4nTLkKy1X34P/jSVQc2KOCCTGUwHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAC8xAGjjay8hJexwj5AYY60DUs1EUQMfzYpG VkTJzPAp4rf/T35tiV2yl0FFyw1hK8ENmBnTMZApUpLavKlhqHUOK7OjTs0GfO9B oKqxovDUUicxkP3eSoJAUlBIv9nb312NTfF/PA9iE1juJe4GpT+i769W9cCYlB+u pAGEU3fDZTfJBfZUgUPEc//jGZPYfFqQisNfhAvcX5IlBjiFl57Kbv2Ta4aNaAIx FN4knGkLo3MOYZ9cxsM5mNlzy4DrOYazKViD+vLBhXvVgu9/mgUQVJ742RJruk6U Ck4yHOKZWT0XF4MksqrS/jBPiXuf01+7aUafZhUpaHaoAMVSBPE= -----END CERTIFICATE-----Generated at Thu Oct 23 06:41:18 2025 by rpki-client