$ rpki-client -vvf repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.mft File: 2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.mft (raw, json) Hash identifier: J60hneKjdIviQSYmgXUouZ+qCSoOSbmHfy0EyuEmXBE= Subject key identifier: 0A:B5:09:1D:FD:93:E7:14:12:80:BA:8D:8B:E5:C7:F7:A6:B0:F0:25 Authority key identifier: 2D:9D:91:37:D4:42:7A:9D:34:E1:B1:5F:16:C5:C6:89:A8:C5:49:D9 Certificate issuer: /CN=2D9D9137D4427A9D34E1B15F16C5C689A8C549D9 Certificate serial: 49EAFA0EB512B7DBABEF763051176BE36BAC9434 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.mft Manifest number: 051B Signing time: Thu 23 Oct 2025 04:21:22 +0000 Manifest this update: Thu 23 Oct 2025 04:16:22 +0000 Manifest next update: Sun 26 Oct 2025 13:09:22 +0000 Files and hashes: 1: 3130332e3134342e3130332e302f32342d3234203d3e20313339343231.roa (hash: /ZqmuN0x+ZwpTTLsOK93bf5aWydgNNzXSi3NS4bqhi0=) 2: 2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.crl (hash: ZCbRc04qjc7OSeqi6q0E8wY/OjcNExyDxRV2opEaJXM=) 3: 3130332e3134342e3130322e302f32342d3234203d3e20313339343231.roa (hash: bV9xBqFWWdQNpl4xPPj/IRLaOQzWewk+JeafEOq6H8g=) 4: 3130332e3134342e3130322e302f32332d3234203d3e20313339343231.roa (hash: cdpLxSADx6mq88cWkf5UoxPyeajYM3Kq/Bc+NW2yaec=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.crl rsync://repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 13:09:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:ea:fa:0e:b5:12:b7:db:ab:ef:76:30:51:17:6b:e3:6b:ac:94:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D9D9137D4427A9D34E1B15F16C5C689A8C549D9 Validity Not Before: Oct 23 04:16:22 2025 GMT Not After : Oct 26 13:09:22 2025 GMT Subject: CN=0AB5091DFD93E7141280BA8D8BE5C7F7A6B0F025 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:94:e4:eb:2e:e1:50:1d:9e:4c:6d:5e:8f:12: 39:75:4a:9f:e0:48:68:ca:f0:a5:55:3e:cf:ea:a6: 29:3e:99:5d:a2:c1:e9:a7:5e:b7:16:9a:4c:69:af: 30:ef:00:6b:18:99:0a:03:f3:e8:61:d9:5d:52:5b: b8:f9:a0:05:4e:d3:97:d0:fc:df:d3:34:c4:05:52: 43:8c:1b:8d:59:d4:c2:62:c6:31:1f:b8:5b:66:b4: 1b:83:81:da:b1:df:35:2f:90:bb:a4:aa:82:df:41: 57:99:3e:a8:18:9c:40:b6:b6:b9:60:f6:a6:31:12: 95:83:4d:79:cf:be:5c:a3:a9:02:22:74:bf:f0:e9: 15:e4:2a:98:6d:2c:dd:b2:6c:9f:c2:70:8a:ce:ee: 12:a1:75:85:70:81:95:f0:91:16:eb:de:20:8c:0f: f5:e3:2b:b8:01:61:5e:53:d0:35:cc:fc:a9:32:df: 27:c2:3b:6f:b5:a7:7f:a7:6c:db:86:d3:5d:13:b9: c4:c7:05:2c:7b:84:f6:20:7e:f5:72:e4:9c:fc:25: be:cd:3e:d8:14:3d:31:1a:63:e3:53:ec:03:9e:e0: a8:3d:9a:7f:ae:7a:94:35:47:12:1b:4f:c4:06:cb: 08:b9:d0:64:14:92:6b:10:7b:ef:ff:cb:cb:03:b9: 08:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:B5:09:1D:FD:93:E7:14:12:80:BA:8D:8B:E5:C7:F7:A6:B0:F0:25 X509v3 Authority Key Identifier: keyid:2D:9D:91:37:D4:42:7A:9D:34:E1:B1:5F:16:C5:C6:89:A8:C5:49:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:be:f3:93:2c:45:b4:d8:a3:f9:ed:bb:f0:6b:24:3c:26:fe: c2:b8:c0:b1:c0:ba:78:60:68:66:ef:66:ba:c0:55:b1:ef:e5: bc:15:03:be:9a:e5:95:6e:0a:62:99:68:a7:16:98:3d:e3:f4: c2:8e:dd:81:9b:0c:73:80:b1:6d:0f:89:2d:30:1b:51:db:10: 19:45:c5:ec:c2:20:fd:8c:55:a4:fb:49:09:06:80:14:be:04: 52:15:0e:80:2b:22:52:80:49:05:45:8c:86:45:7b:25:3f:db: cc:db:b5:94:37:34:e9:95:d6:f0:c0:ff:0c:1f:07:ec:65:74: ee:ab:48:81:c2:0b:03:d5:30:81:b5:e4:93:1e:61:90:1a:84: 6f:79:e1:89:e2:d8:af:e1:de:29:b4:4f:00:c5:a5:bc:8c:ce: d2:63:c6:f3:65:33:cd:3a:09:0c:2b:47:30:0f:30:87:b5:2b: 01:32:ac:30:8c:d4:40:1f:d4:b2:90:63:41:bb:c7:48:1b:85: 4d:25:79:8c:86:db:84:2c:43:2f:c3:a2:f3:2e:21:90:0c:66: 7b:39:41:66:a3:fc:b7:eb:29:d0:d7:38:81:12:d3:f4:9b:d9: e2:d4:e5:04:40:72:8c:7c:18:03:8b:59:63:ea:21:00:99:05: ea:64:f4:05 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUSer6DrUSt9ur73YwURdr42uslDQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQ5RDkxMzdENDQyN0E5RDM0RTFCMTVGMTZDNUM2ODlB OEM1NDlEOTAeFw0yNTEwMjMwNDE2MjJaFw0yNTEwMjYxMzA5MjJaMDMxMTAvBgNV BAMTKDBBQjUwOTFERkQ5M0U3MTQxMjgwQkE4RDhCRTVDN0Y3QTZCMEYwMjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5lOTrLuFQHZ5MbV6PEjl1Sp/g SGjK8KVVPs/qpik+mV2iwemnXrcWmkxprzDvAGsYmQoD8+hh2V1SW7j5oAVO05fQ /N/TNMQFUkOMG41Z1MJixjEfuFtmtBuDgdqx3zUvkLukqoLfQVeZPqgYnEC2trlg 9qYxEpWDTXnPvlyjqQIidL/w6RXkKphtLN2ybJ/CcIrO7hKhdYVwgZXwkRbr3iCM D/XjK7gBYV5T0DXM/Kky3yfCO2+1p3+nbNuG010TucTHBSx7hPYgfvVy5Jz8Jb7N PtgUPTEaY+NT7AOe4Kg9mn+uepQ1RxIbT8QGywi50GQUkmsQe+//y8sDuQgbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUCrUJHf2T5xQSgLqNi+XH96aw8CUwHwYDVR0j BBgwFoAULZ2RN9RCep004bFfFsXGiajFSdkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YTUzNDFlOC0yMmQ4LTQ0OWMtYTc1My1lNDdiYmZjNDg1MzgvMC8yRDlEOTEzN0Q0 NDI3QTlEMzRFMUIxNUYxNkM1QzY4OUE4QzU0OUQ5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQ5RDkxMzdENDQyN0E5RDM0RTFCMTVGMTZDNUM2ODlBOEM1 NDlEOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmE1MzQxZTgtMjJkOC00NDljLWE3 NTMtZTQ3YmJmYzQ4NTM4LzAvMkQ5RDkxMzdENDQyN0E5RDM0RTFCMTVGMTZDNUM2 ODlBOEM1NDlEOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJC+85MsRbTYo/ntu/BrJDwm/sK4wLHAunhg aGbvZrrAVbHv5bwVA76a5ZVuCmKZaKcWmD3j9MKO3YGbDHOAsW0PiS0wG1HbEBlF xezCIP2MVaT7SQkGgBS+BFIVDoArIlKASQVFjIZFeyU/28zbtZQ3NOmV1vDA/wwf B+xldO6rSIHCCwPVMIG15JMeYZAahG954Yni2K/h3im0TwDFpbyMztJjxvNlM806 CQwrRzAPMIe1KwEyrDCM1EAf1LKQY0G7x0gbhU0leYyG24QsQy/DovMuIZAMZns5 QWaj/LfrKdDXOIES0/Sb2eLU5QRAcox8GAOLWWPqIQCZBepk9AU= -----END CERTIFICATE-----Generated at Thu Oct 23 08:00:54 2025 by rpki-client