$ rpki-client -vvf repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.mft File: 17D02B116D4BBA651245CBC7CCC30A5927A744E4.mft (raw, json) Hash identifier: bkcohDWMAgIyCdmBGBITTRWiSWWsd9xQBgygIvJJfm4= Subject key identifier: CA:EC:7F:20:B8:A1:49:6F:65:85:C0:79:7E:A7:4E:35:32:92:45:FE Authority key identifier: 17:D0:2B:11:6D:4B:BA:65:12:45:CB:C7:CC:C3:0A:59:27:A7:44:E4 Certificate issuer: /CN=17D02B116D4BBA651245CBC7CCC30A5927A744E4 Certificate serial: 627FC6B6EBD1EF389125E66184F506CF276CE064 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/17D02B116D4BBA651245CBC7CCC30A5927A744E4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.mft Manifest number: 04E5 Signing time: Sat 25 Oct 2025 03:21:47 +0000 Manifest this update: Sat 25 Oct 2025 03:16:47 +0000 Manifest next update: Tue 28 Oct 2025 03:32:47 +0000 Files and hashes: 1: 3130332e34372e3133352e302f32342d3234203d3e203633383539.roa (hash: Lg5dQN6opERAWYn9yaTR81th2kNEptreAqT5F7qUOxg=) 2: 3130332e34372e3133332e302f32342d3234203d3e203633383539.roa (hash: EZteEph/2m/6PSU4HhniFTSW+lioN4P6OqCDsqE63rs=) 3: 17D02B116D4BBA651245CBC7CCC30A5927A744E4.crl (hash: eMHlrY23kEfKfv7rRlYSgsduczgWkg6dngECov9UHVc=) 4: 3130332e34372e3133322e302f32342d3234203d3e203633383539.roa (hash: KrQXE8D2Q5Yo3g//mdDYJidQwyMwsHM3lR4ILfL9Uvk=) 5: 3130332e34372e3133342e302f32342d3234203d3e203633383539.roa (hash: ISUPB5yjW6tmMrkjewjTPmASyvfsPyLCAirfzGZHkUw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.crl rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/17D02B116D4BBA651245CBC7CCC30A5927A744E4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 03:32:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:7f:c6:b6:eb:d1:ef:38:91:25:e6:61:84:f5:06:cf:27:6c:e0:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17D02B116D4BBA651245CBC7CCC30A5927A744E4 Validity Not Before: Oct 25 03:16:47 2025 GMT Not After : Oct 28 03:32:47 2025 GMT Subject: CN=CAEC7F20B8A1496F6585C0797EA74E35329245FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:4d:a1:fb:72:87:fc:65:64:11:51:2b:a1:3f: 3b:cc:82:73:b9:a4:30:2b:a7:7b:b8:73:86:cf:e3: 6b:e9:bd:cd:29:2d:aa:c6:ad:a0:97:f0:dd:2c:87: 79:db:e6:34:19:f5:27:c7:5b:5e:6a:30:b9:38:5a: 8a:72:e6:3c:f3:06:77:c9:4e:24:d2:39:6d:2b:53: 6e:bf:f5:16:a7:3b:4f:53:75:e4:97:6b:ae:fc:d9: ce:1d:05:fe:89:69:fe:04:22:d7:25:30:96:ed:36: 74:3b:54:84:5c:9b:4b:82:83:04:32:7e:a3:2d:7b: bc:bc:d5:c4:29:e4:85:8f:05:a0:6f:d6:49:0a:a4: f6:41:f4:9d:f6:c5:00:6c:93:11:40:6e:1c:2c:73: 8f:c0:01:bd:9d:8e:0e:29:9d:d2:fa:68:69:eb:d8: 6b:e9:c6:d0:0a:55:5d:53:6f:34:4d:be:fe:48:69: a8:bd:58:19:76:6a:98:95:a2:9c:5d:4b:38:71:e8: c0:d4:12:70:b0:fd:b0:d1:92:f9:7b:b8:2a:f4:4c: 98:43:37:86:9e:a9:d1:5a:a1:5b:4c:fb:a8:9a:4f: ff:99:a2:ae:a1:40:6c:c8:e2:f8:d4:e5:e3:a1:f7: 5c:40:d1:e1:03:0d:f5:c5:7c:72:d7:db:8e:5e:c8: 90:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:EC:7F:20:B8:A1:49:6F:65:85:C0:79:7E:A7:4E:35:32:92:45:FE X509v3 Authority Key Identifier: keyid:17:D0:2B:11:6D:4B:BA:65:12:45:CB:C7:CC:C3:0A:59:27:A7:44:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/17D02B116D4BBA651245CBC7CCC30A5927A744E4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/0/17D02B116D4BBA651245CBC7CCC30A5927A744E4.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d4:d8:5f:29:49:e3:b6:32:69:83:bc:2f:dd:7a:c6:2b:7b:e9: 68:d4:2c:bc:d8:99:f2:e2:07:a2:67:5d:ca:14:1c:46:54:a3: af:a8:f7:34:3b:ab:64:60:99:1b:bd:4c:ef:ae:c2:1e:d8:d0: f3:f0:da:7a:0f:29:17:9d:75:3d:17:12:a7:47:41:ae:62:b7: a5:c7:84:41:01:0f:55:09:dc:a7:4a:20:09:55:49:11:a2:a5: 0f:96:13:26:1b:06:c5:8e:e6:ce:14:b2:ce:7a:0f:2e:45:15: c5:71:bb:96:09:4a:76:40:88:52:ed:37:00:97:43:d6:3c:25: d1:63:30:62:99:f3:9e:fd:ce:8a:3e:da:c8:ba:7d:9b:01:32: d4:5e:f5:6e:06:2e:38:0d:36:bb:e4:4d:ea:ce:e6:44:7e:94: e7:7e:d9:3c:5d:82:19:60:4f:cf:10:4c:02:0e:77:ce:0c:b4: 93:37:2f:3e:ea:b8:f6:49:b1:34:97:46:a3:95:b4:55:36:21: e4:f0:26:42:fb:7e:6e:ed:12:b4:0a:e0:3c:6a:94:56:46:cf: ee:4b:20:20:46:ae:a1:b0:02:e5:cc:32:39:a3:a5:87:ef:ca: 69:81:ab:c0:79:7c:fa:e5:07:a7:ce:fe:3d:81:62:03:89:a1: 17:35:4b:4f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYn/GtuvR7ziRJeZhhPUGzyds4GQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTdEMDJCMTE2RDRCQkE2NTEyNDVDQkM3Q0NDMzBBNTky N0E3NDRFNDAeFw0yNTEwMjUwMzE2NDdaFw0yNTEwMjgwMzMyNDdaMDMxMTAvBgNV BAMTKENBRUM3RjIwQjhBMTQ5NkY2NTg1QzA3OTdFQTc0RTM1MzI5MjQ1RkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVTaH7cof8ZWQRUSuhPzvMgnO5 pDArp3u4c4bP42vpvc0pLarGraCX8N0sh3nb5jQZ9SfHW15qMLk4Wopy5jzzBnfJ TiTSOW0rU26/9RanO09TdeSXa6782c4dBf6Jaf4EItclMJbtNnQ7VIRcm0uCgwQy fqMte7y81cQp5IWPBaBv1kkKpPZB9J32xQBskxFAbhwsc4/AAb2djg4pndL6aGnr 2GvpxtAKVV1TbzRNvv5Iaai9WBl2apiVopxdSzhx6MDUEnCw/bDRkvl7uCr0TJhD N4aeqdFaoVtM+6iaT/+Zoq6hQGzI4vjU5eOh91xA0eEDDfXFfHLX245eyJAFAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUyux/ILihSW9lhcB5fqdONTKSRf4wHwYDVR0j BBgwFoAUF9ArEW1LumUSRcvHzMMKWSenROQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YmJiMjczNC1lNWZhLTQwZWItODU5OC1iN2NkMTAxMzQzY2EvMC8xN0QwMkIxMTZE NEJCQTY1MTI0NUNCQzdDQ0MzMEE1OTI3QTc0NEU0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTdEMDJCMTE2RDRCQkE2NTEyNDVDQkM3Q0NDMzBBNTkyN0E3 NDRFNC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2JiYjI3MzQtZTVmYS00MGViLTg1 OTgtYjdjZDEwMTM0M2NhLzAvMTdEMDJCMTE2RDRCQkE2NTEyNDVDQkM3Q0NDMzBB NTkyN0E3NDRFNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBANTYXylJ47YyaYO8L916xit76WjULLzYmfLi B6JnXcoUHEZUo6+o9zQ7q2RgmRu9TO+uwh7Y0PPw2noPKReddT0XEqdHQa5it6XH hEEBD1UJ3KdKIAlVSRGipQ+WEyYbBsWO5s4Uss56Dy5FFcVxu5YJSnZAiFLtNwCX Q9Y8JdFjMGKZ8579zoo+2si6fZsBMtRe9W4GLjgNNrvkTerO5kR+lOd+2Txdghlg T88QTAIOd84MtJM3Lz7quPZJsTSXRqOVtFU2IeTwJkL7fm7tErQK4DxqlFZGz+5L ICBGrqGwAuXMMjmjpYfvymmBq8B5fPrlB6fO/j2BYgOJoRc1S08= -----END CERTIFICATE-----Generated at Mon Oct 27 01:37:17 2025 by rpki-client