$ rpki-client -vvf repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft File: 85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft (raw, json) Hash identifier: lBgElbS0jQzP7pIHLIZppZ59mo0u6bq0AmQeR+xaV6Q= Subject key identifier: 02:4C:3C:8D:5B:00:B6:73:C3:EF:A8:01:63:A7:A9:B9:2F:3C:CA:66 Authority key identifier: 85:E8:DE:B3:87:42:E3:90:C7:BF:B3:4B:1E:4A:BA:C3:1D:33:7A:C3 Certificate issuer: /CN=85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3 Certificate serial: 408FDB371D938F6B174743499358AE4C6FEAAE61 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft Manifest number: 02AA Signing time: Thu 09 Oct 2025 19:01:40 +0000 Manifest this update: Thu 09 Oct 2025 18:56:40 +0000 Manifest next update: Sun 12 Oct 2025 21:15:40 +0000 Files and hashes: 1: 3130332e3137382e3137342e302f32332d3234203d3e20313337333331.roa (hash: gonve5wIJ3O85bDiwHHm2xjnNdsU9xH6JAbxD3Ax5a8=) 2: 85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl (hash: a93Jiw3QKDd9oB90AOmSwF7HyzbBTxjQHzLbsRS44IE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 Oct 2025 21:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:8f:db:37:1d:93:8f:6b:17:47:43:49:93:58:ae:4c:6f:ea:ae:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3 Validity Not Before: Oct 9 18:56:40 2025 GMT Not After : Oct 12 21:15:40 2025 GMT Subject: CN=024C3C8D5B00B673C3EFA80163A7A9B92F3CCA66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:7f:bb:b1:21:ec:48:7a:5c:12:42:68:ec:3a: 7b:29:ce:f4:b9:c1:db:f7:32:af:d2:ae:2f:0c:1f: 1d:19:43:b9:be:e4:98:f2:20:30:1e:0e:42:71:23: b5:cb:f2:c9:3a:3e:62:64:cf:74:2d:0d:75:ff:34: f2:7e:07:df:e1:43:f1:6c:e5:8b:22:2a:45:26:94: 9a:21:89:6d:e7:0b:b5:82:eb:df:f6:a6:62:8e:7e: 5e:4a:d7:68:ea:7c:47:ec:7f:6d:96:73:eb:a4:41: 8a:71:e0:0c:9f:f1:84:ed:61:10:72:b8:37:db:46: b6:8d:b3:6e:da:ff:20:c1:0f:60:6b:75:6c:45:76: 4a:21:83:ff:75:16:45:b7:09:f6:e1:b5:72:28:59: 35:3a:82:75:1f:94:2f:07:2e:b4:64:41:50:f3:79: 84:38:ef:d5:ab:7f:6d:ff:0f:3e:1d:6e:c0:41:92: d4:09:0b:62:d8:5c:65:32:a9:cc:d7:f7:a2:d2:88: 68:be:00:b5:f3:9c:b5:c0:86:69:56:e0:90:37:bd: 0e:de:7a:f5:13:cb:6f:16:48:eb:94:1b:0a:9f:2f: bd:0a:19:01:61:21:72:0f:dc:23:53:6c:32:c6:4d: c0:71:d6:07:87:d8:24:23:94:0e:07:ca:12:65:bf: 3d:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:4C:3C:8D:5B:00:B6:73:C3:EF:A8:01:63:A7:A9:B9:2F:3C:CA:66 X509v3 Authority Key Identifier: keyid:85:E8:DE:B3:87:42:E3:90:C7:BF:B3:4B:1E:4A:BA:C3:1D:33:7A:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption df:bd:8d:0a:29:f4:c6:73:06:09:46:4a:5d:53:16:64:ae:34: 59:b4:31:1f:ba:dc:e9:92:cb:83:83:64:17:66:b7:a5:80:94: d6:de:7f:62:ed:90:51:6a:6e:f1:a3:09:ea:11:6f:c9:09:cb: 53:ec:1f:58:59:a1:6a:d2:5a:f4:81:f0:da:9c:fc:7f:98:17: 9b:74:43:02:98:65:fc:96:c4:a6:08:2f:85:f3:e3:8e:46:fd: 4c:4c:85:f5:d6:96:8b:4f:2c:9d:02:71:25:e3:dd:3f:86:f3: a1:2c:bc:9b:39:a6:c6:93:d6:ec:2e:24:61:e6:9a:ac:ca:23: 13:d2:80:8c:3b:92:78:1b:22:b3:0f:a7:cf:c5:3b:b8:70:0e: b4:99:c8:3c:58:af:d7:27:3c:d4:ca:43:d4:6a:4f:5e:68:83: e9:8e:85:f5:20:f7:ca:2c:0a:4f:3f:d6:58:cf:ec:5a:9c:bc: 3b:79:27:4b:fb:39:63:68:72:30:1a:13:d9:11:87:9e:a6:0a: 42:4b:f5:30:28:a1:e2:08:e0:64:ea:84:cb:2c:fa:3a:3b:2b: 10:fc:9d:22:8d:1a:30:f0:69:16:73:19:c9:c8:b6:8d:49:bb: b5:d7:68:8c:9c:e8:b4:39:5c:54:6a:da:52:16:22:e2:00:a9: 24:57:98:54 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQI/bNx2Tj2sXR0NJk1iuTG/qrmEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJBQzMx RDMzN0FDMzAeFw0yNTEwMDkxODU2NDBaFw0yNTEwMTIyMTE1NDBaMDMxMTAvBgNV BAMTKDAyNEMzQzhENUIwMEI2NzNDM0VGQTgwMTYzQTdBOUI5MkYzQ0NBNjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZf7uxIexIelwSQmjsOnspzvS5 wdv3Mq/Sri8MHx0ZQ7m+5JjyIDAeDkJxI7XL8sk6PmJkz3QtDXX/NPJ+B9/hQ/Fs 5YsiKkUmlJohiW3nC7WC69/2pmKOfl5K12jqfEfsf22Wc+ukQYpx4Ayf8YTtYRBy uDfbRraNs27a/yDBD2BrdWxFdkohg/91FkW3CfbhtXIoWTU6gnUflC8HLrRkQVDz eYQ479Wrf23/Dz4dbsBBktQJC2LYXGUyqczX96LSiGi+ALXznLXAhmlW4JA3vQ7e evUTy28WSOuUGwqfL70KGQFhIXIP3CNTbDLGTcBx1geH2CQjlA4HyhJlvz1FAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUAkw8jVsAtnPD76gBY6epuS88ymYwHwYDVR0j BBgwFoAUhejes4dC45DHv7NLHkq6wx0zesMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 ZDdmOWVmNC1mOTlmLTQ0ZmYtYjk2OC03MGQ0NTI0ZDcyMDcvMC84NUU4REVCMzg3 NDJFMzkwQzdCRkIzNEIxRTRBQkFDMzFEMzM3QUMzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJBQzMxRDMz N0FDMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNmQ3ZjllZjQtZjk5Zi00NGZmLWI5 NjgtNzBkNDUyNGQ3MjA3LzAvODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJB QzMxRDMzN0FDMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAN+9jQop9MZzBglGSl1TFmSuNFm0MR+63OmS y4ODZBdmt6WAlNbef2LtkFFqbvGjCeoRb8kJy1PsH1hZoWrSWvSB8Nqc/H+YF5t0 QwKYZfyWxKYIL4Xz445G/UxMhfXWlotPLJ0CcSXj3T+G86EsvJs5psaT1uwuJGHm mqzKIxPSgIw7kngbIrMPp8/FO7hwDrSZyDxYr9cnPNTKQ9RqT15og+mOhfUg98os Ck8/1ljP7FqcvDt5J0v7OWNocjAaE9kRh56mCkJL9TAooeII4GTqhMss+jo7KxD8 nSKNGjDwaRZzGcnIto1Ju7XXaIyc6LQ5XFRq2lIWIuIAqSRXmFQ= -----END CERTIFICATE-----Generated at Sat Oct 11 13:07:49 2025 by rpki-client