$ rpki-client -vvf repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft File: 0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft (raw, json) Hash identifier: b8n+twQ46LD5PKUT03C9gF4RSb+SXjJ0RmZsz1P13FE= Subject key identifier: 6C:F5:C8:61:45:14:11:30:2A:57:A6:E8:DC:01:F8:04:E8:EB:4D:80 Authority key identifier: 0B:B4:E9:52:78:9A:C5:02:FA:0C:FB:95:C2:E0:3F:43:44:97:BF:E3 Certificate issuer: /CN=0BB4E952789AC502FA0CFB95C2E03F434497BFE3 Certificate serial: 395B3908BA8DC3E9B7FC9EE391388EE844039ABF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft Manifest number: CA Signing time: Fri 24 Oct 2025 23:52:12 +0000 Manifest this update: Fri 24 Oct 2025 23:47:12 +0000 Manifest next update: Tue 28 Oct 2025 03:18:12 +0000 Files and hashes: 1: 0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl (hash: 0q3G5i3ckYECqUywuuWb/xh+y+9ZTio5iNCUBkYOI6s=) 2: 3130332e3134382e38382e302f32332d3233203d3e20313430343231.roa (hash: l6is4dO0R0PbZ70dLKCH7MsIvztrQYbYg8s+N5j55/w=) 3: 3130332e3134382e38392e302f32342d3234203d3e20313430343231.roa (hash: TZoglv4gVSEGVdYtRZ4lgIJlzz7UT43dp4O+n8rkNNY=) 4: 3130332e3134382e38382e302f32342d3234203d3e20313430343231.roa (hash: neEFe0w5kAvbktE6GbOUZcC2jhb5+07V2Dgm04kOOSQ=) 5: 323030313a6466323a633938303a3a2f34382d3438203d3e20313430343231.roa (hash: S9qtO6NNat29VwWXnPO9Ad1pn0XLAWnDz3QkqSTjTbI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 03:18:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:5b:39:08:ba:8d:c3:e9:b7:fc:9e:e3:91:38:8e:e8:44:03:9a:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0BB4E952789AC502FA0CFB95C2E03F434497BFE3 Validity Not Before: Oct 24 23:47:12 2025 GMT Not After : Oct 28 03:18:12 2025 GMT Subject: CN=6CF5C861451411302A57A6E8DC01F804E8EB4D80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:dc:d9:74:7c:88:95:fe:be:40:04:55:e8:b3: 6e:ca:51:6b:7d:da:72:7e:c7:13:6a:9b:ff:8c:18: 42:7b:08:30:c3:ac:35:43:77:49:84:61:23:49:e4: 88:d8:60:f4:49:55:54:6c:b1:64:2e:c0:b7:ac:02: 0b:07:d0:d1:3c:b9:ba:60:1c:c0:78:6d:f6:31:34: 42:c9:36:21:27:7d:52:6c:39:64:0e:07:8b:9f:8f: 6b:fd:71:ee:11:e3:24:57:e2:ae:77:35:58:3d:c6: cb:eb:7b:1c:b7:86:6b:d0:15:4d:92:b5:1b:94:3a: a7:d4:0b:3b:96:4d:27:f4:92:79:d9:8d:b0:3a:6f: bc:b9:40:1f:65:5c:98:c3:db:35:4e:b2:73:8c:7f: 93:8a:f7:41:8b:6d:74:ef:b9:b4:ac:93:1f:8d:e2: 91:45:1a:69:fa:fc:76:fb:17:37:05:4a:f0:98:12: 45:36:22:4c:f0:68:95:d4:61:3e:88:5c:63:28:31: 4d:26:43:f7:d9:0d:2d:84:b5:f7:20:14:6d:60:33: 43:72:3b:dc:1d:0b:58:79:4b:06:2c:4a:30:d1:3a: 33:14:9c:e1:b5:8f:a0:d4:d9:1e:47:cb:de:6b:27: 9b:52:47:82:24:e7:ae:3b:9a:36:53:a8:d4:ca:48: ab:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:F5:C8:61:45:14:11:30:2A:57:A6:E8:DC:01:F8:04:E8:EB:4D:80 X509v3 Authority Key Identifier: keyid:0B:B4:E9:52:78:9A:C5:02:FA:0C:FB:95:C2:E0:3F:43:44:97:BF:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:7c:97:d8:0f:99:84:3b:69:a5:e5:12:d8:e7:ef:0a:8e:7d: e9:1d:2e:a7:62:55:bd:37:cc:c6:3a:ed:7f:e7:fd:f8:a4:10: c3:a8:57:50:a3:d2:27:be:f5:1d:5f:2c:cf:2f:32:a0:8a:62: 2a:fe:10:9c:de:7e:61:22:c0:29:bb:49:f8:ea:5a:66:5f:d1: bd:03:e5:6b:64:27:39:c6:36:37:eb:7b:26:df:32:12:42:76: 0b:e1:aa:e3:b0:db:ef:87:72:55:55:89:2a:e7:f3:33:3d:f2: fd:a2:fd:0b:f6:5e:76:28:3a:da:0f:c4:0b:12:e7:71:69:84: d7:e6:7b:57:12:7c:d7:bd:21:67:35:e1:09:87:46:06:f3:9d: c0:6d:0c:8f:8b:8e:56:2a:48:6f:91:ce:3d:60:eb:2f:37:34: 32:e6:11:98:24:fb:1c:9a:24:d5:53:ec:f5:36:64:1d:b3:13: 80:bd:45:da:65:fd:e7:5e:0c:1f:54:0e:52:21:f7:cb:43:b1: 5c:1a:5e:40:54:a8:c8:80:4a:19:a5:d7:06:29:4b:79:92:0b: 7a:d8:d8:bb:97:54:1a:a0:32:a3:2a:54:77:de:5d:1d:2a:32: a8:03:e5:74:2b:44:7b:af:b9:f5:60:10:fc:61:4d:c5:3a:4f: 00:e1:c1:e4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOVs5CLqNw+m3/J7jkTiO6EQDmr8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNGNDM0 NDk3QkZFMzAeFw0yNTEwMjQyMzQ3MTJaFw0yNTEwMjgwMzE4MTJaMDMxMTAvBgNV BAMTKDZDRjVDODYxNDUxNDExMzAyQTU3QTZFOERDMDFGODA0RThFQjREODAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH3Nl0fIiV/r5ABFXos27KUWt9 2nJ+xxNqm/+MGEJ7CDDDrDVDd0mEYSNJ5IjYYPRJVVRssWQuwLesAgsH0NE8ubpg HMB4bfYxNELJNiEnfVJsOWQOB4ufj2v9ce4R4yRX4q53NVg9xsvrexy3hmvQFU2S tRuUOqfUCzuWTSf0knnZjbA6b7y5QB9lXJjD2zVOsnOMf5OK90GLbXTvubSskx+N 4pFFGmn6/Hb7FzcFSvCYEkU2IkzwaJXUYT6IXGMoMU0mQ/fZDS2EtfcgFG1gM0Ny O9wdC1h5SwYsSjDROjMUnOG1j6DU2R5Hy95rJ5tSR4Ik5647mjZTqNTKSKujAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUbPXIYUUUETAqV6bo3AH4BOjrTYAwHwYDVR0j BBgwFoAUC7TpUniaxQL6DPuVwuA/Q0SXv+MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YjcyZWNhNC03M2FkLTRlMGItYTZhNi03YTY1Njk4YjczYmUvMC8wQkI0RTk1Mjc4 OUFDNTAyRkEwQ0ZCOTVDMkUwM0Y0MzQ0OTdCRkUzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNGNDM0NDk3 QkZFMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGI3MmVjYTQtNzNhZC00ZTBiLWE2 YTYtN2E2NTY5OGI3M2JlLzAvMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNG NDM0NDk3QkZFMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKh8l9gPmYQ7aaXlEtjn7wqOfekdLqdiVb03 zMY67X/n/fikEMOoV1Cj0ie+9R1fLM8vMqCKYir+EJzefmEiwCm7SfjqWmZf0b0D 5WtkJznGNjfreybfMhJCdgvhquOw2++HclVViSrn8zM98v2i/Qv2XnYoOtoPxAsS 53FphNfme1cSfNe9IWc14QmHRgbzncBtDI+LjlYqSG+Rzj1g6y83NDLmEZgk+xya JNVT7PU2ZB2zE4C9Rdpl/edeDB9UDlIh98tDsVwaXkBUqMiAShml1wYpS3mSC3rY 2LuXVBqgMqMqVHfeXR0qMqgD5XQrRHuvufVgEPxhTcU6TwDhweQ= -----END CERTIFICATE-----Generated at Mon Oct 27 03:08:46 2025 by rpki-client