$ rpki-client -vvf repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft File: 3CA825E93FE8830376EF386786BF847CB239BE70.mft (raw, json) Hash identifier: 3jjeUtoYM0EEaMzw+iB2ydWMFtHwNzoyvnpDmcsrojM= Subject key identifier: 8F:9E:EC:30:37:17:DE:74:F8:1A:84:E4:94:9F:1A:12:50:9E:D0:5B Authority key identifier: 3C:A8:25:E9:3F:E8:83:03:76:EF:38:67:86:BF:84:7C:B2:39:BE:70 Certificate issuer: /CN=3CA825E93FE8830376EF386786BF847CB239BE70 Certificate serial: 2A0EA7A645D7CDD9BE95F690D60D12815E3B5715 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3CA825E93FE8830376EF386786BF847CB239BE70.cer Subject info access: rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft Manifest number: 0505 Signing time: Mon 08 Sep 2025 00:01:45 +0000 Manifest this update: Sun 07 Sep 2025 23:56:45 +0000 Manifest next update: Thu 11 Sep 2025 01:06:45 +0000 Files and hashes: 1: 3131392e38322e3232342e302f32302d3234203d3e203234323133.roa (hash: rMCMSl1s+WWM7uToBUHib02Gf8GW78oaPsE3tZQeKpc=) 2: 3130332e38332e39322e302f32322d3234203d3e20313331313131.roa (hash: 7BaUBkYi576UVLsHbTQQnc27jnKH4uxS8EK0pK4qmYo=) 3: 3CA825E93FE8830376EF386786BF847CB239BE70.crl (hash: 4ACSeverBVVnfhDWF8eyuTC9h1AH3j896MW3Ordhcyg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.crl rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3CA825E93FE8830376EF386786BF847CB239BE70.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 01:06:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:0e:a7:a6:45:d7:cd:d9:be:95:f6:90:d6:0d:12:81:5e:3b:57:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3CA825E93FE8830376EF386786BF847CB239BE70 Validity Not Before: Sep 7 23:56:45 2025 GMT Not After : Sep 11 01:06:45 2025 GMT Subject: CN=8F9EEC303717DE74F81A84E4949F1A12509ED05B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:96:5e:11:37:58:5f:a7:eb:ed:39:23:37:82: b0:d6:77:ed:6a:4d:f0:e9:7a:de:d9:e3:43:60:e3: b1:4c:8b:76:2e:12:9e:2d:fa:9f:72:30:7c:46:a6: c2:b7:c2:99:a5:17:64:24:1a:2a:78:3c:00:bb:ba: 46:b2:88:26:0f:b9:c9:d7:cd:0a:7b:1d:cc:5a:d8: d9:0e:f9:6c:79:7c:0c:97:5b:b8:68:79:eb:3a:6a: f1:c1:58:a8:be:c0:73:04:96:12:c1:c9:37:46:a9: 53:19:2b:f5:ce:ca:c1:c6:99:d5:9d:48:4c:07:df: bf:6c:43:89:9b:8a:ff:80:23:9b:2a:3b:cf:a1:8a: 0c:fa:a2:d1:78:1f:2a:55:3c:3d:4d:00:4b:c5:e8: 08:d7:21:11:05:2d:fd:a6:42:0c:29:e5:ea:78:cd: 7f:43:e6:16:87:a8:b7:dd:fe:7b:ee:7a:56:57:98: ee:ad:a9:f0:a5:ae:6f:b6:84:5e:0c:e9:b5:8d:e4: 7f:2d:d3:44:39:67:79:29:96:a7:fe:92:dd:d9:a9: 87:a1:36:02:10:bd:8a:16:e3:b2:67:43:b5:49:00: 3d:00:0a:01:e2:0a:41:aa:03:a9:72:44:21:a2:7a: 58:02:6c:a2:9b:4d:f1:d4:c3:f0:ce:01:d5:ba:34: d0:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:9E:EC:30:37:17:DE:74:F8:1A:84:E4:94:9F:1A:12:50:9E:D0:5B X509v3 Authority Key Identifier: keyid:3C:A8:25:E9:3F:E8:83:03:76:EF:38:67:86:BF:84:7C:B2:39:BE:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3CA825E93FE8830376EF386786BF847CB239BE70.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/3CA825E93FE8830376EF386786BF847CB239BE70.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:aa:f0:96:cd:68:2f:3c:fd:07:06:4c:78:5b:cf:21:d5:1e: a3:12:c1:05:31:ce:8f:af:91:4c:63:79:04:5a:f1:c9:f2:67: 53:32:0a:e1:09:ed:5e:0e:4f:2e:9b:36:52:05:48:71:aa:a5: 23:95:90:cf:b3:b1:b1:50:22:6f:e2:f0:2c:da:5d:12:9d:f0: 60:36:34:48:90:3c:ef:f0:d3:a9:fe:17:e9:d7:0f:15:5b:3c: c2:9c:6d:da:ae:25:2c:70:3e:52:39:cc:2a:26:e9:f4:10:e6: f2:60:c1:cd:0c:f6:d2:52:92:2a:5d:42:5c:73:df:fe:cc:b1: 18:58:65:8a:02:2a:e5:bb:85:db:b9:99:52:8d:10:d8:d0:0c: 37:50:29:5e:76:22:73:9e:58:4e:82:cb:36:2b:73:e2:01:91: d7:6f:0a:c5:95:3f:2a:fc:dd:0d:26:b5:25:f6:64:fd:76:77: 80:14:2f:31:94:57:73:10:c8:44:c1:cd:48:cb:7d:5d:dd:28: 5e:68:0c:01:ba:97:e0:a3:6a:26:e7:1c:f9:89:ab:35:4f:ce: 7c:4a:28:db:75:6f:3b:b9:62:d5:d8:af:47:da:4e:b9:09:ba: f1:9b:66:e9:e7:33:ec:c5:f7:3d:72:fd:01:7b:f4:f1:14:90: 30:00:5e:06 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKg6npkXXzdm+lfaQ1g0SgV47VxUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0NBODI1RTkzRkU4ODMwMzc2RUYzODY3ODZCRjg0N0NC MjM5QkU3MDAeFw0yNTA5MDcyMzU2NDVaFw0yNTA5MTEwMTA2NDVaMDMxMTAvBgNV BAMTKDhGOUVFQzMwMzcxN0RFNzRGODFBODRFNDk0OUYxQTEyNTA5RUQwNUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvll4RN1hfp+vtOSM3grDWd+1q TfDpet7Z40Ng47FMi3YuEp4t+p9yMHxGpsK3wpmlF2QkGip4PAC7ukayiCYPucnX zQp7Hcxa2NkO+Wx5fAyXW7hoees6avHBWKi+wHMElhLByTdGqVMZK/XOysHGmdWd SEwH379sQ4mbiv+AI5sqO8+higz6otF4HypVPD1NAEvF6AjXIREFLf2mQgwp5ep4 zX9D5haHqLfd/nvuelZXmO6tqfClrm+2hF4M6bWN5H8t00Q5Z3kplqf+kt3ZqYeh NgIQvYoW47JnQ7VJAD0ACgHiCkGqA6lyRCGielgCbKKbTfHUw/DOAdW6NNBdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUj57sMDcX3nT4GoTklJ8aElCe0FswHwYDVR0j BBgwFoAUPKgl6T/ogwN27zhnhr+EfLI5vnAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w OGI4YzFiNS0zYmU4LTRhYTctYTRjNi0yMWJjYzhmM2ZhNDAvMC8zQ0E4MjVFOTNG RTg4MzAzNzZFRjM4Njc4NkJGODQ3Q0IyMzlCRTcwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0NBODI1RTkzRkU4ODMwMzc2RUYzODY3ODZCRjg0N0NCMjM5 QkU3MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDhiOGMxYjUtM2JlOC00YWE3LWE0 YzYtMjFiY2M4ZjNmYTQwLzAvM0NBODI1RTkzRkU4ODMwMzc2RUYzODY3ODZCRjg0 N0NCMjM5QkU3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGOq8JbNaC88/QcGTHhbzyHVHqMSwQUxzo+v kUxjeQRa8cnyZ1MyCuEJ7V4OTy6bNlIFSHGqpSOVkM+zsbFQIm/i8CzaXRKd8GA2 NEiQPO/w06n+F+nXDxVbPMKcbdquJSxwPlI5zCom6fQQ5vJgwc0M9tJSkipdQlxz 3/7MsRhYZYoCKuW7hdu5mVKNENjQDDdQKV52InOeWE6CyzYrc+IBkddvCsWVPyr8 3Q0mtSX2ZP12d4AULzGUV3MQyETBzUjLfV3dKF5oDAG6l+CjaibnHPmJqzVPznxK KNt1bzu5YtXYr0faTrkJuvGbZunnM+zF9z1y/QF79PEUkDAAXgY= -----END CERTIFICATE-----Generated at Tue Sep 9 04:17:21 2025 by rpki-client