$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: 7+dZRtQLitKljjOTd35vHsumctwAYRjoGU6HvyA3Fu0= Subject key identifier: FB:C8:15:BD:AF:06:02:8B:61:80:2D:11:AB:07:83:6A:D7:7F:BA:3D Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 6BAE96B502416559D4576C50B3FB0B75BD131FD5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 0505 Signing time: Sun 07 Sep 2025 11:00:57 +0000 Manifest this update: Sun 07 Sep 2025 10:55:57 +0000 Manifest next update: Wed 10 Sep 2025 22:03:57 +0000 Files and hashes: 1: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) 2: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: 43ScMK1xGJHkc43OYqRAxNw2Nmb59FaJi1G0FFtsD2M=) 3: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) 4: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: I/tiZ9fGZCcFDzLtMzZ0a+pTxpWxaeEc5ypB5t+7ekI=) 5: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 10:23:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:ae:96:b5:02:41:65:59:d4:57:6c:50:b3:fb:0b:75:bd:13:1f:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Sep 7 10:55:57 2025 GMT Not After : Sep 10 22:03:57 2025 GMT Subject: CN=FBC815BDAF06028B61802D11AB07836AD77FBA3D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d6:23:21:a0:40:68:70:9a:cf:c5:c9:54:6b: 2b:dc:d6:b4:1a:4f:39:c3:3c:df:a2:23:14:5e:dc: 77:1d:9b:9f:75:37:dc:96:88:9e:cc:dd:a7:ee:5d: 69:e9:53:4c:6c:d0:d5:59:09:d6:dc:bc:a7:13:02: d3:5c:20:63:bb:ac:77:6d:4e:fa:d8:49:2e:21:48: 81:a0:ff:85:78:5a:86:3e:48:b4:9b:63:b5:69:fb: c5:03:54:20:6b:67:54:7b:83:5f:85:71:98:4d:8d: d7:24:b2:94:56:ab:ba:f8:d7:c6:92:5a:72:9e:79: 6f:ce:ec:fa:39:95:05:9b:0c:30:d3:65:1b:2f:6c: 1a:67:e8:48:a1:6c:00:4d:9c:bd:6b:08:51:d6:60: 99:bb:01:3e:d2:67:20:89:e0:e6:0b:65:c5:f3:85: c1:72:f6:2c:27:e5:8b:6f:a1:69:a2:bf:07:65:e9: 7b:cf:4c:45:2c:12:9c:1e:0e:0d:76:9d:d7:cd:5d: 94:3e:3a:3a:2e:66:a6:f5:71:09:43:55:11:8a:2c: 13:de:39:f2:0a:b0:ca:e0:f9:ad:44:3f:f6:9b:a4: 41:24:96:fa:ee:e8:44:f3:60:e9:7c:d9:c0:66:23: 94:5d:ff:63:e9:c1:ab:5a:ec:84:f9:96:41:5a:30: 87:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:C8:15:BD:AF:06:02:8B:61:80:2D:11:AB:07:83:6A:D7:7F:BA:3D X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:f3:ff:76:b4:5f:d3:d4:23:76:02:0b:55:51:73:45:3c:55: 5c:a9:21:df:06:e4:58:2c:b4:0c:d3:62:05:ee:07:79:ab:25: f9:c6:c4:37:70:f6:f4:f0:30:82:d5:0a:2d:44:48:d9:f9:e3: dd:ba:de:91:b4:ef:e1:ff:30:fa:36:f5:1e:96:c0:bd:48:1c: fb:fd:71:06:8d:a2:4d:ae:7a:73:88:c5:59:52:7c:1c:4f:73: 41:ba:e5:7f:39:10:8d:fe:1b:b8:01:32:1f:8b:5e:aa:1b:cc: 7e:02:65:02:a1:8d:1d:bb:46:0f:be:1b:6e:84:35:ab:04:5c: 7c:a0:63:c0:e2:b1:a8:4e:4d:16:26:df:c4:f7:9e:bb:e3:62: c4:77:58:92:45:16:df:fe:ab:ab:3f:4b:79:21:59:29:0e:fa: 21:6c:12:55:3d:be:e9:f4:9a:a2:c6:8a:21:51:40:4d:b9:4f: 03:86:03:f0:75:a6:60:18:96:76:42:75:24:9a:60:8a:a8:20: 8d:eb:6a:f8:c8:2d:09:b8:f3:f7:89:b6:c4:fe:d5:e7:d2:5f: 20:ca:5c:ef:96:85:ed:2a:32:4d:4d:a3:e2:b5:5e:aa:64:e9: 64:72:86:77:c9:89:5e:27:dd:a6:08:ec:36:22:76:85:b4:bb: 82:8d:1c:e4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUa66WtQJBZVnUV2xQs/sLdb0TH9UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNTA5MDcxMDU1NTdaFw0yNTA5MTAyMjAzNTdaMDMxMTAvBgNV BAMTKEZCQzgxNUJEQUYwNjAyOEI2MTgwMkQxMUFCMDc4MzZBRDc3RkJBM0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq1iMhoEBocJrPxclUayvc1rQa TznDPN+iIxRe3Hcdm591N9yWiJ7M3afuXWnpU0xs0NVZCdbcvKcTAtNcIGO7rHdt TvrYSS4hSIGg/4V4WoY+SLSbY7Vp+8UDVCBrZ1R7g1+FcZhNjdckspRWq7r418aS WnKeeW/O7Po5lQWbDDDTZRsvbBpn6EihbABNnL1rCFHWYJm7AT7SZyCJ4OYLZcXz hcFy9iwn5YtvoWmivwdl6XvPTEUsEpweDg12ndfNXZQ+OjouZqb1cQlDVRGKLBPe OfIKsMrg+a1EP/abpEEklvru6ETzYOl82cBmI5Rd/2Ppwata7IT5lkFaMIfnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU+8gVva8GAothgC0RqweDatd/uj0wHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACbz/3a0X9PUI3YCC1VRc0U8VVypId8G5Fgs tAzTYgXuB3mrJfnGxDdw9vTwMILVCi1ESNn549263pG07+H/MPo29R6WwL1IHPv9 cQaNok2uenOIxVlSfBxPc0G65X85EI3+G7gBMh+LXqobzH4CZQKhjR27Rg++G26E NasEXHygY8DisahOTRYm38T3nrvjYsR3WJJFFt/+q6s/S3khWSkO+iFsElU9vun0 mqLGiiFRQE25TwOGA/B1pmAYlnZCdSSaYIqoII3ravjILQm48/eJtsT+1efSXyDK XO+Whe0qMk1No+K1Xqpk6WRyhnfJiV4n3aYI7DYidoW0u4KNHOQ= -----END CERTIFICATE-----Generated at Sun Sep 7 13:59:51 2025 by rpki-client