$ rpki-client -vvf repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft File: 4AA76DED689FD4420809D0962087A03BCF018FEA.mft (raw, json) Hash identifier: VwiibgYmKQeYtCg9tAxTkAFNEDSsbrtvYnZoFbVmi2Y= Subject key identifier: 9B:80:89:41:3E:03:C6:6B:AF:1B:B0:2F:F7:87:04:24:54:05:95:2F Authority key identifier: 4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA Certificate issuer: /CN=4AA76DED689FD4420809D0962087A03BCF018FEA Certificate serial: 5DA3F4130AF0618909C442527272B40693A07040 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft Manifest number: C3 Signing time: Sun 07 Sep 2025 06:31:40 +0000 Manifest this update: Sun 07 Sep 2025 06:26:40 +0000 Manifest next update: Wed 10 Sep 2025 11:08:40 +0000 Files and hashes: 1: 3130332e39392e3133372e302f32342d3234203d3e20313531353735.roa (hash: qGUv354O5bgjhTMZ45JMcvyFGWQg1EdVxERPegJoKCQ=) 2: 3130332e39392e3133362e302f32342d3234203d3e20313531353735.roa (hash: 2CpAucK+rvU21eAZmyDV5IqqR6dCAIafzExn8g2LOMw=) 3: 3130332e39392e3133362e302f32332d3233203d3e20313531353735.roa (hash: bYo0zSG/Y+l/kRQWqzhvCy7R5Romzqih1iDCz89t3mk=) 4: 4AA76DED689FD4420809D0962087A03BCF018FEA.crl (hash: 5nQmYHbwM0duLA1f1tMlJ7wYJ8xklO5yULqrCqwMRss=) 5: 323030313a6466343a3763303a3a2f34382d3438203d3e20313531353735.roa (hash: khEVLFQtH+a45cc9yGf67pi2XkwhJ0LBpc+mc2azWiQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 10:23:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:a3:f4:13:0a:f0:61:89:09:c4:42:52:72:72:b4:06:93:a0:70:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4AA76DED689FD4420809D0962087A03BCF018FEA Validity Not Before: Sep 7 06:26:40 2025 GMT Not After : Sep 10 11:08:40 2025 GMT Subject: CN=9B8089413E03C66BAF1BB02FF78704245405952F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:aa:ae:a7:e0:08:26:f3:40:67:96:4c:a6:2e: b9:95:24:ce:28:83:b9:2d:22:83:57:78:bf:14:09: df:05:20:df:f9:b3:b8:68:80:1a:92:17:95:7b:9b: e9:c7:f3:a4:33:b6:d9:57:99:0b:84:47:3d:e1:2a: b5:8a:1a:49:26:97:d6:21:a0:12:9d:24:f2:37:b6: 81:b9:68:a3:e7:82:35:0a:dc:87:98:74:c7:6a:a8: 15:c0:c3:ab:85:a2:f7:c3:1e:09:ff:5f:84:1e:9a: b9:f8:ec:98:99:35:b6:8a:0e:dd:3d:3f:8e:34:26: 6a:8a:87:37:cd:b6:96:42:44:43:1d:40:89:75:87: de:29:16:2b:b6:00:41:b4:ba:12:44:f9:e5:e6:b8: 8e:b4:62:de:39:30:71:54:22:6b:86:fc:84:db:d7: fe:c6:bf:8f:80:16:c8:55:eb:eb:d8:f6:89:cd:c3: d9:41:5a:87:8b:ba:86:40:62:ef:ea:3f:99:9a:94: 52:8a:86:d4:5f:ef:7d:99:45:e3:27:8e:ca:0c:2f: eb:99:3a:78:77:d0:3f:ad:95:65:4a:67:af:df:b9: 10:57:d4:6f:26:9d:24:eb:d6:8b:95:0e:5d:e2:2b: a2:24:6c:7b:24:c1:5e:b1:7d:61:59:c4:8b:4c:1e: 8b:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:80:89:41:3E:03:C6:6B:AF:1B:B0:2F:F7:87:04:24:54:05:95:2F X509v3 Authority Key Identifier: keyid:4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:1a:8c:0b:ee:9e:bd:23:98:65:af:7e:18:bf:70:00:95:87: 12:ea:d5:95:4c:c6:20:13:77:c6:2b:81:8d:6c:05:a9:71:d4: 89:62:e9:fc:c7:f5:f7:c9:52:0a:79:a5:e6:e3:10:f2:77:25: ac:73:93:ac:97:35:98:f7:12:68:26:26:9b:94:d4:61:31:44: 69:84:99:a8:1e:c5:a0:05:e8:d5:27:95:73:49:f1:2f:93:53: f0:ab:40:45:1b:94:84:fa:8e:cc:20:16:ec:14:a4:03:1a:25: f9:6c:11:6d:9f:b5:29:5e:c7:7b:02:95:dd:36:48:73:ce:8c: 57:5f:2d:37:95:87:5a:aa:6d:3d:e1:6b:90:55:92:d4:0e:c5: e5:05:3b:53:66:83:16:19:fa:6b:ff:e6:89:a6:32:fe:49:26: 40:3c:be:96:18:6a:a3:c1:4e:90:19:da:82:93:e8:c1:b8:7f: 00:d0:83:a8:45:20:9f:f1:29:12:ef:65:ff:06:8f:0a:81:4e: 04:2e:26:07:64:43:9b:ce:85:a4:07:e8:e7:f8:b4:7b:a0:42: eb:a4:b4:ac:a2:0f:e4:2a:a1:74:f4:60:e5:d6:e1:15:b8:a3: 65:12:93:3b:55:1c:36:1c:6b:67:7d:ee:a8:a9:0d:7a:a6:bb: 8f:fc:24:33 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXaP0EwrwYYkJxEJScnK0BpOgcEAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JD RjAxOEZFQTAeFw0yNTA5MDcwNjI2NDBaFw0yNTA5MTAxMTA4NDBaMDMxMTAvBgNV BAMTKDlCODA4OTQxM0UwM0M2NkJBRjFCQjAyRkY3ODcwNDI0NTQwNTk1MkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVqq6n4Agm80BnlkymLrmVJM4o g7ktIoNXeL8UCd8FIN/5s7hogBqSF5V7m+nH86QzttlXmQuERz3hKrWKGkkml9Yh oBKdJPI3toG5aKPngjUK3IeYdMdqqBXAw6uFovfDHgn/X4Qemrn47JiZNbaKDt09 P440JmqKhzfNtpZCREMdQIl1h94pFiu2AEG0uhJE+eXmuI60Yt45MHFUImuG/ITb 1/7Gv4+AFshV6+vY9onNw9lBWoeLuoZAYu/qP5malFKKhtRf732ZReMnjsoML+uZ Onh30D+tlWVKZ6/fuRBX1G8mnSTr1ouVDl3iK6IkbHskwV6xfWFZxItMHos5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUm4CJQT4DxmuvG7Av94cEJFQFlS8wHwYDVR0j BBgwFoAUSqdt7Wif1EIICdCWIIegO88Bj+owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YzI4MGFmMy1hYTFkLTQyNzEtOGMwNi1hM2ZhMjg4OTg0MjYvMC80QUE3NkRFRDY4 OUZENDQyMDgwOUQwOTYyMDg3QTAzQkNGMDE4RkVBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JDRjAx OEZFQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmMyODBhZjMtYWExZC00MjcxLThj MDYtYTNmYTI4ODk4NDI2LzAvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0Ew M0JDRjAxOEZFQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAC0ajAvunr0jmGWvfhi/cACVhxLq1ZVMxiAT d8YrgY1sBalx1Ili6fzH9ffJUgp5pebjEPJ3Jaxzk6yXNZj3EmgmJpuU1GExRGmE magexaAF6NUnlXNJ8S+TU/CrQEUblIT6jswgFuwUpAMaJflsEW2ftSlex3sCld02 SHPOjFdfLTeVh1qqbT3ha5BVktQOxeUFO1NmgxYZ+mv/5ommMv5JJkA8vpYYaqPB TpAZ2oKT6MG4fwDQg6hFIJ/xKRLvZf8GjwqBTgQuJgdkQ5vOhaQH6Of4tHugQuuk tKyiD+QqoXT0YOXW4RW4o2USkztVHDYca2d97qipDXqmu4/8JDM= -----END CERTIFICATE-----Generated at Sun Sep 7 15:34:15 2025 by rpki-client