$ rpki-client -vvf repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/85735A4922D529215199E6F4D6829DF68512E117.mft File: 85735A4922D529215199E6F4D6829DF68512E117.mft (raw, json) Hash identifier: ucNzaQC/fQDn3bqPtPlm4Z5ZeSS7BV8LIgkgEdL4kGQ= Subject key identifier: 7B:0D:BB:43:9D:D4:35:EA:65:27:98:BF:79:D6:87:2B:1B:3C:3A:23 Authority key identifier: 85:73:5A:49:22:D5:29:21:51:99:E6:F4:D6:82:9D:F6:85:12:E1:17 Certificate issuer: /CN=85735A4922D529215199E6F4D6829DF68512E117 Certificate serial: 02FF4AAA201E8A130EC4E6C0BE5ED5D855FF4CC8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/85735A4922D529215199E6F4D6829DF68512E117.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/85735A4922D529215199E6F4D6829DF68512E117.mft Manifest number: CA Signing time: Sun 20 Jul 2025 13:42:17 +0000 Manifest this update: Sun 20 Jul 2025 13:37:17 +0000 Manifest next update: Wed 23 Jul 2025 19:58:17 +0000 Files and hashes: 1: 3135372e36362e33342e302f32332d3234203d3e203535363838.roa (hash: ZYRFgg3YsM3yKUn62KsbkyrpaJzgLMKU6Z815DCOnrQ=) 2: 85735A4922D529215199E6F4D6829DF68512E117.crl (hash: vKbBlgLLBssFG6oK1l0/mF4QrO/OxtGOM+bUmgmPAXY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/85735A4922D529215199E6F4D6829DF68512E117.crl rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/85735A4922D529215199E6F4D6829DF68512E117.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/85735A4922D529215199E6F4D6829DF68512E117.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Jul 2025 19:58:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:ff:4a:aa:20:1e:8a:13:0e:c4:e6:c0:be:5e:d5:d8:55:ff:4c:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85735A4922D529215199E6F4D6829DF68512E117 Validity Not Before: Jul 20 13:37:17 2025 GMT Not After : Jul 23 19:58:17 2025 GMT Subject: CN=7B0DBB439DD435EA652798BF79D6872B1B3C3A23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:fd:55:23:45:7e:b4:7c:8c:e9:84:bb:0a:d1: d2:27:03:7a:e5:6f:e4:83:51:0e:03:fd:59:80:6e: 57:15:59:86:7f:12:6a:47:8f:73:6e:cd:73:2f:1a: 49:d9:32:fd:c4:06:a6:c5:0e:34:74:2f:25:ee:23: 28:e9:c2:15:c4:8d:bb:e5:ea:7a:f4:c9:63:35:4b: f0:b5:02:30:e7:47:1c:7d:f0:09:a4:36:ad:06:f9: 54:fc:4d:46:eb:79:79:df:84:62:1b:fb:73:c5:23: 8f:24:bc:d4:b4:c1:20:e1:a0:7b:dd:f1:e4:6a:f9: a4:0f:a6:8d:14:bb:52:3c:be:16:ec:6b:76:94:26: 7b:01:e8:0e:93:f9:e9:19:24:20:f0:22:92:40:15: 14:01:fa:7b:5c:7c:23:9b:86:7d:14:4b:65:fb:84: cc:9d:ad:e6:59:96:8f:10:c1:42:0a:2e:d8:11:76: bc:7b:55:ca:d4:0e:9f:6c:ae:a1:19:4a:8d:39:db: e6:4e:28:a6:5d:de:97:b6:7d:f1:77:14:6f:e5:dc: d1:a3:5a:ca:e8:fc:eb:67:71:7a:09:99:ab:c4:7a: 16:c9:32:10:64:65:a8:02:45:e0:6a:72:51:70:32: f5:93:0a:4d:12:7a:97:41:4d:b1:3d:60:e4:f7:72: 80:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:0D:BB:43:9D:D4:35:EA:65:27:98:BF:79:D6:87:2B:1B:3C:3A:23 X509v3 Authority Key Identifier: keyid:85:73:5A:49:22:D5:29:21:51:99:E6:F4:D6:82:9D:F6:85:12:E1:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/85735A4922D529215199E6F4D6829DF68512E117.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/85735A4922D529215199E6F4D6829DF68512E117.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/85735A4922D529215199E6F4D6829DF68512E117.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:36:c4:4b:f6:cc:1b:db:b1:39:ee:cf:e2:f8:e8:9e:0c:f6: 8f:e5:cd:0d:09:cc:9f:15:2d:15:f5:6c:c1:92:93:f5:e1:a0: 6e:97:8a:ce:65:8a:35:4b:59:3d:50:de:36:d3:00:22:ad:d2: 4c:92:b1:87:b7:60:97:08:b8:33:8c:3a:a1:b0:0a:dd:1e:cf: ae:5b:43:b1:76:8f:77:18:a8:42:6c:30:6f:f0:b0:02:94:5d: a8:bb:47:2d:76:14:f3:a2:07:44:84:af:be:d1:4b:32:82:1d: 5b:98:04:7f:9d:b7:9e:d8:aa:86:f1:1a:c4:2d:b6:8d:50:83: a6:08:56:46:84:c7:8f:57:b1:14:6d:f1:af:f5:d3:9f:58:18: 45:a9:e4:f5:64:4f:6c:a5:b1:e8:93:b4:4d:16:d0:e8:e6:a3: ae:4a:44:ec:ca:d0:48:4b:e0:4d:6f:93:17:fa:b3:0b:12:e7: 7a:b4:6a:3b:fe:96:39:71:9e:c3:3e:e1:89:f5:7a:dd:a3:46: 3e:ac:35:8c:fe:12:d5:c3:25:b1:0d:89:0f:95:be:af:96:ac: ee:12:77:fd:4d:37:4f:c1:99:5e:90:01:4f:bd:74:62:d2:4e: 8d:f9:9f:ad:14:d1:70:ab:5b:35:63:a6:6c:36:5f:74:f7:5a: 47:ef:ef:a6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUAv9KqiAeihMOxObAvl7V2FX/TMgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODU3MzVBNDkyMkQ1MjkyMTUxOTlFNkY0RDY4MjlERjY4 NTEyRTExNzAeFw0yNTA3MjAxMzM3MTdaFw0yNTA3MjMxOTU4MTdaMDMxMTAvBgNV BAMTKDdCMERCQjQzOURENDM1RUE2NTI3OThCRjc5RDY4NzJCMUIzQzNBMjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn/VUjRX60fIzphLsK0dInA3rl b+SDUQ4D/VmAblcVWYZ/EmpHj3NuzXMvGknZMv3EBqbFDjR0LyXuIyjpwhXEjbvl 6nr0yWM1S/C1AjDnRxx98AmkNq0G+VT8TUbreXnfhGIb+3PFI48kvNS0wSDhoHvd 8eRq+aQPpo0Uu1I8vhbsa3aUJnsB6A6T+ekZJCDwIpJAFRQB+ntcfCObhn0US2X7 hMydreZZlo8QwUIKLtgRdrx7VcrUDp9srqEZSo052+ZOKKZd3pe2ffF3FG/l3NGj Wsro/OtncXoJmavEehbJMhBkZagCReBqclFwMvWTCk0SepdBTbE9YOT3coDrAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUew27Q53UNeplJ5i/edaHKxs8OiMwHwYDVR0j BBgwFoAUhXNaSSLVKSFRmeb01oKd9oUS4RcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YzNlNjhiZC1iMDRjLTRkMzUtODAyMC0wMjkzNjM0MmZiMWQvMC84NTczNUE0OTIy RDUyOTIxNTE5OUU2RjRENjgyOURGNjg1MTJFMTE3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvODU3MzVBNDkyMkQ1MjkyMTUxOTlFNkY0RDY4MjlERjY4NTEy RTExNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2MzZTY4YmQtYjA0Yy00ZDM1LTgw MjAtMDI5MzYzNDJmYjFkLzAvODU3MzVBNDkyMkQ1MjkyMTUxOTlFNkY0RDY4MjlE RjY4NTEyRTExNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIo2xEv2zBvbsTnuz+L46J4M9o/lzQ0JzJ8V LRX1bMGSk/XhoG6Xis5lijVLWT1Q3jbTACKt0kySsYe3YJcIuDOMOqGwCt0ez65b Q7F2j3cYqEJsMG/wsAKUXai7Ry12FPOiB0SEr77RSzKCHVuYBH+dt57YqobxGsQt to1Qg6YIVkaEx49XsRRt8a/1059YGEWp5PVkT2ylseiTtE0W0Ojmo65KROzK0EhL 4E1vkxf6swsS53q0ajv+ljlxnsM+4Yn1et2jRj6sNYz+EtXDJbENiQ+Vvq+WrO4S d/1NN0/BmV6QAU+9dGLSTo35n60U0XCrWzVjpmw2X3T3Wkfv76Y= -----END CERTIFICATE-----Generated at Tue Jul 22 06:15:47 2025 by rpki-client