$ rpki-client -vvf repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft File: 5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft (raw, json) Hash identifier: hzvXR+m5QDHW2QLBHGv3nMH9OASWxWlkqeBj+hjJEwg= Subject key identifier: 93:32:5A:DD:68:C4:DC:0D:95:18:3A:29:94:75:D6:B9:82:35:02:F0 Authority key identifier: 5B:D3:41:A6:D4:6A:F5:2C:FF:23:A5:D1:E2:58:94:94:EE:AC:A2:70 Certificate issuer: /CN=5BD341A6D46AF52CFF23A5D1E2589494EEACA270 Certificate serial: 024438C712B535EDFAAE29B290152A492218D30F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft Manifest number: 028A Signing time: Thu 04 Sep 2025 06:00:50 +0000 Manifest this update: Thu 04 Sep 2025 05:55:50 +0000 Manifest next update: Sun 07 Sep 2025 12:42:50 +0000 Files and hashes: 1: 5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl (hash: kRX3SjfdQsn7pMxDwl7LN0bNgIt0xBqdIKiY5Wj1oGk=) 2: 3130332e3137392e36362e302f32332d3234203d3e20313531303030.roa (hash: 3ytI4WNdkarTA98AKzILbdHeDtsgun+xePSvAI/3j/w=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 12:42:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:44:38:c7:12:b5:35:ed:fa:ae:29:b2:90:15:2a:49:22:18:d3:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5BD341A6D46AF52CFF23A5D1E2589494EEACA270 Validity Not Before: Sep 4 05:55:50 2025 GMT Not After : Sep 7 12:42:50 2025 GMT Subject: CN=93325ADD68C4DC0D95183A299475D6B9823502F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:b9:97:ca:e4:2e:4f:ed:60:0a:d8:dc:d9:80: 8e:21:88:9f:1a:20:e8:64:45:77:a3:cc:88:f2:8e: d1:f4:31:c0:d2:64:9a:9e:60:b9:39:fb:47:eb:17: c9:23:3d:39:ba:7c:6c:9c:0c:32:76:6b:01:21:98: 36:fd:dd:d0:f9:9a:ac:37:f9:24:c2:eb:2f:96:d7: 86:7d:12:4e:bf:19:24:c6:d3:92:51:3e:ca:86:4d: b1:8a:0d:b6:58:55:f0:65:ba:cf:be:db:e9:63:f4: 8e:c2:32:7d:9b:08:a9:c2:e9:d6:67:a7:54:1d:64: 03:5e:c2:8e:d8:b2:39:ca:67:ee:0c:6c:c2:ea:6b: 0f:80:74:73:2c:0a:46:7d:ef:af:12:1e:9c:a9:4a: 0f:31:d8:2e:ef:b8:c2:75:11:28:3f:eb:de:b0:2a: de:fe:00:45:98:b1:5d:9d:0d:c1:61:e4:7c:03:53: bb:00:2c:99:7e:82:cd:c7:77:ba:b8:5f:8c:92:11: bf:d3:07:cb:26:4f:f4:16:98:cb:8a:0c:e3:d7:6f: 45:43:83:3b:69:ad:3b:78:d4:c2:6d:18:94:0a:0d: 49:a4:87:b0:a3:c1:8f:8b:7b:37:6b:d9:33:84:49: 57:4d:45:c1:3e:09:c3:36:b1:9a:09:b2:db:a7:61: 47:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:32:5A:DD:68:C4:DC:0D:95:18:3A:29:94:75:D6:B9:82:35:02:F0 X509v3 Authority Key Identifier: keyid:5B:D3:41:A6:D4:6A:F5:2C:FF:23:A5:D1:E2:58:94:94:EE:AC:A2:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:71:85:fd:c6:58:b5:8f:60:60:62:9a:28:08:8c:a4:ed:42: c1:bd:0f:a8:30:36:67:1b:a4:02:35:97:d9:a7:3d:8e:66:e0: 57:09:91:26:75:1a:1c:f3:6d:b0:56:7f:09:90:d0:01:2c:4e: 47:cd:b8:a0:a7:37:d7:72:9b:8e:66:ee:a7:40:54:1f:6e:0c: 24:8c:b0:80:53:7b:9a:12:1a:0e:46:3c:6a:05:86:8c:56:e1: 84:73:12:a3:38:df:81:54:42:d8:3d:16:2b:9c:4f:9d:b7:b8: 42:66:55:b7:6c:04:57:ef:61:85:b2:cb:c4:a7:c0:50:f5:e1: d2:75:6a:8a:e6:24:df:54:38:30:9e:32:b2:d4:b9:56:b0:03: 9a:49:ee:84:03:c6:83:09:aa:ec:7a:1b:d7:66:dc:c9:d5:c9: 9c:fc:07:ed:40:28:2b:0e:d1:f9:d6:09:1b:94:56:00:11:21: 3a:71:bd:4b:55:7a:90:f7:15:84:61:bf:cc:4c:ab:f6:ec:95: c9:e8:50:b5:52:c3:d0:44:f1:87:47:63:6a:4c:c4:e1:ae:55: 61:24:c3:62:2c:06:4d:0a:85:55:22:99:18:26:bf:b5:61:a3: 55:56:ac:93:dc:e2:b0:b3:a2:49:8a:9d:52:6f:b1:f6:4d:50: ee:6b:27:d5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUAkQ4xxK1Ne36rimykBUqSSIY0w8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0OTRF RUFDQTI3MDAeFw0yNTA5MDQwNTU1NTBaFw0yNTA5MDcxMjQyNTBaMDMxMTAvBgNV BAMTKDkzMzI1QURENjhDNERDMEQ5NTE4M0EyOTk0NzVENkI5ODIzNTAyRjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiuZfK5C5P7WAK2NzZgI4hiJ8a IOhkRXejzIjyjtH0McDSZJqeYLk5+0frF8kjPTm6fGycDDJ2awEhmDb93dD5mqw3 +STC6y+W14Z9Ek6/GSTG05JRPsqGTbGKDbZYVfBlus++2+lj9I7CMn2bCKnC6dZn p1QdZANewo7YsjnKZ+4MbMLqaw+AdHMsCkZ9768SHpypSg8x2C7vuMJ1ESg/696w Kt7+AEWYsV2dDcFh5HwDU7sALJl+gs3Hd7q4X4ySEb/TB8smT/QWmMuKDOPXb0VD gztprTt41MJtGJQKDUmkh7CjwY+Lezdr2TOESVdNRcE+CcM2sZoJstunYUcDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUkzJa3WjE3A2VGDoplHXWuYI1AvAwHwYDVR0j BBgwFoAUW9NBptRq9Sz/I6XR4liUlO6sonAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZTEyNzQzZC1kNTZkLTRhNzctOTBlMi1jNTJlNmRmZTA2YzIvMC81QkQzNDFBNkQ0 NkFGNTJDRkYyM0E1RDFFMjU4OTQ5NEVFQUNBMjcwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0OTRFRUFD QTI3MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2UxMjc0M2QtZDU2ZC00YTc3LTkw ZTItYzUyZTZkZmUwNmMyLzAvNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0 OTRFRUFDQTI3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKVxhf3GWLWPYGBimigIjKTtQsG9D6gwNmcb pAI1l9mnPY5m4FcJkSZ1GhzzbbBWfwmQ0AEsTkfNuKCnN9dym45m7qdAVB9uDCSM sIBTe5oSGg5GPGoFhoxW4YRzEqM434FUQtg9FiucT523uEJmVbdsBFfvYYWyy8Sn wFD14dJ1aormJN9UODCeMrLUuVawA5pJ7oQDxoMJqux6G9dm3MnVyZz8B+1AKCsO 0fnWCRuUVgARITpxvUtVepD3FYRhv8xMq/bslcnoULVSw9BE8YdHY2pMxOGuVWEk w2IsBk0KhVUimRgmv7Vho1VWrJPc4rCzokmKnVJvsfZNUO5rJ9U= -----END CERTIFICATE-----Generated at Fri Sep 5 10:34:35 2025 by rpki-client