$ rpki-client -vvf repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft File: 2D18956397FA6055A44153CABF07303FD6E55E44.mft (raw, json) Hash identifier: QvWnCHJfkl3aue1E3vOj+0Krhg0QC2l0rq8HA/drGz8= Subject key identifier: 0A:EC:73:20:EB:32:0F:7C:57:5B:EB:8A:68:7B:06:5A:CF:5B:C0:1D Authority key identifier: 2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 Certificate issuer: /CN=2D18956397FA6055A44153CABF07303FD6E55E44 Certificate serial: 41D5ADCEDBD7AC234141885CA42972F0B243ACC5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft Manifest number: 0511 Signing time: Sat 06 Sep 2025 23:32:01 +0000 Manifest this update: Sat 06 Sep 2025 23:27:01 +0000 Manifest next update: Wed 10 Sep 2025 10:59:01 +0000 Files and hashes: 1: 323430363a373734303a3a2f33322d3438203d3e20313431303733.roa (hash: 9pt7JLtOWMCBsJXp8H1J28V9N/OUvx5VflNai/uQZgc=) 2: 2D18956397FA6055A44153CABF07303FD6E55E44.crl (hash: Lpw+KRr05J+6JBAW+ffBa8wXINVGYrq+DOs7kiE9cZ4=) 3: 323430363a373734303a3a2f33322d3332203d3e20313431303733.roa (hash: BilMX6PAfP77Q5Ze/r2bseAvAFYgHI4D9c4hoNAPY/0=) 4: 3130332e3135352e3230302e302f32332d3234203d3e20313431303733.roa (hash: LMlg0YtMMAZTGP6EzKXImD6a6ZjUtLMQ+VabkB5A5lc=) 5: 3130332e3135352e3230302e302f32332d3233203d3e20313431303733.roa (hash: 1cZaLW2bYSVuCFR3p6/QnCg+KIF2tEt9ZDlyjUYN2tI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 10:23:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:d5:ad:ce:db:d7:ac:23:41:41:88:5c:a4:29:72:f0:b2:43:ac:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D18956397FA6055A44153CABF07303FD6E55E44 Validity Not Before: Sep 6 23:27:01 2025 GMT Not After : Sep 10 10:59:01 2025 GMT Subject: CN=0AEC7320EB320F7C575BEB8A687B065ACF5BC01D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:95:35:0d:22:94:b1:b6:52:5b:ca:a6:5e:79: ab:cf:dd:9e:7b:1e:de:82:27:d4:66:3b:19:5e:88: 14:d0:cb:78:e5:2b:3c:44:c9:e2:0d:fd:39:13:64: 25:0f:b9:8b:a4:25:d6:bf:99:9d:97:43:e7:1f:f9: c2:59:db:ff:d9:bb:d8:da:af:f2:66:c9:4e:85:36: 4e:2b:c7:3c:32:6d:90:61:6b:fc:2b:40:4d:f8:9a: ca:1a:3e:22:fb:92:1d:38:13:17:c1:a6:7b:d4:db: 5c:34:92:10:67:28:f3:a2:46:02:b8:97:92:60:4b: 74:93:4d:67:f6:13:cf:ed:86:2e:c0:47:cb:58:29: 4e:54:f7:f5:62:07:22:86:d7:48:50:00:99:e0:6c: 22:df:ae:2f:57:63:12:29:9b:bd:50:57:24:d8:6f: 2b:ad:98:d2:66:ba:b8:fd:84:48:d4:e8:60:d1:1b: 97:01:cc:be:b2:e8:b1:db:03:dc:d1:14:ad:38:5c: f6:62:5e:54:d7:47:e2:6e:59:cf:40:c4:4c:99:91: 7a:43:bb:7c:3c:0f:fd:b1:0e:1e:9b:2b:d0:1e:0f: 43:d1:72:c5:31:c8:5e:52:d8:68:c1:98:32:72:b9: 36:a0:53:ff:d5:00:ec:3e:38:4a:0f:62:60:69:87: 88:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:EC:73:20:EB:32:0F:7C:57:5B:EB:8A:68:7B:06:5A:CF:5B:C0:1D X509v3 Authority Key Identifier: keyid:2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:20:48:07:bd:64:6d:80:57:a2:86:d9:d0:fb:06:47:1f:7c: 2f:f0:c5:ff:9a:b9:a3:67:f8:02:1b:5a:10:62:bf:69:c0:46: 48:c0:bb:c4:8d:31:a3:81:80:41:3e:af:21:fa:a5:60:7c:7e: 43:8a:1f:e2:0a:8d:7b:ad:22:e0:0e:01:d8:f8:d2:86:32:0d: ca:f6:5d:04:b0:67:c3:6b:0d:2c:52:2e:a8:b1:e3:dd:ad:65: 59:4c:22:68:e6:5e:60:ee:f5:03:03:89:cd:80:cd:ef:f9:07: 6e:8d:28:a1:4d:4e:b0:90:ce:fc:58:33:24:f4:0a:d8:dd:78: af:e3:3b:b2:a8:f9:36:53:be:92:64:01:5c:1a:32:ca:ec:d6: 29:b9:fa:9f:cc:8e:32:41:b8:22:48:8e:95:1b:15:9c:a8:a5: 66:87:c4:21:f8:fc:66:db:73:29:82:f8:fb:28:70:10:58:03: 27:3b:8a:3e:c8:f8:19:f3:d9:5e:cf:e8:32:47:d8:e7:92:32: 98:a4:b9:42:bf:cb:93:a4:3e:11:da:04:ca:31:90:e3:af:f8: 11:6e:41:23:29:c4:f5:79:13:87:b6:96:90:4f:23:18:fd:ec: 3a:25:44:e0:79:85:35:db:35:7d:83:11:98:6a:ae:28:02:89: bb:ff:7b:bd -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQdWtztvXrCNBQYhcpCly8LJDrMUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZE NkU1NUU0NDAeFw0yNTA5MDYyMzI3MDFaFw0yNTA5MTAxMDU5MDFaMDMxMTAvBgNV BAMTKDBBRUM3MzIwRUIzMjBGN0M1NzVCRUI4QTY4N0IwNjVBQ0Y1QkMwMUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDalTUNIpSxtlJbyqZeeavP3Z57 Ht6CJ9RmOxleiBTQy3jlKzxEyeIN/TkTZCUPuYukJda/mZ2XQ+cf+cJZ2//Zu9ja r/JmyU6FNk4rxzwybZBha/wrQE34msoaPiL7kh04ExfBpnvU21w0khBnKPOiRgK4 l5JgS3STTWf2E8/thi7AR8tYKU5U9/ViByKG10hQAJngbCLfri9XYxIpm71QVyTY byutmNJmurj9hEjU6GDRG5cBzL6y6LHbA9zRFK04XPZiXlTXR+JuWc9AxEyZkXpD u3w8D/2xDh6bK9AeD0PRcsUxyF5S2GjBmDJyuTagU//VAOw+OEoPYmBph4hdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUCuxzIOsyD3xXW+uKaHsGWs9bwB0wHwYDVR0j BBgwFoAULRiVY5f6YFWkQVPKvwcwP9blXkQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ODU4Zjg1Yy1hNDU4LTRhNTgtYmJkZS00YmZiMzQzZGM0YjAvMC8yRDE4OTU2Mzk3 RkE2MDU1QTQ0MTUzQ0FCRjA3MzAzRkQ2RTU1RTQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZENkU1 NUU0NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDg1OGY4NWMtYTQ1OC00YTU4LWJi ZGUtNGJmYjM0M2RjNGIwLzAvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMw M0ZENkU1NUU0NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADEgSAe9ZG2AV6KG2dD7BkcffC/wxf+auaNn +AIbWhBiv2nARkjAu8SNMaOBgEE+ryH6pWB8fkOKH+IKjXutIuAOAdj40oYyDcr2 XQSwZ8NrDSxSLqix492tZVlMImjmXmDu9QMDic2Aze/5B26NKKFNTrCQzvxYMyT0 CtjdeK/jO7Ko+TZTvpJkAVwaMsrs1im5+p/MjjJBuCJIjpUbFZyopWaHxCH4/Gbb cymC+PsocBBYAyc7ij7I+Bnz2V7P6DJH2OeSMpikuUK/y5OkPhHaBMoxkOOv+BFu QSMpxPV5E4e2lpBPIxj97DolROB5hTXbNX2DEZhqrigCibv/e70= -----END CERTIFICATE-----Generated at Sun Sep 7 13:59:12 2025 by rpki-client