$ rpki-client -vvf repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft File: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft (raw, json) Hash identifier: Kf5KT/nM3XGHqZHalNVaqEfjrCAaea0p3eGUnwp1Duk= Subject key identifier: 1B:DA:82:00:26:99:CE:79:FD:52:9E:94:A4:38:71:15:FF:47:81:CE Authority key identifier: 28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC Certificate issuer: /CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Certificate serial: 576A672538340AE1E48EDFD4C87A58EB28B72EE8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft Manifest number: 91 Signing time: Tue 28 Oct 2025 00:52:04 +0000 Manifest this update: Tue 28 Oct 2025 00:47:04 +0000 Manifest next update: Fri 31 Oct 2025 05:24:04 +0000 Files and hashes: 1: 3130332e3135352e3139312e302f32342d3234203d3e20313431303637.roa (hash: sCyLtPxP1W6eDrRKM5zzBxs1T1DM9NmEIRenFAs3CLU=) 2: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl (hash: y0XYvkSqP4c0+ehe9ffpH10DVXnzOiIvcSDNEY1RHhA=) 3: 3130332e3135352e3139302e302f32342d3234203d3e20313431303637.roa (hash: sz4VmdCTe+rtqXvjcCCv+oeArdLugQ/bUPNEnmt0I5U=) 4: 323430363a373534303a3a2f33322d3332203d3e20313431303637.roa (hash: bv6pC6gX0eRc1LFkXxFUMTO8NK/3ORK3VMfpVTQQLkE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 05:24:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:6a:67:25:38:34:0a:e1:e4:8e:df:d4:c8:7a:58:eb:28:b7:2e:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Validity Not Before: Oct 28 00:47:04 2025 GMT Not After : Oct 31 05:24:04 2025 GMT Subject: CN=1BDA82002699CE79FD529E94A4387115FF4781CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ad:1c:ae:30:3f:7e:05:24:0d:c5:55:f1:da: 86:4d:a2:10:b1:51:85:6b:5b:93:8f:d9:ad:cc:f1: 61:d0:62:03:c2:0d:61:4d:a6:55:f5:66:a5:76:19: 8a:b3:0c:dc:10:25:c4:6f:f6:32:df:f2:7c:43:be: 31:e1:98:5f:d9:83:b4:69:cf:73:a7:d0:d3:f7:9f: 2c:9d:dd:5c:74:49:3d:8a:eb:ae:74:74:14:31:9f: f9:6e:7c:96:74:88:cb:f4:46:7c:ec:1e:d4:3b:f3: 75:73:25:be:5c:62:c3:43:7f:f7:a0:a1:a1:4d:10: f2:96:c0:f6:b6:57:91:cd:b1:3c:59:7d:f6:8e:d9: c9:9e:7b:db:28:e2:23:1f:c6:55:df:15:72:7d:b8: de:3c:01:05:8c:b1:73:ff:c3:f8:dd:ad:d5:76:59: f6:1d:41:b4:20:36:97:1c:0a:81:85:fc:04:e9:92: 8b:69:48:98:1f:32:93:9d:88:bc:a2:4f:73:fe:7d: 9e:3d:61:5c:2b:1a:c8:f2:d6:ff:0e:f9:9a:d4:f4: 5e:dd:4a:32:9f:94:cb:dc:8b:54:e4:da:9f:68:4d: 24:68:11:49:7a:c7:94:fd:40:93:5f:db:95:40:7f: 6c:eb:b9:00:cf:b2:11:f1:1e:ae:a6:73:d8:8e:eb: a4:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:DA:82:00:26:99:CE:79:FD:52:9E:94:A4:38:71:15:FF:47:81:CE X509v3 Authority Key Identifier: keyid:28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2e:7b:85:3c:e1:6e:7f:69:93:00:ac:7c:9d:0e:64:09:1c:a8: 89:0b:99:82:a2:73:d9:ee:f3:ed:d1:04:d4:81:07:59:c8:34: a8:5f:92:ca:5c:a8:36:7e:ce:89:f6:ce:83:49:74:81:13:37: 0a:ba:23:11:3f:21:ac:0c:1d:cf:01:67:a3:da:34:8d:d6:f7: aa:c7:f0:3b:a8:a8:1e:4c:8d:d8:cf:34:47:df:b4:89:e4:e3: 02:8e:2e:66:5f:26:14:7a:6c:dd:ee:05:10:56:67:fe:6c:92: d2:28:62:2b:2c:b6:5c:a8:64:f9:08:14:51:ca:4f:d7:16:f9: 2d:5d:4c:25:1e:10:81:23:14:b3:5a:8b:a6:08:fd:ba:1e:12: 97:82:7b:a6:c9:38:bb:12:3a:88:f7:63:ea:eb:71:a0:1a:04: 39:fd:ca:e7:43:5b:97:95:d1:ed:97:01:7e:66:74:85:67:94: 5f:49:13:3f:8e:76:57:2b:de:18:f4:8b:d1:6f:cc:ed:f2:16: 04:44:02:96:a1:32:9a:92:b2:b7:7f:4c:4a:5c:61:12:d1:66: f0:91:8a:3d:1d:be:a2:62:10:44:47:44:e3:1a:86:f3:2d:f8: 8f:bf:9c:56:1c:67:7d:58:d9:58:89:d4:d8:e9:90:63:32:9b: b1:c5:61:21 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUV2pnJTg0CuHkjt/UyHpY6yi3LugwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZD NTdFOUJFQzAeFw0yNTEwMjgwMDQ3MDRaFw0yNTEwMzEwNTI0MDRaMDMxMTAvBgNV BAMTKDFCREE4MjAwMjY5OUNFNzlGRDUyOUU5NEE0Mzg3MTE1RkY0NzgxQ0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDErRyuMD9+BSQNxVXx2oZNohCx UYVrW5OP2a3M8WHQYgPCDWFNplX1ZqV2GYqzDNwQJcRv9jLf8nxDvjHhmF/Zg7Rp z3On0NP3nyyd3Vx0ST2K6650dBQxn/lufJZ0iMv0RnzsHtQ783VzJb5cYsNDf/eg oaFNEPKWwPa2V5HNsTxZffaO2cmee9so4iMfxlXfFXJ9uN48AQWMsXP/w/jdrdV2 WfYdQbQgNpccCoGF/ATpkotpSJgfMpOdiLyiT3P+fZ49YVwrGsjy1v8O+ZrU9F7d SjKflMvci1Tk2p9oTSRoEUl6x5T9QJNf25VAf2zruQDPshHxHq6mc9iO66TTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUG9qCACaZznn9Up6UpDhxFf9Hgc4wHwYDVR0j BBgwFoAUKLMFxmM2xDOrYBum8LNS5sV+m+wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YjZlOWI1MS1iZDg3LTQ5MDUtOWJmNC1hODQ4YTQ0ZTViYTUvMC8yOEIzMDVDNjYz MzZDNDMzQUI2MDFCQTZGMEIzNTJFNkM1N0U5QkVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZDNTdF OUJFQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGI2ZTliNTEtYmQ4Ny00OTA1LTli ZjQtYTg0OGE0NGU1YmE1LzAvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUy RTZDNTdFOUJFQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAC57hTzhbn9pkwCsfJ0OZAkcqIkLmYKic9nu 8+3RBNSBB1nINKhfkspcqDZ+zon2zoNJdIETNwq6IxE/IawMHc8BZ6PaNI3W96rH 8DuoqB5MjdjPNEfftInk4wKOLmZfJhR6bN3uBRBWZ/5sktIoYisstlyoZPkIFFHK T9cW+S1dTCUeEIEjFLNai6YI/boeEpeCe6bJOLsSOoj3Y+rrcaAaBDn9yudDW5eV 0e2XAX5mdIVnlF9JEz+Odlcr3hj0i9FvzO3yFgREApahMpqSsrd/TEpcYRLRZvCR ij0dvqJiEERHROMahvMt+I+/nFYcZ31Y2ViJ1NjpkGMym7HFYSE= -----END CERTIFICATE-----Generated at Tue Oct 28 14:02:58 2025 by rpki-client