$ rpki-client -vvf repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft File: D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft (raw, json) Hash identifier: DdMbQJ+3v50WsVur+EGJpeBFo+ZtbXwiieoUsqYv4qE= Subject key identifier: BB:FC:11:FA:26:4F:1C:93:8A:AB:41:54:0C:F1:77:A9:A2:1F:1F:E8 Authority key identifier: D9:D0:73:0D:B5:12:95:FE:C5:BD:48:0C:DD:42:B5:E8:51:7C:8F:DB Certificate issuer: /CN=D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB Certificate serial: 2471CA71CEF83ABDFD3DAAB41B11160FE0A9D1F9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft Manifest number: 0234 Signing time: Sun 07 Sep 2025 05:31:57 +0000 Manifest this update: Sun 07 Sep 2025 05:26:57 +0000 Manifest next update: Wed 10 Sep 2025 12:05:57 +0000 Files and hashes: 1: D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl (hash: tr6304GlvRC/WcuRXLOAsWQl1ZuISeyxjKxeG8PtBFY=) 2: 3130332e3138332e3235302e302f32332d3234203d3e2034383030.roa (hash: Ytn4J3L//ntkx3dIdir2Ut4ptmhaS3TkbsBspKupuTk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 10:23:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:71:ca:71:ce:f8:3a:bd:fd:3d:aa:b4:1b:11:16:0f:e0:a9:d1:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB Validity Not Before: Sep 7 05:26:57 2025 GMT Not After : Sep 10 12:05:57 2025 GMT Subject: CN=BBFC11FA264F1C938AAB41540CF177A9A21F1FE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:ee:18:75:b4:6a:1f:95:aa:59:52:45:4f:11: 2e:42:70:1e:14:0b:e9:f8:98:66:82:3b:2f:3f:22: 90:6a:0f:3e:b4:78:09:40:de:0b:80:af:42:ac:1e: 10:dc:f3:a2:c5:7e:ed:48:87:d4:5e:99:04:3d:a6: b9:b1:68:db:cd:8b:8e:5d:ab:8c:55:33:15:54:24: 03:b7:3f:32:d0:4b:e1:46:e9:00:30:22:d9:63:41: 41:96:d4:42:5a:d1:e3:af:6e:2e:be:30:9a:0b:42: 38:f2:00:37:21:b8:b9:0e:dd:1d:02:ea:f1:d1:c8: a8:26:88:54:d9:b9:11:40:31:7b:95:c5:19:7c:ce: da:9a:ef:94:10:40:9c:5a:21:9d:b9:ab:33:99:6d: 60:ea:a2:e1:4e:9e:10:b8:ca:69:79:0e:6a:d8:89: 65:ab:a3:5f:8a:b7:09:0f:1e:4f:17:48:60:0d:7f: 40:40:1d:34:b7:18:ee:f0:d2:e2:9a:cb:71:7d:3c: be:8a:f2:3c:22:79:73:36:98:dc:4d:38:57:e0:85: 4f:33:ea:e0:42:78:ee:c9:e2:90:64:ab:03:19:fc: 56:24:7e:3c:61:02:24:71:f2:f7:a6:d9:c6:a6:ea: 5d:ab:76:c7:98:62:84:c1:bb:cc:0f:08:a0:a0:71: 4b:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:FC:11:FA:26:4F:1C:93:8A:AB:41:54:0C:F1:77:A9:A2:1F:1F:E8 X509v3 Authority Key Identifier: keyid:D9:D0:73:0D:B5:12:95:FE:C5:BD:48:0C:DD:42:B5:E8:51:7C:8F:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:5c:17:d0:53:66:2d:17:20:a0:eb:c9:8e:c7:27:50:9e:ea: b2:90:17:e8:66:0b:13:62:79:05:ed:7d:ad:f4:da:53:78:8d: ac:4e:e6:1e:cc:e7:42:c2:23:c0:d1:73:b2:5f:b3:0a:b1:f4: 4e:a1:7d:1c:f0:41:24:0e:52:b8:01:b1:2a:d9:65:b2:8d:16: 09:76:ad:de:d0:10:4d:94:e6:9b:97:b6:9b:fe:c2:21:eb:cb: bf:93:fa:7c:78:c1:7c:21:7a:51:b6:79:52:6a:a8:6b:45:1a: dc:e6:1e:6a:06:a8:98:93:88:3b:a9:19:0e:20:71:73:44:36: a0:8a:90:c2:ec:55:88:c8:2a:06:6d:77:ca:8d:e8:51:92:ce: f9:4f:1c:49:76:a7:cd:4f:07:fc:2c:23:74:b6:bc:40:1b:2e: a0:f1:74:d7:1d:5a:9f:03:e9:e0:c4:7b:24:d0:63:e6:e6:6b: 9c:6f:60:11:bd:f8:eb:68:c7:f9:3b:b8:c7:5e:d9:8b:53:4d: 34:63:20:3a:b6:60:cd:28:72:d6:72:6b:22:be:fc:13:6c:8e: cd:26:70:7f:e4:f5:58:76:05:8b:0a:f6:2f:64:11:6e:fa:72: ea:7b:79:7b:b5:0a:62:e5:f1:e6:de:e6:9c:bf:12:3c:5f:37: 47:14:3d:5c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJHHKcc74Or39Paq0GxEWD+Cp0fkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1RTg1 MTdDOEZEQjAeFw0yNTA5MDcwNTI2NTdaFw0yNTA5MTAxMjA1NTdaMDMxMTAvBgNV BAMTKEJCRkMxMUZBMjY0RjFDOTM4QUFCNDE1NDBDRjE3N0E5QTIxRjFGRTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb7hh1tGoflapZUkVPES5CcB4U C+n4mGaCOy8/IpBqDz60eAlA3guAr0KsHhDc86LFfu1Ih9RemQQ9prmxaNvNi45d q4xVMxVUJAO3PzLQS+FG6QAwItljQUGW1EJa0eOvbi6+MJoLQjjyADchuLkO3R0C 6vHRyKgmiFTZuRFAMXuVxRl8ztqa75QQQJxaIZ25qzOZbWDqouFOnhC4yml5DmrY iWWro1+KtwkPHk8XSGANf0BAHTS3GO7w0uKay3F9PL6K8jwieXM2mNxNOFfghU8z 6uBCeO7J4pBkqwMZ/FYkfjxhAiRx8vem2cam6l2rdseYYoTBu8wPCKCgcUsJAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUu/wR+iZPHJOKq0FUDPF3qaIfH+gwHwYDVR0j BBgwFoAU2dBzDbUSlf7FvUgM3UK16FF8j9swDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 YWUyYjhiMy1kZWM4LTQxY2YtYTE2ZC1lMTE3MTU2MWQ3MjUvMC9EOUQwNzMwREI1 MTI5NUZFQzVCRDQ4MENERDQyQjVFODUxN0M4RkRCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1RTg1MTdD OEZEQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWFlMmI4YjMtZGVjOC00MWNmLWEx NmQtZTExNzE1NjFkNzI1LzAvRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1 RTg1MTdDOEZEQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFFcF9BTZi0XIKDryY7HJ1Ce6rKQF+hmCxNi eQXtfa302lN4jaxO5h7M50LCI8DRc7Jfswqx9E6hfRzwQSQOUrgBsSrZZbKNFgl2 rd7QEE2U5puXtpv+wiHry7+T+nx4wXwhelG2eVJqqGtFGtzmHmoGqJiTiDupGQ4g cXNENqCKkMLsVYjIKgZtd8qN6FGSzvlPHEl2p81PB/wsI3S2vEAbLqDxdNcdWp8D 6eDEeyTQY+bma5xvYBG9+Otox/k7uMde2YtTTTRjIDq2YM0octZyayK+/BNsjs0m cH/k9Vh2BYsK9i9kEW76cup7eXu1CmLl8ebe5py/EjxfN0cUPVw= -----END CERTIFICATE-----Generated at Sun Sep 7 13:55:55 2025 by rpki-client