$ rpki-client -vvf repo-rpki.idnic.net/repo/5c72d3f5-dd53-4b74-947c-6bb510f4f503/0/2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0.mft File: 2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0.mft (raw, json) Hash identifier: DQTdn0lLO2m70IcVM1AP1tsvnK7MbI2y/OK8F3yxeS4= Subject key identifier: 30:AE:B0:29:44:F7:FB:EA:69:A1:F2:34:7A:1E:FA:27:C1:EF:9D:C1 Authority key identifier: 2B:0D:3D:70:A0:27:B5:3C:7A:D2:17:FE:22:CA:0E:D1:11:FD:F3:B0 Certificate issuer: /CN=2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0 Certificate serial: 127A2E89C9E7734DDC993A575861E19F2FA2DA7D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5c72d3f5-dd53-4b74-947c-6bb510f4f503/0/2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0.mft Manifest number: 8B Signing time: Fri 05 Sep 2025 18:11:51 +0000 Manifest this update: Fri 05 Sep 2025 18:06:51 +0000 Manifest next update: Tue 09 Sep 2025 04:34:51 +0000 Files and hashes: 1: 2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0.crl (hash: 4MJLhccQ/gBNPHvSoHu3NEH13L68/4dy02clXKEE6eA=) 2: 3130332e3232352e31372e302f32342d3234203d3e20313532303632.roa (hash: P8QCMdvNkcGuA4F0hmx15JmIaSEyGRAUfWjBJiusufQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5c72d3f5-dd53-4b74-947c-6bb510f4f503/0/2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0.crl rsync://repo-rpki.idnic.net/repo/5c72d3f5-dd53-4b74-947c-6bb510f4f503/0/2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 04:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:7a:2e:89:c9:e7:73:4d:dc:99:3a:57:58:61:e1:9f:2f:a2:da:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0 Validity Not Before: Sep 5 18:06:51 2025 GMT Not After : Sep 9 04:34:51 2025 GMT Subject: CN=30AEB02944F7FBEA69A1F2347A1EFA27C1EF9DC1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:dd:f9:62:f7:a1:4f:d2:31:dd:a2:bd:b2:6b: 66:7d:52:53:a6:7c:f5:61:9a:81:b3:6b:c9:2e:d1: 67:01:46:38:5b:b5:fb:2c:45:e2:1e:b7:90:db:77: 4c:21:ea:3d:4d:c9:22:30:ff:33:98:35:24:b0:9d: 1e:fa:03:e2:6e:fa:4a:e0:e2:ca:9f:36:fc:52:7d: b1:bf:24:68:bd:10:86:eb:6d:e5:53:9f:2f:68:1a: 2e:aa:23:ea:40:ea:95:23:33:5e:87:a0:4b:d0:2b: 93:ea:3d:1f:06:08:92:07:13:59:a1:c7:7c:3f:71: 00:0a:b5:6c:98:22:ce:aa:e1:c7:cf:14:f6:1f:a6: 62:03:d8:53:fd:a8:82:51:ec:55:e7:2b:14:2a:02: 5d:94:34:44:fa:04:cf:e8:39:66:76:65:c6:7a:fd: 61:b0:c3:db:ca:52:5e:eb:6b:c0:aa:2c:da:c0:12: 41:0a:eb:1a:e5:16:d9:bb:cf:40:28:3d:39:83:c7: f6:8b:e1:73:f3:9e:f2:bd:37:b0:24:10:6d:ff:ad: d5:41:a7:4c:ed:33:55:a3:41:50:d6:9b:41:28:ff: 54:07:3c:0a:b3:d9:61:00:fd:a1:97:37:ce:ea:af: 03:b2:aa:e9:ec:d2:d7:63:6d:1b:7c:ac:4e:8f:fd: 1c:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:AE:B0:29:44:F7:FB:EA:69:A1:F2:34:7A:1E:FA:27:C1:EF:9D:C1 X509v3 Authority Key Identifier: keyid:2B:0D:3D:70:A0:27:B5:3C:7A:D2:17:FE:22:CA:0E:D1:11:FD:F3:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5c72d3f5-dd53-4b74-947c-6bb510f4f503/0/2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5c72d3f5-dd53-4b74-947c-6bb510f4f503/0/2B0D3D70A027B53C7AD217FE22CA0ED111FDF3B0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:29:19:d8:38:42:05:cb:a2:bb:fe:90:23:f7:c3:21:8a:60: 86:64:8b:24:24:51:de:70:74:4b:fe:22:4a:27:e6:8f:fd:39: 3f:fd:92:70:29:a8:ca:d2:c8:26:e0:64:86:7e:cf:9d:48:1f: dc:cb:bf:2d:7b:8c:0f:25:43:f3:24:1a:bd:83:c8:f8:ad:01: e7:40:fd:8c:2e:74:8b:4b:4d:07:a8:1b:52:5b:22:5f:ff:fe: db:2d:57:21:f1:dd:db:11:c6:4e:e7:46:f0:cb:81:48:a8:ca: 25:6a:e8:a9:b4:ed:32:86:cd:dc:82:86:a6:13:68:6e:5b:a0: 4c:8d:0b:59:6d:7c:b1:d8:a6:1d:2a:d5:51:01:3c:28:9f:2c: 82:2a:94:b3:17:d8:02:37:9a:7a:f5:53:3f:12:e1:1f:2f:06: ad:78:51:fb:92:64:a6:03:11:a0:33:cd:2b:1e:d4:cb:78:a9: ea:55:fa:c8:1b:80:f2:78:43:38:fa:cd:ec:04:f1:68:20:5f: fb:62:fb:e5:61:36:68:e8:56:a8:93:6d:c3:9d:8f:60:4f:4e: e5:fa:2f:9a:48:08:09:43:cf:28:27:46:3c:0e:1d:22:4b:32: 39:db:1d:2f:c3:77:fd:58:f8:4b:cd:4a:f7:99:0e:13:f7:cb: 99:e4:05:0a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUEnouicnnc03cmTpXWGHhny+i2n0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkIwRDNENzBBMDI3QjUzQzdBRDIxN0ZFMjJDQTBFRDEx MUZERjNCMDAeFw0yNTA5MDUxODA2NTFaFw0yNTA5MDkwNDM0NTFaMDMxMTAvBgNV BAMTKDMwQUVCMDI5NDRGN0ZCRUE2OUExRjIzNDdBMUVGQTI3QzFFRjlEQzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR3fli96FP0jHdor2ya2Z9UlOm fPVhmoGza8ku0WcBRjhbtfssReIet5Dbd0wh6j1NySIw/zOYNSSwnR76A+Ju+krg 4sqfNvxSfbG/JGi9EIbrbeVTny9oGi6qI+pA6pUjM16HoEvQK5PqPR8GCJIHE1mh x3w/cQAKtWyYIs6q4cfPFPYfpmID2FP9qIJR7FXnKxQqAl2UNET6BM/oOWZ2ZcZ6 /WGww9vKUl7ra8CqLNrAEkEK6xrlFtm7z0AoPTmDx/aL4XPznvK9N7AkEG3/rdVB p0ztM1WjQVDWm0Eo/1QHPAqz2WEA/aGXN87qrwOyquns0tdjbRt8rE6P/Rw7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMK6wKUT3++ppofI0eh76J8HvncEwHwYDVR0j BBgwFoAUKw09cKAntTx60hf+IsoO0RH987AwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 YzcyZDNmNS1kZDUzLTRiNzQtOTQ3Yy02YmI1MTBmNGY1MDMvMC8yQjBEM0Q3MEEw MjdCNTNDN0FEMjE3RkUyMkNBMEVEMTExRkRGM0IwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkIwRDNENzBBMDI3QjUzQzdBRDIxN0ZFMjJDQTBFRDExMUZE RjNCMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWM3MmQzZjUtZGQ1My00Yjc0LTk0 N2MtNmJiNTEwZjRmNTAzLzAvMkIwRDNENzBBMDI3QjUzQzdBRDIxN0ZFMjJDQTBF RDExMUZERjNCMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACwpGdg4QgXLorv+kCP3wyGKYIZkiyQkUd5w dEv+Ikon5o/9OT/9knApqMrSyCbgZIZ+z51IH9zLvy17jA8lQ/MkGr2DyPitAedA /YwudItLTQeoG1JbIl///tstVyHx3dsRxk7nRvDLgUioyiVq6Km07TKGzdyChqYT aG5boEyNC1ltfLHYph0q1VEBPCifLIIqlLMX2AI3mnr1Uz8S4R8vBq14UfuSZKYD EaAzzSse1Mt4qepV+sgbgPJ4Qzj6zewE8WggX/ti++VhNmjoVqiTbcOdj2BPTuX6 L5pICAlDzygnRjwOHSJLMjnbHS/Dd/1Y+EvNSveZDhP3y5nkBQo= -----END CERTIFICATE-----Generated at Sun Sep 7 15:34:12 2025 by rpki-client