$ rpki-client -vvf repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft File: 8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft (raw, json) Hash identifier: /eayPTpfSGiPNcVk+472rNuUnLQ5gm+uSfxEvSLF6e8= Subject key identifier: 74:0A:23:0E:80:2D:D4:9D:BD:1B:04:34:08:35:88:E5:F4:10:B9:88 Authority key identifier: 8B:A2:B5:E0:7F:AD:57:28:C7:DE:FB:F4:FC:10:BD:04:43:53:F6:FF Certificate issuer: /CN=8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF Certificate serial: 59FEA21D6F179F2EDDC3837CAB8C791F144013A4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft Manifest number: CA Signing time: Sun 07 Sep 2025 08:11:07 +0000 Manifest this update: Sun 07 Sep 2025 08:06:07 +0000 Manifest next update: Wed 10 Sep 2025 12:36:07 +0000 Files and hashes: 1: 323430343a346563303a3a2f33322d3438203d3e20313338313339.roa (hash: A2G6b+fxTo20QvHK7lUw9boisWwmFFcOlzGIN95UCMI=) 2: 8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl (hash: j0YMwm7anYNK9nWrx6BhetEBkclk2VhAHbcn+OYoyhs=) 3: 3130332e3133332e3134372e302f32342d3234203d3e20313338313339.roa (hash: aR62APrh1DccZKre5l7C6SLFps3TBPFdm3R3znGJ1fA=) 4: 3130332e3133332e3134362e302f32342d3234203d3e20313338313339.roa (hash: nNqPduu/JjsIMhgAQMQxpm1Co5pg16TuoWu2Q/HzWgA=) 5: 323430343a346563303a313a3a2f34382d3438203d3e20313338313339.roa (hash: X/C9vXKY/TY9dLHbewA4tddP0TItlp1o/B62rHS1ZLs=) 6: 3130332e3133332e3134352e302f32342d3234203d3e20313338313339.roa (hash: AZoy99OzaaD9x6sZSBHTE/6tOjO7s0t/ExrzVTGMWVY=) 7: 3130332e3133332e3134342e302f32342d3234203d3e20313338313339.roa (hash: 4N3xCB2x4rBoMiXQaq1TIxjQcspdHHBn4voGBhoXwMQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 10:23:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:fe:a2:1d:6f:17:9f:2e:dd:c3:83:7c:ab:8c:79:1f:14:40:13:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF Validity Not Before: Sep 7 08:06:07 2025 GMT Not After : Sep 10 12:36:07 2025 GMT Subject: CN=740A230E802DD49DBD1B0434083588E5F410B988 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:70:da:aa:28:b8:ee:23:53:91:59:bb:5f:7c: da:69:d1:ee:3d:43:8f:e0:8e:9c:bf:ae:09:7c:09: 72:e0:de:e6:05:2a:a2:84:81:a7:f8:3b:18:3e:97: c1:10:84:82:e7:f6:25:4c:3c:79:d0:b8:f4:0b:70: a8:ad:be:25:a1:e2:41:cb:9c:c6:aa:6d:50:cd:59: 79:17:c7:b4:25:4a:44:7a:02:a0:f6:fa:7d:4e:fd: a5:a8:25:25:0c:dc:c9:c7:68:25:91:00:8a:11:53: c7:9d:68:f1:ca:7d:5e:24:db:f1:50:16:1e:50:0c: d7:0e:5a:5d:6e:10:23:60:4b:2b:0d:0c:51:ff:7e: 09:fc:ab:4b:d8:e8:81:be:d9:3d:2a:80:6f:95:93: eb:b6:4f:f9:65:1b:e7:ce:9e:86:53:79:37:37:df: d4:90:91:99:79:1c:31:77:3f:1e:d6:b6:34:24:8a: 73:b3:83:89:ed:4d:b9:13:e0:73:31:76:e4:60:b4: 56:0e:1c:eb:b6:e0:5f:41:62:de:01:d8:e1:2b:40: 61:6d:d3:39:3a:05:b7:ae:93:eb:ef:12:a1:d7:82: 4f:cb:6c:ee:a6:a9:90:ae:de:52:4f:37:ae:52:03: dd:a7:7b:42:01:fd:d1:80:53:f1:ca:38:11:00:e3: 8a:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:0A:23:0E:80:2D:D4:9D:BD:1B:04:34:08:35:88:E5:F4:10:B9:88 X509v3 Authority Key Identifier: keyid:8B:A2:B5:E0:7F:AD:57:28:C7:DE:FB:F4:FC:10:BD:04:43:53:F6:FF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:11:2f:95:8f:9f:eb:68:d9:e8:16:68:3f:84:1c:c3:17:7e: d1:c2:26:38:e2:98:c0:ee:22:10:a5:74:fd:de:6c:42:17:4f: 30:93:44:b5:ed:59:05:3e:17:f4:04:c0:4d:b6:91:a9:9f:a7: cc:6a:fb:0b:44:ec:16:87:65:05:ef:9c:50:d3:68:d7:f3:d4: 3f:c2:01:a6:fe:27:4c:38:86:2c:c1:55:fc:66:7a:c6:ed:d7: 96:b1:19:a2:ac:f4:8c:d8:8f:bf:16:54:ea:cb:41:44:9b:0f: db:76:7b:21:66:6c:e5:26:c4:f7:70:8e:56:57:8a:09:f2:88: 8a:1f:34:93:84:bb:71:1b:1d:fe:77:80:ef:9e:f3:48:57:c3: c1:63:6a:40:75:59:8f:b3:8f:68:6b:79:18:16:4b:57:8d:4c: c6:41:50:84:30:36:5d:9d:92:e7:16:a2:63:e6:c1:13:bb:ef: 30:11:08:7c:4d:89:45:35:9c:e1:e9:6d:f8:4a:1a:99:13:8e: b5:56:dd:17:cc:86:34:8d:0e:49:fb:46:e3:90:68:f6:eb:e5: 51:99:ec:8e:fa:2d:da:ad:d6:48:bd:36:8a:35:d4:1d:fe:20: 5b:35:85:4b:0d:6f:3e:2a:4e:69:ed:11:c3:0d:e1:84:52:45: 07:18:bc:79 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWf6iHW8Xny7dw4N8q4x5HxRAE6QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJEMDQ0 MzUzRjZGRjAeFw0yNTA5MDcwODA2MDdaFw0yNTA5MTAxMjM2MDdaMDMxMTAvBgNV BAMTKDc0MEEyMzBFODAyREQ0OURCRDFCMDQzNDA4MzU4OEU1RjQxMEI5ODgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIcNqqKLjuI1ORWbtffNpp0e49 Q4/gjpy/rgl8CXLg3uYFKqKEgaf4Oxg+l8EQhILn9iVMPHnQuPQLcKitviWh4kHL nMaqbVDNWXkXx7QlSkR6AqD2+n1O/aWoJSUM3MnHaCWRAIoRU8edaPHKfV4k2/FQ Fh5QDNcOWl1uECNgSysNDFH/fgn8q0vY6IG+2T0qgG+Vk+u2T/llG+fOnoZTeTc3 39SQkZl5HDF3Px7WtjQkinOzg4ntTbkT4HMxduRgtFYOHOu24F9BYt4B2OErQGFt 0zk6Bbeuk+vvEqHXgk/LbO6mqZCu3lJPN65SA92ne0IB/dGAU/HKOBEA44pdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUdAojDoAt1J29GwQ0CDWI5fQQuYgwHwYDVR0j BBgwFoAUi6K14H+tVyjH3vv0/BC9BENT9v8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 Yzc2Yzg1Zi05YTRmLTRhZmMtOTY5Yi04ZGEyNTM2YzVjMjQvMC84QkEyQjVFMDdG QUQ1NzI4QzdERUZCRjRGQzEwQkQwNDQzNTNGNkZGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJEMDQ0MzUz RjZGRi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGM3NmM4NWYtOWE0Zi00YWZjLTk2 OWItOGRhMjUzNmM1YzI0LzAvOEJBMkI1RTA3RkFENTcyOEM3REVGQkY0RkMxMEJE MDQ0MzUzRjZGRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACoRL5WPn+to2egWaD+EHMMXftHCJjjimMDu IhCldP3ebEIXTzCTRLXtWQU+F/QEwE22kamfp8xq+wtE7BaHZQXvnFDTaNfz1D/C Aab+J0w4hizBVfxmesbt15axGaKs9IzYj78WVOrLQUSbD9t2eyFmbOUmxPdwjlZX ignyiIofNJOEu3EbHf53gO+e80hXw8FjakB1WY+zj2hreRgWS1eNTMZBUIQwNl2d kucWomPmwRO77zARCHxNiUU1nOHpbfhKGpkTjrVW3RfMhjSNDkn7RuOQaPbr5VGZ 7I76Ldqt1ki9Noo11B3+IFs1hUsNbz4qTmntEcMN4YRSRQcYvHk= -----END CERTIFICATE-----Generated at Sun Sep 7 13:55:53 2025 by rpki-client