$ rpki-client -vvf repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft File: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft (raw, json) Hash identifier: pD+AtQ3LQSy6rVQko/PPc0aZXDoB5IHZPXGBgMkJflk= Subject key identifier: EA:6F:88:94:5B:DE:4B:42:45:A5:97:25:38:6A:6D:52:83:62:34:39 Authority key identifier: 42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 Certificate issuer: /CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Certificate serial: 4E81BE8F7548C98C7BAC91401117819AB97866BE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject info access: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft Manifest number: 0505 Signing time: Fri 05 Sep 2025 08:12:02 +0000 Manifest this update: Fri 05 Sep 2025 08:07:02 +0000 Manifest next update: Mon 08 Sep 2025 18:36:02 +0000 Files and hashes: 1: 3130332e3234352e3138302e302f32322d3234203d3e203234353332.roa (hash: olwDZQoWpFkRsK81GVJEPLld+99Dlx/8F9oVv6zB3jQ=) 2: 32372e3131312e33342e302f32342d3234203d3e203538343737.roa (hash: WP2a3mqmpHS88/eMPFKKdSw0yMT5X5wgEeVzGMtnjlw=) 3: 3230322e3132392e3138342e302f32322d3234203d3e203234353332.roa (hash: CeNMr8Y0wuM60Zt6nplzMluIcrI9La3EhazffayBItA=) 4: 32372e3131312e33322e302f31392d3234203d3e203234353332.roa (hash: JSx+5xTx71eWK8GnVgu4sokLS7+0LsCbDYaq7VNDJRQ=) 5: 34332e3232392e3230342e302f32322d3234203d3e203234353332.roa (hash: WF4j8x2tGr44aFsHKkav+2ARzcYAA9lGEfxLV4cOOpQ=) 6: 3131392e3233352e31362e302f32302d3234203d3e203234353332.roa (hash: B78QMc7X1AynG/67CvGHE09qoTlYPrnz5pImIeutRLM=) 7: 428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl (hash: i3OKD5gRBkLE8J2+oVCFpXmqwkFfEJuU6dvV7YZjZoU=) 8: 323430333a326530303a3a2f33322d3438203d3e203234353332.roa (hash: 1GnFCQ0Tavqgsu3zMfhYc58ad3h7NpVZT5asqIEYmDA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 18:36:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:81:be:8f:75:48:c9:8c:7b:ac:91:40:11:17:81:9a:b9:78:66:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428AA4240E741F27E3A21EFC29D45F0AECC7FE96 Validity Not Before: Sep 5 08:07:02 2025 GMT Not After : Sep 8 18:36:02 2025 GMT Subject: CN=EA6F88945BDE4B4245A59725386A6D5283623439 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:66:d3:47:9e:a0:51:f5:e5:2b:29:30:ef:3b: 20:5d:d8:a1:9a:a1:ef:be:67:73:8e:f4:dd:7c:0f: e9:33:f0:b3:94:f2:55:24:34:e3:6d:30:28:d5:aa: 15:7c:07:84:ea:8d:d4:8c:3e:72:a6:2b:af:34:ed: 39:49:12:d2:71:76:5e:11:1e:9f:c7:10:44:4d:b1: 83:93:fb:fa:9f:e0:c7:e0:47:0a:fa:7e:33:2f:92: 35:68:31:a2:49:b9:41:4a:26:ea:20:62:bb:f9:c5: ab:51:6f:95:2f:b0:cc:6d:b0:0e:d1:d8:93:ed:7b: 73:69:a6:cf:34:a9:2a:c7:1f:ef:5c:bc:d4:98:d8: 75:3e:ca:2c:b6:d4:f6:92:80:af:23:26:20:33:cf: f9:10:c7:23:eb:a8:08:4f:d2:0c:0a:4f:a5:17:79: 1d:6d:68:81:3f:f5:ab:0d:bf:52:41:14:16:f0:f2: a2:73:4c:97:f4:81:dd:01:2c:1a:9a:17:a3:ac:9b: d4:a5:a6:26:da:58:35:d3:a6:35:ba:da:60:03:9c: ac:fe:82:64:a6:00:1f:f8:ea:27:2b:ba:5d:77:c0: 01:aa:78:be:37:97:b4:1b:56:4a:6a:00:c7:fb:95: 79:9e:2c:fa:38:2b:bf:86:cf:98:25:16:ea:15:bb: 32:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:6F:88:94:5B:DE:4B:42:45:A5:97:25:38:6A:6D:52:83:62:34:39 X509v3 Authority Key Identifier: keyid:42:8A:A4:24:0E:74:1F:27:E3:A2:1E:FC:29:D4:5F:0A:EC:C7:FE:96 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/943e2e67-a171-4d9e-a935-406902b1e13b/0/428AA4240E741F27E3A21EFC29D45F0AECC7FE96.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:1b:5d:81:12:10:59:59:df:45:24:fe:32:f7:d1:37:9a:9d: a7:e0:d4:b6:55:25:74:dc:e7:17:cd:a9:c2:ad:ec:69:b2:68: e9:7c:07:59:d7:ba:8d:f3:92:cb:03:d1:b3:c1:76:cd:ca:32: bb:65:af:cc:0d:72:ba:21:0d:8d:71:b2:6c:20:ad:06:8d:61: c5:3a:62:a9:fb:97:ee:85:b3:25:b8:fc:94:2f:37:45:36:15: 73:b6:02:21:ad:b0:7b:b0:bb:38:c7:0a:c3:b3:78:69:6f:d8: d4:8c:f1:a1:38:19:41:63:b0:0f:9c:9b:7e:b7:24:94:9e:e3: 23:08:aa:7e:3b:09:ef:72:a4:61:36:25:17:5d:11:26:a3:b2: dd:c6:78:4e:f8:77:73:f7:32:b0:e2:6c:9f:25:58:87:19:3e: 27:85:d1:d8:ce:ef:18:44:2f:63:01:7c:96:71:df:78:32:11: dd:89:21:31:9b:13:6a:45:f9:fe:e6:9e:20:f1:a5:20:58:6c: 51:2b:6e:b5:6e:2a:25:61:a0:10:7f:ba:4c:bf:86:ad:c9:c0: 2c:68:8e:ac:48:d4:7d:bc:03:0a:7d:25:ed:87:02:87:81:ab: 6f:a6:55:1c:5c:93:17:f9:9f:25:f4:f9:68:68:6a:e1:5b:ce: c4:8b:0c:60 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUToG+j3VIyYx7rJFAEReBmrl4Zr4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFF Q0M3RkU5NjAeFw0yNTA5MDUwODA3MDJaFw0yNTA5MDgxODM2MDJaMDMxMTAvBgNV BAMTKEVBNkY4ODk0NUJERTRCNDI0NUE1OTcyNTM4NkE2RDUyODM2MjM0MzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsZtNHnqBR9eUrKTDvOyBd2KGa oe++Z3OO9N18D+kz8LOU8lUkNONtMCjVqhV8B4TqjdSMPnKmK6807TlJEtJxdl4R Hp/HEERNsYOT+/qf4MfgRwr6fjMvkjVoMaJJuUFKJuogYrv5xatRb5UvsMxtsA7R 2JPte3Npps80qSrHH+9cvNSY2HU+yiy21PaSgK8jJiAzz/kQxyPrqAhP0gwKT6UX eR1taIE/9asNv1JBFBbw8qJzTJf0gd0BLBqaF6Osm9SlpibaWDXTpjW62mADnKz+ gmSmAB/46icrul13wAGqeL43l7QbVkpqAMf7lXmeLPo4K7+Gz5glFuoVuzJBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU6m+IlFveS0JFpZclOGptUoNiNDkwHwYDVR0j BBgwFoAUQoqkJA50Hyfjoh78KdRfCuzH/pYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDNlMmU2Ny1hMTcxLTRkOWUtYTkzNS00MDY5MDJiMWUxM2IvMC80MjhBQTQyNDBF NzQxRjI3RTNBMjFFRkMyOUQ0NUYwQUVDQzdGRTk2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVGMEFFQ0M3 RkU5Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQzZTJlNjctYTE3MS00ZDllLWE5 MzUtNDA2OTAyYjFlMTNiLzAvNDI4QUE0MjQwRTc0MUYyN0UzQTIxRUZDMjlENDVG MEFFQ0M3RkU5Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAUbXYESEFlZ30Uk/jL30Teanafg1LZVJXTc 5xfNqcKt7GmyaOl8B1nXuo3zkssD0bPBds3KMrtlr8wNcrohDY1xsmwgrQaNYcU6 Yqn7l+6FsyW4/JQvN0U2FXO2AiGtsHuwuzjHCsOzeGlv2NSM8aE4GUFjsA+cm363 JJSe4yMIqn47Ce9ypGE2JRddESajst3GeE74d3P3MrDibJ8lWIcZPieF0djO7xhE L2MBfJZx33gyEd2JITGbE2pF+f7mniDxpSBYbFErbrVuKiVhoBB/uky/hq3JwCxo jqxI1H28Awp9Je2HAoeBq2+mVRxckxf5nyX0+WhoauFbzsSLDGA= -----END CERTIFICATE-----Generated at Sun Sep 7 14:05:18 2025 by rpki-client