$ rpki-client -vvf repo-rpki.idnic.net/repo/9ebe7ad8-e15c-4014-bfb3-be69b7d5de88/0/C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4.mft File: C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4.mft (raw, json) Hash identifier: /5SN5ILr8r5okGVJaQi6QQ4/C+Ap4Mh85u3AQdPf7qo= Subject key identifier: 69:58:DB:F6:4A:71:BE:A3:0D:7C:BD:7F:7B:59:77:97:31:4B:04:E2 Authority key identifier: C2:0D:D3:7A:F0:EF:3C:A0:55:DF:DF:8F:3F:5D:18:F0:81:81:96:F4 Certificate issuer: /CN=C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4 Certificate serial: 51E62A4A3FDF189BD438A9C2922B247897492591 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/9ebe7ad8-e15c-4014-bfb3-be69b7d5de88/0/C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4.mft Manifest number: 034F Signing time: Fri 05 Sep 2025 22:01:53 +0000 Manifest this update: Fri 05 Sep 2025 21:56:53 +0000 Manifest next update: Tue 09 Sep 2025 04:12:53 +0000 Files and hashes: 1: C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4.crl (hash: opyk26RP/5X3CSNF33kqHeVw4dycdTjaSJfASVZPYZs=) 2: 3130332e3136312e37322e302f32342d3234203d3e203538333738.roa (hash: WHyXZiHm1tFrwAXrz4brauNseb8V8ZMQneoiM0eZr/g=) 3: 3130332e3136312e37332e302f32342d3234203d3e203538333738.roa (hash: N58UqlFMp748Khi3FbSfGS0G+XtsfGGuqPSO+3bYMNA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/9ebe7ad8-e15c-4014-bfb3-be69b7d5de88/0/C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4.crl rsync://repo-rpki.idnic.net/repo/9ebe7ad8-e15c-4014-bfb3-be69b7d5de88/0/C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 04:12:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:e6:2a:4a:3f:df:18:9b:d4:38:a9:c2:92:2b:24:78:97:49:25:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4 Validity Not Before: Sep 5 21:56:53 2025 GMT Not After : Sep 9 04:12:53 2025 GMT Subject: CN=6958DBF64A71BEA30D7CBD7F7B597797314B04E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:a4:9f:67:21:3a:db:f1:d3:05:85:cd:3a:5e: 5f:e0:77:21:ce:e8:ec:c0:ac:88:42:f5:08:33:3f: 5f:13:d6:f6:7d:ea:e2:7c:11:d5:91:19:b9:f4:4a: 78:e3:a4:bb:ab:3d:0e:c0:86:9b:55:57:6b:be:da: 07:c0:d8:81:b7:a9:80:ac:cb:6a:23:53:8d:36:e7: 76:1f:9d:55:f4:f9:58:48:04:64:8a:97:70:73:65: dd:d0:8e:4d:eb:24:d5:75:52:cf:91:61:5f:d2:06: 93:d4:45:0b:a8:e1:65:91:dc:d8:0e:49:88:0a:9c: 03:0e:62:96:ec:27:ee:08:f4:01:73:49:e8:f8:7a: 24:66:b0:5e:fe:50:a6:62:a8:41:c4:8a:56:52:db: 34:93:4a:2b:3a:0c:d8:22:3a:61:e1:a8:86:65:3e: cd:36:99:ef:32:a2:c3:57:9d:63:d1:23:0e:08:f4: ba:5a:2e:2c:9b:3f:9f:04:38:bf:f5:d9:c7:ce:4a: 18:35:ef:d4:e5:30:8d:4c:d0:b7:d3:6a:2d:4d:67: 8c:c8:d6:3e:65:72:6c:ad:83:6f:fb:22:46:cf:1f: 62:47:21:93:ee:57:16:5a:f6:2f:68:13:c8:30:a9: 36:14:74:7c:a5:92:bc:6a:55:76:27:08:2b:26:73: d5:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:58:DB:F6:4A:71:BE:A3:0D:7C:BD:7F:7B:59:77:97:31:4B:04:E2 X509v3 Authority Key Identifier: keyid:C2:0D:D3:7A:F0:EF:3C:A0:55:DF:DF:8F:3F:5D:18:F0:81:81:96:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/9ebe7ad8-e15c-4014-bfb3-be69b7d5de88/0/C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9ebe7ad8-e15c-4014-bfb3-be69b7d5de88/0/C20DD37AF0EF3CA055DFDF8F3F5D18F0818196F4.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a7:62:03:4b:a4:51:0e:fa:8e:5b:7d:f1:06:e3:e0:16:f9:52: d9:ca:fc:f5:73:ed:54:9f:62:bf:58:fb:cd:ad:79:22:26:78: d2:ae:44:18:09:66:74:80:b2:8d:78:ab:59:50:2e:88:1b:c7: d0:2b:00:c6:58:3e:5e:6b:c1:a8:c1:14:4a:c2:d2:cb:db:fb: 2c:62:1d:4c:e8:e0:47:7f:a8:fe:69:a6:cc:d6:fc:95:22:fb: 87:86:55:11:70:b2:5b:4a:8b:81:a0:bf:77:84:7e:0a:03:9f: 09:90:f3:b1:54:ae:96:41:89:c5:55:05:e1:79:3d:a8:7d:29: 76:a4:61:b7:71:67:bc:bb:2b:dd:c6:bb:26:cd:c9:ee:86:16: 92:35:23:e9:ac:23:d8:8b:a5:c7:36:f1:e2:bf:e9:ea:90:a3: 71:93:66:0d:26:ce:1e:e0:24:64:e4:ff:5d:f2:cc:f0:ba:0f: 30:37:cc:2b:75:f3:b8:a4:03:38:6d:22:10:a4:98:a1:67:bd: 93:ce:cb:90:9e:40:e7:bd:b7:6c:4e:8c:b7:61:50:07:81:f0: 00:a3:70:d1:7c:72:41:cd:5a:c5:06:ba:83:10:f1:ec:96:f9: 64:5d:23:d8:ff:b7:a0:5d:4c:66:0e:de:2d:e8:fc:47:ff:70: b5:fd:28:c2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUUeYqSj/fGJvUOKnCkiskeJdJJZEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzIwREQzN0FGMEVGM0NBMDU1REZERjhGM0Y1RDE4RjA4 MTgxOTZGNDAeFw0yNTA5MDUyMTU2NTNaFw0yNTA5MDkwNDEyNTNaMDMxMTAvBgNV BAMTKDY5NThEQkY2NEE3MUJFQTMwRDdDQkQ3RjdCNTk3Nzk3MzE0QjA0RTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFpJ9nITrb8dMFhc06Xl/gdyHO 6OzArIhC9QgzP18T1vZ96uJ8EdWRGbn0SnjjpLurPQ7AhptVV2u+2gfA2IG3qYCs y2ojU40253YfnVX0+VhIBGSKl3BzZd3Qjk3rJNV1Us+RYV/SBpPURQuo4WWR3NgO SYgKnAMOYpbsJ+4I9AFzSej4eiRmsF7+UKZiqEHEilZS2zSTSis6DNgiOmHhqIZl Ps02me8yosNXnWPRIw4I9LpaLiybP58EOL/12cfOShg179TlMI1M0LfTai1NZ4zI 1j5lcmytg2/7IkbPH2JHIZPuVxZa9i9oE8gwqTYUdHylkrxqVXYnCCsmc9W1AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUaVjb9kpxvqMNfL1/e1l3lzFLBOIwHwYDVR0j BBgwFoAUwg3TevDvPKBV39+PP10Y8IGBlvQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 ZWJlN2FkOC1lMTVjLTQwMTQtYmZiMy1iZTY5YjdkNWRlODgvMC9DMjBERDM3QUYw RUYzQ0EwNTVERkRGOEYzRjVEMThGMDgxODE5NkY0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzIwREQzN0FGMEVGM0NBMDU1REZERjhGM0Y1RDE4RjA4MTgx OTZGNC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOWViZTdhZDgtZTE1Yy00MDE0LWJm YjMtYmU2OWI3ZDVkZTg4LzAvQzIwREQzN0FGMEVGM0NBMDU1REZERjhGM0Y1RDE4 RjA4MTgxOTZGNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKdiA0ukUQ76jlt98Qbj4Bb5UtnK/PVz7VSf Yr9Y+82teSImeNKuRBgJZnSAso14q1lQLogbx9ArAMZYPl5rwajBFErC0svb+yxi HUzo4Ed/qP5ppszW/JUi+4eGVRFwsltKi4Ggv3eEfgoDnwmQ87FUrpZBicVVBeF5 Pah9KXakYbdxZ7y7K93GuybNye6GFpI1I+msI9iLpcc28eK/6eqQo3GTZg0mzh7g JGTk/13yzPC6DzA3zCt187ikAzhtIhCkmKFnvZPOy5CeQOe9t2xOjLdhUAeB8ACj cNF8ckHNWsUGuoMQ8eyW+WRdI9j/t6BdTGYO3i3o/Ef/cLX9KMI= -----END CERTIFICATE-----Generated at Sun Sep 7 15:34:22 2025 by rpki-client