$ rpki-client -vvf repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft File: 67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft (raw, json) Hash identifier: YtZelvzyJK0h1zhq+NrMGCVcgz6mg4e5Q7BM4wnkmh0= Subject key identifier: 23:4D:9F:A3:C7:F2:04:93:6E:FC:F0:71:90:39:3E:59:76:D9:54:69 Authority key identifier: 67:A4:28:D3:DC:89:DD:EF:5B:E7:AC:43:FB:7C:88:17:5E:C3:87:1F Certificate issuer: /CN=67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F Certificate serial: 7C64CFAF987F9F0231C65015929747648AA2FF4F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft Manifest number: 01CA Signing time: Sat 18 Oct 2025 21:31:21 +0000 Manifest this update: Sat 18 Oct 2025 21:26:21 +0000 Manifest next update: Tue 21 Oct 2025 21:53:21 +0000 Files and hashes: 1: 3130332e35392e39342e302f32332d3234203d3e20313336303532.roa (hash: 8iEgHOEIqDfpr7gSt8jxyho1deCIzw83qW565uPVSgs=) 2: 67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.crl (hash: +uNtA/E8VkSLGk0/TyVFNWj99wR+A9R1JmGrDt1WPFE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.crl rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Oct 2025 21:53:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:64:cf:af:98:7f:9f:02:31:c6:50:15:92:97:47:64:8a:a2:ff:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F Validity Not Before: Oct 18 21:26:21 2025 GMT Not After : Oct 21 21:53:21 2025 GMT Subject: CN=234D9FA3C7F204936EFCF07190393E5976D95469 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:dd:0b:d5:90:06:96:06:b0:03:8d:0e:76:65: c9:f8:42:f6:8a:73:70:00:70:90:d1:50:a1:ed:65: 2e:dc:70:7a:86:e5:05:3f:ce:7e:ee:d7:b5:dd:ac: df:80:9e:40:01:ae:43:6f:33:b3:e9:63:67:26:bf: c1:e6:5a:36:cf:59:e7:3b:44:55:2f:7b:a9:6c:16: 19:66:5a:1a:77:5d:c3:6a:60:e6:6b:17:f8:41:84: 5c:74:cf:2c:e7:17:f5:a3:0e:38:75:eb:66:36:b4: 3b:4c:62:5d:39:76:63:23:6f:ad:d3:3b:0d:02:b0: 29:79:57:3b:dc:f5:9d:5f:4c:49:a5:89:81:45:29: ba:2a:e5:bf:3e:7d:97:a2:8b:68:b2:7d:26:fe:59: d6:28:70:34:12:b8:50:40:65:bb:8f:9a:b6:3f:5d: 17:5a:dd:69:76:05:2c:1e:d6:8f:7b:72:19:d7:68: 2a:89:4c:25:ea:f5:c3:83:0a:b2:6d:50:6f:bb:5e: 94:2a:42:58:e4:4a:aa:7b:9c:7d:fd:43:48:bd:d9: f7:30:1e:ac:42:1f:cb:29:f8:04:88:45:2e:40:37: f6:b3:e3:b2:e8:a0:69:7b:7a:2f:7c:81:92:41:6c: 72:ea:cd:8d:54:18:11:c2:7f:46:8d:b4:ee:77:2b: 0e:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:4D:9F:A3:C7:F2:04:93:6E:FC:F0:71:90:39:3E:59:76:D9:54:69 X509v3 Authority Key Identifier: keyid:67:A4:28:D3:DC:89:DD:EF:5B:E7:AC:43:FB:7C:88:17:5E:C3:87:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:a8:83:5d:c0:4c:e2:60:3d:66:1e:ba:0f:d0:04:d0:27:30: 57:84:9d:16:17:f3:ad:b2:d9:03:c5:c0:06:ee:5a:e4:7e:d5: e8:ad:7f:3b:d9:bf:8d:0c:72:32:75:ff:c3:6c:19:e4:bd:71: e2:ad:3d:70:52:00:5a:db:75:4f:06:27:fe:65:2a:c4:7d:96: 7d:78:a2:91:e7:73:f0:29:44:62:68:b5:c1:00:d6:9a:1a:67: f5:b5:71:8b:13:fd:4f:53:99:36:83:d1:b4:5d:71:63:b8:86: cb:81:fb:a6:46:40:de:ef:84:73:8c:12:43:b6:45:4b:21:c8: 14:51:d8:3a:6d:0f:1d:a3:d2:d3:66:90:20:26:20:be:d3:1c: 31:12:ab:2b:cc:a8:86:9e:e0:0c:c1:01:2b:ec:2f:6c:cb:61: 02:94:d9:74:a4:32:a5:ac:4d:c2:b1:03:9d:53:e3:9e:ef:88: f2:98:05:31:58:6e:6b:31:81:99:f5:a2:60:f5:b6:5d:33:cc: 64:53:94:5a:17:d2:23:66:6e:f3:91:92:e5:4c:c9:a5:0d:de: bd:91:29:02:69:b6:6e:59:0c:85:95:c1:c1:55:dc:18:5f:d8: 1e:e4:7d:1e:dc:6c:d3:6c:75:e2:f8:a9:0a:2c:ab:85:4a:d9: 8d:5b:78:08 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfGTPr5h/nwIxxlAVkpdHZIqi/08wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjdBNDI4RDNEQzg5RERFRjVCRTdBQzQzRkI3Qzg4MTc1 RUMzODcxRjAeFw0yNTEwMTgyMTI2MjFaFw0yNTEwMjEyMTUzMjFaMDMxMTAvBgNV BAMTKDIzNEQ5RkEzQzdGMjA0OTM2RUZDRjA3MTkwMzkzRTU5NzZEOTU0NjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC13QvVkAaWBrADjQ52Zcn4QvaK c3AAcJDRUKHtZS7ccHqG5QU/zn7u17XdrN+AnkABrkNvM7PpY2cmv8HmWjbPWec7 RFUve6lsFhlmWhp3XcNqYOZrF/hBhFx0zyznF/WjDjh162Y2tDtMYl05dmMjb63T Ow0CsCl5Vzvc9Z1fTEmliYFFKboq5b8+fZeii2iyfSb+WdYocDQSuFBAZbuPmrY/ XRda3Wl2BSwe1o97chnXaCqJTCXq9cODCrJtUG+7XpQqQljkSqp7nH39Q0i92fcw HqxCH8sp+ASIRS5AN/az47LooGl7ei98gZJBbHLqzY1UGBHCf0aNtO53Kw5tAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUI02fo8fyBJNu/PBxkDk+WXbZVGkwHwYDVR0j BBgwFoAUZ6Qo09yJ3e9b56xD+3yIF17Dhx8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NjZhOGYyOC05YTAzLTQzNzYtYjYxMi0zMWY1YWQxYzFlZDYvMC82N0E0MjhEM0RD ODlEREVGNUJFN0FDNDNGQjdDODgxNzVFQzM4NzFGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjdBNDI4RDNEQzg5RERFRjVCRTdBQzQzRkI3Qzg4MTc1RUMz ODcxRi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTY2YThmMjgtOWEwMy00Mzc2LWI2 MTItMzFmNWFkMWMxZWQ2LzAvNjdBNDI4RDNEQzg5RERFRjVCRTdBQzQzRkI3Qzg4 MTc1RUMzODcxRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABeog13ATOJgPWYeug/QBNAnMFeEnRYX862y 2QPFwAbuWuR+1eitfzvZv40McjJ1/8NsGeS9ceKtPXBSAFrbdU8GJ/5lKsR9ln14 opHnc/ApRGJotcEA1poaZ/W1cYsT/U9TmTaD0bRdcWO4hsuB+6ZGQN7vhHOMEkO2 RUshyBRR2DptDx2j0tNmkCAmIL7THDESqyvMqIae4AzBASvsL2zLYQKU2XSkMqWs TcKxA51T457viPKYBTFYbmsxgZn1omD1tl0zzGRTlFoX0iNmbvORkuVMyaUN3r2R KQJptm5ZDIWVwcFV3Bhf2B7kfR7cbNNsdeL4qQosq4VK2Y1beAg= -----END CERTIFICATE-----Generated at Mon Oct 20 10:22:38 2025 by rpki-client