$ rpki-client -vvf repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft File: BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft (raw, json) Hash identifier: QG0Lc2EQMrA7dujBsEOT8tLP1nW8T3Fa8gl4CHowti8= Subject key identifier: 08:68:02:3C:53:B7:65:8A:1B:7C:F2:17:F3:E5:85:27:09:B8:9C:E3 Authority key identifier: BD:9B:7A:89:C8:5E:0D:F6:78:6F:5B:D5:1D:4B:7D:96:36:18:23:1A Certificate issuer: /CN=BD9B7A89C85E0DF6786F5BD51D4B7D963618231A Certificate serial: 3206F27419099AD803334D2D8C8A6B30B8C7FC76 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft Manifest number: D2 Signing time: Sat 06 Sep 2025 05:01:09 +0000 Manifest this update: Sat 06 Sep 2025 04:56:09 +0000 Manifest next update: Tue 09 Sep 2025 11:53:09 +0000 Files and hashes: 1: BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl (hash: tWaP2IDaWocntmFtAjP0y9WuYrM2b/plQt5QYetvL8s=) 2: 3135372e32302e3137382e302f32342d3234203d3e20313532343138.roa (hash: t349gF8xh8M32UG8Ruer+VIkvNUKNNfdFe/xLjKGLjs=) 3: 3135372e32302e3137392e302f32342d3234203d3e20313532343138.roa (hash: Z2FYRByoR87CHEnziWjFnKQyuENb6OACYT6R1ULlqwE=) 4: 3135372e32302e3137382e302f32332d3233203d3e20313532343138.roa (hash: Gr1mlE+rzWEpOTNh6WPoTj4w/1KCxiBabRIKttXDzDg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 11:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:06:f2:74:19:09:9a:d8:03:33:4d:2d:8c:8a:6b:30:b8:c7:fc:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD9B7A89C85E0DF6786F5BD51D4B7D963618231A Validity Not Before: Sep 6 04:56:09 2025 GMT Not After : Sep 9 11:53:09 2025 GMT Subject: CN=0868023C53B7658A1B7CF217F3E5852709B89CE3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:f6:41:10:e8:57:17:3e:ce:f1:7e:a7:b5:55: 36:cf:5c:8c:09:fd:2e:25:bc:e8:60:93:0c:56:24: b5:97:45:08:30:40:5d:cf:3b:5c:4f:41:11:c7:a8: 0c:2c:28:65:db:94:0d:d7:00:a5:79:8b:0d:76:71: f3:3e:8f:06:cc:ad:fc:b1:22:32:12:87:0e:ed:2d: 06:f8:80:a3:55:36:3c:4d:8f:57:dc:73:f1:0a:83: 07:02:de:74:5f:a3:da:4a:6b:b8:97:c7:c7:a7:af: 09:ae:82:78:50:69:7e:e7:77:10:ef:27:03:84:be: 34:f2:45:8c:4d:6c:e5:83:05:ee:5f:71:ab:60:1b: 54:fe:19:60:bb:6f:03:fb:f7:5a:76:38:e1:f2:e2: 8c:16:f7:b9:4b:89:25:61:87:3b:ac:20:60:bf:a9: f7:54:f1:02:09:f8:38:c4:f2:96:32:88:6d:e6:38: f2:4a:00:b6:44:b7:68:4e:00:96:91:6c:6d:04:d8: b5:82:a8:78:05:b4:f2:bb:41:55:f7:12:e3:d4:2d: a7:d6:9e:58:17:4a:fc:e3:5c:f8:26:82:83:ea:bf: 71:57:58:a2:fa:87:d5:45:1a:6a:b2:82:64:72:27: c8:83:7e:3e:a9:5a:5d:73:43:51:a5:db:ad:f4:a7: 6f:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:68:02:3C:53:B7:65:8A:1B:7C:F2:17:F3:E5:85:27:09:B8:9C:E3 X509v3 Authority Key Identifier: keyid:BD:9B:7A:89:C8:5E:0D:F6:78:6F:5B:D5:1D:4B:7D:96:36:18:23:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:b6:05:d1:7b:06:5e:f3:0c:f5:5c:f4:8a:e5:58:8a:13:28: 35:c8:17:d3:a4:d4:c6:31:c0:ec:ef:11:bd:ca:13:c0:1e:6a: ca:7f:79:c8:58:3b:86:e4:73:b4:5d:32:03:52:b3:d0:63:68: 9a:04:dc:e3:00:88:b4:c6:b1:4a:2d:4a:06:ad:37:61:98:ff: 26:0a:15:54:d6:43:8e:05:e0:d8:09:c1:27:a0:66:6b:a1:81: 39:30:be:8b:f7:5a:7b:53:8f:fa:f4:12:13:04:6a:0c:49:dd: 19:47:d4:66:17:c7:fb:ce:97:57:51:cb:b4:0e:70:7c:d7:dc: ed:38:5d:eb:75:24:e5:e1:11:94:89:53:6f:1d:d4:71:ab:66: e5:4b:0d:6f:27:ce:43:e9:37:71:d2:ea:ea:3a:3f:0c:79:4f: 6d:47:d2:77:55:cc:58:bc:4c:04:36:35:2b:fb:f0:79:4c:61: 39:f6:08:19:3b:26:eb:46:4c:b3:a1:c6:47:e6:b0:56:39:f7: 62:37:c4:11:0d:89:70:8c:f0:e1:87:bb:30:11:0d:59:cd:bc: 60:0e:92:dc:8f:37:f3:df:03:42:48:1d:68:78:69:b8:7e:c0: 50:41:73:ed:22:4a:93:c9:dd:74:ee:9f:1f:04:b7:98:23:c6: 21:98:0d:0b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMgbydBkJmtgDM00tjIprMLjH/HYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdEOTYz NjE4MjMxQTAeFw0yNTA5MDYwNDU2MDlaFw0yNTA5MDkxMTUzMDlaMDMxMTAvBgNV BAMTKDA4NjgwMjNDNTNCNzY1OEExQjdDRjIxN0YzRTU4NTI3MDlCODlDRTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG9kEQ6FcXPs7xfqe1VTbPXIwJ /S4lvOhgkwxWJLWXRQgwQF3PO1xPQRHHqAwsKGXblA3XAKV5iw12cfM+jwbMrfyx IjIShw7tLQb4gKNVNjxNj1fcc/EKgwcC3nRfo9pKa7iXx8enrwmugnhQaX7ndxDv JwOEvjTyRYxNbOWDBe5fcatgG1T+GWC7bwP791p2OOHy4owW97lLiSVhhzusIGC/ qfdU8QIJ+DjE8pYyiG3mOPJKALZEt2hOAJaRbG0E2LWCqHgFtPK7QVX3EuPULafW nlgXSvzjXPgmgoPqv3FXWKL6h9VFGmqygmRyJ8iDfj6pWl1zQ1Gl2630p2+xAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUCGgCPFO3ZYobfPIX8+WFJwm4nOMwHwYDVR0j BBgwFoAUvZt6icheDfZ4b1vVHUt9ljYYIxowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MzYwNjZlOC04ZTE5LTRkZTctOTQ3Yi05NGVlM2NkMDlmODUvMC9CRDlCN0E4OUM4 NUUwREY2Nzg2RjVCRDUxRDRCN0Q5NjM2MTgyMzFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdEOTYzNjE4 MjMxQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjM2MDY2ZTgtOGUxOS00ZGU3LTk0 N2ItOTRlZTNjZDA5Zjg1LzAvQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdE OTYzNjE4MjMxQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKO2BdF7Bl7zDPVc9IrlWIoTKDXIF9Ok1MYx wOzvEb3KE8Aeasp/echYO4bkc7RdMgNSs9BjaJoE3OMAiLTGsUotSgatN2GY/yYK FVTWQ44F4NgJwSegZmuhgTkwvov3WntTj/r0EhMEagxJ3RlH1GYXx/vOl1dRy7QO cHzX3O04Xet1JOXhEZSJU28d1HGrZuVLDW8nzkPpN3HS6uo6Pwx5T21H0ndVzFi8 TAQ2NSv78HlMYTn2CBk7JutGTLOhxkfmsFY592I3xBENiXCM8OGHuzARDVnNvGAO ktyPN/PfA0JIHWh4abh+wFBBc+0iSpPJ3XTunx8Et5gjxiGYDQs= -----END CERTIFICATE-----Generated at Mon Sep 8 05:35:22 2025 by rpki-client