$ rpki-client -vvf repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft File: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft (raw, json) Hash identifier: hpdXLVaM26Z9tXKIeNdEZqPduhANKUzBx50gZVWhTDI= Subject key identifier: 1D:3A:CB:1F:91:07:A1:22:42:72:67:24:16:67:A2:57:85:DB:2F:20 Authority key identifier: 3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 Certificate issuer: /CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Certificate serial: 41AA865DBCF8BECF6EBA4ACA3ED5D90CA579B260 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft Manifest number: 0490 Signing time: Wed 03 Sep 2025 21:52:19 +0000 Manifest this update: Wed 03 Sep 2025 21:47:19 +0000 Manifest next update: Sun 07 Sep 2025 08:31:19 +0000 Files and hashes: 1: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: q/CV3YIPQOm1aZYip5fIR1K9i7bDSVO+nIFF+ycG0Go=) 2: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: zCUg4ypvv2GlwnHN93OEr6YWYy+0fl7UKwqXyrw+mYs=) 3: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: 0yCL5KXTraWL90iq30pQr9XlRbIvmMrP24hOvDxVdWE=) 4: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: ceA/XjkZTjtckNNE+B0y8t16H7RYtmT+yFrD+MsXpYk=) 5: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: rkHE7dCGWjwiXKSo5AmkFhmGB4j/W88po8KuTJD9fS0=) 6: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: QKBrvi0RsDMYjSNqwszDPfOesbOlEOIHdE8u3xcyVKM=) 7: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl (hash: pz9oreGtsEoWxcex+esqMxfOPclmz6FuMURXJxret5Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Sep 2025 08:31:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:aa:86:5d:bc:f8:be:cf:6e:ba:4a:ca:3e:d5:d9:0c:a5:79:b2:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Validity Not Before: Sep 3 21:47:19 2025 GMT Not After : Sep 7 08:31:19 2025 GMT Subject: CN=1D3ACB1F9107A122427267241667A25785DB2F20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:d2:fe:dc:f9:c3:39:6f:1d:c0:ff:9f:4a:1a: 96:fa:52:53:33:cb:ac:31:b6:b9:23:aa:00:f7:23: 7f:4c:1e:b9:43:c9:27:44:23:8b:71:59:7d:23:7c: b1:a2:76:4d:f1:ff:4c:49:36:bd:72:b5:88:ce:bf: 14:d7:ac:b3:e0:74:8c:77:54:9f:ad:b6:48:c7:44: 68:09:34:99:41:ab:3a:75:5c:99:57:45:2f:c7:f4: a7:f5:9b:ad:6c:d1:da:92:e5:96:84:94:a5:ea:43: 6e:b6:b9:5a:ec:9c:e0:ef:47:b5:19:90:89:7d:2a: 7b:6b:e9:f7:4a:b0:6c:17:9e:e8:cf:93:9a:7d:76: 4e:73:07:4e:14:76:58:b6:4a:1f:06:ac:03:f4:7d: 2a:5d:45:4f:0b:da:94:cd:2a:9a:63:87:c2:2f:a6: 5d:78:29:d4:97:92:1d:bf:85:51:43:f1:44:d3:a7: ea:da:cc:a6:41:d9:6d:6b:7e:9f:bc:2b:3e:81:5c: ee:fd:24:6c:e2:62:3c:15:b6:42:03:bd:85:76:71: fb:d8:6f:9c:10:28:8a:29:12:2f:b6:87:71:04:62: dd:6b:4c:a5:6d:b5:db:ee:dc:db:6b:45:f8:02:73: 45:72:01:cd:16:fb:23:57:52:70:01:cd:60:b4:a7: b9:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:3A:CB:1F:91:07:A1:22:42:72:67:24:16:67:A2:57:85:DB:2F:20 X509v3 Authority Key Identifier: keyid:3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:df:6e:00:04:a5:97:c6:d2:38:ca:80:e1:b8:5a:79:fe:d9: 5d:38:35:58:fd:7f:18:30:d1:29:6b:a6:e2:d9:bc:dd:0a:2a: be:a5:94:cc:c8:f8:09:ce:a8:59:d0:56:e5:aa:83:fb:35:27: ac:bb:d8:d4:3f:40:ce:9e:9e:e3:3b:a6:82:2f:3b:91:a1:9e: 95:c5:26:f3:e6:c7:0f:be:29:f1:a6:a9:e1:81:24:08:a2:a8: ec:77:cf:0e:cd:7b:17:98:52:fc:cf:e6:c7:19:b8:76:67:ce: 88:b2:bd:ff:0c:f4:8f:bc:03:05:90:cd:5f:52:b5:a5:d7:73: 4f:1f:8c:c5:90:e4:21:f2:f8:62:02:ae:4e:3e:c8:cd:dd:98: aa:25:9d:ae:33:65:4a:89:8c:8c:8d:f2:ff:4b:3d:ca:94:b2: 67:94:a1:5f:69:b2:72:2c:77:03:b5:0f:84:46:a8:b2:76:12: 21:e8:e4:1c:2d:ee:c5:6a:92:ba:93:1d:76:0e:c0:05:06:c2: b9:5e:8d:55:cc:2a:2d:b9:45:80:d1:87:47:2f:b3:67:99:dc: 4d:6e:04:28:63:00:b8:39:51:3f:e6:ee:f1:d0:7a:d0:35:5f: db:cf:2d:f5:43:92:56:2e:3a:66:06:b1:75:0e:87:77:e6:a8: 5b:f9:dc:2d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQaqGXbz4vs9uukrKPtXZDKV5smAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFE QzlBMTI2OTAeFw0yNTA5MDMyMTQ3MTlaFw0yNTA5MDcwODMxMTlaMDMxMTAvBgNV BAMTKDFEM0FDQjFGOTEwN0ExMjI0MjcyNjcyNDE2NjdBMjU3ODVEQjJGMjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg0v7c+cM5bx3A/59KGpb6UlMz y6wxtrkjqgD3I39MHrlDySdEI4txWX0jfLGidk3x/0xJNr1ytYjOvxTXrLPgdIx3 VJ+ttkjHRGgJNJlBqzp1XJlXRS/H9Kf1m61s0dqS5ZaElKXqQ262uVrsnODvR7UZ kIl9Kntr6fdKsGwXnujPk5p9dk5zB04Udli2Sh8GrAP0fSpdRU8L2pTNKppjh8Iv pl14KdSXkh2/hVFD8UTTp+razKZB2W1rfp+8Kz6BXO79JGziYjwVtkIDvYV2cfvY b5wQKIopEi+2h3EEYt1rTKVttdvu3NtrRfgCc0VyAc0W+yNXUnABzWC0p7ltAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUHTrLH5EHoSJCcmckFmeiV4XbLyAwHwYDVR0j BBgwFoAUPRPG+52yLOE0cGMlNXwg4dyaEmkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZDFlZTVlMi0zMzhjLTRkMjAtODA3ZS1lNTBiNzU1ODNkYjgvMC8zRDEzQzZGQjlE QjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURDOUExMjY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFEQzlB MTI2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmQxZWU1ZTItMzM4Yy00ZDIwLTgw N2UtZTUwYjc1NTgzZGI4LzAvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIw RTFEQzlBMTI2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABjfbgAEpZfG0jjKgOG4Wnn+2V04NVj9fxgw 0SlrpuLZvN0KKr6llMzI+AnOqFnQVuWqg/s1J6y72NQ/QM6enuM7poIvO5GhnpXF JvPmxw++KfGmqeGBJAiiqOx3zw7NexeYUvzP5scZuHZnzoiyvf8M9I+8AwWQzV9S taXXc08fjMWQ5CHy+GICrk4+yM3dmKolna4zZUqJjIyN8v9LPcqUsmeUoV9psnIs dwO1D4RGqLJ2EiHo5Bwt7sVqkrqTHXYOwAUGwrlejVXMKi25RYDRh0cvs2eZ3E1u BChjALg5UT/m7vHQetA1X9vPLfVDklYuOmYGsXUOh3fmqFv53C0= -----END CERTIFICATE-----Generated at Fri Sep 5 10:29:31 2025 by rpki-client