$ rpki-client -vvf repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft File: BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft (raw, json) Hash identifier: zjCo1SozJapHhC6dH24rVc9Ud+zNK3cbW0YFJCHt03M= Subject key identifier: FE:6A:E9:D0:EB:C4:FA:08:20:B8:DB:00:9D:0D:DB:DA:CC:74:BB:BF Authority key identifier: BC:A0:C1:EF:5A:4A:B3:AE:F4:25:E1:5A:B8:9A:19:CD:E5:68:82:44 Certificate issuer: /CN=BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244 Certificate serial: 72A76057755BBD711EC4A6F26B0F72BD75980715 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer Subject info access: rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft Manifest number: CA Signing time: Fri 29 Aug 2025 19:30:55 +0000 Manifest this update: Fri 29 Aug 2025 19:25:55 +0000 Manifest next update: Mon 01 Sep 2025 21:26:55 +0000 Files and hashes: 1: BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.crl (hash: PUxEye7liyVh9hI7bfsrfKu9a90BJGMTPiDidx4jmmE=) 2: 3136302e32302e33382e302f32342d3234203d3e20313532373637.roa (hash: Hz+bwv5TeiqLZz4vHu5RdAv/BqFZcBIfsejW6ExngYw=) 3: 3136302e32302e33392e302f32342d3234203d3e20313532373637.roa (hash: pleM7zjt401D1BJf2sqrcL6s2yWcWR5KklAwpJnySCE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.crl rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 01 Sep 2025 21:26:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:a7:60:57:75:5b:bd:71:1e:c4:a6:f2:6b:0f:72:bd:75:98:07:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244 Validity Not Before: Aug 29 19:25:55 2025 GMT Not After : Sep 1 21:26:55 2025 GMT Subject: CN=FE6AE9D0EBC4FA0820B8DB009D0DDBDACC74BBBF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:be:c2:ef:3c:1a:a7:d1:76:2e:38:62:50:cb: 24:6a:2b:a9:f8:44:1b:cc:ca:4d:3e:6f:f9:04:13: a4:e9:b7:59:0c:1e:92:f2:6d:fa:e3:de:f5:16:0d: 69:32:d3:7d:b2:3b:93:31:f5:9b:fd:09:aa:82:ba: 3a:81:9e:c7:36:38:f5:a5:7a:4c:94:68:92:ba:fa: ed:eb:fe:a2:60:e7:3f:3a:ad:24:96:3c:91:2f:0f: f1:12:25:89:06:01:65:20:2e:02:55:9b:dd:ce:b8: e9:61:bc:fc:56:0b:e3:92:42:ab:5e:53:1b:ae:d4: 03:95:c7:c6:4f:f8:cb:54:ac:8b:8c:a3:d9:af:6f: 1c:bf:c0:7d:5b:0a:41:3b:e9:c1:7e:d9:29:09:80: 96:3d:b0:19:84:4c:7b:0d:f1:f8:c8:08:89:88:61: 61:60:b3:b0:61:ff:86:c9:6b:a6:f6:c9:d6:eb:58: c1:99:52:6d:a7:89:17:d1:ca:28:63:54:72:20:15: 04:9d:e2:df:ce:7a:df:26:dd:da:a1:8d:06:8f:9a: 08:6e:90:23:ca:ad:f4:f5:18:a3:75:3d:9a:8d:84: 04:bc:3f:45:a9:5a:44:95:12:e4:c0:d9:85:27:de: ac:35:a9:4c:aa:c0:58:56:18:6e:0c:c0:7d:29:0b: 46:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:6A:E9:D0:EB:C4:FA:08:20:B8:DB:00:9D:0D:DB:DA:CC:74:BB:BF X509v3 Authority Key Identifier: keyid:BC:A0:C1:EF:5A:4A:B3:AE:F4:25:E1:5A:B8:9A:19:CD:E5:68:82:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:1f:b5:64:6a:ba:db:4e:56:3e:cc:7e:d7:44:15:79:42:2e: ad:c2:5d:0d:7c:22:dc:9e:a8:4d:c9:a1:58:2a:89:bd:5d:e3: e6:0d:f6:7a:82:6a:cd:5a:62:2d:53:28:8e:a4:a9:82:e9:09: 9f:ab:0c:7f:59:3f:29:61:0b:a2:99:df:6d:6b:b1:1e:16:e3: ff:e4:4f:67:95:5e:8c:e1:53:f5:23:d3:75:e5:78:30:2b:26: 88:4d:3a:2d:d3:2a:fa:8e:1c:4f:03:7f:70:66:b8:53:63:21: 6f:ce:cd:67:b4:6c:28:f7:55:21:b2:5c:0e:4b:b3:88:f8:7f: f8:71:68:6e:38:b5:98:cc:cc:f7:4d:94:e4:f1:05:a5:69:21: ba:6e:a9:57:61:3c:11:cf:3b:ce:3f:c7:81:bc:e3:61:99:a3: 17:ee:6e:e8:5e:f9:58:7b:bd:84:13:bb:2f:73:f8:33:f3:a9: 40:c7:0d:4c:8b:cd:19:4d:d7:12:d7:5d:9f:e3:af:60:a8:fa: d8:1d:8e:40:7c:68:7b:1a:47:93:8d:f0:3e:46:97:d1:79:df: a9:2a:55:fa:08:12:2e:e4:13:4a:61:c4:aa:b4:79:f6:6e:50: a7:64:46:ff:87:57:b7:b8:be:b5:d7:f5:6a:0b:3d:fb:d9:0b: 8f:0f:9a:68 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUcqdgV3VbvXEexKbyaw9yvXWYBxUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkNBMEMxRUY1QTRBQjNBRUY0MjVFMTVBQjg5QTE5Q0RF NTY4ODI0NDAeFw0yNTA4MjkxOTI1NTVaFw0yNTA5MDEyMTI2NTVaMDMxMTAvBgNV BAMTKEZFNkFFOUQwRUJDNEZBMDgyMEI4REIwMDlEMEREQkRBQ0M3NEJCQkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMvsLvPBqn0XYuOGJQyyRqK6n4 RBvMyk0+b/kEE6Tpt1kMHpLybfrj3vUWDWky032yO5Mx9Zv9CaqCujqBnsc2OPWl ekyUaJK6+u3r/qJg5z86rSSWPJEvD/ESJYkGAWUgLgJVm93OuOlhvPxWC+OSQqte Uxuu1AOVx8ZP+MtUrIuMo9mvbxy/wH1bCkE76cF+2SkJgJY9sBmETHsN8fjICImI YWFgs7Bh/4bJa6b2ydbrWMGZUm2niRfRyihjVHIgFQSd4t/Oet8m3dqhjQaPmghu kCPKrfT1GKN1PZqNhAS8P0WpWkSVEuTA2YUn3qw1qUyqwFhWGG4MwH0pC0YRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU/mrp0OvE+ggguNsAnQ3b2sx0u78wHwYDVR0j BBgwFoAUvKDB71pKs670JeFauJoZzeVogkQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k ZmU3ZGFjYy0yYjQ1LTQxNDEtOTc3NS1mMWJiOWYwNTIzOTYvMC9CQ0EwQzFFRjVB NEFCM0FFRjQyNUUxNUFCODlBMTlDREU1Njg4MjQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQkNBMEMxRUY1QTRBQjNBRUY0MjVFMTVBQjg5QTE5Q0RFNTY4 ODI0NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGZlN2RhY2MtMmI0NS00MTQxLTk3 NzUtZjFiYjlmMDUyMzk2LzAvQkNBMEMxRUY1QTRBQjNBRUY0MjVFMTVBQjg5QTE5 Q0RFNTY4ODI0NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACMftWRquttOVj7MftdEFXlCLq3CXQ18Itye qE3JoVgqib1d4+YN9nqCas1aYi1TKI6kqYLpCZ+rDH9ZPylhC6KZ321rsR4W4//k T2eVXozhU/Uj03XleDArJohNOi3TKvqOHE8Df3BmuFNjIW/OzWe0bCj3VSGyXA5L s4j4f/hxaG44tZjMzPdNlOTxBaVpIbpuqVdhPBHPO84/x4G842GZoxfubuhe+Vh7 vYQTuy9z+DPzqUDHDUyLzRlN1xLXXZ/jr2Co+tgdjkB8aHsaR5ON8D5Gl9F536kq VfoIEi7kE0phxKq0efZuUKdkRv+HV7e4vrXX9WoLPfvZC48Pmmg= -----END CERTIFICATE-----Generated at Sun Aug 31 10:48:16 2025 by rpki-client