$ rpki-client -vvf repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.mft File: B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.mft (raw, json) Hash identifier: NgZlZYtQaIBK5deQFViZdBJ9LKbNTcSg/Nz2ToWbxtY= Subject key identifier: 3E:0B:07:1E:01:B2:24:BB:10:F0:E2:15:58:9D:FB:1C:55:A0:F9:5E Authority key identifier: B8:C2:A2:B1:B2:11:64:AF:8E:AE:E3:87:C7:D9:A5:D9:4D:4F:83:08 Certificate issuer: /CN=B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308 Certificate serial: 59C1619B6C8DBDCF4F48ED72F3635E46828DF8F9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.mft Manifest number: 01AB Signing time: Sun 07 Sep 2025 05:21:05 +0000 Manifest this update: Sun 07 Sep 2025 05:16:05 +0000 Manifest next update: Wed 10 Sep 2025 09:18:05 +0000 Files and hashes: 1: 3230322e3135392e302e302f31382d3234203d3e2039333430.roa (hash: Juur4GxLWpPp32FXP5B1lQD8F+2wWzZU/lQ5cSimSag=) 2: B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.crl (hash: VKQ8h/PaZev63kas1yV+MtyC0EJ6MSjodU1FYkTY5cg=) 3: 3230322e3135392e35302e302f32332d3234203d3e203435373239.roa (hash: 7LPe2lEj9jSSghBzwzWvEJHD1rdTalK2jKZeyt7h7R0=) 4: 3230322e3135392e39362e302f31392d3234203d3e2039333430.roa (hash: 4CYpX855PsKjE7pRqG0I65N8tDE2yevHm2JcGXCxF84=) 5: 3131372e35342e302e302f31362d3234203d3e2039333430.roa (hash: UieSxZjEvKIMrWcJdH2TDXUustdkDqF4w0J/hh4yLRA=) 6: 3230322e35332e3232342e302f31392d3234203d3e2039333430.roa (hash: cxySA+7GoKy0ZBQ953Jz7wXFE+7U1S6vU/NAFozpO4w=) 7: 3230322e3135332e3232342e302f31392d3234203d3e2039333430.roa (hash: vY8tbOcXriyCtT6FUxDmURMpeDa3xL/alWeAEYVK8DM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.crl rsync://repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 09:18:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:c1:61:9b:6c:8d:bd:cf:4f:48:ed:72:f3:63:5e:46:82:8d:f8:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308 Validity Not Before: Sep 7 05:16:05 2025 GMT Not After : Sep 10 09:18:05 2025 GMT Subject: CN=3E0B071E01B224BB10F0E215589DFB1C55A0F95E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:8f:6c:98:a4:56:f7:79:a1:ac:c6:4a:b9:e5: 5a:3b:59:31:09:25:18:c6:e2:f2:47:b5:1e:f5:41: 83:2e:c0:91:88:a8:de:7a:01:fd:62:4b:44:e3:7b: 52:e4:98:16:3d:3d:d1:c2:1b:f3:bd:eb:49:4b:5a: a7:45:a9:ba:77:84:5e:01:bc:f5:aa:a1:fb:8d:47: 22:ae:c0:2d:b3:6c:1a:06:29:04:15:a5:c6:4e:e7: 15:63:8f:da:e2:ba:49:d7:23:c3:2d:d0:b4:ca:57: fa:bb:05:9e:e3:91:48:16:8e:1c:46:97:c1:2c:53: 20:38:27:17:9c:c7:83:e5:3a:33:11:17:f9:f2:a9: ec:f8:f8:66:b5:0c:cc:93:3a:da:3e:ea:57:56:47: 3d:db:09:d7:bf:a4:a6:a0:a1:5a:bc:5e:0a:aa:39: be:e8:91:38:1b:a7:44:e4:48:35:67:0d:22:38:a7: 39:1f:ca:b1:5f:7d:cd:8d:46:34:67:6e:5f:60:33: 6c:eb:38:16:7d:84:7b:8d:08:cd:6c:ce:ea:11:40: af:77:10:5b:59:d5:a5:ca:d5:47:d3:cb:ad:eb:22: d5:f8:b4:9c:20:a0:ba:b3:27:ee:3c:1a:27:9a:56: bf:70:5c:85:e4:91:33:e0:bc:01:74:02:4e:7d:f0: 53:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:0B:07:1E:01:B2:24:BB:10:F0:E2:15:58:9D:FB:1C:55:A0:F9:5E X509v3 Authority Key Identifier: keyid:B8:C2:A2:B1:B2:11:64:AF:8E:AE:E3:87:C7:D9:A5:D9:4D:4F:83:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e5b1e57e-a0f1-467f-a46f-55a3157b0d65/0/B8C2A2B1B21164AF8EAEE387C7D9A5D94D4F8308.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e3:20:52:c4:c8:de:63:5f:a8:48:0a:c9:b4:45:c5:20:e9:1c: 82:3b:e1:f4:fa:70:2e:72:7c:85:42:b2:6a:b0:56:3e:fc:1e: 85:70:bd:f2:09:59:eb:a3:ca:86:99:d6:64:dc:f6:02:24:4f: a9:80:fe:cb:48:42:ec:3c:0f:e3:33:80:59:4e:b1:d0:17:1d: a8:1f:76:81:e1:49:bb:45:4a:ea:9e:68:1b:a1:66:a0:af:ee: c5:bb:58:ec:12:b3:ad:ae:01:8b:2e:a1:c9:5e:11:45:22:bb: 50:fd:83:72:0b:15:46:de:47:2e:75:19:80:ca:5e:d6:4b:89: 8b:1a:e6:d6:11:ee:47:43:92:3b:c0:2a:a2:cb:3b:15:21:33: 07:04:86:42:b1:05:74:54:75:15:38:3a:cb:2c:e4:f4:95:cd: d2:9f:75:9d:40:f4:9e:23:1f:54:af:14:48:98:24:eb:62:03: 2d:d0:cd:69:17:70:17:a1:3b:c9:a0:92:11:23:90:ce:2c:b1: b1:8c:db:ad:c7:b0:1d:97:7e:63:a1:10:77:5a:19:d1:fb:6f: d1:f8:b2:95:97:a5:d8:52:fa:c7:f9:0e:e2:84:bc:15:b3:81: 0d:40:f8:6b:be:53:4a:8f:5a:29:8f:31:3b:30:73:cd:ee:9e: 33:e4:15:e9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUWcFhm2yNvc9PSO1y82NeRoKN+PkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjhDMkEyQjFCMjExNjRBRjhFQUVFMzg3QzdEOUE1RDk0 RDRGODMwODAeFw0yNTA5MDcwNTE2MDVaFw0yNTA5MTAwOTE4MDVaMDMxMTAvBgNV BAMTKDNFMEIwNzFFMDFCMjI0QkIxMEYwRTIxNTU4OURGQjFDNTVBMEY5NUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDej2yYpFb3eaGsxkq55Vo7WTEJ JRjG4vJHtR71QYMuwJGIqN56Af1iS0Tje1LkmBY9PdHCG/O960lLWqdFqbp3hF4B vPWqofuNRyKuwC2zbBoGKQQVpcZO5xVjj9riuknXI8Mt0LTKV/q7BZ7jkUgWjhxG l8EsUyA4Jxecx4PlOjMRF/nyqez4+Ga1DMyTOto+6ldWRz3bCde/pKagoVq8Xgqq Ob7okTgbp0TkSDVnDSI4pzkfyrFffc2NRjRnbl9gM2zrOBZ9hHuNCM1szuoRQK93 EFtZ1aXK1UfTy63rItX4tJwgoLqzJ+48GieaVr9wXIXkkTPgvAF0Ak598FN9AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUPgsHHgGyJLsQ8OIVWJ37HFWg+V4wHwYDVR0j BBgwFoAUuMKisbIRZK+OruOHx9ml2U1PgwgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l NWIxZTU3ZS1hMGYxLTQ2N2YtYTQ2Zi01NWEzMTU3YjBkNjUvMC9COEMyQTJCMUIy MTE2NEFGOEVBRUUzODdDN0Q5QTVEOTRENEY4MzA4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjhDMkEyQjFCMjExNjRBRjhFQUVFMzg3QzdEOUE1RDk0RDRG ODMwOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZTViMWU1N2UtYTBmMS00NjdmLWE0 NmYtNTVhMzE1N2IwZDY1LzAvQjhDMkEyQjFCMjExNjRBRjhFQUVFMzg3QzdEOUE1 RDk0RDRGODMwOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAOMgUsTI3mNfqEgKybRFxSDpHII74fT6cC5y fIVCsmqwVj78HoVwvfIJWeujyoaZ1mTc9gIkT6mA/stIQuw8D+MzgFlOsdAXHagf doHhSbtFSuqeaBuhZqCv7sW7WOwSs62uAYsuocleEUUiu1D9g3ILFUbeRy51GYDK XtZLiYsa5tYR7kdDkjvAKqLLOxUhMwcEhkKxBXRUdRU4Osss5PSVzdKfdZ1A9J4j H1SvFEiYJOtiAy3QzWkXcBehO8mgkhEjkM4ssbGM263HsB2XfmOhEHdaGdH7b9H4 spWXpdhS+sf5DuKEvBWzgQ1A+Gu+U0qPWimPMTswc83unjPkFek= -----END CERTIFICATE-----Generated at Sun Sep 7 15:13:27 2025 by rpki-client