$ rpki-client -vvf repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft File: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft (raw, json) Hash identifier: oCK5nIT5ClEKDq+cXn3pK8fDWKBrbyMbp1Sy6mYFw04= Subject key identifier: CA:2E:4D:A9:8F:DB:F3:7B:07:42:CC:25:BC:2E:54:64:42:4E:98:4C Authority key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Certificate issuer: /CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Certificate serial: 27C6B01FB4141D618D965897CEB726C436F1EADD Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft Manifest number: 0111 Signing time: Tue 24 Mar 2026 13:22:06 +0000 Manifest this update: Tue 24 Mar 2026 13:17:06 +0000 Manifest next update: Fri 27 Mar 2026 22:12:06 +0000 Files and hashes: 1: 3136302e32322e31332e302f32342d3234203d3e20313532373935.roa (hash: CjQ8LjHFMEFZAKqjfhXd2Dui1+KhZzwEUkNHDbRDo5c=) 2: 3136302e32322e31322e302f32342d3234203d3e20313532373935.roa (hash: kSF1VyQJjpek8Mf3gy+lWICO98IQh62K2L543jgKTUA=) 3: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl (hash: T5pubOQAq1AF5ICZD5Ps+mahLW5/sRvphFz1IeMUzZo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 22:12:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:c6:b0:1f:b4:14:1d:61:8d:96:58:97:ce:b7:26:c4:36:f1:ea:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Validity Not Before: Mar 24 13:17:06 2026 GMT Not After : Mar 27 22:12:06 2026 GMT Subject: CN=CA2E4DA98FDBF37B0742CC25BC2E5464424E984C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:80:6f:fb:10:fc:09:6d:81:34:5e:55:24:97: 29:73:db:7c:c8:83:8d:62:c4:52:e8:cb:42:c6:01: ab:16:83:d8:1c:10:5e:a5:8a:0d:1a:8d:b0:a1:78: 2d:aa:8e:fd:cf:c1:4a:ef:9b:b1:4f:97:81:7c:9d: 5b:45:36:52:20:4e:31:59:0e:78:59:b6:d0:3b:fa: 86:cb:6f:16:5d:30:03:4a:a9:9c:a6:4d:2c:c3:63: e5:02:d5:68:69:e0:34:dc:73:4e:b2:ab:65:7f:55: cc:8b:6d:be:b1:93:26:65:3a:9b:9a:4b:bf:1f:5e: 1f:2c:af:8d:06:a6:a5:8f:00:8b:ef:60:c5:d9:6b: b3:fa:99:73:45:5c:f7:58:9c:35:5a:5b:68:0e:2a: e9:86:ad:1a:2c:e4:b9:cd:2f:d7:38:af:f9:90:1d: 13:e4:bc:f3:e1:7f:57:4d:bd:84:67:10:1b:99:7a: ed:a7:eb:51:52:b5:5c:62:8b:6c:b9:81:95:f9:2e: 25:cb:10:bd:da:e2:77:2f:2f:21:f3:ba:41:07:a8: da:c5:a8:9f:85:00:6c:fa:17:b3:01:d9:08:50:c2: 92:d4:af:b9:7b:3b:6f:f3:7c:8d:ea:aa:60:b8:59: 48:a0:c1:09:68:d7:e6:f4:47:47:e8:de:15:04:c7: 66:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:2E:4D:A9:8F:DB:F3:7B:07:42:CC:25:BC:2E:54:64:42:4E:98:4C X509v3 Authority Key Identifier: keyid:58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:18:1b:ff:95:39:a7:fe:20:2f:d3:23:37:78:c0:be:d5:33: e6:31:fd:cd:f9:34:f8:fa:eb:35:20:e4:0f:b7:09:6e:f3:3e: 65:30:11:ba:9f:cc:41:10:d1:3d:d3:d0:b2:d4:62:3f:f6:d6: 0e:2e:a1:88:4f:5d:f5:80:46:1d:81:70:7c:cb:18:2c:73:3a: c5:13:26:93:65:a8:3d:a1:d1:2b:11:b6:1f:fa:39:51:49:53: 70:0d:55:e5:fa:f9:28:ea:6a:2a:d4:74:f8:b4:f0:34:03:0f: b2:1f:23:fd:74:be:60:96:d8:e5:51:e7:8d:c4:66:64:cc:d8: 87:9c:b2:8d:8c:54:7c:c9:9f:a0:a3:f6:3f:ec:16:48:76:d9: b4:b2:43:90:af:81:00:a0:26:ff:f5:4e:53:de:f4:8d:96:d4: 72:c3:74:20:fc:e6:6a:a5:4b:41:0f:c3:d8:40:9c:fd:7f:37: e9:b7:4d:1f:35:00:2c:5b:33:eb:96:ce:d7:5a:a6:c0:3d:15: e7:b2:7f:4f:1e:9c:35:cd:0b:29:f0:be:63:58:20:85:15:0e: 78:1b:69:74:b6:1f:22:c6:a2:db:5e:e4:7a:65:84:99:ab:28: 03:b7:1a:60:c9:2d:5c:c6:5b:24:c6:6a:65:66:73:ea:c5:98: f4:a8:17:26 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJ8awH7QUHWGNlliXzrcmxDbx6t0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdF MEU0RDA2OTAeFw0yNjAzMjQxMzE3MDZaFw0yNjAzMjcyMjEyMDZaMDMxMTAvBgNV BAMTKENBMkU0REE5OEZEQkYzN0IwNzQyQ0MyNUJDMkU1NDY0NDI0RTk4NEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrgG/7EPwJbYE0XlUklylz23zI g41ixFLoy0LGAasWg9gcEF6lig0ajbCheC2qjv3PwUrvm7FPl4F8nVtFNlIgTjFZ DnhZttA7+obLbxZdMANKqZymTSzDY+UC1Whp4DTcc06yq2V/VcyLbb6xkyZlOpua S78fXh8sr40GpqWPAIvvYMXZa7P6mXNFXPdYnDVaW2gOKumGrRos5LnNL9c4r/mQ HRPkvPPhf1dNvYRnEBuZeu2n61FStVxii2y5gZX5LiXLEL3a4ncvLyHzukEHqNrF qJ+FAGz6F7MB2QhQwpLUr7l7O2/zfI3qqmC4WUigwQlo1+b0R0fo3hUEx2bnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUyi5NqY/b83sHQswlvC5UZEJOmEwwHwYDVR0j BBgwFoAUWI3Q/OS8JDzJxtaK4E6EZ+Dk0GkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMC81ODhERDBGQ0U0 QkMyNDNDQzlDNkQ2OEFFMDRFODQ2N0UwRTREMDY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdFMEU0 RDA2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDE5OWU1NDEtMTg2MS00ZDZhLThl MjgtYjAyODQ1ODYxNDk2LzAvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0 NjdFMEU0RDA2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAH4YG/+VOaf+IC/TIzd4wL7VM+Yx/c35NPj6 6zUg5A+3CW7zPmUwEbqfzEEQ0T3T0LLUYj/21g4uoYhPXfWARh2BcHzLGCxzOsUT JpNlqD2h0SsRth/6OVFJU3ANVeX6+SjqairUdPi08DQDD7IfI/10vmCW2OVR543E ZmTM2Iecso2MVHzJn6Cj9j/sFkh22bSyQ5CvgQCgJv/1TlPe9I2W1HLDdCD85mql S0EPw9hAnP1/N+m3TR81ACxbM+uWztdapsA9Feeyf08enDXNCynwvmNYIIUVDngb aXS2HyLGotte5HplhJmrKAO3GmDJLVzGWyTGamVmc+rFmPSoFyY= -----END CERTIFICATE-----Generated at Thu Mar 26 17:07:52 2026 by rpki-client