$ rpki-client -vvf repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft File: 43A0899A11D5A51202F1304338672AF19B201A74.mft (raw, json) Hash identifier: NUhUZwXgDROvrvquZTLIS+biaKQFU349f70ItjcFKpI= Subject key identifier: 4D:22:A9:F3:07:AC:24:6D:66:0C:86:F6:BE:C1:39:FE:7C:09:27:C1 Authority key identifier: 43:A0:89:9A:11:D5:A5:12:02:F1:30:43:38:67:2A:F1:9B:20:1A:74 Certificate issuer: /CN=43A0899A11D5A51202F1304338672AF19B201A74 Certificate serial: 27F3C070D3921357081FA0F7191106ED2FB92101 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/43A0899A11D5A51202F1304338672AF19B201A74.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft Manifest number: 0436 Signing time: Thu 26 Mar 2026 14:32:16 +0000 Manifest this update: Thu 26 Mar 2026 14:27:16 +0000 Manifest next update: Sun 29 Mar 2026 19:48:16 +0000 Files and hashes: 1: 43A0899A11D5A51202F1304338672AF19B201A74.crl (hash: w2Au0ru3GcAq/RVYLDX0rjJHteTCARQ9mbSNt2/GDqM=) 2: 3130332e32392e3231322e302f32322d3234203d3e203538333737.roa (hash: YYshjWJChQ7GjjLm5x5OoEwBOuUfUWvc0tdshb8NzOU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.crl rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/43A0899A11D5A51202F1304338672AF19B201A74.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 19:48:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:f3:c0:70:d3:92:13:57:08:1f:a0:f7:19:11:06:ed:2f:b9:21:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43A0899A11D5A51202F1304338672AF19B201A74 Validity Not Before: Mar 26 14:27:16 2026 GMT Not After : Mar 29 19:48:16 2026 GMT Subject: CN=4D22A9F307AC246D660C86F6BEC139FE7C0927C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:8c:53:48:a8:f5:d0:51:9c:da:95:14:fe:23: 71:8e:17:2a:a6:86:8f:5b:88:25:e8:68:5f:da:e7: c0:cf:a0:30:e9:db:bd:19:d6:2f:b3:11:94:ca:10: 81:d9:e8:aa:1e:1a:98:b5:1f:11:da:b5:57:62:98: 64:1f:89:52:2c:5b:76:a4:4f:d6:0d:9d:e9:09:20: ca:c2:d4:f1:b0:13:d7:4a:5f:47:81:8c:6d:ab:40: ca:23:01:d4:f9:22:25:02:4b:5d:51:ec:d7:14:86: 11:44:35:8a:14:3a:2e:fd:21:bd:3a:c9:68:06:7c: f1:cc:49:5f:55:55:57:3b:91:86:c1:e1:c1:fe:41: a8:b3:63:c9:48:df:fb:38:89:13:3e:0c:d6:83:2c: 35:6e:8b:64:a7:5b:7a:99:e3:0b:6b:fe:87:37:69: b7:d5:b0:e2:a9:6f:8d:1c:c8:36:cb:65:1e:ef:85: ed:1d:2c:b1:2b:fc:57:d3:4f:40:17:70:bc:29:d1: 11:1f:21:67:6a:5a:84:49:b9:b0:e0:b4:3c:bd:37: 33:00:d0:68:5c:03:12:20:2a:5e:77:64:73:b6:03: 42:92:69:f4:a2:c3:49:38:a3:b2:aa:8b:54:9d:eb: d3:ee:d4:03:8c:04:a1:d3:00:e5:23:a4:1d:05:c8: 05:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:22:A9:F3:07:AC:24:6D:66:0C:86:F6:BE:C1:39:FE:7C:09:27:C1 X509v3 Authority Key Identifier: keyid:43:A0:89:9A:11:D5:A5:12:02:F1:30:43:38:67:2A:F1:9B:20:1A:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/43A0899A11D5A51202F1304338672AF19B201A74.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0401b2d1-01ca-40e8-bf77-986159867a04/0/43A0899A11D5A51202F1304338672AF19B201A74.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:ed:19:48:e2:e5:77:c6:dd:25:79:9f:8d:8c:e7:4d:76:23: 54:49:2c:e1:5c:8a:5e:98:d5:92:73:b0:3c:a2:47:7e:ed:77: ad:60:ab:2c:f5:2d:75:bd:53:e0:67:8a:d4:d9:e7:8c:18:b3: ce:dc:2f:fe:ba:dd:b2:f8:a1:9e:60:6e:b1:cc:a1:f0:fc:a7: 1e:b8:0a:b6:2d:c9:50:f0:b3:71:9d:fa:4e:cd:c8:42:07:21: a0:b6:a3:ac:28:42:47:ba:f3:e5:55:41:91:b5:58:85:bf:25: 9d:3f:6f:61:17:8e:5a:f7:04:f1:c3:63:04:44:f9:fd:89:35: 5c:05:a1:d4:f3:ec:cf:f9:64:66:4e:ab:09:2d:8f:a0:ca:0f: 54:59:80:9b:d2:0a:b0:5f:64:f3:4a:1c:7e:53:e2:18:80:43: d3:5e:fd:63:8e:e0:c3:13:fa:82:9f:ff:67:fa:ac:13:fb:f8: a0:54:3d:a3:69:1d:30:fe:b8:73:09:ca:c0:f4:23:08:3e:31: ab:6a:e0:7b:e7:b3:9c:9a:64:c2:c6:dd:45:bb:e0:4f:6a:01: 44:26:a1:bd:5f:a9:ab:c0:d4:65:3b:c9:78:c2:cc:95:e8:9d: 6d:c1:18:bd:2d:d7:a1:29:6c:2e:e2:8e:49:08:51:d0:27:d0: af:35:f1:e5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJ/PAcNOSE1cIH6D3GREG7S+5IQEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDNBMDg5OUExMUQ1QTUxMjAyRjEzMDQzMzg2NzJBRjE5 QjIwMUE3NDAeFw0yNjAzMjYxNDI3MTZaFw0yNjAzMjkxOTQ4MTZaMDMxMTAvBgNV BAMTKDREMjJBOUYzMDdBQzI0NkQ2NjBDODZGNkJFQzEzOUZFN0MwOTI3QzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSjFNIqPXQUZzalRT+I3GOFyqm ho9biCXoaF/a58DPoDDp270Z1i+zEZTKEIHZ6KoeGpi1HxHatVdimGQfiVIsW3ak T9YNnekJIMrC1PGwE9dKX0eBjG2rQMojAdT5IiUCS11R7NcUhhFENYoUOi79Ib06 yWgGfPHMSV9VVVc7kYbB4cH+QaizY8lI3/s4iRM+DNaDLDVui2SnW3qZ4wtr/oc3 abfVsOKpb40cyDbLZR7vhe0dLLEr/FfTT0AXcLwp0REfIWdqWoRJubDgtDy9NzMA 0GhcAxIgKl53ZHO2A0KSafSiw0k4o7Kqi1Sd69Pu1AOMBKHTAOUjpB0FyAU9AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUTSKp8wesJG1mDIb2vsE5/nwJJ8EwHwYDVR0j BBgwFoAUQ6CJmhHVpRIC8TBDOGcq8ZsgGnQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NDAxYjJkMS0wMWNhLTQwZTgtYmY3Ny05ODYxNTk4NjdhMDQvMC80M0EwODk5QTEx RDVBNTEyMDJGMTMwNDMzODY3MkFGMTlCMjAxQTc0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDNBMDg5OUExMUQ1QTUxMjAyRjEzMDQzMzg2NzJBRjE5QjIw MUE3NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDQwMWIyZDEtMDFjYS00MGU4LWJm NzctOTg2MTU5ODY3YTA0LzAvNDNBMDg5OUExMUQ1QTUxMjAyRjEzMDQzMzg2NzJB RjE5QjIwMUE3NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAILtGUji5XfG3SV5n42M5012I1RJLOFcil6Y 1ZJzsDyiR37td61gqyz1LXW9U+BnitTZ54wYs87cL/663bL4oZ5gbrHMofD8px64 CrYtyVDws3Gd+k7NyEIHIaC2o6woQke68+VVQZG1WIW/JZ0/b2EXjlr3BPHDYwRE +f2JNVwFodTz7M/5ZGZOqwktj6DKD1RZgJvSCrBfZPNKHH5T4hiAQ9Ne/WOO4MMT +oKf/2f6rBP7+KBUPaNpHTD+uHMJysD0Iwg+Matq4Hvns5yaZMLG3UW74E9qAUQm ob1fqavA1GU7yXjCzJXonW3BGL0t16EpbC7ijkkIUdAn0K818eU= -----END CERTIFICATE-----Generated at Thu Mar 26 19:27:20 2026 by rpki-client