$ rpki-client -vvf repo-rpki.idnic.net/repo/04fd4bc2-41d4-42e6-a7ff-59493885126a/0/DF1CEA0313DA7500D70AE089169B4BBEE54CA859.mft File: DF1CEA0313DA7500D70AE089169B4BBEE54CA859.mft (raw, json) Hash identifier: dGacML57P+2xXn8GWE0eh1KSvSAN0VZjasjJR3/Bztg= Subject key identifier: 36:3B:EE:25:03:BD:B3:45:BD:53:6B:61:44:B2:45:25:DA:F8:CA:E5 Authority key identifier: DF:1C:EA:03:13:DA:75:00:D7:0A:E0:89:16:9B:4B:BE:E5:4C:A8:59 Certificate issuer: /CN=DF1CEA0313DA7500D70AE089169B4BBEE54CA859 Certificate serial: 7D173926186A4B46DBEE9FED31A60E88A8C968F1 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF1CEA0313DA7500D70AE089169B4BBEE54CA859.cer Subject info access: rsync://repo-rpki.idnic.net/repo/04fd4bc2-41d4-42e6-a7ff-59493885126a/0/DF1CEA0313DA7500D70AE089169B4BBEE54CA859.mft Manifest number: 0558 Signing time: Tue 24 Mar 2026 09:01:32 +0000 Manifest this update: Tue 24 Mar 2026 08:56:32 +0000 Manifest next update: Fri 27 Mar 2026 14:00:32 +0000 Files and hashes: 1: DF1CEA0313DA7500D70AE089169B4BBEE54CA859.crl (hash: pJPKMcto7pQH9z30Z370mfmp5XPt3c+0WVHszMB2T4M=) 2: 3130332e31342e3131302e302f32332d3234203d3e203536323333.roa (hash: tDRK/Vdz8u2hhC9LdyJ4AT+BwDcg/REr12fUhDIA9Bo=) 3: 3132302e38392e39342e302f32332d3234203d3e203536323333.roa (hash: dkwLIgjutNqyS1fEiwY5jB8EjSSH9/0tY66Lo4b2moY=) 4: 3139322e3134302e3232342e302f32332d3234203d3e203536323333.roa (hash: BlXsQ1QjfVoT6J0SDJFst3KLhMp6LiWyqHWFZlBXj2o=) 5: 34332e3235322e3134342e302f32332d3234203d3e203536323333.roa (hash: u7MPei7+iN4f1OLKumfeRBmfOe2wgHqRvP7yaGUByuA=) 6: 3130332e3233332e38382e302f32332d3234203d3e203536323333.roa (hash: 7Q0dwA0Rc1pnpyLnXxos7sM1Wj4t+yMR55gSNZ0dsoU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/04fd4bc2-41d4-42e6-a7ff-59493885126a/0/DF1CEA0313DA7500D70AE089169B4BBEE54CA859.crl rsync://repo-rpki.idnic.net/repo/04fd4bc2-41d4-42e6-a7ff-59493885126a/0/DF1CEA0313DA7500D70AE089169B4BBEE54CA859.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF1CEA0313DA7500D70AE089169B4BBEE54CA859.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 14:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:17:39:26:18:6a:4b:46:db:ee:9f:ed:31:a6:0e:88:a8:c9:68:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF1CEA0313DA7500D70AE089169B4BBEE54CA859 Validity Not Before: Mar 24 08:56:32 2026 GMT Not After : Mar 27 14:00:32 2026 GMT Subject: CN=363BEE2503BDB345BD536B6144B24525DAF8CAE5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:db:90:ba:a9:70:6f:85:66:a8:85:c8:7c:5a: c8:b8:11:f3:82:0b:ea:c9:05:b8:c4:7e:bc:03:65: a9:06:30:8f:d8:28:30:da:3c:8f:1b:7f:1f:3d:3a: 0a:31:77:54:c8:e3:37:33:13:71:29:04:0e:2a:fc: aa:3b:61:cc:1e:93:85:ae:30:08:96:6a:5f:09:ef: ec:87:7d:d5:6d:96:9f:b2:6c:d3:58:bb:6d:70:37: 2d:77:f5:29:aa:15:d6:c4:d0:a3:af:00:92:75:e1: da:4f:24:3c:5c:1b:9b:dd:3e:bc:f8:97:9f:ea:7f: b8:0c:09:1e:ba:37:bd:79:5e:72:47:29:38:32:0e: 3c:55:43:3b:c8:76:e6:fa:59:b8:9c:b0:60:3e:c9: ba:dc:3f:93:23:1a:67:2c:15:fe:9c:8a:ce:e4:1d: 68:16:1e:7b:73:eb:dc:86:99:83:25:8b:01:77:fb: 5b:b6:87:96:e7:3a:a9:bd:94:63:3e:a2:f8:49:ab: ee:b4:bb:46:cc:53:14:4d:aa:a1:70:32:8f:6b:64: c1:ff:f2:1a:69:9a:3d:71:d2:5c:84:26:00:17:f3: 04:d7:45:3f:d7:15:de:82:20:ed:7a:18:c8:8c:4d: d1:e0:95:89:5b:ad:3c:ff:72:6f:c4:ad:1c:09:b3: bc:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:3B:EE:25:03:BD:B3:45:BD:53:6B:61:44:B2:45:25:DA:F8:CA:E5 X509v3 Authority Key Identifier: keyid:DF:1C:EA:03:13:DA:75:00:D7:0A:E0:89:16:9B:4B:BE:E5:4C:A8:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/04fd4bc2-41d4-42e6-a7ff-59493885126a/0/DF1CEA0313DA7500D70AE089169B4BBEE54CA859.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF1CEA0313DA7500D70AE089169B4BBEE54CA859.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/04fd4bc2-41d4-42e6-a7ff-59493885126a/0/DF1CEA0313DA7500D70AE089169B4BBEE54CA859.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:ce:d7:2d:60:d3:be:e5:d5:0d:62:19:1c:cc:6f:f8:80:b1: e1:dc:94:be:46:6f:16:da:64:b4:3c:2b:4a:30:f1:4b:4f:7c: 82:bc:d3:66:d9:62:4e:c8:94:ee:95:d5:e7:6c:1d:98:15:af: b8:34:ce:94:4d:c2:57:88:95:b0:52:b3:5a:87:91:17:b1:79: d8:ac:7b:e3:e1:fc:02:fe:bf:a1:33:4a:f1:11:3a:89:d8:f0: 10:bf:6c:3c:66:d6:50:4e:0a:6e:e9:20:15:8b:8e:02:01:02: 17:74:0a:16:a4:0f:b5:47:ee:7a:53:30:78:9a:06:50:f4:c6: 84:6a:ce:7b:66:ae:6f:a6:3b:db:48:f8:8c:79:09:03:0d:99: 74:15:a6:36:be:38:b3:a1:02:f8:0d:13:7f:1b:89:51:18:8f: 84:5e:25:6e:cd:26:fe:ec:48:b9:c2:12:0f:4a:6a:2f:b3:82: 63:17:38:f9:b1:95:7d:aa:04:c2:14:2b:49:69:a1:51:b2:93: 3a:99:0d:d0:4f:4a:79:17:96:1a:2a:4f:6e:87:d0:03:15:89: 66:b1:8d:f7:75:45:e8:00:38:0e:8d:c5:a7:95:3e:9a:9c:54: 33:85:b4:0d:c2:3a:e8:42:da:cd:c6:74:1d:e5:f4:ff:6b:29: 19:23:4d:3f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfRc5JhhqS0bb7p/tMaYOiKjJaPEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREYxQ0VBMDMxM0RBNzUwMEQ3MEFFMDg5MTY5QjRCQkVF NTRDQTg1OTAeFw0yNjAzMjQwODU2MzJaFw0yNjAzMjcxNDAwMzJaMDMxMTAvBgNV BAMTKDM2M0JFRTI1MDNCREIzNDVCRDUzNkI2MTQ0QjI0NTI1REFGOENBRTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC625C6qXBvhWaohch8Wsi4EfOC C+rJBbjEfrwDZakGMI/YKDDaPI8bfx89Ogoxd1TI4zczE3EpBA4q/Ko7Ycwek4Wu MAiWal8J7+yHfdVtlp+ybNNYu21wNy139SmqFdbE0KOvAJJ14dpPJDxcG5vdPrz4 l5/qf7gMCR66N715XnJHKTgyDjxVQzvIdub6WbicsGA+ybrcP5MjGmcsFf6cis7k HWgWHntz69yGmYMliwF3+1u2h5bnOqm9lGM+ovhJq+60u0bMUxRNqqFwMo9rZMH/ 8hppmj1x0lyEJgAX8wTXRT/XFd6CIO16GMiMTdHglYlbrTz/cm/ErRwJs7xLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUNjvuJQO9s0W9U2thRLJFJdr4yuUwHwYDVR0j BBgwFoAU3xzqAxPadQDXCuCJFptLvuVMqFkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NGZkNGJjMi00MWQ0LTQyZTYtYTdmZi01OTQ5Mzg4NTEyNmEvMC9ERjFDRUEwMzEz REE3NTAwRDcwQUUwODkxNjlCNEJCRUU1NENBODU5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREYxQ0VBMDMxM0RBNzUwMEQ3MEFFMDg5MTY5QjRCQkVFNTRD QTg1OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDRmZDRiYzItNDFkNC00MmU2LWE3 ZmYtNTk0OTM4ODUxMjZhLzAvREYxQ0VBMDMxM0RBNzUwMEQ3MEFFMDg5MTY5QjRC QkVFNTRDQTg1OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAfO1y1g077l1Q1iGRzMb/iAseHclL5Gbxba ZLQ8K0ow8UtPfIK802bZYk7IlO6V1edsHZgVr7g0zpRNwleIlbBSs1qHkRexedis e+Ph/AL+v6EzSvEROonY8BC/bDxm1lBOCm7pIBWLjgIBAhd0ChakD7VH7npTMHia BlD0xoRqzntmrm+mO9tI+Ix5CQMNmXQVpja+OLOhAvgNE38biVEYj4ReJW7NJv7s SLnCEg9Kai+zgmMXOPmxlX2qBMIUK0lpoVGykzqZDdBPSnkXlhoqT26H0AMViWax jfd1RegAOA6NxaeVPpqcVDOFtA3COuhC2s3GdB3l9P9rKRkjTT8= -----END CERTIFICATE-----Generated at Thu Mar 26 10:14:15 2026 by rpki-client