$ rpki-client -vvf repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft File: 645C9D445B2796662EE98A03E50C124F3E962CAB.mft (raw, json) Hash identifier: Yqp9w6QrJWJhJm1RRQg3Z3q6TkKxB+7vK6k28raTq6c= Subject key identifier: BB:14:2D:50:4A:15:D2:84:DD:C2:36:50:10:44:24:E0:0C:0C:01:58 Authority key identifier: 64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB Certificate issuer: /CN=645C9D445B2796662EE98A03E50C124F3E962CAB Certificate serial: 45461ABA45141F7038E47485B23F73EA8178E85E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft Manifest number: 0402 Signing time: Tue 24 Mar 2026 03:21:15 +0000 Manifest this update: Tue 24 Mar 2026 03:16:15 +0000 Manifest next update: Fri 27 Mar 2026 10:26:15 +0000 Files and hashes: 1: 3130332e3130302e3137322e302f32342d3234203d3e20313336383431.roa (hash: SMPg/3qiOryd428jAGKTXmMedIlqTpx2BfnFfzgQnCk=) 2: 3130332e3130302e3137332e302f32342d3234203d3e20313336383431.roa (hash: bgUQl2KKDVdxSEkmrD5bo1yuFXhp8F+vNio9ZlmO2Lc=) 3: 323430313a626534303a3a2f33322d3438203d3e20313336383431.roa (hash: 8QSbauO9NNotVx0xsCiC0xHQEL8XE+fwtGOjSQB5tIM=) 4: 3130332e3130302e3137352e302f32342d3234203d3e20313336383431.roa (hash: IX4uPd9N3SkfP7LEqX7tm7Aw2XVAAH51yq8xtLADMD0=) 5: 645C9D445B2796662EE98A03E50C124F3E962CAB.crl (hash: IU9s7oDaN+EETyNsPBsKyZaF9ydlGGfh10soUcepy74=) 6: 3130332e3130302e3137342e302f32342d3234203d3e20313336383431.roa (hash: +SeGBM9CdtDOWXU9iixLlEgCajKedvFQm/V7StxkJlo=) 7: 323430313a626534303a3130303a3a2f34382d3438203d3e20313336383431.roa (hash: e9MuQpUdmZSWJyLwqKXY1nxQlgwTqEZ4CpPjIrRXOr8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 10:26:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:46:1a:ba:45:14:1f:70:38:e4:74:85:b2:3f:73:ea:81:78:e8:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=645C9D445B2796662EE98A03E50C124F3E962CAB Validity Not Before: Mar 24 03:16:15 2026 GMT Not After : Mar 27 10:26:15 2026 GMT Subject: CN=BB142D504A15D284DDC23650104424E00C0C0158 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c3:67:fe:40:37:51:cf:55:fb:fc:57:d2:2a: 84:fe:a3:7e:df:da:3a:80:69:3e:0d:a6:0b:69:39: 2b:e8:c9:53:9d:db:db:b3:82:61:9c:83:1d:1b:57: 7d:a6:00:f9:a0:9a:5e:7c:d6:30:ee:c8:1b:4d:b4: 0e:84:f0:6a:87:fa:13:ee:0c:92:e2:d3:a2:16:f5: e5:14:fc:40:7f:76:a6:c6:79:3d:20:95:d5:4d:31: fc:f9:9e:9c:8e:e6:61:f2:92:d7:f5:bc:6e:a5:00: 6f:e5:f0:b0:89:a4:bb:1b:25:bc:b6:12:67:68:12: fb:fd:95:cb:c7:49:44:a3:a1:88:5c:8b:e7:5e:6e: b0:32:5e:14:01:4c:ad:4c:2e:65:c4:31:d5:a2:b5: 4b:3d:f1:fd:c9:78:57:36:f9:f5:b2:77:ca:a8:c8: 34:84:a7:3b:f3:31:4b:38:2e:d0:09:1a:79:f1:18: aa:36:e6:4e:2c:3f:74:3d:25:38:eb:e9:0d:94:22: 6a:a7:da:1f:6d:ea:34:5c:5a:fb:af:31:1b:47:89: b9:09:c4:b8:e1:36:a7:e1:70:34:50:6a:5e:bc:35: f7:c7:3b:74:aa:76:c1:dd:cf:1b:b6:44:15:7f:94: 2e:6f:bf:00:f1:0a:8f:ca:ba:08:4b:11:77:d0:0b: 3a:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:14:2D:50:4A:15:D2:84:DD:C2:36:50:10:44:24:E0:0C:0C:01:58 X509v3 Authority Key Identifier: keyid:64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:b7:f0:3a:51:e0:34:8a:e8:e1:c8:79:6f:b9:64:a8:cb:88: 8a:f3:32:55:48:13:5c:2e:12:96:69:b6:73:f1:6b:02:31:5f: b1:ab:68:be:95:db:5c:6c:e3:0a:49:4f:e1:0a:cd:6c:a8:cb: 5e:2c:b8:fd:f0:8b:38:7b:d9:59:80:a8:34:5d:a3:0b:ce:7a: 8f:e7:ba:27:87:2b:31:a0:c8:9d:2e:ad:ff:86:3a:fb:a3:11: f6:4b:21:47:e0:fc:d9:e7:ac:b6:de:24:24:f2:b3:aa:e7:61: 4f:6b:01:48:78:b2:ba:2e:ac:ce:f1:bb:a9:70:d0:06:b0:b9: 06:bd:80:81:4f:9a:2d:96:3e:a1:db:e6:0a:bf:a9:11:d1:64: e7:a0:28:76:c6:ce:33:23:98:82:f4:13:fc:af:e0:d6:66:ff: 11:96:1a:3d:1c:4b:99:d0:e0:43:96:44:e5:fc:ed:cb:52:da: d7:5f:1d:1d:e6:1c:ee:db:ba:f9:a7:ef:5f:3f:f0:d9:78:42: 71:e2:88:48:e0:13:71:9f:26:13:f3:61:38:bd:29:93:76:05: e6:f4:bf:ac:66:5a:50:10:2d:75:15:e5:7c:1c:d4:cd:d5:be: 32:c0:b4:ff:98:42:e5:01:83:4b:79:2d:87:00:7a:6c:39:a6: c4:79:a0:e3 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURUYaukUUH3A45HSFsj9z6oF46F4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYz RTk2MkNBQjAeFw0yNjAzMjQwMzE2MTVaFw0yNjAzMjcxMDI2MTVaMDMxMTAvBgNV BAMTKEJCMTQyRDUwNEExNUQyODREREMyMzY1MDEwNDQyNEUwMEMwQzAxNTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/w2f+QDdRz1X7/FfSKoT+o37f 2jqAaT4NpgtpOSvoyVOd29uzgmGcgx0bV32mAPmgml581jDuyBtNtA6E8GqH+hPu DJLi06IW9eUU/EB/dqbGeT0gldVNMfz5npyO5mHyktf1vG6lAG/l8LCJpLsbJby2 EmdoEvv9lcvHSUSjoYhci+debrAyXhQBTK1MLmXEMdWitUs98f3JeFc2+fWyd8qo yDSEpzvzMUs4LtAJGnnxGKo25k4sP3Q9JTjr6Q2UImqn2h9t6jRcWvuvMRtHibkJ xLjhNqfhcDRQal68NffHO3SqdsHdzxu2RBV/lC5vvwDxCo/KughLEXfQCzopAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUuxQtUEoV0oTdwjZQEEQk4AwMAVgwHwYDVR0j BBgwFoAUZFydRFsnlmYu6YoD5QwSTz6WLKswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NzMwNGI4My0zMGFhLTRiYmYtOWZkNy0yZmNlYWRiZjAwMzAvMC82NDVDOUQ0NDVC Mjc5NjY2MkVFOThBMDNFNTBDMTI0RjNFOTYyQ0FCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYzRTk2 MkNBQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDczMDRiODMtMzBhYS00YmJmLTlm ZDctMmZjZWFkYmYwMDMwLzAvNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEy NEYzRTk2MkNBQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACu38DpR4DSK6OHIeW+5ZKjLiIrzMlVIE1wu EpZptnPxawIxX7GraL6V21xs4wpJT+EKzWyoy14suP3wizh72VmAqDRdowvOeo/n uieHKzGgyJ0urf+GOvujEfZLIUfg/NnnrLbeJCTys6rnYU9rAUh4srourM7xu6lw 0AawuQa9gIFPmi2WPqHb5gq/qRHRZOegKHbGzjMjmIL0E/yv4NZm/xGWGj0cS5nQ 4EOWROX87ctS2tdfHR3mHO7buvmn718/8Nl4QnHiiEjgE3GfJhPzYTi9KZN2Beb0 v6xmWlAQLXUV5Xwc1M3VvjLAtP+YQuUBg0t5LYcAemw5psR5oOM= -----END CERTIFICATE-----Generated at Thu Mar 26 05:47:42 2026 by rpki-client