$ rpki-client -vvf repo-rpki.idnic.net/repo/0c765d51-b0b1-435d-a66b-604c6e5d29ef/0/7470038419B67CD1743CE4D96953077ECE6928FE.mft File: 7470038419B67CD1743CE4D96953077ECE6928FE.mft (raw, json) Hash identifier: nzgmBPGR+uTXEfFTW8c9xOwBrbJNEXQk/SMIrY4DLMQ= Subject key identifier: 28:BC:22:9B:E5:97:2A:4D:D3:2E:01:CB:A4:6C:BC:69:B5:6B:0F:17 Authority key identifier: 74:70:03:84:19:B6:7C:D1:74:3C:E4:D9:69:53:07:7E:CE:69:28:FE Certificate issuer: /CN=7470038419B67CD1743CE4D96953077ECE6928FE Certificate serial: 54554F447C1813A76F0F444FFE73CA01E5FE1B71 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7470038419B67CD1743CE4D96953077ECE6928FE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0c765d51-b0b1-435d-a66b-604c6e5d29ef/0/7470038419B67CD1743CE4D96953077ECE6928FE.mft Manifest number: 0228 Signing time: Tue 24 Mar 2026 14:22:00 +0000 Manifest this update: Tue 24 Mar 2026 14:17:00 +0000 Manifest next update: Sat 28 Mar 2026 01:24:00 +0000 Files and hashes: 1: 7470038419B67CD1743CE4D96953077ECE6928FE.crl (hash: oLDOEpfDhizFzd9r4NkzJKyvOurXGlcKRkfby9fn55A=) 2: 3130332e3135342e35332e302f32342d3234203d3e20313430343739.roa (hash: XMfcxb2cyU/BTawAea91z/0xjspg0vqpK5L29ZTTMeY=) 3: 3130332e3135342e35322e302f32342d3234203d3e20313430343739.roa (hash: tMxmqnyNs+AqUZmzCKA8ba+dMpF5PucwNl1kbWxh19Q=) 4: 323430363a353463303a383030303a3a2f33332d3333203d3e20313430343739.roa (hash: pDyawm8Ut1xJC/Kb1Iiv+fIq9ylWhbkOkOXsv+y8R04=) 5: 323430363a353463303a3a2f33332d3333203d3e20313430343739.roa (hash: PrqwHi6VDGsbOfGzpQVys1jP9vQnIVrI8cB9N7l7cwc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0c765d51-b0b1-435d-a66b-604c6e5d29ef/0/7470038419B67CD1743CE4D96953077ECE6928FE.crl rsync://repo-rpki.idnic.net/repo/0c765d51-b0b1-435d-a66b-604c6e5d29ef/0/7470038419B67CD1743CE4D96953077ECE6928FE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7470038419B67CD1743CE4D96953077ECE6928FE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 01:24:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:55:4f:44:7c:18:13:a7:6f:0f:44:4f:fe:73:ca:01:e5:fe:1b:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7470038419B67CD1743CE4D96953077ECE6928FE Validity Not Before: Mar 24 14:17:00 2026 GMT Not After : Mar 28 01:24:00 2026 GMT Subject: CN=28BC229BE5972A4DD32E01CBA46CBC69B56B0F17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:bb:de:c9:92:c7:97:e7:24:51:3d:40:1f:7e: 7e:f8:7b:7c:bb:9a:94:c5:9f:aa:28:9b:3a:1f:5e: 8d:34:4d:5f:fc:fd:f2:21:ee:6a:77:39:ce:ab:43: 89:dc:fc:2e:94:18:77:e5:59:5f:20:49:af:82:27: ce:ea:42:18:af:b9:bb:97:d1:52:f6:9d:e7:c4:fa: a1:74:db:96:42:83:d7:3f:71:8b:e5:d0:d8:29:43: 6f:c7:01:ec:56:19:4a:c3:39:8f:cf:f1:ff:5c:42: 24:5a:ad:67:4d:97:57:4a:f6:69:0a:de:dd:93:9a: 2c:82:30:a1:44:2b:7c:d0:25:fa:05:d8:e9:3f:ad: 79:ad:32:18:8b:f5:d0:06:e6:e9:49:b3:df:28:7a: 9d:99:e5:44:a2:44:a6:47:02:b6:43:04:6a:65:5e: 58:63:62:fa:80:6a:c8:f1:2b:9d:f5:df:25:23:8b: 00:e7:93:de:89:82:bc:f9:55:82:71:16:8b:77:f9: 8a:08:8b:8d:6c:cc:c3:ef:bb:96:49:5e:e3:5f:b6: db:a4:0a:58:de:b3:07:ca:2d:2e:9b:c6:2a:03:c7: 6a:57:7f:25:a8:18:1d:5f:3e:14:05:35:8d:45:e6: 9c:11:f9:03:f6:d9:62:3f:1b:6b:17:54:45:2b:9d: b1:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:BC:22:9B:E5:97:2A:4D:D3:2E:01:CB:A4:6C:BC:69:B5:6B:0F:17 X509v3 Authority Key Identifier: keyid:74:70:03:84:19:B6:7C:D1:74:3C:E4:D9:69:53:07:7E:CE:69:28:FE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0c765d51-b0b1-435d-a66b-604c6e5d29ef/0/7470038419B67CD1743CE4D96953077ECE6928FE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7470038419B67CD1743CE4D96953077ECE6928FE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0c765d51-b0b1-435d-a66b-604c6e5d29ef/0/7470038419B67CD1743CE4D96953077ECE6928FE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:8b:b3:e0:e4:44:b1:ca:14:fd:e5:06:65:df:38:23:ca:35: ac:07:76:1f:c7:79:72:31:ed:d8:ac:c7:85:4c:1d:4e:b6:95: c9:cc:df:6d:b9:c5:f9:b5:50:d9:06:55:d3:26:ff:b7:6f:6e: a5:d9:d4:00:b9:77:04:9a:76:4f:07:9d:f6:8a:71:e5:10:c3: 52:8c:11:09:4c:54:48:ea:0f:00:49:ea:45:cd:f3:77:fe:e7: 06:a7:3a:5e:fb:91:07:e5:aa:bc:bb:de:dd:6a:fc:a8:61:20: e2:80:21:0b:b6:4e:7d:75:f4:08:fd:8b:d6:e8:fd:18:71:35: 4c:e1:ab:43:af:b8:67:7c:63:6a:8f:c0:d4:41:f8:40:1f:98: 7a:d8:39:6a:f0:a4:1c:12:c0:e1:22:de:c2:7f:87:af:f9:2f: 28:99:3d:71:85:e7:ba:68:64:1f:e7:18:45:6b:7a:91:ef:23: f1:8b:2d:77:e4:38:16:0c:1e:0d:f0:43:a3:ea:ec:ba:84:d3: c8:f1:74:6c:cf:d2:de:95:f6:31:97:a0:17:bc:79:30:18:22: 57:3d:11:cd:c2:8e:74:91:16:11:47:25:1a:45:53:8e:4a:50: 70:0d:d8:ae:94:18:2c:bf:a9:78:db:0c:09:12:89:eb:3a:30: 9d:54:23:c4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUVFVPRHwYE6dvD0RP/nPKAeX+G3EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzQ3MDAzODQxOUI2N0NEMTc0M0NFNEQ5Njk1MzA3N0VD RTY5MjhGRTAeFw0yNjAzMjQxNDE3MDBaFw0yNjAzMjgwMTI0MDBaMDMxMTAvBgNV BAMTKDI4QkMyMjlCRTU5NzJBNEREMzJFMDFDQkE0NkNCQzY5QjU2QjBGMTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJu97JkseX5yRRPUAffn74e3y7 mpTFn6oomzofXo00TV/8/fIh7mp3Oc6rQ4nc/C6UGHflWV8gSa+CJ87qQhivubuX 0VL2nefE+qF025ZCg9c/cYvl0NgpQ2/HAexWGUrDOY/P8f9cQiRarWdNl1dK9mkK 3t2TmiyCMKFEK3zQJfoF2Ok/rXmtMhiL9dAG5ulJs98oep2Z5USiRKZHArZDBGpl XlhjYvqAasjxK5313yUjiwDnk96Jgrz5VYJxFot3+YoIi41szMPvu5ZJXuNfttuk CljeswfKLS6bxioDx2pXfyWoGB1fPhQFNY1F5pwR+QP22WI/G2sXVEUrnbERAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUKLwim+WXKk3TLgHLpGy8abVrDxcwHwYDVR0j BBgwFoAUdHADhBm2fNF0POTZaVMHfs5pKP4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w Yzc2NWQ1MS1iMGIxLTQzNWQtYTY2Yi02MDRjNmU1ZDI5ZWYvMC83NDcwMDM4NDE5 QjY3Q0QxNzQzQ0U0RDk2OTUzMDc3RUNFNjkyOEZFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNzQ3MDAzODQxOUI2N0NEMTc0M0NFNEQ5Njk1MzA3N0VDRTY5 MjhGRS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMGM3NjVkNTEtYjBiMS00MzVkLWE2 NmItNjA0YzZlNWQyOWVmLzAvNzQ3MDAzODQxOUI2N0NEMTc0M0NFNEQ5Njk1MzA3 N0VDRTY5MjhGRS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAuLs+DkRLHKFP3lBmXfOCPKNawHdh/HeXIx 7disx4VMHU62lcnM3225xfm1UNkGVdMm/7dvbqXZ1AC5dwSadk8HnfaKceUQw1KM EQlMVEjqDwBJ6kXN83f+5wanOl77kQflqry73t1q/KhhIOKAIQu2Tn119Aj9i9bo /RhxNUzhq0OvuGd8Y2qPwNRB+EAfmHrYOWrwpBwSwOEi3sJ/h6/5LyiZPXGF57po ZB/nGEVrepHvI/GLLXfkOBYMHg3wQ6Pq7LqE08jxdGzP0t6V9jGXoBe8eTAYIlc9 Ec3CjnSRFhFHJRpFU45KUHAN2K6UGCy/qXjbDAkSies6MJ1UI8Q= -----END CERTIFICATE-----Generated at Thu Mar 26 13:38:42 2026 by rpki-client