$ rpki-client -vvf repo-rpki.idnic.net/repo/14cc69e9-ef74-4b81-91f4-7bfdf93f7baa/0/40C0553C9097EC4A4F23EEDC05205BC5470B41F3.mft File: 40C0553C9097EC4A4F23EEDC05205BC5470B41F3.mft (raw, json) Hash identifier: CuBy0UCLRTsJkZn2VgiZPVCjTw87/jX9fe58HgSM/2o= Subject key identifier: CE:0A:3E:5E:E2:A0:08:5B:16:C1:F6:97:EB:88:4F:DF:35:1D:93:63 Authority key identifier: 40:C0:55:3C:90:97:EC:4A:4F:23:EE:DC:05:20:5B:C5:47:0B:41:F3 Certificate issuer: /CN=40C0553C9097EC4A4F23EEDC05205BC5470B41F3 Certificate serial: 7B2F8DD29C411A454618FCF3420D086542112A15 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40C0553C9097EC4A4F23EEDC05205BC5470B41F3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/14cc69e9-ef74-4b81-91f4-7bfdf93f7baa/0/40C0553C9097EC4A4F23EEDC05205BC5470B41F3.mft Manifest number: 02B7 Signing time: Tue 24 Mar 2026 08:32:40 +0000 Manifest this update: Tue 24 Mar 2026 08:27:40 +0000 Manifest next update: Fri 27 Mar 2026 16:15:40 +0000 Files and hashes: 1: 40C0553C9097EC4A4F23EEDC05205BC5470B41F3.crl (hash: CaovZygk2Dfef9WUVJsYSK0PRpXpJeKO+3YPeE/mjYc=) 2: 3130332e3137372e3130362e302f32332d3233203d3e20313431363734.roa (hash: eoFrh6+wAXl8GU6KfDgK4F1QwEUvX7H6+hOu79IcAaQ=) 3: 3130332e3137372e3130372e302f32342d3234203d3e20313431363734.roa (hash: AdfiOiy4j+jzq6m6P/ddq5DNGylDKkSfCmCDhzGt0bs=) 4: 3130332e3137372e3130362e302f32342d3234203d3e20313431363734.roa (hash: 9gmRqaJI/wYEkgAY84XDxfl7gvBL2bnVFSi2YyX1gYI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/14cc69e9-ef74-4b81-91f4-7bfdf93f7baa/0/40C0553C9097EC4A4F23EEDC05205BC5470B41F3.crl rsync://repo-rpki.idnic.net/repo/14cc69e9-ef74-4b81-91f4-7bfdf93f7baa/0/40C0553C9097EC4A4F23EEDC05205BC5470B41F3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40C0553C9097EC4A4F23EEDC05205BC5470B41F3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 16:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:2f:8d:d2:9c:41:1a:45:46:18:fc:f3:42:0d:08:65:42:11:2a:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40C0553C9097EC4A4F23EEDC05205BC5470B41F3 Validity Not Before: Mar 24 08:27:40 2026 GMT Not After : Mar 27 16:15:40 2026 GMT Subject: CN=CE0A3E5EE2A0085B16C1F697EB884FDF351D9363 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:be:54:db:cb:f5:af:ec:94:56:b3:ab:34:e2: 27:b5:68:ad:87:7e:39:0b:d3:8b:00:10:50:6b:aa: 27:1b:50:f5:8b:a4:45:37:1e:7d:82:a4:af:b3:0f: b0:1f:0a:43:71:3f:c5:41:c5:a3:b0:7b:68:17:73: 05:94:a7:42:da:3a:4c:86:d2:2f:d3:e0:09:1b:bd: 8b:ab:d1:35:e5:fd:11:54:d5:85:49:92:1c:77:ed: 1d:a1:b2:4f:1c:05:98:ad:96:01:9a:c5:a6:21:29: ce:e2:bc:8b:83:a9:6d:65:73:0f:f3:d5:2d:74:eb: 18:fb:76:ea:f2:ce:db:2e:16:57:3e:69:9c:c7:dd: 39:7b:f0:cd:27:3d:7d:99:55:fa:cb:ba:4b:c5:c4: 55:55:5f:77:be:33:1d:c8:66:e7:13:91:93:5f:5e: ff:0f:e2:cf:90:fc:76:6f:45:05:4d:e7:fa:38:fa: 48:47:a7:7d:af:fa:d9:b4:b9:3b:8f:f0:82:2e:90: 8a:12:b9:45:8a:e1:99:0f:19:b4:86:82:67:a5:74: f8:c1:76:96:f7:08:59:17:d5:6b:9d:f1:6e:ba:54: c2:29:bf:e2:c1:b4:9e:ea:c5:c6:df:fd:bf:ad:cd: e6:33:24:4e:d2:d3:30:4d:99:0f:10:03:4f:a3:e4: ce:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:0A:3E:5E:E2:A0:08:5B:16:C1:F6:97:EB:88:4F:DF:35:1D:93:63 X509v3 Authority Key Identifier: keyid:40:C0:55:3C:90:97:EC:4A:4F:23:EE:DC:05:20:5B:C5:47:0B:41:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/14cc69e9-ef74-4b81-91f4-7bfdf93f7baa/0/40C0553C9097EC4A4F23EEDC05205BC5470B41F3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40C0553C9097EC4A4F23EEDC05205BC5470B41F3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/14cc69e9-ef74-4b81-91f4-7bfdf93f7baa/0/40C0553C9097EC4A4F23EEDC05205BC5470B41F3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:ee:7e:ae:52:6c:a7:c7:a7:be:68:ce:3b:e1:41:05:d1:95: 85:7a:29:89:d3:8e:1e:c5:e1:51:d5:11:bf:47:a9:05:56:00: 6a:b4:ec:ad:ea:f2:79:06:21:52:6b:15:c9:e1:22:f6:a5:a5: 36:be:54:83:69:3a:c7:e7:60:de:60:48:a1:0a:45:10:7e:9f: 09:12:7c:8b:72:40:87:4a:40:b1:f3:8c:ea:39:b6:61:84:aa: ed:43:cd:f4:d4:22:d2:3b:db:1f:a6:fc:88:98:c1:b4:3c:58: de:a2:99:57:10:c0:0b:47:ce:20:90:f2:1c:df:26:2e:fa:17: 3f:5d:32:4f:8e:65:c0:66:b7:6b:45:71:b0:30:83:ad:83:1c: ed:f6:23:93:10:ba:22:58:18:66:84:ca:fd:9a:29:08:ab:ec: b1:63:6c:51:e6:43:f5:8e:18:ce:dd:ca:44:11:db:4a:b2:c2: 61:74:5f:75:cb:f5:02:f3:4d:4e:8c:e6:c7:d5:3b:cd:2e:3c: 17:7e:d0:ce:ac:47:1c:12:26:68:2d:e3:33:8d:94:5d:39:3e: db:98:ff:65:71:26:bb:95:84:cb:f5:38:57:01:c4:fb:26:6c: 22:0d:78:bb:e3:8d:da:13:ee:47:ca:93:c0:bc:b7:60:32:d0: 97:0b:63:2d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUey+N0pxBGkVGGPzzQg0IZUIRKhUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBDMDU1M0M5MDk3RUM0QTRGMjNFRURDMDUyMDVCQzU0 NzBCNDFGMzAeFw0yNjAzMjQwODI3NDBaFw0yNjAzMjcxNjE1NDBaMDMxMTAvBgNV BAMTKENFMEEzRTVFRTJBMDA4NUIxNkMxRjY5N0VCODg0RkRGMzUxRDkzNjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/vlTby/Wv7JRWs6s04ie1aK2H fjkL04sAEFBrqicbUPWLpEU3Hn2CpK+zD7AfCkNxP8VBxaOwe2gXcwWUp0LaOkyG 0i/T4AkbvYur0TXl/RFU1YVJkhx37R2hsk8cBZitlgGaxaYhKc7ivIuDqW1lcw/z 1S106xj7duryztsuFlc+aZzH3Tl78M0nPX2ZVfrLukvFxFVVX3e+Mx3IZucTkZNf Xv8P4s+Q/HZvRQVN5/o4+khHp32v+tm0uTuP8IIukIoSuUWK4ZkPGbSGgmeldPjB dpb3CFkX1Wud8W66VMIpv+LBtJ7qxcbf/b+tzeYzJE7S0zBNmQ8QA0+j5M4TAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzgo+XuKgCFsWwfaX64hP3zUdk2MwHwYDVR0j BBgwFoAUQMBVPJCX7EpPI+7cBSBbxUcLQfMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x NGNjNjllOS1lZjc0LTRiODEtOTFmNC03YmZkZjkzZjdiYWEvMC80MEMwNTUzQzkw OTdFQzRBNEYyM0VFREMwNTIwNUJDNTQ3MEI0MUYzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBDMDU1M0M5MDk3RUM0QTRGMjNFRURDMDUyMDVCQzU0NzBC NDFGMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTRjYzY5ZTktZWY3NC00YjgxLTkx ZjQtN2JmZGY5M2Y3YmFhLzAvNDBDMDU1M0M5MDk3RUM0QTRGMjNFRURDMDUyMDVC QzU0NzBCNDFGMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIzufq5SbKfHp75ozjvhQQXRlYV6KYnTjh7F 4VHVEb9HqQVWAGq07K3q8nkGIVJrFcnhIvalpTa+VINpOsfnYN5gSKEKRRB+nwkS fItyQIdKQLHzjOo5tmGEqu1DzfTUItI72x+m/IiYwbQ8WN6imVcQwAtHziCQ8hzf Ji76Fz9dMk+OZcBmt2tFcbAwg62DHO32I5MQuiJYGGaEyv2aKQir7LFjbFHmQ/WO GM7dykQR20qywmF0X3XL9QLzTU6M5sfVO80uPBd+0M6sRxwSJmgt4zONlF05PtuY /2VxJruVhMv1OFcBxPsmbCINeLvjjdoT7kfKk8C8t2Ay0JcLYy0= -----END CERTIFICATE-----Generated at Thu Mar 26 11:33:12 2026 by rpki-client