$ rpki-client -vvf repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.mft File: 658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.mft (raw, json) Hash identifier: SinIS4mZn2EFbcfKeArEtpjbVx7Wf7VO+Q3I8zLENwA= Subject key identifier: EB:C5:20:81:7B:61:B9:DC:AD:38:B7:66:99:47:D0:06:6A:B9:1C:B3 Authority key identifier: 65:8C:0D:86:17:C2:D0:5C:E7:20:42:7E:1D:F7:2F:DE:12:C9:CB:9F Certificate issuer: /CN=658C0D8617C2D05CE720427E1DF72FDE12C9CB9F Certificate serial: 678E32A79B3F57D21789F538240467F08BB028FA Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.mft Manifest number: 0240 Signing time: Wed 25 Mar 2026 05:01:59 +0000 Manifest this update: Wed 25 Mar 2026 04:56:59 +0000 Manifest next update: Sat 28 Mar 2026 08:18:59 +0000 Files and hashes: 1: 323430343a643863303a3a2f33322d3438203d3e20313338383630.roa (hash: iufPrZZScnO80QkyCPvSlgZqxsE8YzjDEGRWUUoEP4M=) 2: 658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.crl (hash: 3ikcFisM4/E2UOK1aFCp/gSdzy+prdjAswtoz261wUU=) 3: 3130332e3133392e32362e302f32332d3234203d3e20313338383630.roa (hash: en7yrsRqDUaal9vRU4LRRex8mQ3pcI0rlYghVnCEE78=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.crl rsync://repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 08:18:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:8e:32:a7:9b:3f:57:d2:17:89:f5:38:24:04:67:f0:8b:b0:28:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=658C0D8617C2D05CE720427E1DF72FDE12C9CB9F Validity Not Before: Mar 25 04:56:59 2026 GMT Not After : Mar 28 08:18:59 2026 GMT Subject: CN=EBC520817B61B9DCAD38B7669947D0066AB91CB3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:bd:73:db:34:f1:00:a9:70:7d:9f:00:49:2e: e7:e8:f6:95:48:70:dc:3c:72:2a:03:85:e0:98:a1: c1:bb:15:2d:46:c7:46:df:59:fa:1c:f0:97:e3:42: ae:aa:ce:33:1e:88:83:4f:15:45:ad:74:8d:fd:d2: 6c:75:00:73:bf:e6:26:c0:48:fe:17:af:99:3b:df: f1:24:fb:16:6b:bc:74:88:c0:c0:75:b5:24:3c:c7: 24:27:28:54:01:04:f4:91:8f:82:44:a9:ca:c1:2d: 8d:b6:9b:54:e7:ac:c7:ea:4c:ed:ca:3a:62:e8:bc: 11:4e:83:0b:c6:e1:24:24:bc:6c:69:52:e1:86:e4: 87:ca:8e:de:e2:ad:9e:e3:eb:6b:a0:f6:a9:c8:9e: 97:a8:0e:eb:18:38:de:b3:1e:a0:42:70:06:fd:21: e9:13:0a:53:92:9f:77:50:5b:67:36:9f:dd:ae:34: a7:1c:99:c2:85:2e:d2:de:6c:69:02:49:2c:9a:e3: 93:fd:67:95:5e:f9:a6:3b:d5:2e:0c:4d:c8:dd:fc: e0:d7:e7:32:27:da:65:2c:60:ea:7b:16:86:87:d9: 74:72:b7:43:de:50:96:19:e3:54:a9:77:4e:04:7a: 1f:bc:2d:c8:26:81:c7:54:c9:49:c7:fa:46:77:e7: b8:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:C5:20:81:7B:61:B9:DC:AD:38:B7:66:99:47:D0:06:6A:B9:1C:B3 X509v3 Authority Key Identifier: keyid:65:8C:0D:86:17:C2:D0:5C:E7:20:42:7E:1D:F7:2F:DE:12:C9:CB:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/165d88f1-b9c0-485e-916e-59b7e3698da1/0/658C0D8617C2D05CE720427E1DF72FDE12C9CB9F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 68:09:f1:8f:2c:03:91:50:68:d8:9a:14:fc:a6:a5:a3:1c:bb: 7c:63:df:21:28:84:54:ba:6e:48:2b:10:78:e9:7f:11:54:e9: 77:13:b2:63:72:ee:de:6f:e9:52:50:33:8d:a8:ed:8b:ce:46: 0b:d0:a6:cf:4c:4b:66:5b:e6:e0:a9:bb:4b:2e:13:85:56:04: 15:2b:82:6d:fb:4e:75:49:8b:b6:10:0e:7e:2c:e9:b1:ce:8d: 6b:09:d7:e9:29:a3:6f:e1:1d:7e:8b:d6:6d:dc:0e:f6:9c:6a: 61:f7:3a:ae:ab:d0:cf:62:50:85:45:4c:6b:9c:35:48:42:58: d0:69:5b:9f:28:2a:7e:ec:6f:7e:9d:5d:c7:5c:7b:0a:eb:f4: 71:53:3c:34:3e:f8:24:91:3e:62:6a:12:bc:a4:98:5a:94:ca: 81:c1:a2:73:7f:08:cb:36:90:0e:49:40:b8:d2:d1:07:6e:e2: f2:02:f0:9c:05:14:66:6b:e0:7b:5a:9f:cf:eb:ae:51:00:12: e1:9a:2a:2b:5f:af:e8:d5:9e:6e:45:86:6f:42:dc:ca:2a:ce: 57:ab:01:2a:2b:97:95:98:d0:96:b2:c0:5e:02:1c:ec:79:e0: 16:85:69:ac:a1:bf:61:dd:b8:53:41:1e:8f:d6:ba:ef:7c:fc: e6:b7:e5:c5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZ44yp5s/V9IXifU4JARn8IuwKPowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjU4QzBEODYxN0MyRDA1Q0U3MjA0MjdFMURGNzJGREUx MkM5Q0I5RjAeFw0yNjAzMjUwNDU2NTlaFw0yNjAzMjgwODE4NTlaMDMxMTAvBgNV BAMTKEVCQzUyMDgxN0I2MUI5RENBRDM4Qjc2Njk5NDdEMDA2NkFCOTFDQjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTvXPbNPEAqXB9nwBJLufo9pVI cNw8cioDheCYocG7FS1Gx0bfWfoc8JfjQq6qzjMeiINPFUWtdI390mx1AHO/5ibA SP4Xr5k73/Ek+xZrvHSIwMB1tSQ8xyQnKFQBBPSRj4JEqcrBLY22m1TnrMfqTO3K OmLovBFOgwvG4SQkvGxpUuGG5IfKjt7irZ7j62ug9qnInpeoDusYON6zHqBCcAb9 IekTClOSn3dQW2c2n92uNKccmcKFLtLebGkCSSya45P9Z5Ve+aY71S4MTcjd/ODX 5zIn2mUsYOp7FoaH2XRyt0PeUJYZ41Spd04Eeh+8LcgmgcdUyUnH+kZ357gbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU68UggXthudytOLdmmUfQBmq5HLMwHwYDVR0j BBgwFoAUZYwNhhfC0FznIEJ+Hfcv3hLJy58wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x NjVkODhmMS1iOWMwLTQ4NWUtOTE2ZS01OWI3ZTM2OThkYTEvMC82NThDMEQ4NjE3 QzJEMDVDRTcyMDQyN0UxREY3MkZERTEyQzlDQjlGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjU4QzBEODYxN0MyRDA1Q0U3MjA0MjdFMURGNzJGREUxMkM5 Q0I5Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMTY1ZDg4ZjEtYjljMC00ODVlLTkx NmUtNTliN2UzNjk4ZGExLzAvNjU4QzBEODYxN0MyRDA1Q0U3MjA0MjdFMURGNzJG REUxMkM5Q0I5Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGgJ8Y8sA5FQaNiaFPympaMcu3xj3yEohFS6 bkgrEHjpfxFU6XcTsmNy7t5v6VJQM42o7YvORgvQps9MS2Zb5uCpu0suE4VWBBUr gm37TnVJi7YQDn4s6bHOjWsJ1+kpo2/hHX6L1m3cDvacamH3Oq6r0M9iUIVFTGuc NUhCWNBpW58oKn7sb36dXcdcewrr9HFTPDQ++CSRPmJqErykmFqUyoHBonN/CMs2 kA5JQLjS0Qdu4vIC8JwFFGZr4Htan8/rrlEAEuGaKitfr+jVnm5Fhm9C3Moqzler ASorl5WY0JaywF4CHOx54BaFaayhv2HduFNBHo/Wuu98/Oa35cU= -----END CERTIFICATE-----Generated at Thu Mar 26 17:22:36 2026 by rpki-client