$ rpki-client -vvf repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.mft File: 2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.mft (raw, json) Hash identifier: ZV/7yEFsLMobVw+5ZTPFzCaYZS9ONTEzNGayJ01EO4k= Subject key identifier: 54:DD:A2:C7:CF:9C:97:22:37:CE:1A:0D:6A:48:6E:AB:96:54:F9:80 Authority key identifier: 2C:FD:5B:DD:D1:DB:A6:D9:40:28:74:D6:22:3A:BD:7E:EE:E0:16:05 Certificate issuer: /CN=2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605 Certificate serial: 7EE8ED422A4EB2E46DE8600F9D08EC8E65A313E4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.mft Manifest number: 0131 Signing time: Tue 24 Mar 2026 23:00:44 +0000 Manifest this update: Tue 24 Mar 2026 22:55:44 +0000 Manifest next update: Sat 28 Mar 2026 10:34:44 +0000 Files and hashes: 1: 2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.crl (hash: YlFTzchEBRgDI29chL3QPaRCiWSr+MxVMg2kiVlcYXQ=) 2: 32372e3132342e36362e302f32342d3234203d3e20313532303339.roa (hash: EMSMLydCIMgCCDM5A6KpCinITeakN2yfPogDrJvRIew=) 3: 32372e3132342e36372e302f32342d3234203d3e20313532303339.roa (hash: s05NUxO3OCK6ljSM126JzvbuefrUbP5vbV9fxoiHqUw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.crl rsync://repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 10:34:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:e8:ed:42:2a:4e:b2:e4:6d:e8:60:0f:9d:08:ec:8e:65:a3:13:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605 Validity Not Before: Mar 24 22:55:44 2026 GMT Not After : Mar 28 10:34:44 2026 GMT Subject: CN=54DDA2C7CF9C972237CE1A0D6A486EAB9654F980 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:aa:79:4b:93:76:5c:30:09:ea:4b:34:17:17: c4:ee:c3:ca:56:c0:d6:3e:d1:b4:fb:77:82:41:4a: 30:08:2e:32:0e:5a:7c:18:13:d1:74:04:e6:c6:43: 52:14:7b:ed:62:bb:8c:0c:e8:e5:78:c4:d6:ff:94: d3:2a:1d:f5:83:17:cf:5c:8f:d1:da:a1:bc:81:70: d8:bc:2e:86:eb:fc:ff:f5:4a:60:b3:44:75:e4:12: da:21:fa:c5:3a:77:75:c8:3b:b3:80:81:b8:f1:70: b8:78:d9:70:4d:f7:74:a9:d6:17:1a:0f:49:08:8b: d9:49:19:90:a8:8b:48:03:66:63:c4:f8:31:51:14: 42:5b:4c:e6:c2:a2:1b:92:9e:33:bf:65:f9:10:dd: 02:6b:2c:ca:6b:4e:b6:d3:db:13:44:c8:f1:7a:d8: 37:36:27:45:90:9a:cc:8b:06:c3:59:ca:5c:ab:d0: 5e:28:28:42:c5:bf:08:2e:48:b9:4b:f3:5d:ed:ee: 27:6d:be:00:68:b2:cd:aa:dc:c0:2d:65:2c:b4:c9: be:b4:13:3e:d3:b4:4a:42:93:34:43:b9:eb:07:9d: 26:af:c6:aa:85:9b:c7:7d:cd:78:d9:47:52:83:68: 71:b9:9b:20:79:4d:aa:b3:23:70:ab:ac:33:cc:79: ba:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:DD:A2:C7:CF:9C:97:22:37:CE:1A:0D:6A:48:6E:AB:96:54:F9:80 X509v3 Authority Key Identifier: keyid:2C:FD:5B:DD:D1:DB:A6:D9:40:28:74:D6:22:3A:BD:7E:EE:E0:16:05 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1b7e0bc0-761b-4ec3-8f42-82981b91a97a/0/2CFD5BDDD1DBA6D9402874D6223ABD7EEEE01605.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:50:eb:bb:4a:3c:b3:38:83:4a:0e:9d:4a:84:ec:ca:58:a9: 6f:be:95:b3:d5:79:f6:6a:b3:75:50:4e:74:81:c6:17:7a:3f: 4c:54:90:43:85:2c:5b:fa:4a:66:b4:35:ce:a3:14:a3:28:e2: f8:56:bb:a1:61:76:dc:a8:0a:38:6e:1b:b2:e2:5f:7c:a9:b9: 0a:bf:be:cc:82:59:dd:e8:b4:40:f6:a6:48:e3:0b:6c:d3:50: 42:8f:46:57:78:a5:9b:00:16:20:70:6d:cc:d0:da:cc:17:d9: 2f:c8:cf:87:ee:9d:e0:e9:1b:a7:ed:6a:d0:8a:3d:10:20:4f: 1c:a4:9c:b6:a9:37:fb:ad:48:96:80:2d:21:8d:d5:2b:6c:e3: fb:4c:4c:bd:9c:69:d9:1d:84:24:17:07:6f:2a:c9:1c:ac:ff: 95:f9:ed:c1:73:9d:5b:cd:eb:e5:0e:fe:50:13:14:25:73:f5: e6:36:91:cc:0b:c6:76:1a:57:d3:98:01:f1:f5:8f:09:f1:61: e2:04:8f:63:ea:23:f0:6e:f9:10:d0:9e:83:87:7c:30:15:ef: 21:30:46:e5:21:b7:c8:85:a3:1a:ea:68:71:80:09:00:b7:ad: 3c:b5:d5:f8:af:07:72:3e:5b:c1:1a:a1:34:7e:f5:cf:4d:6d: 3f:22:da:0a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfujtQipOsuRt6GAPnQjsjmWjE+QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkNGRDVCREREMURCQTZEOTQwMjg3NEQ2MjIzQUJEN0VF RUUwMTYwNTAeFw0yNjAzMjQyMjU1NDRaFw0yNjAzMjgxMDM0NDRaMDMxMTAvBgNV BAMTKDU0RERBMkM3Q0Y5Qzk3MjIzN0NFMUEwRDZBNDg2RUFCOTY1NEY5ODAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqqnlLk3ZcMAnqSzQXF8Tuw8pW wNY+0bT7d4JBSjAILjIOWnwYE9F0BObGQ1IUe+1iu4wM6OV4xNb/lNMqHfWDF89c j9HaobyBcNi8Lobr/P/1SmCzRHXkEtoh+sU6d3XIO7OAgbjxcLh42XBN93Sp1hca D0kIi9lJGZCoi0gDZmPE+DFRFEJbTObCohuSnjO/ZfkQ3QJrLMprTrbT2xNEyPF6 2Dc2J0WQmsyLBsNZylyr0F4oKELFvwguSLlL813t7idtvgBoss2q3MAtZSy0yb60 Ez7TtEpCkzRDuesHnSavxqqFm8d9zXjZR1KDaHG5myB5TaqzI3CrrDPMeboLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUVN2ix8+clyI3zhoNakhuq5ZU+YAwHwYDVR0j BBgwFoAULP1b3dHbptlAKHTWIjq9fu7gFgUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YjdlMGJjMC03NjFiLTRlYzMtOGY0Mi04Mjk4MWI5MWE5N2EvMC8yQ0ZENUJEREQx REJBNkQ5NDAyODc0RDYyMjNBQkQ3RUVFRTAxNjA1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkNGRDVCREREMURCQTZEOTQwMjg3NEQ2MjIzQUJEN0VFRUUw MTYwNS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWI3ZTBiYzAtNzYxYi00ZWMzLThm NDItODI5ODFiOTFhOTdhLzAvMkNGRDVCREREMURCQTZEOTQwMjg3NEQ2MjIzQUJE N0VFRUUwMTYwNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAERQ67tKPLM4g0oOnUqE7MpYqW++lbPVefZq s3VQTnSBxhd6P0xUkEOFLFv6Sma0Nc6jFKMo4vhWu6FhdtyoCjhuG7LiX3ypuQq/ vsyCWd3otED2pkjjC2zTUEKPRld4pZsAFiBwbczQ2swX2S/Iz4funeDpG6ftatCK PRAgTxyknLapN/utSJaALSGN1Sts4/tMTL2cadkdhCQXB28qyRys/5X57cFznVvN 6+UO/lATFCVz9eY2kcwLxnYaV9OYAfH1jwnxYeIEj2PqI/Bu+RDQnoOHfDAV7yEw RuUht8iFoxrqaHGACQC3rTy11fivB3I+W8EaoTR+9c9NbT8i2go= -----END CERTIFICATE-----Generated at Thu Mar 26 16:19:33 2026 by rpki-client