$ rpki-client -vvf repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft File: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft (raw, json) Hash identifier: RmXSJNWmnrIxb0+Jn4E0tYpAMMteedBCVHYvZoqzgYM= Subject key identifier: 44:E7:32:E0:45:D1:89:89:12:2A:A8:30:14:D1:71:75:89:06:99:B3 Authority key identifier: CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C Certificate issuer: /CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Certificate serial: 43668064A3A8112A2DA4511872677539E9F65482 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft Manifest number: F5 Signing time: Wed 25 Mar 2026 19:26:18 +0000 Manifest this update: Wed 25 Mar 2026 19:21:18 +0000 Manifest next update: Sat 28 Mar 2026 21:45:18 +0000 Files and hashes: 1: 3136302e3138372e3135302e302f32332d3234203d3e20313533313237.roa (hash: I98r/YvoKJnqIbKebXKfBKywu1BzE/FQD60HTUreMMU=) 2: CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl (hash: ZHe554veelA45yOQ3QiLjsllM9o/7MUkxaGzzUr/TMA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 21:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:66:80:64:a3:a8:11:2a:2d:a4:51:18:72:67:75:39:e9:f6:54:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFC8825F98002AF2A3CB54EF279D59CD2E5043C Validity Not Before: Mar 25 19:21:18 2026 GMT Not After : Mar 28 21:45:18 2026 GMT Subject: CN=44E732E045D18989122AA83014D17175890699B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:28:5b:89:c0:ca:3d:d5:d5:b4:cf:3e:22:71: 28:ac:36:c8:77:b0:85:fa:d6:f3:04:93:a0:ba:0d: cb:e1:ac:84:34:74:7a:39:d1:57:86:4c:f3:cd:27: 46:b0:b3:29:f5:02:b8:89:8a:ad:0c:21:09:0c:71: 57:cf:ef:88:49:e4:3c:13:c9:d2:48:94:91:9d:b7: ae:1c:43:6f:87:f7:80:40:e0:d0:2f:60:34:75:0e: 7b:2b:31:e4:78:13:ee:2a:79:fa:46:bb:6d:24:a4: 7d:37:d7:f6:c5:9a:77:2d:75:19:8b:3f:bd:c3:57: ad:c0:74:6e:56:a2:42:c0:68:25:3c:3e:87:92:4d: fc:f3:c5:34:41:96:e6:53:f3:42:5e:8b:04:60:0c: 4c:43:dc:55:1c:7c:67:d5:ca:bf:9b:aa:14:0b:af: ff:55:8b:20:0c:73:55:5b:14:0a:1e:e6:d1:68:f5: ee:43:d8:7e:7a:60:8e:d1:82:da:15:da:ed:8e:05: 81:db:f8:b5:0c:ce:d8:4b:a9:0d:14:de:4d:22:4e: a5:ce:cc:ec:14:e4:19:d5:cb:4a:0f:6a:0c:c4:02: 9c:46:9e:90:32:96:a9:4b:6a:57:34:21:3f:68:a7: 07:9a:b0:22:b0:d6:bf:b3:b3:a5:98:66:7f:32:27: 15:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:E7:32:E0:45:D1:89:89:12:2A:A8:30:14:D1:71:75:89:06:99:B3 X509v3 Authority Key Identifier: keyid:CA:FC:88:25:F9:80:02:AF:2A:3C:B5:4E:F2:79:D5:9C:D2:E5:04:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/21d97b40-c031-4e5b-9b42-d2ae1c9cf987/0/CAFC8825F98002AF2A3CB54EF279D59CD2E5043C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:35:e8:9c:e7:ef:11:e1:57:ed:cf:18:3b:c4:3d:e7:15:a3: 95:e5:6c:87:7c:6a:2f:43:6f:68:c1:74:ac:36:08:db:e8:d3: 7e:5e:ef:4a:66:7b:2a:db:ab:cd:97:71:49:78:8f:2a:10:a0: 9c:95:1b:db:b9:ff:d2:7b:fd:f9:10:77:3e:d8:44:57:11:c9: e9:67:e4:18:27:8f:bf:2e:64:84:c7:31:c2:8d:b8:e0:e9:e5: 1c:e2:51:43:b3:c3:8e:9d:f2:27:ee:ea:d1:70:a5:19:cc:d1: 49:69:1e:5e:06:a1:f2:34:a1:6b:0f:a8:f8:52:07:94:10:94: 37:bf:8f:be:96:68:c5:53:df:43:05:81:82:86:ff:0d:7e:1e: fb:25:c5:56:39:5b:f4:cd:0c:42:9f:31:b2:4a:dc:d0:d1:c8: e0:89:42:56:3a:41:3d:5f:0e:2c:40:d9:69:b6:51:c6:b5:2e: fd:8a:05:8e:27:a8:7d:ee:1d:29:17:41:57:b3:75:dd:14:a4: f6:7f:b9:8b:2a:48:45:13:7e:f8:cc:ff:46:8b:1b:36:00:37: 3b:cd:e5:01:aa:5f:97:aa:c6:37:db:42:72:e3:21:4c:7d:06: 69:36:20:39:6d:f7:9f:48:43:87:49:c0:5e:2d:1d:a2:dd:6f: fa:d1:42:14 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQ2aAZKOoESotpFEYcmd1Oen2VIIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNE MkU1MDQzQzAeFw0yNjAzMjUxOTIxMThaFw0yNjAzMjgyMTQ1MThaMDMxMTAvBgNV BAMTKDQ0RTczMkUwNDVEMTg5ODkxMjJBQTgzMDE0RDE3MTc1ODkwNjk5QjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOKFuJwMo91dW0zz4icSisNsh3 sIX61vMEk6C6DcvhrIQ0dHo50VeGTPPNJ0awsyn1AriJiq0MIQkMcVfP74hJ5DwT ydJIlJGdt64cQ2+H94BA4NAvYDR1DnsrMeR4E+4qefpGu20kpH031/bFmnctdRmL P73DV63AdG5WokLAaCU8PoeSTfzzxTRBluZT80JeiwRgDExD3FUcfGfVyr+bqhQL r/9ViyAMc1VbFAoe5tFo9e5D2H56YI7RgtoV2u2OBYHb+LUMzthLqQ0U3k0iTqXO zOwU5BnVy0oPagzEApxGnpAylqlLalc0IT9opweasCKw1r+zs6WYZn8yJxUlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUROcy4EXRiYkSKqgwFNFxdYkGmbMwHwYDVR0j BBgwFoAUyvyIJfmAAq8qPLVO8nnVnNLlBDwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MWQ5N2I0MC1jMDMxLTRlNWItOWI0Mi1kMmFlMWM5Y2Y5ODcvMC9DQUZDODgyNUY5 ODAwMkFGMkEzQ0I1NEVGMjc5RDU5Q0QyRTUwNDNDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1OUNEMkU1 MDQzQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjFkOTdiNDAtYzAzMS00ZTViLTli NDItZDJhZTFjOWNmOTg3LzAvQ0FGQzg4MjVGOTgwMDJBRjJBM0NCNTRFRjI3OUQ1 OUNEMkU1MDQzQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACM16Jzn7xHhV+3PGDvEPecVo5XlbId8ai9D b2jBdKw2CNvo035e70pmeyrbq82XcUl4jyoQoJyVG9u5/9J7/fkQdz7YRFcRyeln 5Bgnj78uZITHMcKNuODp5RziUUOzw46d8ifu6tFwpRnM0UlpHl4GofI0oWsPqPhS B5QQlDe/j76WaMVT30MFgYKG/w1+HvslxVY5W/TNDEKfMbJK3NDRyOCJQlY6QT1f DixA2Wm2Uca1Lv2KBY4nqH3uHSkXQVezdd0UpPZ/uYsqSEUTfvjM/0aLGzYANzvN 5QGqX5eqxjfbQnLjIUx9Bmk2IDlt959IQ4dJwF4tHaLdb/rRQhQ= -----END CERTIFICATE-----Generated at Thu Mar 26 13:51:45 2026 by rpki-client