$ rpki-client -vvf repo-rpki.idnic.net/repo/282a9bd9-166f-453e-b3c0-e6b3ef92a540/0/A9D663C6EBCD250AA8927EA094627C9415DEE7FC.mft File: A9D663C6EBCD250AA8927EA094627C9415DEE7FC.mft (raw, json) Hash identifier: SMmZ8nBwKRvRJyB/TBVfxOY063NZLE+rkGdYcyPfSoc= Subject key identifier: A2:A8:7B:24:5C:BB:96:4D:20:EE:1A:17:8D:6D:08:AA:9C:89:1E:CE Authority key identifier: A9:D6:63:C6:EB:CD:25:0A:A8:92:7E:A0:94:62:7C:94:15:DE:E7:FC Certificate issuer: /CN=A9D663C6EBCD250AA8927EA094627C9415DEE7FC Certificate serial: 20A7218A8DCEFDCF627469118C372D7DB9D37383 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A9D663C6EBCD250AA8927EA094627C9415DEE7FC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/282a9bd9-166f-453e-b3c0-e6b3ef92a540/0/A9D663C6EBCD250AA8927EA094627C9415DEE7FC.mft Manifest number: D2 Signing time: Tue 24 Mar 2026 20:51:29 +0000 Manifest this update: Tue 24 Mar 2026 20:46:29 +0000 Manifest next update: Sat 28 Mar 2026 08:10:29 +0000 Files and hashes: 1: A9D663C6EBCD250AA8927EA094627C9415DEE7FC.crl (hash: vUA+mJ3s3qIUSfcqoqjKV/Fu8WyVZ/mHZSLDWH+T64s=) 2: 3136302e3139312e36352e302f32342d3234203d3e20313533313438.roa (hash: mzDpPRia6xZTDPtGY2S0cq+7bpQlmycpMpiDj9ys06Y=) 3: 3136302e3139312e36342e302f32342d3234203d3e20313533313438.roa (hash: mWzhkuRRp6o1Au1AW0FJ/m2nQ9Sa4O9bV344gG0E6vo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/282a9bd9-166f-453e-b3c0-e6b3ef92a540/0/A9D663C6EBCD250AA8927EA094627C9415DEE7FC.crl rsync://repo-rpki.idnic.net/repo/282a9bd9-166f-453e-b3c0-e6b3ef92a540/0/A9D663C6EBCD250AA8927EA094627C9415DEE7FC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A9D663C6EBCD250AA8927EA094627C9415DEE7FC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 08:10:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:a7:21:8a:8d:ce:fd:cf:62:74:69:11:8c:37:2d:7d:b9:d3:73:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9D663C6EBCD250AA8927EA094627C9415DEE7FC Validity Not Before: Mar 24 20:46:29 2026 GMT Not After : Mar 28 08:10:29 2026 GMT Subject: CN=A2A87B245CBB964D20EE1A178D6D08AA9C891ECE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:b4:22:08:44:5e:83:a1:b5:67:18:f4:2c:30: 1a:ae:e1:45:dc:1b:2a:6a:36:db:cb:fe:57:68:8c: c0:80:df:4f:17:35:9a:66:ea:87:65:1c:0a:66:4b: 68:9a:f6:54:5a:f5:a0:88:c5:76:3d:4e:f2:0a:1f: f5:c1:2b:f9:1f:52:96:05:b3:5f:a6:90:65:0c:d0: 1d:e9:ba:e8:a7:b8:58:4e:ed:04:d6:dd:dc:21:bd: c0:34:81:08:ec:a1:11:63:8f:36:16:31:3c:6b:7b: 43:f4:2b:b6:bc:73:2f:43:9e:80:12:c3:05:dd:5b: 50:24:31:d2:95:22:4d:12:da:26:8e:dd:65:9f:e9: 33:9c:8b:c1:3d:4e:4e:2b:8c:47:a2:1b:62:88:d1: fc:5d:85:bf:15:d9:f7:60:aa:68:19:af:dd:2b:f7: 6a:32:5f:7a:4f:e7:7a:e8:2a:f9:13:c7:13:82:6f: 5a:1d:f0:3e:bc:68:88:fc:2f:5d:05:08:01:cb:a1: 94:8b:bb:68:fd:31:a1:f4:85:98:a7:2b:32:20:80: ef:04:b1:8d:82:47:8d:ed:8d:fd:13:45:38:55:8a: 74:31:7f:7d:7e:d2:c7:2c:a8:51:96:c9:74:22:e4: 53:40:c9:08:13:50:b2:a5:77:69:76:06:e4:48:c2: f9:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:A8:7B:24:5C:BB:96:4D:20:EE:1A:17:8D:6D:08:AA:9C:89:1E:CE X509v3 Authority Key Identifier: keyid:A9:D6:63:C6:EB:CD:25:0A:A8:92:7E:A0:94:62:7C:94:15:DE:E7:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/282a9bd9-166f-453e-b3c0-e6b3ef92a540/0/A9D663C6EBCD250AA8927EA094627C9415DEE7FC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A9D663C6EBCD250AA8927EA094627C9415DEE7FC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/282a9bd9-166f-453e-b3c0-e6b3ef92a540/0/A9D663C6EBCD250AA8927EA094627C9415DEE7FC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:22:5e:19:cf:27:9f:1e:c6:6f:e8:bd:b8:54:a3:75:cb:23: f7:56:02:54:1b:c3:4a:56:d9:9e:b1:8a:01:97:31:05:48:95: 06:79:02:11:92:1d:d5:4d:ae:19:1b:25:d9:77:82:00:6a:02: b8:c2:11:1a:10:6c:73:78:c3:fe:6c:d9:51:77:a9:db:23:c4: fa:35:1d:c2:e1:d0:fa:00:fc:eb:d5:59:2c:79:26:0d:0c:60: 02:f7:e2:79:0c:b8:fa:f6:a9:fb:4f:1c:3f:84:bc:e6:9e:20: 87:f0:59:ef:f6:a8:71:83:a9:6f:71:8a:b6:b6:3f:4f:be:7c: 8c:77:e3:71:a4:cf:ca:93:42:8f:48:14:ff:5b:56:0c:35:6a: a2:cd:99:1c:c3:52:8a:23:2a:fa:6a:95:b1:b9:77:8c:27:1f: 52:5a:38:79:0a:01:f4:a3:df:4a:54:a7:c3:76:ff:c9:3f:6b: 60:8b:03:6e:84:39:f1:bb:9c:d0:f8:2c:8c:a6:ef:a1:88:2b: 3d:a2:cb:4d:32:94:13:8c:bc:ca:cd:0b:dc:e7:40:56:ba:68: c0:4f:c8:98:c0:81:13:eb:f1:e4:79:14:13:18:8d:8f:cf:fd: ac:4a:f1:71:b4:c5:a2:7e:e3:4e:80:60:25:42:26:eb:4e:f7: 4a:a0:49:11 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIKchio3O/c9idGkRjDctfbnTc4MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTlENjYzQzZFQkNEMjUwQUE4OTI3RUEwOTQ2MjdDOTQx NURFRTdGQzAeFw0yNjAzMjQyMDQ2MjlaFw0yNjAzMjgwODEwMjlaMDMxMTAvBgNV BAMTKEEyQTg3QjI0NUNCQjk2NEQyMEVFMUExNzhENkQwOEFBOUM4OTFFQ0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjtCIIRF6DobVnGPQsMBqu4UXc GypqNtvL/ldojMCA308XNZpm6odlHApmS2ia9lRa9aCIxXY9TvIKH/XBK/kfUpYF s1+mkGUM0B3puuinuFhO7QTW3dwhvcA0gQjsoRFjjzYWMTxre0P0K7a8cy9DnoAS wwXdW1AkMdKVIk0S2iaO3WWf6TOci8E9Tk4rjEeiG2KI0fxdhb8V2fdgqmgZr90r 92oyX3pP53roKvkTxxOCb1od8D68aIj8L10FCAHLoZSLu2j9MaH0hZinKzIggO8E sY2CR43tjf0TRThVinQxf31+0scsqFGWyXQi5FNAyQgTULKld2l2BuRIwvmNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUoqh7JFy7lk0g7hoXjW0IqpyJHs4wHwYDVR0j BBgwFoAUqdZjxuvNJQqokn6glGJ8lBXe5/wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ODJhOWJkOS0xNjZmLTQ1M2UtYjNjMC1lNmIzZWY5MmE1NDAvMC9BOUQ2NjNDNkVC Q0QyNTBBQTg5MjdFQTA5NDYyN0M5NDE1REVFN0ZDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQTlENjYzQzZFQkNEMjUwQUE4OTI3RUEwOTQ2MjdDOTQxNURF RTdGQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjgyYTliZDktMTY2Zi00NTNlLWIz YzAtZTZiM2VmOTJhNTQwLzAvQTlENjYzQzZFQkNEMjUwQUE4OTI3RUEwOTQ2MjdD OTQxNURFRTdGQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIwiXhnPJ58exm/ovbhUo3XLI/dWAlQbw0pW 2Z6xigGXMQVIlQZ5AhGSHdVNrhkbJdl3ggBqArjCERoQbHN4w/5s2VF3qdsjxPo1 HcLh0PoA/OvVWSx5Jg0MYAL34nkMuPr2qftPHD+EvOaeIIfwWe/2qHGDqW9xira2 P0++fIx343Gkz8qTQo9IFP9bVgw1aqLNmRzDUoojKvpqlbG5d4wnH1JaOHkKAfSj 30pUp8N2/8k/a2CLA26EOfG7nND4LIym76GIKz2iy00ylBOMvMrNC9znQFa6aMBP yJjAgRPr8eR5FBMYjY/P/axK8XG0xaJ+406AYCVCJutO90qgSRE= -----END CERTIFICATE-----Generated at Thu Mar 26 13:54:44 2026 by rpki-client