$ rpki-client -vvf repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft File: D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft (raw, json) Hash identifier: xfnCWQfJOKPgOTUXt1mz8lOb0REEr44pe/AqtWFKVRw= Subject key identifier: 64:9E:7D:F2:D8:DE:A7:74:68:58:1A:AE:4A:06:88:32:B2:6A:17:44 Authority key identifier: D0:F7:9D:82:6E:43:EA:B6:1A:7A:83:4E:6A:27:77:C5:EC:82:1F:FD Certificate issuer: /CN=D0F79D826E43EAB61A7A834E6A2777C5EC821FFD Certificate serial: 5520E83B88CFE30CA68E1F315D55EF9C92B76A29 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft Manifest number: 0217 Signing time: Tue 24 Mar 2026 16:52:35 +0000 Manifest this update: Tue 24 Mar 2026 16:47:35 +0000 Manifest next update: Sat 28 Mar 2026 02:09:35 +0000 Files and hashes: 1: D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.crl (hash: ThWXPyyqgaBJ6hj3xEbPWanZcjrhYGgxqm3MG2vrPqw=) 2: 3130332e37352e3133362e302f32332d3233203d3e20313530353233.roa (hash: Hj/Oe+Radw8pbluCv/VN2XxQ+sX4+0STYPYTyYPvjyc=) 3: 3130332e37352e3133362e302f32342d3234203d3e20313530353233.roa (hash: uNA/yO7Jurn3EZm3l95rlsLVpHCEIuUhUwihJjKDdLE=) 4: 323030313a6466313a646663303a3a2f34382d3438203d3e20313530353233.roa (hash: bKAiHhmlEj4IgvE00Lo3377sGcryUEP8JoeR2a9n6WM=) 5: 3130332e37352e3133372e302f32342d3234203d3e20313530353233.roa (hash: 1yTR12zVNlgV/3lhF5YF8WQX2wlBuTs2UGOXRfg1gpk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.crl rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 02:09:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:20:e8:3b:88:cf:e3:0c:a6:8e:1f:31:5d:55:ef:9c:92:b7:6a:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D0F79D826E43EAB61A7A834E6A2777C5EC821FFD Validity Not Before: Mar 24 16:47:35 2026 GMT Not After : Mar 28 02:09:35 2026 GMT Subject: CN=649E7DF2D8DEA77468581AAE4A068832B26A1744 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:30:c1:53:4c:25:6d:34:19:7e:d8:17:23:2a: a0:17:bd:7d:8a:d2:98:31:3d:3f:bc:4a:18:34:25: 42:1e:29:d4:36:6e:21:09:86:1e:7d:ad:9a:f4:d6: 2a:90:b1:93:bf:0c:2c:ce:f6:9a:a5:3d:d2:45:af: f7:5c:e1:db:ab:80:4d:4a:d7:d9:69:2f:ad:5a:dc: ef:71:3b:ec:23:a6:1e:48:c4:98:ea:88:c5:1e:75: d8:a9:c0:ae:3b:28:fc:26:c7:06:59:c7:2a:45:2f: 3b:55:2f:5e:36:34:7b:df:28:d0:90:e9:5c:08:c8: 92:50:ed:fa:7e:42:12:d8:13:17:5b:ec:ea:d2:2a: 69:fc:e2:0d:e1:30:58:6e:8b:ad:58:bd:73:df:47: 23:39:42:e7:58:2c:66:27:fb:7a:a6:1c:cd:85:50: b1:f5:c2:9b:d6:40:c0:05:2a:0b:0c:62:5b:bf:13: 4b:92:af:13:de:54:0b:12:8f:c3:9b:99:a6:95:b5: 5c:37:23:7f:f7:b3:17:02:09:95:52:f4:47:e2:26: 4e:00:3f:3a:26:fa:14:dd:aa:a3:16:33:03:e1:b8: 72:df:01:b0:ba:2e:a1:cd:91:23:ee:b0:8f:2c:24: 1a:d6:b5:44:43:43:7e:35:72:75:4c:2a:b8:e8:0f: 2b:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:9E:7D:F2:D8:DE:A7:74:68:58:1A:AE:4A:06:88:32:B2:6A:17:44 X509v3 Authority Key Identifier: keyid:D0:F7:9D:82:6E:43:EA:B6:1A:7A:83:4E:6A:27:77:C5:EC:82:1F:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/28463285-7c28-435a-82bb-fcc32d58020e/0/D0F79D826E43EAB61A7A834E6A2777C5EC821FFD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:90:82:c2:66:86:ba:9d:b7:ff:c7:a6:6a:67:2b:5b:5d:44: 69:3b:b9:71:8d:7f:20:e4:1a:7f:42:a2:93:4b:d0:22:6e:8e: 07:05:42:1f:de:38:75:73:59:e3:38:fd:06:f1:9f:70:b0:e2: 15:cc:8c:59:c7:38:a7:89:4a:c1:bc:84:87:14:33:a6:20:f6: a0:c9:e3:9a:32:3c:55:a5:04:cd:f6:50:b0:b3:b2:bc:28:52: bd:58:51:fd:de:a9:2f:a3:28:ca:a0:a5:c6:80:ab:1c:c2:c0: a7:54:57:7b:fc:86:84:2c:cc:b4:0d:db:66:54:45:bf:05:b2: 2a:54:7c:c5:34:63:2a:65:e1:d8:d2:3d:83:2e:ef:30:25:6f: 81:96:03:dc:f8:e7:b1:75:24:ca:20:e8:b0:2a:4e:53:36:56: 63:ad:a5:7e:d1:f6:07:19:ff:d4:96:a6:94:1a:81:b5:90:e2: 3f:9b:8a:d6:86:10:0a:33:a5:70:de:28:e3:57:31:1c:52:1d: 48:3a:99:d0:51:68:b7:fe:97:06:c5:9b:8d:5f:ad:e9:52:6b: fe:59:a8:3c:45:7e:dc:bb:c7:de:b6:b0:29:7c:ec:58:f7:3b: 79:fa:1f:46:ea:4d:b6:40:62:d1:15:86:09:71:d1:d0:86:91: a9:33:ef:96 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUVSDoO4jP4wymjh8xXVXvnJK3aikwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDBGNzlEODI2RTQzRUFCNjFBN0E4MzRFNkEyNzc3QzVF QzgyMUZGRDAeFw0yNjAzMjQxNjQ3MzVaFw0yNjAzMjgwMjA5MzVaMDMxMTAvBgNV BAMTKDY0OUU3REYyRDhERUE3NzQ2ODU4MUFBRTRBMDY4ODMyQjI2QTE3NDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOMMFTTCVtNBl+2BcjKqAXvX2K 0pgxPT+8Shg0JUIeKdQ2biEJhh59rZr01iqQsZO/DCzO9pqlPdJFr/dc4durgE1K 19lpL61a3O9xO+wjph5IxJjqiMUeddipwK47KPwmxwZZxypFLztVL142NHvfKNCQ 6VwIyJJQ7fp+QhLYExdb7OrSKmn84g3hMFhui61YvXPfRyM5QudYLGYn+3qmHM2F ULH1wpvWQMAFKgsMYlu/E0uSrxPeVAsSj8ObmaaVtVw3I3/3sxcCCZVS9EfiJk4A Pzom+hTdqqMWMwPhuHLfAbC6LqHNkSPusI8sJBrWtURDQ341cnVMKrjoDysNAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZJ598tjep3RoWBquSgaIMrJqF0QwHwYDVR0j BBgwFoAU0Pedgm5D6rYaeoNOaid3xeyCH/0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ODQ2MzI4NS03YzI4LTQzNWEtODJiYi1mY2MzMmQ1ODAyMGUvMC9EMEY3OUQ4MjZF NDNFQUI2MUE3QTgzNEU2QTI3NzdDNUVDODIxRkZELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDBGNzlEODI2RTQzRUFCNjFBN0E4MzRFNkEyNzc3QzVFQzgy MUZGRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjg0NjMyODUtN2MyOC00MzVhLTgy YmItZmNjMzJkNTgwMjBlLzAvRDBGNzlEODI2RTQzRUFCNjFBN0E4MzRFNkEyNzc3 QzVFQzgyMUZGRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGyQgsJmhrqdt//HpmpnK1tdRGk7uXGNfyDk Gn9CopNL0CJujgcFQh/eOHVzWeM4/Qbxn3Cw4hXMjFnHOKeJSsG8hIcUM6Yg9qDJ 45oyPFWlBM32ULCzsrwoUr1YUf3eqS+jKMqgpcaAqxzCwKdUV3v8hoQszLQN22ZU Rb8FsipUfMU0Yypl4djSPYMu7zAlb4GWA9z457F1JMog6LAqTlM2VmOtpX7R9gcZ /9SWppQagbWQ4j+bitaGEAozpXDeKONXMRxSHUg6mdBRaLf+lwbFm41frelSa/5Z qDxFfty7x962sCl87Fj3O3n6H0bqTbZAYtEVhglx0dCGkakz75Y= -----END CERTIFICATE-----Generated at Thu Mar 26 18:37:24 2026 by rpki-client