$ rpki-client -vvf repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.mft File: 2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.mft (raw, json) Hash identifier: ofmXiLLYqqqX1zcdcDQd5CrMS7nOLMiXzWR597q1k0Q= Subject key identifier: 99:FB:8D:FD:E2:F8:6A:C5:6B:5F:3F:BD:2A:B9:F4:E4:88:D1:E0:E3 Authority key identifier: 2A:DD:D4:03:51:73:FA:C3:BB:39:49:CB:36:CC:EF:25:53:79:8B:FC Certificate issuer: /CN=2ADDD4035173FAC3BB3949CB36CCEF2553798BFC Certificate serial: 2AD15182E3A7B103CBFC8F2C003726B6808FF4FF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.mft Manifest number: 0131 Signing time: Tue 24 Mar 2026 11:10:45 +0000 Manifest this update: Tue 24 Mar 2026 11:05:45 +0000 Manifest next update: Fri 27 Mar 2026 13:37:45 +0000 Files and hashes: 1: 3135372e32302e3234342e302f32342d3234203d3e20313338303839.roa (hash: oUnLaY5QLKq7msdrsSjPpVYbhTetk+RaEux8Uav3LJk=) 2: 2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.crl (hash: KAZwGp0xLYgqt/TpkrD5ocP2htbyjE52vWqAErpmScE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.crl rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 13:37:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:d1:51:82:e3:a7:b1:03:cb:fc:8f:2c:00:37:26:b6:80:8f:f4:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ADDD4035173FAC3BB3949CB36CCEF2553798BFC Validity Not Before: Mar 24 11:05:45 2026 GMT Not After : Mar 27 13:37:45 2026 GMT Subject: CN=99FB8DFDE2F86AC56B5F3FBD2AB9F4E488D1E0E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:36:4f:0e:98:5e:04:94:83:bb:13:49:cf:f6: 15:7e:8c:6b:84:bd:91:47:8f:71:81:94:71:6e:2a: 42:1f:65:93:67:15:30:31:69:36:e8:24:16:d0:89: 49:28:f5:a5:55:77:75:d2:e7:9b:ac:aa:6f:86:35: 12:86:0b:e3:a8:29:55:ff:34:6a:2b:e9:3e:24:7f: de:fd:9b:5e:e7:d1:37:84:31:10:3e:cb:a9:0e:67: 07:93:f2:3a:73:f8:1e:0f:0a:01:08:77:b7:19:cf: 5e:14:c2:9d:aa:ac:d7:dd:14:a1:a6:2d:a8:85:5c: 19:ed:06:aa:87:2e:4b:82:7b:ca:c0:f2:a2:86:97: bc:cb:59:4b:e5:de:df:14:9e:e7:e1:34:5b:20:ef: 2b:8d:2a:bb:3e:56:66:15:51:54:12:c2:c8:d4:53: 1f:50:c6:33:d5:3a:2b:c1:fd:36:26:b6:ca:87:6c: c9:ed:9a:34:b3:80:03:df:90:69:61:57:92:16:11: 42:de:ea:cf:28:c4:5a:c6:2b:ad:3c:ff:52:71:6c: a2:ea:eb:83:24:59:d1:d6:46:fa:63:c1:73:09:8e: 5d:b0:73:b4:af:55:02:f0:75:92:82:02:1b:08:0c: ed:82:e4:da:9f:55:c2:c8:80:d9:67:b5:04:b5:d4: 46:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:FB:8D:FD:E2:F8:6A:C5:6B:5F:3F:BD:2A:B9:F4:E4:88:D1:E0:E3 X509v3 Authority Key Identifier: keyid:2A:DD:D4:03:51:73:FA:C3:BB:39:49:CB:36:CC:EF:25:53:79:8B:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:b6:7f:8c:32:31:c9:24:3e:a7:7b:e7:42:45:f2:2d:08:c6: 3e:32:b0:43:7a:ba:1e:b7:20:1a:4f:ca:fd:d4:a5:44:b5:1a: d6:20:2d:0e:77:87:7a:52:7c:50:f7:3b:57:d8:c2:45:ba:93: 63:0e:2a:2c:b7:17:d0:db:21:75:60:dc:7f:b4:15:e8:b1:b8: fb:53:39:85:71:69:2d:4d:18:cf:c5:28:80:c8:89:bf:97:e5: df:8d:3c:0f:a5:6a:ac:60:67:fc:57:77:df:f4:b6:64:10:0f: 88:2a:fb:a4:e9:97:90:c8:da:77:8a:ab:02:c0:63:4f:b7:0f: 7d:e3:95:47:5c:1b:b9:ad:14:0a:af:55:58:2f:e0:19:25:d1: 1c:ab:8b:3b:ab:f7:71:ea:da:6c:04:c5:a4:3b:e9:05:09:80: 1f:ed:71:f0:ad:fc:82:16:76:0d:94:5b:2a:37:1a:b3:1d:c7: 5e:a2:cf:52:b2:55:ca:16:dc:cd:6a:47:e1:a3:b4:69:c8:a1: 10:6d:f0:95:e7:44:20:bf:f2:06:ab:ff:d9:21:16:b5:6c:d3: d4:bc:b2:8c:f9:ae:61:03:53:0b:59:e4:b8:f3:1d:56:de:b7: 60:fc:01:01:80:1d:96:65:28:59:9a:c1:c6:67:45:41:75:34: 1d:ad:6c:ed -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKtFRguOnsQPL/I8sADcmtoCP9P8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkFEREQ0MDM1MTczRkFDM0JCMzk0OUNCMzZDQ0VGMjU1 Mzc5OEJGQzAeFw0yNjAzMjQxMTA1NDVaFw0yNjAzMjcxMzM3NDVaMDMxMTAvBgNV BAMTKDk5RkI4REZERTJGODZBQzU2QjVGM0ZCRDJBQjlGNEU0ODhEMUUwRTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTNk8OmF4ElIO7E0nP9hV+jGuE vZFHj3GBlHFuKkIfZZNnFTAxaTboJBbQiUko9aVVd3XS55usqm+GNRKGC+OoKVX/ NGor6T4kf979m17n0TeEMRA+y6kOZweT8jpz+B4PCgEId7cZz14Uwp2qrNfdFKGm LaiFXBntBqqHLkuCe8rA8qKGl7zLWUvl3t8UnufhNFsg7yuNKrs+VmYVUVQSwsjU Ux9QxjPVOivB/TYmtsqHbMntmjSzgAPfkGlhV5IWEULe6s8oxFrGK608/1JxbKLq 64MkWdHWRvpjwXMJjl2wc7SvVQLwdZKCAhsIDO2C5NqfVcLIgNlntQS11EYxAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUmfuN/eL4asVrXz+9Krn05IjR4OMwHwYDVR0j BBgwFoAUKt3UA1Fz+sO7OUnLNszvJVN5i/wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ODY3YTJlZS1kNDExLTRmZjgtOWY1Yy0zNWQwMzQxMjNmODQvMC8yQURERDQwMzUx NzNGQUMzQkIzOTQ5Q0IzNkNDRUYyNTUzNzk4QkZDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMkFEREQ0MDM1MTczRkFDM0JCMzk0OUNCMzZDQ0VGMjU1Mzc5 OEJGQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMjg2N2EyZWUtZDQxMS00ZmY4LTlm NWMtMzVkMDM0MTIzZjg0LzAvMkFEREQ0MDM1MTczRkFDM0JCMzk0OUNCMzZDQ0VG MjU1Mzc5OEJGQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGG2f4wyMckkPqd750JF8i0Ixj4ysEN6uh63 IBpPyv3UpUS1GtYgLQ53h3pSfFD3O1fYwkW6k2MOKiy3F9DbIXVg3H+0FeixuPtT OYVxaS1NGM/FKIDIib+X5d+NPA+laqxgZ/xXd9/0tmQQD4gq+6Tpl5DI2neKqwLA Y0+3D33jlUdcG7mtFAqvVVgv4Bkl0Ryrizur93Hq2mwExaQ76QUJgB/tcfCt/IIW dg2UWyo3GrMdx16iz1KyVcoW3M1qR+GjtGnIoRBt8JXnRCC/8gar/9khFrVs09S8 soz5rmEDUwtZ5LjzHVbet2D8AQGAHZZlKFmawcZnRUF1NB2tbO0= -----END CERTIFICATE-----Generated at Thu Mar 26 13:52:26 2026 by rpki-client