$ rpki-client -vvf repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.mft File: 289151EF8AE8A79D8F426683D1525AD82FAB3D5C.mft (raw, json) Hash identifier: /PuwqEriaSJTdxLzbB++SZEVEVrBuOnqJSj4EQsXMpk= Subject key identifier: 5F:5D:83:EB:7B:30:FD:BF:30:4B:F9:CA:A4:B3:36:15:99:8C:CA:43 Authority key identifier: 28:91:51:EF:8A:E8:A7:9D:8F:42:66:83:D1:52:5A:D8:2F:AB:3D:5C Certificate issuer: /CN=289151EF8AE8A79D8F426683D1525AD82FAB3D5C Certificate serial: 1023F9F3F181D840896817DBBDC6709AB5A5D495 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.mft Manifest number: 01C7 Signing time: Tue 24 Mar 2026 03:01:55 +0000 Manifest this update: Tue 24 Mar 2026 02:56:55 +0000 Manifest next update: Fri 27 Mar 2026 11:24:55 +0000 Files and hashes: 1: 289151EF8AE8A79D8F426683D1525AD82FAB3D5C.crl (hash: Fs7ZQchF1wx3ahfeygSZg2SCNTZffSKMkyRFJMjiSMc=) 2: 323030313a6466313a633263303a3a2f34382d3438203d3e20313439393039.roa (hash: vVFtcDy4aPivFUPPIcMbLhe9f28+1kgtEKXIpm8Qbe4=) 3: 3130332e3139312e35382e302f32332d3234203d3e20313439393039.roa (hash: BomqdPcEWc7ThbBvhWDgZwYqBISDPqqeOo30nwHFh5Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.crl rsync://repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 11:24:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:23:f9:f3:f1:81:d8:40:89:68:17:db:bd:c6:70:9a:b5:a5:d4:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=289151EF8AE8A79D8F426683D1525AD82FAB3D5C Validity Not Before: Mar 24 02:56:55 2026 GMT Not After : Mar 27 11:24:55 2026 GMT Subject: CN=5F5D83EB7B30FDBF304BF9CAA4B33615998CCA43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:93:c2:0a:de:b0:bd:17:c7:bd:74:8f:12:04: b7:1e:5b:21:e2:5c:67:8a:6f:17:aa:15:80:09:b6: 02:cc:8c:d6:22:25:42:10:6b:fe:4e:de:a0:da:60: 9d:92:04:23:2e:39:39:c9:5d:11:88:8f:90:54:5e: c6:d8:2d:b0:23:fe:17:82:a8:b9:a4:b9:f1:2c:4d: df:8c:1e:28:16:7b:4d:ac:83:04:a5:66:90:37:9e: 4b:11:05:b8:f4:61:d5:71:ef:0d:70:04:63:f9:0f: 11:84:54:97:c3:ed:37:b4:74:4a:02:37:ec:8b:77: b0:2c:fa:e6:c7:6d:9f:2d:3e:5b:f8:98:c1:c9:56: 4b:fe:2d:ac:b7:70:31:87:e6:43:a4:9e:2d:68:43: 90:38:ba:55:6f:fe:93:72:be:17:bf:10:23:4d:74: f1:be:01:b1:e4:63:c5:0c:f0:c3:97:54:86:3d:92: f0:f2:db:b4:10:3d:6b:20:53:72:8d:22:b1:ce:f2: 2a:08:33:78:05:cf:6c:19:22:0d:b6:57:2c:e8:52: fa:e8:39:46:c7:17:f2:70:83:c0:af:b7:70:cb:1e: bb:e5:95:c5:e0:db:41:33:ba:a7:f2:c8:55:b8:4e: 32:20:90:c7:92:cd:81:17:a1:0c:e5:b8:34:94:0f: 5e:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:5D:83:EB:7B:30:FD:BF:30:4B:F9:CA:A4:B3:36:15:99:8C:CA:43 X509v3 Authority Key Identifier: keyid:28:91:51:EF:8A:E8:A7:9D:8F:42:66:83:D1:52:5A:D8:2F:AB:3D:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2bbe6815-310e-4206-a500-6bb9d3263abf/0/289151EF8AE8A79D8F426683D1525AD82FAB3D5C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d6:a4:ce:87:e5:2f:b8:46:e9:14:fa:2e:4e:26:b5:e6:9c:3c: b6:3d:8d:5e:d2:19:58:b8:62:de:0c:68:22:a6:3a:34:83:76: 7e:e9:30:1c:28:83:cc:e7:d9:a6:ad:c9:0e:0d:b6:34:f5:3f: 80:74:ad:ea:29:af:4b:78:c4:0d:b9:79:6f:38:1b:5e:6f:ee: f6:7f:f2:cf:e6:b7:b9:52:b1:80:31:53:0b:c6:ef:d9:34:4e: fd:33:b3:64:87:6c:a0:c2:92:c3:c4:24:63:20:bf:ee:a2:34: 10:cb:bc:ae:b6:ba:f1:4f:39:c4:dc:71:a9:99:cf:a5:83:67: 9a:63:f9:a6:d6:a6:e1:89:47:6e:25:e6:66:63:89:5e:36:70: f2:72:ad:16:3d:68:66:0f:ba:95:22:27:10:d8:73:17:a8:3e: ce:14:bd:be:ef:03:43:30:96:0a:c4:2e:9d:9f:57:b3:3a:39: 90:cd:ba:5d:2c:89:95:db:97:f9:49:35:60:3f:1e:db:45:83: 33:ed:5a:76:1c:a9:e1:5d:0d:12:46:57:3b:13:33:b0:38:c0: 90:71:71:a0:62:b8:15:be:82:ee:17:e2:61:f1:8e:d6:63:c9: 0a:06:b2:89:55:7a:f9:ef:ae:9e:4d:cc:e8:ab:29:9f:ed:22: f5:5c:32:0b -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUECP58/GB2ECJaBfbvcZwmrWl1JUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjg5MTUxRUY4QUU4QTc5RDhGNDI2NjgzRDE1MjVBRDgy RkFCM0Q1QzAeFw0yNjAzMjQwMjU2NTVaFw0yNjAzMjcxMTI0NTVaMDMxMTAvBgNV BAMTKDVGNUQ4M0VCN0IzMEZEQkYzMDRCRjlDQUE0QjMzNjE1OTk4Q0NBNDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8k8IK3rC9F8e9dI8SBLceWyHi XGeKbxeqFYAJtgLMjNYiJUIQa/5O3qDaYJ2SBCMuOTnJXRGIj5BUXsbYLbAj/heC qLmkufEsTd+MHigWe02sgwSlZpA3nksRBbj0YdVx7w1wBGP5DxGEVJfD7Te0dEoC N+yLd7As+ubHbZ8tPlv4mMHJVkv+Lay3cDGH5kOkni1oQ5A4ulVv/pNyvhe/ECNN dPG+AbHkY8UM8MOXVIY9kvDy27QQPWsgU3KNIrHO8ioIM3gFz2wZIg22VyzoUvro OUbHF/Jwg8Cvt3DLHrvllcXg20EzuqfyyFW4TjIgkMeSzYEXoQzluDSUD16VAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUX12D63sw/b8wS/nKpLM2FZmMykMwHwYDVR0j BBgwFoAUKJFR74rop52PQmaD0VJa2C+rPVwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YmJlNjgxNS0zMTBlLTQyMDYtYTUwMC02YmI5ZDMyNjNhYmYvMC8yODkxNTFFRjhB RThBNzlEOEY0MjY2ODNEMTUyNUFEODJGQUIzRDVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjg5MTUxRUY4QUU4QTc5RDhGNDI2NjgzRDE1MjVBRDgyRkFC M0Q1Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmJiZTY4MTUtMzEwZS00MjA2LWE1 MDAtNmJiOWQzMjYzYWJmLzAvMjg5MTUxRUY4QUU4QTc5RDhGNDI2NjgzRDE1MjVB RDgyRkFCM0Q1Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBANakzoflL7hG6RT6Lk4mteacPLY9jV7SGVi4 Yt4MaCKmOjSDdn7pMBwog8zn2aatyQ4NtjT1P4B0reopr0t4xA25eW84G15v7vZ/ 8s/mt7lSsYAxUwvG79k0Tv0zs2SHbKDCksPEJGMgv+6iNBDLvK62uvFPOcTccamZ z6WDZ5pj+abWpuGJR24l5mZjiV42cPJyrRY9aGYPupUiJxDYcxeoPs4Uvb7vA0Mw lgrELp2fV7M6OZDNul0siZXbl/lJNWA/HttFgzPtWnYcqeFdDRJGVzsTM7A4wJBx caBiuBW+gu4X4mHxjtZjyQoGsolVevnvrp5NzOirKZ/tIvVcMgs= -----END CERTIFICATE-----Generated at Thu Mar 26 10:56:58 2026 by rpki-client