$ rpki-client -vvf repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/0/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.mft File: 72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.mft (raw, json) Hash identifier: uQLUyoLq6Jj9te+b9j6pcdMPvgVATD3Hxa9bxx5IhDM= Subject key identifier: 2D:5C:DA:26:A4:B3:1F:9B:39:A1:9C:99:8A:FC:6B:19:EE:19:54:B2 Authority key identifier: 72:D6:6E:2B:CD:D4:F1:A7:CB:17:8E:05:0B:4C:A8:A9:DF:E3:1A:AE Certificate issuer: /CN=72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE Certificate serial: 76E59307691E9565869E31E11699EAC4510EFC30 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/0/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.mft Manifest number: 09 Signing time: Thu 26 Mar 2026 18:02:56 +0000 Manifest this update: Thu 26 Mar 2026 17:57:56 +0000 Manifest next update: Mon 30 Mar 2026 04:45:56 +0000 Files and hashes: 1: 72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.crl (hash: 7bd+SiQ79m5emWDneDZx1Ofc8m1RR18PVCdyG0+GxTw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/0/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.crl rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/0/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 20:57:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:e5:93:07:69:1e:95:65:86:9e:31:e1:16:99:ea:c4:51:0e:fc:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE Validity Not Before: Mar 26 17:57:56 2026 GMT Not After : Mar 30 04:45:56 2026 GMT Subject: CN=2D5CDA26A4B31F9B39A19C998AFC6B19EE1954B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:7d:f9:17:37:6a:bf:b6:01:7c:8d:ac:d2:ee: cc:8d:54:df:a5:dd:7f:e6:08:55:82:9e:40:48:c9: c1:c1:f0:e0:db:59:da:80:20:b8:44:56:07:04:bf: ec:5a:37:cf:c7:17:5a:e9:b4:6d:ff:72:5c:50:84: fe:0d:c9:fc:73:60:6a:81:58:8d:f5:7d:f5:e1:89: 02:8f:1a:14:4a:26:72:73:bf:35:08:23:75:fc:ba: 64:bd:5d:6c:a6:e9:c3:20:84:ae:fd:02:45:6b:ed: 17:bd:1f:6e:65:43:79:b4:58:67:a4:af:50:96:fc: c7:26:47:18:61:e0:92:7f:02:25:d0:fb:14:15:0b: 1c:78:35:0c:69:35:99:2d:f5:18:ec:d0:8f:5c:fe: 55:52:f8:21:97:c0:14:81:4c:ba:66:f9:83:99:26: 87:92:79:25:ba:a3:96:d5:d5:ca:e8:b3:25:d7:07: 44:d0:bb:3a:cb:45:85:6f:57:4c:db:68:a1:00:89: d8:81:5f:8a:27:90:75:04:ea:b7:c1:21:d5:e4:96: f3:b4:a4:76:38:d8:3a:1e:6c:03:52:25:78:0d:87: 27:01:ed:11:76:3f:d0:d4:9d:e3:4d:d5:25:7e:00: a8:db:7a:ee:0c:60:44:fb:25:fa:e7:c4:ab:9d:d0: ad:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:5C:DA:26:A4:B3:1F:9B:39:A1:9C:99:8A:FC:6B:19:EE:19:54:B2 X509v3 Authority Key Identifier: keyid:72:D6:6E:2B:CD:D4:F1:A7:CB:17:8E:05:0B:4C:A8:A9:DF:E3:1A:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/0/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/0/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:09:09:da:78:c4:e9:95:af:a8:1a:94:1e:a2:f2:f4:d8:9d: ab:c2:6f:a9:a8:e7:04:58:20:cf:dc:a3:07:3e:06:22:71:dd: ff:60:28:99:46:49:bf:68:d2:99:ca:05:2f:c1:6f:ab:f6:57: 5e:b6:09:cf:72:71:5b:80:d4:15:8b:a7:e5:7c:f6:d9:ff:6c: 14:c4:e4:39:ac:94:fb:1b:02:b9:1b:c7:b1:91:7b:ff:3a:f3: 48:0b:d7:af:81:48:d1:e8:f0:68:84:65:c5:0e:1b:d4:59:8b: ce:b5:7e:a0:7e:ec:f5:51:e4:9c:30:09:9a:ff:36:ae:30:df: d0:d3:b7:de:8a:91:5f:c5:b9:e6:87:7a:54:ec:6b:0f:8a:0b: da:a5:78:0a:2f:19:95:0a:01:69:3d:58:7c:e0:21:ce:42:d5: ec:fd:a2:d7:d1:9b:15:30:b5:64:20:96:90:f2:ce:11:9a:e0: 6c:2a:b6:49:c8:66:db:ce:e1:ef:91:82:1a:b0:8d:07:5d:7c: 84:71:69:6b:f9:70:52:db:85:56:6d:9a:9c:37:30:71:10:01: 01:75:4b:a5:9d:72:67:9f:0a:24:b1:8b:71:a8:9f:0c:e5:d2: 10:b2:80:23:e9:1d:98:80:c5:50:f9:95:e5:e1:d7:9e:19:46: db:7d:bc:50 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUduWTB2kelWWGnjHhFpnqxFEO/DAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzJENjZFMkJDREQ0RjFBN0NCMTc4RTA1MEI0Q0E4QTlE RkUzMUFBRTAeFw0yNjAzMjYxNzU3NTZaFw0yNjAzMzAwNDQ1NTZaMDMxMTAvBgNV BAMTKDJENUNEQTI2QTRCMzFGOUIzOUExOUM5OThBRkM2QjE5RUUxOTU0QjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7ffkXN2q/tgF8jazS7syNVN+l 3X/mCFWCnkBIycHB8ODbWdqAILhEVgcEv+xaN8/HF1rptG3/clxQhP4NyfxzYGqB WI31ffXhiQKPGhRKJnJzvzUII3X8umS9XWym6cMghK79AkVr7Re9H25lQ3m0WGek r1CW/McmRxhh4JJ/AiXQ+xQVCxx4NQxpNZkt9Rjs0I9c/lVS+CGXwBSBTLpm+YOZ JoeSeSW6o5bV1crosyXXB0TQuzrLRYVvV0zbaKEAidiBX4onkHUE6rfBIdXklvO0 pHY42DoebANSJXgNhycB7RF2P9DUneNN1SV+AKjbeu4MYET7JfrnxKud0K2xAgMB AAGjggI8MIICODAdBgNVHQ4EFgQULVzaJqSzH5s5oZyZivxrGe4ZVLIwHwYDVR0j BBgwFoAUctZuK83U8afLF44FC0yoqd/jGq4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YmUyOTkwMi1lMGY0LTQyOWEtOWEyNi00MzliOWJmZWU0ODkvMC83MkQ2NkUyQkNE RDRGMUE3Q0IxNzhFMDUwQjRDQThBOURGRTMxQUFFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNzJENjZFMkJDREQ0RjFBN0NCMTc4RTA1MEI0Q0E4QTlERkUz MUFBRS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmJlMjk5MDItZTBmNC00MjlhLTlh MjYtNDM5YjliZmVlNDg5LzAvNzJENjZFMkJDREQ0RjFBN0NCMTc4RTA1MEI0Q0E4 QTlERkUzMUFBRS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAH8JCdp4xOmVr6galB6i8vTYnavCb6mo5wRY IM/cowc+BiJx3f9gKJlGSb9o0pnKBS/Bb6v2V162Cc9ycVuA1BWLp+V89tn/bBTE 5DmslPsbArkbx7GRe/8680gL16+BSNHo8GiEZcUOG9RZi861fqB+7PVR5JwwCZr/ Nq4w39DTt96KkV/FueaHelTsaw+KC9qleAovGZUKAWk9WHzgIc5C1ez9otfRmxUw tWQglpDyzhGa4GwqtknIZtvO4e+RghqwjQddfIRxaWv5cFLbhVZtmpw3MHEQAQF1 S6WdcmefCiSxi3Gonwzl0hCygCPpHZiAxVD5leXh154ZRtt9vFA= -----END CERTIFICATE-----Generated at Thu Mar 26 22:47:49 2026 by rpki-client