$ rpki-client -vvf repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft File: 4AA76DED689FD4420809D0962087A03BCF018FEA.mft (raw, json) Hash identifier: S2elYvljxF3WNCk937ru46SZlmQxNZoNkaN3zjxZnnU= Subject key identifier: 36:75:3E:1D:58:9C:DE:26:AA:B0:83:1C:99:37:9B:3F:2A:06:C7:FF Authority key identifier: 4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA Certificate issuer: /CN=4AA76DED689FD4420809D0962087A03BCF018FEA Certificate serial: 7B476F5693E341DCA0EAD88FEBD39254BB744928 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft Manifest number: 011D Signing time: Wed 25 Mar 2026 23:41:56 +0000 Manifest this update: Wed 25 Mar 2026 23:36:56 +0000 Manifest next update: Sun 29 Mar 2026 02:58:56 +0000 Files and hashes: 1: 3130332e39392e3133362e302f32342d3234203d3e20313531353735.roa (hash: 2CpAucK+rvU21eAZmyDV5IqqR6dCAIafzExn8g2LOMw=) 2: 4AA76DED689FD4420809D0962087A03BCF018FEA.crl (hash: mUTO653r+0x6/CXMUzuregKrtVI06gT75wv2Bp9fAgE=) 3: 323030313a6466343a3763303a3a2f34382d3438203d3e20313531353735.roa (hash: khEVLFQtH+a45cc9yGf67pi2XkwhJ0LBpc+mc2azWiQ=) 4: 3130332e39392e3133372e302f32342d3234203d3e20313531353735.roa (hash: qGUv354O5bgjhTMZ45JMcvyFGWQg1EdVxERPegJoKCQ=) 5: 3130332e39392e3133362e302f32332d3233203d3e20313531353735.roa (hash: bYo0zSG/Y+l/kRQWqzhvCy7R5Romzqih1iDCz89t3mk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 02:58:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:47:6f:56:93:e3:41:dc:a0:ea:d8:8f:eb:d3:92:54:bb:74:49:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4AA76DED689FD4420809D0962087A03BCF018FEA Validity Not Before: Mar 25 23:36:56 2026 GMT Not After : Mar 29 02:58:56 2026 GMT Subject: CN=36753E1D589CDE26AAB0831C99379B3F2A06C7FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:49:95:31:e6:2d:28:7c:8f:84:76:b9:bc:2f: bc:cc:57:11:04:88:ef:30:a3:7a:73:ee:6c:bb:39: ec:ff:a1:d3:9f:5a:ba:92:7c:7c:bd:79:cc:cb:12: c3:46:b7:4d:b8:4d:05:53:f0:f0:7d:f8:67:10:22: 02:a6:40:3f:f4:11:b6:6b:97:ad:42:95:39:bc:88: fe:78:6c:b1:3e:d2:d0:b5:26:25:45:26:04:d5:c1: f9:a1:cb:ac:e1:ba:e0:e4:3a:b5:b8:0c:82:b1:76: 84:10:9d:29:db:3a:f0:fc:67:0d:8a:29:db:23:91: 0c:e1:a8:3a:26:e8:8c:e6:e6:56:d2:df:c8:40:78: 63:0d:44:8e:3e:34:39:b8:72:40:f7:52:0c:3f:5d: 73:95:a6:62:19:91:25:cb:b7:8d:e3:93:9f:c2:e5: 21:7d:51:8f:18:a4:c5:9e:e8:99:8a:e5:67:50:60: b1:14:56:49:a7:8e:66:a5:85:39:cd:b7:09:a7:eb: aa:d8:eb:7e:25:62:02:b8:8b:05:e1:c0:d1:f7:bd: 48:57:d6:fd:12:83:29:6d:59:58:ac:99:6a:ce:97: 47:35:b3:87:a8:9d:43:8b:00:f4:5e:24:cf:57:0a: f8:14:95:b3:96:65:2b:5b:26:56:3e:a4:b0:bc:3f: 73:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:75:3E:1D:58:9C:DE:26:AA:B0:83:1C:99:37:9B:3F:2A:06:C7:FF X509v3 Authority Key Identifier: keyid:4A:A7:6D:ED:68:9F:D4:42:08:09:D0:96:20:87:A0:3B:CF:01:8F:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AA76DED689FD4420809D0962087A03BCF018FEA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2c280af3-aa1d-4271-8c06-a3fa28898426/0/4AA76DED689FD4420809D0962087A03BCF018FEA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:ac:58:a3:07:8a:bb:1d:12:c4:dc:60:ec:f1:5f:9b:8e:55: f8:a3:a3:4e:de:ad:e3:c8:a5:b1:78:a5:92:b6:16:3d:e3:6e: 7c:56:88:8e:51:61:bc:b1:29:8d:45:a8:93:9a:ff:3a:3e:28: ce:e1:7f:f1:92:c9:76:32:f2:dd:79:73:1a:f4:84:c0:6b:64: ce:5c:1a:b9:18:75:28:49:97:a7:fa:91:c7:f4:cd:df:3c:68: 79:c0:d8:84:90:21:3b:cb:e3:d5:77:07:02:e3:ac:d6:1f:c7: b7:bf:ae:22:ae:32:1f:9f:28:d7:6a:3e:ad:25:55:a8:54:ce: 86:5e:2d:b9:52:58:95:81:66:41:72:53:c3:18:47:e7:05:40: 1a:9a:5c:17:54:14:3d:2b:fa:15:6f:c3:6c:fa:e9:97:00:0a: 74:ee:68:5b:74:28:ef:64:93:ba:ff:a4:2a:55:2f:2b:98:ed: b1:30:59:72:94:ab:2e:f6:73:de:ab:8d:27:7b:54:94:bc:d9: 47:92:70:cc:4c:e3:bb:e0:66:a3:fd:9c:20:a1:59:fe:43:af: 46:c4:83:8e:3e:7a:30:1a:41:60:27:77:a1:36:9d:57:2f:c6: 58:f2:c8:e1:72:bf:67:39:cd:7b:19:01:8a:c9:cd:8e:f3:4f: d9:fe:b2:07 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUe0dvVpPjQdyg6tiP69OSVLt0SSgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JD RjAxOEZFQTAeFw0yNjAzMjUyMzM2NTZaFw0yNjAzMjkwMjU4NTZaMDMxMTAvBgNV BAMTKDM2NzUzRTFENTg5Q0RFMjZBQUIwODMxQzk5Mzc5QjNGMkEwNkM3RkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5SZUx5i0ofI+Edrm8L7zMVxEE iO8wo3pz7my7Oez/odOfWrqSfHy9eczLEsNGt024TQVT8PB9+GcQIgKmQD/0EbZr l61ClTm8iP54bLE+0tC1JiVFJgTVwfmhy6zhuuDkOrW4DIKxdoQQnSnbOvD8Zw2K KdsjkQzhqDom6Izm5lbS38hAeGMNRI4+NDm4ckD3Ugw/XXOVpmIZkSXLt43jk5/C 5SF9UY8YpMWe6JmK5WdQYLEUVkmnjmalhTnNtwmn66rY634lYgK4iwXhwNH3vUhX 1v0SgyltWVismWrOl0c1s4eonUOLAPReJM9XCvgUlbOWZStbJlY+pLC8P3OHAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUNnU+HVic3iaqsIMcmTebPyoGx/8wHwYDVR0j BBgwFoAUSqdt7Wif1EIICdCWIIegO88Bj+owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YzI4MGFmMy1hYTFkLTQyNzEtOGMwNi1hM2ZhMjg4OTg0MjYvMC80QUE3NkRFRDY4 OUZENDQyMDgwOUQwOTYyMDg3QTAzQkNGMDE4RkVBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0EwM0JDRjAx OEZFQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmMyODBhZjMtYWExZC00MjcxLThj MDYtYTNmYTI4ODk4NDI2LzAvNEFBNzZERUQ2ODlGRDQ0MjA4MDlEMDk2MjA4N0Ew M0JDRjAxOEZFQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEWsWKMHirsdEsTcYOzxX5uOVfijo07erePI pbF4pZK2Fj3jbnxWiI5RYbyxKY1FqJOa/zo+KM7hf/GSyXYy8t15cxr0hMBrZM5c GrkYdShJl6f6kcf0zd88aHnA2ISQITvL49V3BwLjrNYfx7e/riKuMh+fKNdqPq0l VahUzoZeLblSWJWBZkFyU8MYR+cFQBqaXBdUFD0r+hVvw2z66ZcACnTuaFt0KO9k k7r/pCpVLyuY7bEwWXKUqy72c96rjSd7VJS82UeScMxM47vgZqP9nCChWf5Dr0bE g44+ejAaQWAnd6E2nVcvxljyyOFyv2c5zXsZAYrJzY7zT9n+sgc= -----END CERTIFICATE-----Generated at Thu Mar 26 10:13:44 2026 by rpki-client