$ rpki-client -vvf repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft File: D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft (raw, json) Hash identifier: JxubwL4sxzNEPB61CJqzW+YODRXQ/HNnYUHmEoArOIQ= Subject key identifier: 4E:E1:58:A5:20:F7:61:EC:07:95:3E:83:20:39:69:E5:B0:59:77:97 Authority key identifier: D5:8B:CD:47:A6:26:3C:C3:A1:2A:BD:E6:E3:A2:AD:28:AF:8B:DE:D7 Certificate issuer: /CN=D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7 Certificate serial: 34FAE86B0ADF76FE4507042B6B360D28DE69AC21 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft Manifest number: 0342 Signing time: Thu 26 Mar 2026 06:22:27 +0000 Manifest this update: Thu 26 Mar 2026 06:17:27 +0000 Manifest next update: Sun 29 Mar 2026 10:50:27 +0000 Files and hashes: 1: 3130332e3136392e34302e302f32342d3234203d3e20313432333332.roa (hash: yIxyAi+LsGKpwTABrM9lNwtjILhJjgs1G21qada+Ir4=) 2: D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl (hash: 7pD1t/q1+55GvV4GKzKsi+za3A6Z7X7H2zXu2Sa3lxY=) 3: 3130332e3136392e34312e302f32342d3234203d3e20313432333332.roa (hash: zPRVVEuzND/TSHdVq3ZkAQYAgPmvosaZoKU+TXGH1vc=) 4: 3130332e3136392e34302e302f32332d3233203d3e20313432333332.roa (hash: lwypc1eue2zj3ktOWvglzu1Jo7qmvdfN4AlugN+i5Zw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 10:50:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:fa:e8:6b:0a:df:76:fe:45:07:04:2b:6b:36:0d:28:de:69:ac:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7 Validity Not Before: Mar 26 06:17:27 2026 GMT Not After : Mar 29 10:50:27 2026 GMT Subject: CN=4EE158A520F761EC07953E83203969E5B0597797 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ad:5e:ba:05:cb:8c:b5:0b:73:e1:9b:0d:63: 38:ff:bc:4c:82:97:9f:ee:b7:9c:f8:cf:c2:6b:43: f1:ed:29:51:ee:c7:c3:f8:9c:4b:90:78:da:03:71: 7e:ae:9d:a7:a0:72:f6:1d:a8:0b:21:4a:97:9d:e4: f1:35:c1:ff:1a:2d:79:cd:22:d4:00:6a:9e:fc:81: 1d:18:80:0c:a9:b3:9f:17:b1:ee:0a:3f:af:9c:39: f3:bb:5b:62:f3:16:aa:9b:1e:d9:fc:d5:ca:38:fb: 02:df:3c:74:e7:7a:e9:cd:ac:ec:d3:9e:d0:f9:30: 7e:f4:de:c5:42:e2:5a:db:b8:39:90:e0:29:cf:c3: 20:a9:f2:e4:d9:1e:34:38:dc:f0:3e:91:79:3b:bd: 72:6b:64:fc:e6:0a:5e:bd:e8:56:cc:ca:36:7c:a7: 1a:d7:54:ed:b1:73:7f:58:a3:14:0d:69:81:f1:39: 10:6f:f8:38:ed:6d:eb:4b:e2:31:b9:ed:c3:ca:ff: 49:46:36:3b:15:11:29:29:c1:86:25:1b:53:8e:a6: ef:f5:fa:3e:7c:90:46:ae:8c:c9:75:e6:93:0c:58: 49:20:c2:6f:eb:6d:56:0e:e9:39:2b:c3:6d:2a:f7: 59:5e:e2:68:6e:d0:74:0d:e7:cd:ef:a8:94:10:53: 02:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:E1:58:A5:20:F7:61:EC:07:95:3E:83:20:39:69:E5:B0:59:77:97 X509v3 Authority Key Identifier: keyid:D5:8B:CD:47:A6:26:3C:C3:A1:2A:BD:E6:E3:A2:AD:28:AF:8B:DE:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2cb52619-379d-430a-b19b-1f0ec53ae909/0/D58BCD47A6263CC3A12ABDE6E3A2AD28AF8BDED7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:20:a0:22:9f:a2:64:bd:0f:d1:67:24:04:3c:43:ee:30:06: 23:47:b5:a3:c8:35:09:e3:2b:a6:de:e0:8c:4d:91:fa:21:2c: e0:a3:e2:9e:ee:f4:2b:8b:57:92:74:08:79:2e:65:aa:e9:f4: d7:c7:6f:20:1d:7d:b0:74:ec:7c:98:b6:ff:5c:c7:fa:c3:cc: 8f:9c:52:e1:77:86:1c:ce:9e:00:7c:78:e0:98:a2:56:78:4a: ce:07:d4:ea:b3:ec:43:69:01:13:d1:8b:8f:32:ae:22:3f:7a: f0:e3:fa:af:fa:22:ba:27:9c:ed:c1:d4:83:c9:65:c0:e8:30: 2c:a3:7e:d8:86:69:8b:57:01:3e:39:1d:4c:1e:a9:f7:85:34: 06:9e:cf:0a:b4:7b:44:a5:ad:89:14:fa:94:7f:91:8c:d8:0f: 15:dc:f5:7e:bd:97:24:bd:d4:7d:89:fc:95:e6:bb:8e:21:f9: 60:bb:e4:ec:6c:4e:68:11:c0:d2:7c:04:ec:df:ec:1a:da:2a: 2d:3e:87:78:f5:46:f2:39:82:99:87:07:60:79:cc:33:c5:2e: 1b:fe:c4:96:70:38:90:17:3d:eb:63:fe:6d:2d:95:d7:1c:96: d7:c5:b6:e4:72:20:3a:04:79:cf:b6:8b:13:95:cf:33:75:4c: fc:c6:19:85 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNProawrfdv5FBwQrazYNKN5prCEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFEMjhB RjhCREVENzAeFw0yNjAzMjYwNjE3MjdaFw0yNjAzMjkxMDUwMjdaMDMxMTAvBgNV BAMTKDRFRTE1OEE1MjBGNzYxRUMwNzk1M0U4MzIwMzk2OUU1QjA1OTc3OTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKrV66BcuMtQtz4ZsNYzj/vEyC l5/ut5z4z8JrQ/HtKVHux8P4nEuQeNoDcX6unaegcvYdqAshSped5PE1wf8aLXnN ItQAap78gR0YgAyps58Xse4KP6+cOfO7W2LzFqqbHtn81co4+wLfPHTneunNrOzT ntD5MH703sVC4lrbuDmQ4CnPwyCp8uTZHjQ43PA+kXk7vXJrZPzmCl696FbMyjZ8 pxrXVO2xc39YoxQNaYHxORBv+DjtbetL4jG57cPK/0lGNjsVESkpwYYlG1OOpu/1 +j58kEaujMl15pMMWEkgwm/rbVYO6Tkrw20q91le4mhu0HQN583vqJQQUwIXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUTuFYpSD3YewHlT6DIDlp5bBZd5cwHwYDVR0j BBgwFoAU1YvNR6YmPMOhKr3m46KtKK+L3tcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y Y2I1MjYxOS0zNzlkLTQzMGEtYjE5Yi0xZjBlYzUzYWU5MDkvMC9ENThCQ0Q0N0E2 MjYzQ0MzQTEyQUJERTZFM0EyQUQyOEFGOEJERUQ3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFEMjhBRjhC REVENy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmNiNTI2MTktMzc5ZC00MzBhLWIx OWItMWYwZWM1M2FlOTA5LzAvRDU4QkNENDdBNjI2M0NDM0ExMkFCREU2RTNBMkFE MjhBRjhCREVENy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGEgoCKfomS9D9FnJAQ8Q+4wBiNHtaPINQnj K6be4IxNkfohLOCj4p7u9CuLV5J0CHkuZarp9NfHbyAdfbB07HyYtv9cx/rDzI+c UuF3hhzOngB8eOCYolZ4Ss4H1Oqz7ENpARPRi48yriI/evDj+q/6IronnO3B1IPJ ZcDoMCyjftiGaYtXAT45HUweqfeFNAaezwq0e0SlrYkU+pR/kYzYDxXc9X69lyS9 1H2J/JXmu44h+WC75OxsTmgRwNJ8BOzf7BraKi0+h3j1RvI5gpmHB2B5zDPFLhv+ xJZwOJAXPetj/m0tldccltfFtuRyIDoEec+2ixOVzzN1TPzGGYU= -----END CERTIFICATE-----Generated at Thu Mar 26 17:36:10 2026 by rpki-client