$ rpki-client -vvf repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.mft File: 253E2BB4DE467AF08F191AF7632EE3BD058DA101.mft (raw, json) Hash identifier: gjM+COm62wK5kTqD1zfCgoicmAVhhOTRP2A2hqCeBGo= Subject key identifier: BD:8D:83:34:3A:2C:53:E8:63:AC:0F:EC:E1:F5:DA:23:1B:83:65:A1 Authority key identifier: 25:3E:2B:B4:DE:46:7A:F0:8F:19:1A:F7:63:2E:E3:BD:05:8D:A1:01 Certificate issuer: /CN=253E2BB4DE467AF08F191AF7632EE3BD058DA101 Certificate serial: 4D649C94D45702C7830CF93E65EDDFF634F5CF2E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/253E2BB4DE467AF08F191AF7632EE3BD058DA101.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.mft Manifest number: 0560 Signing time: Tue 24 Mar 2026 23:31:49 +0000 Manifest this update: Tue 24 Mar 2026 23:26:49 +0000 Manifest next update: Sat 28 Mar 2026 05:40:49 +0000 Files and hashes: 1: 36302e3235332e39362e302f31392d3234203d3e203338313434.roa (hash: gI7OgYv6GfwsEVRaXvd5tRlYtRW/gCZ+OwdOGTRV5w8=) 2: 253E2BB4DE467AF08F191AF7632EE3BD058DA101.crl (hash: IQBsC4Uhy1wdCOQot41pmkaIvRNU43wceckan/JqTUk=) 3: 3230322e35312e3232342e302f32302d3234203d3e203338313434.roa (hash: N2YGkCBG++ItZbATxx+8Wnv+w5mJADtnDrbFxCasjwk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.crl rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/253E2BB4DE467AF08F191AF7632EE3BD058DA101.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 05:40:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:64:9c:94:d4:57:02:c7:83:0c:f9:3e:65:ed:df:f6:34:f5:cf:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=253E2BB4DE467AF08F191AF7632EE3BD058DA101 Validity Not Before: Mar 24 23:26:49 2026 GMT Not After : Mar 28 05:40:49 2026 GMT Subject: CN=BD8D83343A2C53E863AC0FECE1F5DA231B8365A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:61:cf:90:34:31:de:3c:0e:4b:08:cb:d1:59: ea:06:19:99:2b:c6:4a:f9:fa:58:ad:bc:62:eb:bd: 98:4f:ce:b5:e9:54:33:1c:3b:9f:6b:1b:be:d3:18: d0:7c:26:f2:64:17:3a:07:ad:e6:94:4d:67:8b:d2: b6:a0:68:77:b1:cc:9a:c1:b9:91:44:09:1d:4b:0f: f9:88:f4:6c:ba:13:8f:ea:e7:53:c5:29:6e:1b:62: 16:dd:8a:a2:03:7b:e9:0d:4e:3d:e8:ec:46:35:8a: 6a:64:2e:fd:c5:1d:82:c0:95:1f:8d:a6:65:47:68: 61:ed:e2:dd:c0:d8:b0:0d:46:20:5e:5d:9e:e2:55: 78:87:83:ad:8f:be:7e:e4:9a:75:d3:2b:92:dc:c1: a2:3b:a7:fa:2c:b1:41:a4:5a:e8:b6:c5:c5:4b:be: eb:98:79:29:3d:78:78:57:c6:ed:11:2f:7d:02:0a: 9c:a2:38:9f:b1:66:e6:dc:4f:1f:bc:37:a4:dd:fb: 07:05:a0:d7:52:4f:f0:9f:9a:d8:92:3f:f6:8f:7d: cb:9b:56:15:42:00:3d:ee:f2:28:dc:5c:93:73:a3: 40:5f:0a:17:eb:f5:01:ec:57:86:d5:50:97:a9:9a: c0:40:ab:7b:ed:ac:c4:85:7c:55:d7:0d:27:b8:d8: f9:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:8D:83:34:3A:2C:53:E8:63:AC:0F:EC:E1:F5:DA:23:1B:83:65:A1 X509v3 Authority Key Identifier: keyid:25:3E:2B:B4:DE:46:7A:F0:8F:19:1A:F7:63:2E:E3:BD:05:8D:A1:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/253E2BB4DE467AF08F191AF7632EE3BD058DA101.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/253E2BB4DE467AF08F191AF7632EE3BD058DA101.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:6c:c3:76:95:3d:ca:12:ac:c4:d6:65:1a:8a:f3:e5:5c:b2: ef:8f:75:57:21:31:00:81:d1:33:22:45:6b:87:38:16:63:34: 08:cb:72:b5:26:d5:8c:9e:90:99:09:6c:da:32:61:cc:6c:f6: 8d:21:ed:6b:b6:21:1c:3d:6e:0f:de:d7:33:ee:c7:02:3d:eb: 92:2d:72:73:77:f5:23:60:17:0d:4b:c2:3e:0c:3a:8f:94:14: 33:59:f3:17:3a:a1:6c:22:47:59:37:aa:47:c5:6e:f9:3a:f9: 4e:c5:7c:35:99:92:e6:8e:dd:d2:83:21:c8:01:5d:ac:cb:3f: ef:5f:c1:76:d3:95:df:bf:2a:cf:17:62:a2:a9:f7:e0:9c:f3: 2c:69:43:53:96:50:c5:b6:3b:91:91:b4:29:4d:cc:14:3d:57: 03:ff:00:98:d4:e9:d2:bb:dc:3d:83:89:d6:8a:8d:57:03:d4: af:ed:41:98:69:8a:ee:78:98:73:9a:40:bc:fc:1c:52:57:6b: ac:dd:75:4b:99:96:15:ef:00:b0:98:60:aa:80:2d:43:9e:a7: 40:3f:95:8e:95:5d:73:aa:5a:2c:f8:7a:0c:75:40:57:7d:11: be:db:2c:55:45:c4:e2:06:86:94:c2:d6:ab:12:73:dd:57:73: 9b:da:c8:8f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUTWSclNRXAseDDPk+Ze3f9jT1zy4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjUzRTJCQjRERTQ2N0FGMDhGMTkxQUY3NjMyRUUzQkQw NThEQTEwMTAeFw0yNjAzMjQyMzI2NDlaFw0yNjAzMjgwNTQwNDlaMDMxMTAvBgNV BAMTKEJEOEQ4MzM0M0EyQzUzRTg2M0FDMEZFQ0UxRjVEQTIzMUI4MzY1QTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaYc+QNDHePA5LCMvRWeoGGZkr xkr5+litvGLrvZhPzrXpVDMcO59rG77TGNB8JvJkFzoHreaUTWeL0ragaHexzJrB uZFECR1LD/mI9Gy6E4/q51PFKW4bYhbdiqIDe+kNTj3o7EY1impkLv3FHYLAlR+N pmVHaGHt4t3A2LANRiBeXZ7iVXiHg62Pvn7kmnXTK5LcwaI7p/ossUGkWui2xcVL vuuYeSk9eHhXxu0RL30CCpyiOJ+xZubcTx+8N6Td+wcFoNdST/CfmtiSP/aPfcub VhVCAD3u8ijcXJNzo0BfChfr9QHsV4bVUJepmsBAq3vtrMSFfFXXDSe42Pk5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUvY2DNDosU+hjrA/s4fXaIxuDZaEwHwYDVR0j BBgwFoAUJT4rtN5GevCPGRr3Yy7jvQWNoQEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y Y2Q3NTM2ZC05ZTEwLTRkNDktYjZjYS0wNDFjYzlhNTkxNGUvMC8yNTNFMkJCNERF NDY3QUYwOEYxOTFBRjc2MzJFRTNCRDA1OERBMTAxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjUzRTJCQjRERTQ2N0FGMDhGMTkxQUY3NjMyRUUzQkQwNThE QTEwMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmNkNzUzNmQtOWUxMC00ZDQ5LWI2 Y2EtMDQxY2M5YTU5MTRlLzAvMjUzRTJCQjRERTQ2N0FGMDhGMTkxQUY3NjMyRUUz QkQwNThEQTEwMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFZsw3aVPcoSrMTWZRqK8+Vcsu+PdVchMQCB 0TMiRWuHOBZjNAjLcrUm1YyekJkJbNoyYcxs9o0h7Wu2IRw9bg/e1zPuxwI965It cnN39SNgFw1Lwj4MOo+UFDNZ8xc6oWwiR1k3qkfFbvk6+U7FfDWZkuaO3dKDIcgB XazLP+9fwXbTld+/Ks8XYqKp9+Cc8yxpQ1OWUMW2O5GRtClNzBQ9VwP/AJjU6dK7 3D2DidaKjVcD1K/tQZhpiu54mHOaQLz8HFJXa6zddUuZlhXvALCYYKqALUOep0A/ lY6VXXOqWiz4egx1QFd9Eb7bLFVFxOIGhpTC1qsSc91Xc5vayI8= -----END CERTIFICATE-----Generated at Thu Mar 26 12:57:03 2026 by rpki-client