$ rpki-client -vvf repo-rpki.idnic.net/repo/2d78b50b-449c-454b-850d-f20803789b58/0/3809A288AA4D4C241EA6011D90DBF2693B3333D2.mft File: 3809A288AA4D4C241EA6011D90DBF2693B3333D2.mft (raw, json) Hash identifier: goao0Xy+fxJ7eEbXohjZumGOS5KSuuubJEf4slUfZhQ= Subject key identifier: EE:2B:D9:67:FA:EA:0B:E1:F2:60:73:B7:D2:60:BB:DD:4B:74:43:B0 Authority key identifier: 38:09:A2:88:AA:4D:4C:24:1E:A6:01:1D:90:DB:F2:69:3B:33:33:D2 Certificate issuer: /CN=3809A288AA4D4C241EA6011D90DBF2693B3333D2 Certificate serial: 36217AD550B7EC2D0E568ADB1D3B1CFEBD7A47C9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3809A288AA4D4C241EA6011D90DBF2693B3333D2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2d78b50b-449c-454b-850d-f20803789b58/0/3809A288AA4D4C241EA6011D90DBF2693B3333D2.mft Manifest number: 27 Signing time: Thu 26 Mar 2026 08:30:03 +0000 Manifest this update: Thu 26 Mar 2026 08:25:03 +0000 Manifest next update: Sun 29 Mar 2026 14:47:03 +0000 Files and hashes: 1: 3809A288AA4D4C241EA6011D90DBF2693B3333D2.crl (hash: kMZeevdmoK1MiHK3Px4+5S3iPf/Rvjf4hQIT6AqEJoM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2d78b50b-449c-454b-850d-f20803789b58/0/3809A288AA4D4C241EA6011D90DBF2693B3333D2.crl rsync://repo-rpki.idnic.net/repo/2d78b50b-449c-454b-850d-f20803789b58/0/3809A288AA4D4C241EA6011D90DBF2693B3333D2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3809A288AA4D4C241EA6011D90DBF2693B3333D2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 14:47:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:21:7a:d5:50:b7:ec:2d:0e:56:8a:db:1d:3b:1c:fe:bd:7a:47:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3809A288AA4D4C241EA6011D90DBF2693B3333D2 Validity Not Before: Mar 26 08:25:03 2026 GMT Not After : Mar 29 14:47:03 2026 GMT Subject: CN=EE2BD967FAEA0BE1F26073B7D260BBDD4B7443B0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e2:8d:dd:55:cc:8a:7b:c8:92:f3:e0:60:17: 01:de:58:ce:25:d6:a0:87:fe:9d:e1:b3:10:a8:24: 23:28:6b:e9:2e:6b:f3:e1:d3:8a:ae:91:42:92:47: a0:33:1f:c6:84:7c:49:1b:50:87:c7:1c:bd:df:cd: 8a:18:95:88:fa:b4:6c:48:72:f9:3e:19:e0:e7:49: 1a:f6:e6:65:88:d5:d0:f6:90:93:f0:72:c9:ac:2a: 3d:c5:24:5d:bd:9d:02:9f:c5:8b:48:58:ba:4b:bc: 2e:f1:2e:e7:ba:18:76:ab:db:a1:e9:0f:21:9f:01: 2c:8c:65:b4:f2:56:7f:5c:29:dd:48:90:b3:3a:15: 38:e2:bc:50:32:7c:97:3b:54:e8:37:7b:66:73:01: 4a:b2:6c:86:fc:29:e9:46:36:67:c3:54:6f:88:33: 06:f0:15:7d:bf:7e:d4:64:c5:90:50:a0:fd:41:da: 96:40:41:84:22:f9:12:e5:a0:b4:4a:9d:f1:37:f3: 6e:f2:a9:82:4e:9d:dd:5c:cd:b3:55:5f:93:78:52: 87:aa:ad:28:ab:64:2a:8a:37:46:a4:9e:bf:a7:56: a1:0c:a0:61:50:b1:9f:17:6a:87:de:a4:43:e1:1b: f2:6e:d8:32:a0:5b:43:f3:50:21:c5:ca:99:b2:c2: 14:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:2B:D9:67:FA:EA:0B:E1:F2:60:73:B7:D2:60:BB:DD:4B:74:43:B0 X509v3 Authority Key Identifier: keyid:38:09:A2:88:AA:4D:4C:24:1E:A6:01:1D:90:DB:F2:69:3B:33:33:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2d78b50b-449c-454b-850d-f20803789b58/0/3809A288AA4D4C241EA6011D90DBF2693B3333D2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3809A288AA4D4C241EA6011D90DBF2693B3333D2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2d78b50b-449c-454b-850d-f20803789b58/0/3809A288AA4D4C241EA6011D90DBF2693B3333D2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:ea:23:86:a7:45:0b:2a:b1:8a:63:a8:33:d8:03:03:39:9b: 30:fb:4b:92:cd:73:70:26:fa:34:ee:17:a3:e5:de:d8:99:ba: d6:6c:a3:9d:b8:03:5c:a0:e1:32:b5:a8:52:8d:27:ce:a4:9f: d5:13:c0:da:2d:89:c1:7e:f7:74:ee:71:bd:ab:8f:0e:3b:eb: 1c:20:70:d3:8b:f1:85:35:51:15:a1:22:3a:b3:e8:52:a9:89: 1e:62:4e:48:5d:4c:69:d2:e2:c8:f9:a5:98:ca:a4:6b:7a:82: 81:dc:f8:93:09:ef:b5:8d:47:0d:ea:58:1f:d9:13:ac:97:07: ce:86:bf:d7:d4:7d:19:f5:93:36:e9:ee:2a:b2:9e:65:f3:38: 4d:4e:72:0e:f7:e2:0e:f0:b0:cd:c1:5b:60:0a:44:bb:e1:03: bd:df:87:79:03:d0:db:93:1c:ba:34:78:dd:20:d4:cd:bf:94: d1:1a:18:cb:f9:dd:c6:31:65:47:6c:12:87:99:d8:2f:60:04: 20:f1:ba:64:59:bb:ea:bd:9c:90:ab:05:77:d0:21:43:c9:45: e6:d6:fc:62:29:50:a5:58:10:fa:27:f5:a5:86:d0:9c:b8:9f: a1:c2:e3:bb:08:6b:1e:fa:05:12:82:95:a0:2f:85:98:01:ed: 2c:0b:d7:4f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNiF61VC37C0OVorbHTsc/r16R8kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzgwOUEyODhBQTRENEMyNDFFQTYwMTFEOTBEQkYyNjkz QjMzMzNEMjAeFw0yNjAzMjYwODI1MDNaFw0yNjAzMjkxNDQ3MDNaMDMxMTAvBgNV BAMTKEVFMkJEOTY3RkFFQTBCRTFGMjYwNzNCN0QyNjBCQkRENEI3NDQzQjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP4o3dVcyKe8iS8+BgFwHeWM4l 1qCH/p3hsxCoJCMoa+kua/Ph04qukUKSR6AzH8aEfEkbUIfHHL3fzYoYlYj6tGxI cvk+GeDnSRr25mWI1dD2kJPwcsmsKj3FJF29nQKfxYtIWLpLvC7xLue6GHar26Hp DyGfASyMZbTyVn9cKd1IkLM6FTjivFAyfJc7VOg3e2ZzAUqybIb8KelGNmfDVG+I MwbwFX2/ftRkxZBQoP1B2pZAQYQi+RLloLRKnfE3827yqYJOnd1czbNVX5N4Uoeq rSirZCqKN0aknr+nVqEMoGFQsZ8XaofepEPhG/Ju2DKgW0PzUCHFypmywhTtAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU7ivZZ/rqC+HyYHO30mC73Ut0Q7AwHwYDVR0j BBgwFoAUOAmiiKpNTCQepgEdkNvyaTszM9IwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ZDc4YjUwYi00NDljLTQ1NGItODUwZC1mMjA4MDM3ODliNTgvMC8zODA5QTI4OEFB NEQ0QzI0MUVBNjAxMUQ5MERCRjI2OTNCMzMzM0QyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzgwOUEyODhBQTRENEMyNDFFQTYwMTFEOTBEQkYyNjkzQjMz MzNEMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmQ3OGI1MGItNDQ5Yy00NTRiLTg1 MGQtZjIwODAzNzg5YjU4LzAvMzgwOUEyODhBQTRENEMyNDFFQTYwMTFEOTBEQkYy NjkzQjMzMzNEMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACTqI4anRQsqsYpjqDPYAwM5mzD7S5LNc3Am +jTuF6Pl3tiZutZso524A1yg4TK1qFKNJ86kn9UTwNoticF+93Tucb2rjw476xwg cNOL8YU1URWhIjqz6FKpiR5iTkhdTGnS4sj5pZjKpGt6goHc+JMJ77WNRw3qWB/Z E6yXB86Gv9fUfRn1kzbp7iqynmXzOE1Ocg734g7wsM3BW2AKRLvhA73fh3kD0NuT HLo0eN0g1M2/lNEaGMv53cYxZUdsEoeZ2C9gBCDxumRZu+q9nJCrBXfQIUPJRebW /GIpUKVYEPon9aWG0Jy4n6HC47sIax76BRKClaAvhZgB7SwL108= -----END CERTIFICATE-----Generated at Thu Mar 26 21:19:44 2026 by rpki-client