$ rpki-client -vvf repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft File: 3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft (raw, json) Hash identifier: zbmOWG+kQ8TgpE81P5sCP1kAdVBDb8HFknM50ympmL8= Subject key identifier: 0A:FB:0B:AD:1B:10:6F:F9:52:7D:A7:31:10:77:E4:83:E5:C9:A4:94 Authority key identifier: 31:57:B9:BE:6F:36:9A:1C:A3:87:38:FF:D6:4D:61:13:C7:5C:0E:2D Certificate issuer: /CN=3157B9BE6F369A1CA38738FFD64D6113C75C0E2D Certificate serial: 3B0C59E1C44CB46C93FB85426EB95C52B13C5D05 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer Subject info access: rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft Manifest number: F4 Signing time: Wed 25 Mar 2026 18:32:06 +0000 Manifest this update: Wed 25 Mar 2026 18:27:06 +0000 Manifest next update: Sun 29 Mar 2026 04:32:06 +0000 Files and hashes: 1: 3136302e32322e3132392e302f32342d3234203d3e20313532383138.roa (hash: kfe7bioqh5Iq3Zs3yK/jDrU8ENFR3XhQIQMqoWIpf3I=) 2: 3136302e32322e3132382e302f32332d3233203d3e20313532383138.roa (hash: W0LbcDgwtmyP20SeYwIB78u7UnepT3G+vjiQKG938P8=) 3: 3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl (hash: V/KeABeHM+/bunnUd8ZvI9YRvtASwyvEkv8gQjtDU/E=) 4: 3136302e32322e3132382e302f32342d3234203d3e20313532383138.roa (hash: vWKkBT4xeS3gWR4PhONDDyBeT46kLBCLfRTaWAbu5Wk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 04:32:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:0c:59:e1:c4:4c:b4:6c:93:fb:85:42:6e:b9:5c:52:b1:3c:5d:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3157B9BE6F369A1CA38738FFD64D6113C75C0E2D Validity Not Before: Mar 25 18:27:06 2026 GMT Not After : Mar 29 04:32:06 2026 GMT Subject: CN=0AFB0BAD1B106FF9527DA7311077E483E5C9A494 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:ac:33:5c:66:eb:92:cc:78:b5:2b:85:28:c6: 26:9d:ee:2e:ff:eb:bb:d4:fe:66:53:0f:36:2d:4d: 1b:cf:41:f3:f3:d5:fe:25:06:5d:53:09:4f:6e:93: dc:43:5f:55:54:ac:85:b7:e6:6e:0a:89:b6:ed:d4: 42:f4:b9:54:57:7c:9c:55:ab:8d:a4:93:fc:91:64: db:f3:e6:13:d0:3f:a1:59:b8:df:fb:a4:fb:38:cd: ea:6d:81:2b:29:81:77:87:b2:0f:6c:e9:26:74:17: 35:1d:c8:31:b0:60:9e:75:37:94:52:d4:28:4f:23: a3:c9:44:c7:c0:d8:51:cc:84:8f:dd:b7:8c:37:21: ec:a7:89:27:ea:74:73:ae:5d:21:20:4b:cf:84:f7: 03:18:c7:61:c0:26:62:b0:67:d7:11:56:5b:61:fc: f8:a2:1b:6f:83:5d:ee:20:9e:22:25:5b:fc:6f:04: 35:83:ea:92:24:c8:b2:54:9c:4c:60:4e:d8:f4:ac: b6:fb:6b:3a:cb:14:3d:da:1e:2b:05:16:5c:9c:b8: e3:a6:9b:e0:f9:c8:c8:35:d4:2f:41:04:f8:64:4f: 54:b8:3a:c0:c9:fb:e1:b4:b1:19:9e:35:26:e3:79: 16:87:c3:d0:44:a5:44:41:cb:b2:28:9d:e2:7c:46: 74:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:FB:0B:AD:1B:10:6F:F9:52:7D:A7:31:10:77:E4:83:E5:C9:A4:94 X509v3 Authority Key Identifier: keyid:31:57:B9:BE:6F:36:9A:1C:A3:87:38:FF:D6:4D:61:13:C7:5C:0E:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:7b:e0:28:2e:59:62:5a:4d:1c:26:05:c0:ba:85:de:ed:51: 07:0a:bb:a3:b5:bd:d8:23:22:de:1e:e7:61:a1:08:8a:3b:ae: 91:7c:dd:dd:09:bc:dc:73:13:e1:29:8e:27:b7:1f:7a:3e:8b: 60:2d:0e:81:51:35:4c:f1:e8:d3:3c:a9:e9:8c:10:ff:e3:5c: a6:86:87:2f:97:45:f1:39:67:91:5a:f5:0b:50:f1:fb:92:b2: e5:43:3b:9e:d8:ea:62:2d:20:63:93:ad:c2:ec:24:40:9f:f7: df:90:8f:08:e8:f3:3f:a6:49:26:0a:de:50:87:05:6d:64:66: 01:1d:b1:ba:f0:96:8f:10:7a:df:64:2a:7b:60:42:c7:a6:ea: 81:7a:0d:ca:e6:48:ed:79:49:a1:ca:15:11:ab:a9:c8:7f:59: 36:3c:50:87:c9:21:d9:d6:43:c4:98:7b:df:7e:38:8d:5e:eb: 64:fe:ea:f9:24:8a:12:f2:c8:e2:5f:a1:51:0e:92:84:e8:b3: fe:03:9f:9a:ee:33:2d:8b:c5:7c:f2:75:2a:c5:1b:23:69:6b: 16:83:c2:db:69:59:15:70:56:33:c2:e0:c7:f2:2f:58:7d:3d: df:ee:9c:1c:55:5e:48:d3:e4:48:c2:d9:80:b8:60:a6:4d:ca: d3:9d:57:82 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUOwxZ4cRMtGyT+4VCbrlcUrE8XQUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYxMTND NzVDMEUyRDAeFw0yNjAzMjUxODI3MDZaFw0yNjAzMjkwNDMyMDZaMDMxMTAvBgNV BAMTKDBBRkIwQkFEMUIxMDZGRjk1MjdEQTczMTEwNzdFNDgzRTVDOUE0OTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTrDNcZuuSzHi1K4Uoxiad7i7/ 67vU/mZTDzYtTRvPQfPz1f4lBl1TCU9uk9xDX1VUrIW35m4Kibbt1EL0uVRXfJxV q42kk/yRZNvz5hPQP6FZuN/7pPs4zeptgSspgXeHsg9s6SZ0FzUdyDGwYJ51N5RS 1ChPI6PJRMfA2FHMhI/dt4w3IeyniSfqdHOuXSEgS8+E9wMYx2HAJmKwZ9cRVlth /PiiG2+DXe4gniIlW/xvBDWD6pIkyLJUnExgTtj0rLb7azrLFD3aHisFFlycuOOm m+D5yMg11C9BBPhkT1S4OsDJ++G0sRmeNSbjeRaHw9BEpURBy7IoneJ8RnQzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUCvsLrRsQb/lSfacxEHfkg+XJpJQwHwYDVR0j BBgwFoAUMVe5vm82mhyjhzj/1k1hE8dcDi0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MGZiNzhhOS1jZDY4LTQ0ZmQtODVhYS02YzZiMDhjYjIzNDYvMC8zMTU3QjlCRTZG MzY5QTFDQTM4NzM4RkZENjRENjExM0M3NUMwRTJELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYxMTNDNzVD MEUyRC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzBmYjc4YTktY2Q2OC00NGZkLTg1 YWEtNmM2YjA4Y2IyMzQ2LzAvMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYx MTNDNzVDMEUyRC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAh74CguWWJaTRwmBcC6hd7tUQcKu6O1vdgj It4e52GhCIo7rpF83d0JvNxzE+Epjie3H3o+i2AtDoFRNUzx6NM8qemMEP/jXKaG hy+XRfE5Z5Fa9QtQ8fuSsuVDO57Y6mItIGOTrcLsJECf99+Qjwjo8z+mSSYK3lCH BW1kZgEdsbrwlo8Qet9kKntgQsem6oF6DcrmSO15SaHKFRGrqch/WTY8UIfJIdnW Q8SYe99+OI1e62T+6vkkihLyyOJfoVEOkoTos/4Dn5ruMy2LxXzydSrFGyNpaxaD wttpWRVwVjPC4MfyL1h9Pd/unBxVXkjT5EjC2YC4YKZNytOdV4I= -----END CERTIFICATE-----Generated at Thu Mar 26 15:43:56 2026 by rpki-client