$ rpki-client -vvf repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft File: 338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft (raw, json) Hash identifier: 0Go62bwp/clK3PkDb0A4rWJDydtiJGmcWWok4ysRC+I= Subject key identifier: 66:F7:47:3D:C2:F6:87:8D:75:C4:8F:06:97:7C:EF:CD:CE:9B:5D:32 Authority key identifier: 33:8D:EB:8D:70:51:C6:3F:C6:CC:D7:B1:A5:DD:8C:9E:3C:93:B9:6B Certificate issuer: /CN=338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B Certificate serial: 71E9582E73BA5DCF98581EB1FDAD6D22E88943E3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft Manifest number: 052B Signing time: Tue 24 Mar 2026 22:42:20 +0000 Manifest this update: Tue 24 Mar 2026 22:37:20 +0000 Manifest next update: Sat 28 Mar 2026 00:58:20 +0000 Files and hashes: 1: 338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl (hash: RFE+1P5tdDgHCtxBxWgDVmpde6//lbc3DWra0Sl6qiY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 00:58:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:e9:58:2e:73:ba:5d:cf:98:58:1e:b1:fd:ad:6d:22:e8:89:43:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B Validity Not Before: Mar 24 22:37:20 2026 GMT Not After : Mar 28 00:58:20 2026 GMT Subject: CN=66F7473DC2F6878D75C48F06977CEFCDCE9B5D32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:9c:ca:de:4f:b4:32:b2:2c:ac:a4:ec:e2:ca: ad:94:cb:f0:08:4a:46:18:90:07:b4:3f:7c:2a:6e: 63:d1:12:0d:79:0c:8e:21:56:b2:d9:56:74:8f:8b: 02:66:f5:eb:86:e6:70:a6:47:85:29:06:b3:c7:5f: 66:b7:f7:f6:78:db:3c:5c:38:a7:38:d0:6a:4e:77: 67:1e:4a:e1:04:52:bf:8a:00:ec:62:10:c0:3b:97: 51:d6:b8:39:d8:61:ac:d3:32:fb:58:09:0b:6c:5f: 3b:41:a2:24:ee:e7:8c:88:d9:89:97:35:74:2d:21: 40:4f:98:3c:9b:2f:43:70:14:29:02:2d:71:5a:a7: 29:86:e8:fd:28:76:5e:8c:d5:4f:0c:af:0d:1f:ec: 9f:06:ed:cb:6f:5e:b9:09:7a:ff:4e:cd:42:e7:05: fc:b9:fd:8c:2a:26:00:15:d7:39:4b:03:d1:c1:6a: 63:91:9b:a2:01:9c:11:04:07:a2:de:88:47:09:b6: 5c:27:bc:f5:fb:0e:23:32:6d:0c:00:2b:51:da:ef: ab:11:b9:19:d7:12:87:69:89:de:fe:d2:44:51:bc: b5:92:b8:68:70:0d:6c:13:6b:7e:c2:74:40:c0:af: 64:aa:bf:16:f1:bb:36:29:7e:21:23:fb:14:d2:b9: 5f:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:F7:47:3D:C2:F6:87:8D:75:C4:8F:06:97:7C:EF:CD:CE:9B:5D:32 X509v3 Authority Key Identifier: keyid:33:8D:EB:8D:70:51:C6:3F:C6:CC:D7:B1:A5:DD:8C:9E:3C:93:B9:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/338DEB8D7051C63FC6CCD7B1A5DD8C9E3C93B96B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:1e:f0:5a:49:96:8e:b2:c8:79:cc:3a:57:94:33:2f:99:dd: e8:07:3d:5a:6c:8c:0d:29:9a:66:b1:e5:b7:08:95:98:65:d7: 2d:bc:e9:49:4a:2b:8d:6c:1a:56:eb:5b:2c:ff:e1:43:fd:1b: 12:b6:d4:4b:ec:e9:46:87:91:f6:64:e4:dd:bd:7a:93:7c:38: 0c:ea:69:0e:76:fa:cc:ca:94:ee:8b:1e:f6:c4:73:6d:22:5d: 06:65:b3:89:66:42:8d:5c:b3:4d:f6:64:1d:38:27:18:d9:04: 00:56:00:f3:b1:23:d0:e0:6a:a6:5e:82:0c:5b:3c:d3:9b:2a: 6d:34:8e:ff:bc:b2:08:10:c5:ee:39:d8:ba:db:c1:04:95:6b: 4a:d5:8b:79:90:9d:5c:ad:61:98:de:c6:35:b3:86:04:77:d1: a9:8c:2b:7e:a0:d0:07:11:77:a9:7c:18:33:e1:f3:a9:ae:b1: 5e:b8:03:44:f9:eb:f2:74:ce:58:dc:73:24:c1:f4:d8:3d:d8: 59:55:38:b8:46:6c:99:01:b2:1d:d9:89:ef:40:63:12:c5:6a: 13:52:2a:de:50:58:a5:da:8f:f7:7a:e5:89:6f:35:64:a8:f2: 1a:9c:7c:fd:43:14:db:33:66:87:88:a2:6f:95:18:f9:9b:b9: 9e:78:50:68 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUcelYLnO6Xc+YWB6x/a1tIuiJQ+MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhDOUUz QzkzQjk2QjAeFw0yNjAzMjQyMjM3MjBaFw0yNjAzMjgwMDU4MjBaMDMxMTAvBgNV BAMTKDY2Rjc0NzNEQzJGNjg3OEQ3NUM0OEYwNjk3N0NFRkNEQ0U5QjVEMzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSnMreT7QysiyspOziyq2Uy/AI SkYYkAe0P3wqbmPREg15DI4hVrLZVnSPiwJm9euG5nCmR4UpBrPHX2a39/Z42zxc OKc40GpOd2ceSuEEUr+KAOxiEMA7l1HWuDnYYazTMvtYCQtsXztBoiTu54yI2YmX NXQtIUBPmDybL0NwFCkCLXFapymG6P0odl6M1U8Mrw0f7J8G7ctvXrkJev9OzULn Bfy5/YwqJgAV1zlLA9HBamORm6IBnBEEB6LeiEcJtlwnvPX7DiMybQwAK1Ha76sR uRnXEodpid7+0kRRvLWSuGhwDWwTa37CdEDAr2SqvxbxuzYpfiEj+xTSuV+ZAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUZvdHPcL2h411xI8Gl3zvzc6bXTIwHwYDVR0j BBgwFoAUM43rjXBRxj/GzNexpd2MnjyTuWswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MjRhNjVmNC00ZjRiLTQ0YjYtYTJlYi01OTk1N2JjNmE0ZDMvMC8zMzhERUI4RDcw NTFDNjNGQzZDQ0Q3QjFBNUREOEM5RTNDOTNCOTZCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhDOUUzQzkz Qjk2Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMzI0YTY1ZjQtNGY0Yi00NGI2LWEy ZWItNTk5NTdiYzZhNGQzLzAvMzM4REVCOEQ3MDUxQzYzRkM2Q0NEN0IxQTVERDhD OUUzQzkzQjk2Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACEe8FpJlo6yyHnMOleUMy+Z3egHPVpsjA0p mmax5bcIlZhl1y286UlKK41sGlbrWyz/4UP9GxK21Evs6UaHkfZk5N29epN8OAzq aQ52+szKlO6LHvbEc20iXQZls4lmQo1cs032ZB04JxjZBABWAPOxI9DgaqZeggxb PNObKm00jv+8sggQxe452LrbwQSVa0rVi3mQnVytYZjexjWzhgR30amMK36g0AcR d6l8GDPh86musV64A0T56/J0zljccyTB9Ng92FlVOLhGbJkBsh3Zie9AYxLFahNS Kt5QWKXaj/d65YlvNWSo8hqcfP1DFNszZoeIom+VGPmbuZ54UGg= -----END CERTIFICATE-----Generated at Thu Mar 26 13:11:58 2026 by rpki-client