$ rpki-client -vvf repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/2D0745D26E59440CB71FAFE996834493DA753248.mft File: 2D0745D26E59440CB71FAFE996834493DA753248.mft (raw, json) Hash identifier: MHGBgKCpKrokr/novjjWktZOJTCgNFNPIjGSRuPkMJI= Subject key identifier: 33:13:BE:E5:C3:3F:70:97:2E:9A:26:7C:A6:3A:27:FF:3E:CB:EE:F8 Authority key identifier: 2D:07:45:D2:6E:59:44:0C:B7:1F:AF:E9:96:83:44:93:DA:75:32:48 Certificate issuer: /CN=2D0745D26E59440CB71FAFE996834493DA753248 Certificate serial: 728C68A39F320A7BF373326ACAE0C66F7AE84B39 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D0745D26E59440CB71FAFE996834493DA753248.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/2D0745D26E59440CB71FAFE996834493DA753248.mft Manifest number: 0231 Signing time: Thu 26 Mar 2026 06:20:56 +0000 Manifest this update: Thu 26 Mar 2026 06:15:56 +0000 Manifest next update: Sun 29 Mar 2026 10:12:56 +0000 Files and hashes: 1: 3130332e37332e3135382e302f32342d3234203d3e203234343239.roa (hash: s7xt6atAlnuk0NCp/3UKrnkCS/YpsE7vKEiGKhHlUBE=) 2: 2D0745D26E59440CB71FAFE996834493DA753248.crl (hash: O5pmB8QqDn8coEXA+Ak9IbLoP83Sk2oRQiuDSBXKNYc=) 3: 3130332e37332e3135392e302f32342d3234203d3e20313338383836.roa (hash: nxYZnXzCnu/G6Di5JhS1WLXdlQHk8fuEdbh3UpU3Jf8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/2D0745D26E59440CB71FAFE996834493DA753248.crl rsync://repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/2D0745D26E59440CB71FAFE996834493DA753248.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D0745D26E59440CB71FAFE996834493DA753248.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 10:12:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:8c:68:a3:9f:32:0a:7b:f3:73:32:6a:ca:e0:c6:6f:7a:e8:4b:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D0745D26E59440CB71FAFE996834493DA753248 Validity Not Before: Mar 26 06:15:56 2026 GMT Not After : Mar 29 10:12:56 2026 GMT Subject: CN=3313BEE5C33F70972E9A267CA63A27FF3ECBEEF8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:2b:5c:ef:62:0d:ca:7d:53:60:73:d5:52:74: 9e:c0:21:dd:31:0c:2c:f4:0f:30:d3:0a:5a:59:42: f5:7f:be:82:27:72:80:b0:e7:67:26:d4:a6:75:f4: 94:4e:21:f0:8e:fe:91:bb:a3:99:0e:98:92:d4:3e: b8:0c:45:33:80:61:9b:64:7f:25:02:35:7c:5d:2a: 07:61:7f:12:b3:21:d7:6d:eb:81:45:3f:19:8a:e1: 68:b8:d2:39:d6:33:af:df:0b:55:64:e8:fd:68:8c: ee:bc:95:cd:5e:98:c0:e1:dc:6e:83:2e:55:6c:5b: 51:36:20:76:1b:b6:1e:0e:bb:62:65:ae:cc:bc:95: 74:c5:d2:24:9f:bb:f0:00:b7:9a:21:eb:da:4c:24: bf:27:53:8b:20:86:85:79:a8:ee:0a:d2:4b:77:4e: 2d:0d:eb:12:5a:a9:c9:c2:73:8c:29:5b:30:e8:00: 1e:eb:8e:81:a9:84:f2:fd:11:76:01:b4:4b:84:ec: 55:14:ab:4c:07:78:9e:cc:2f:2d:e2:b8:73:0f:01: 63:4d:81:bc:2a:c1:db:89:50:db:db:dd:05:68:4b: 9e:0a:c6:e5:81:06:c9:d2:ce:67:fa:aa:0c:6d:5f: 75:4b:a7:07:9b:65:80:81:1d:98:ef:69:7f:80:66: c9:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:13:BE:E5:C3:3F:70:97:2E:9A:26:7C:A6:3A:27:FF:3E:CB:EE:F8 X509v3 Authority Key Identifier: keyid:2D:07:45:D2:6E:59:44:0C:B7:1F:AF:E9:96:83:44:93:DA:75:32:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/2D0745D26E59440CB71FAFE996834493DA753248.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D0745D26E59440CB71FAFE996834493DA753248.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3a406cdb-1791-478d-9d28-9e37a6f809cc/0/2D0745D26E59440CB71FAFE996834493DA753248.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:ee:e1:db:23:70:eb:3c:c3:71:cb:ca:24:7f:43:d1:13:e2: 15:e8:97:0c:9b:8d:0e:91:ee:fb:d9:48:18:ec:af:bd:d3:39: b8:92:21:ae:fd:27:b1:f0:0c:a5:f8:4f:d8:ef:97:85:10:9a: 9a:47:19:fc:69:1c:a8:80:df:aa:0d:04:98:ae:2b:8e:5b:b4: 01:0a:9f:2c:82:74:57:dd:53:80:38:08:df:16:26:0b:58:74: 2e:53:80:be:53:2c:b4:ba:42:4f:39:a1:2d:f2:c5:2d:4b:4b: bf:11:d0:62:1b:de:57:f9:f7:32:f8:1c:42:03:65:0d:f4:0c: c7:39:42:82:c0:0f:93:03:33:bb:3a:d4:3e:22:3b:ac:5a:99: eb:88:69:ac:1b:55:5c:b9:88:1c:af:13:af:e6:83:e8:59:38: 91:3b:10:9c:d5:29:21:2e:34:b6:d9:c6:ad:7e:a2:84:72:1c: 4b:95:be:5e:c8:73:7c:a3:94:bf:a4:e0:fb:a4:1a:d7:8a:7f: 1c:3a:13:d6:75:28:ff:7e:a0:76:fc:d7:1b:a9:73:34:c8:3e: aa:ce:74:92:9f:9d:56:76:b9:16:11:2b:a3:53:08:f7:91:8e: db:13:ab:6e:31:e8:21:13:b8:f4:59:88:49:28:6f:b5:70:4c: 1d:13:b1:64 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUcoxoo58yCnvzczJqyuDGb3roSzkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQwNzQ1RDI2RTU5NDQwQ0I3MUZBRkU5OTY4MzQ0OTNE QTc1MzI0ODAeFw0yNjAzMjYwNjE1NTZaFw0yNjAzMjkxMDEyNTZaMDMxMTAvBgNV BAMTKDMzMTNCRUU1QzMzRjcwOTcyRTlBMjY3Q0E2M0EyN0ZGM0VDQkVFRjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3K1zvYg3KfVNgc9VSdJ7AId0x DCz0DzDTClpZQvV/voIncoCw52cm1KZ19JROIfCO/pG7o5kOmJLUPrgMRTOAYZtk fyUCNXxdKgdhfxKzIddt64FFPxmK4Wi40jnWM6/fC1Vk6P1ojO68lc1emMDh3G6D LlVsW1E2IHYbth4Ou2Jlrsy8lXTF0iSfu/AAt5oh69pMJL8nU4sghoV5qO4K0kt3 Ti0N6xJaqcnCc4wpWzDoAB7rjoGphPL9EXYBtEuE7FUUq0wHeJ7MLy3iuHMPAWNN gbwqwduJUNvb3QVoS54KxuWBBsnSzmf6qgxtX3VLpwebZYCBHZjvaX+AZskbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMxO+5cM/cJcumiZ8pjon/z7L7vgwHwYDVR0j BBgwFoAULQdF0m5ZRAy3H6/ploNEk9p1MkgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YTQwNmNkYi0xNzkxLTQ3OGQtOWQyOC05ZTM3YTZmODA5Y2MvMC8yRDA3NDVEMjZF NTk0NDBDQjcxRkFGRTk5NjgzNDQ5M0RBNzUzMjQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQwNzQ1RDI2RTU5NDQwQ0I3MUZBRkU5OTY4MzQ0OTNEQTc1 MzI0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2E0MDZjZGItMTc5MS00NzhkLTlk MjgtOWUzN2E2ZjgwOWNjLzAvMkQwNzQ1RDI2RTU5NDQwQ0I3MUZBRkU5OTY4MzQ0 OTNEQTc1MzI0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAH7u4dsjcOs8w3HLyiR/Q9ET4hXolwybjQ6R 7vvZSBjsr73TObiSIa79J7HwDKX4T9jvl4UQmppHGfxpHKiA36oNBJiuK45btAEK nyyCdFfdU4A4CN8WJgtYdC5TgL5TLLS6Qk85oS3yxS1LS78R0GIb3lf59zL4HEID ZQ30DMc5QoLAD5MDM7s61D4iO6xameuIaawbVVy5iByvE6/mg+hZOJE7EJzVKSEu NLbZxq1+ooRyHEuVvl7Ic3yjlL+k4PukGteKfxw6E9Z1KP9+oHb81xupczTIPqrO dJKfnVZ2uRYRK6NTCPeRjtsTq24x6CETuPRZiEkob7VwTB0TsWQ= -----END CERTIFICATE-----Generated at Thu Mar 26 18:56:22 2026 by rpki-client