$ rpki-client -vvf repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft File: DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft (raw, json) Hash identifier: OVNv2upquQTW3LSOTxNefy+bMR9EtQFYVWsMb16ym+4= Subject key identifier: FC:EF:D9:D2:0A:15:F4:BE:22:C5:0D:46:85:35:A5:F2:6E:2E:9D:49 Authority key identifier: DF:19:94:9C:E1:7D:C1:16:E7:B7:C2:24:8C:93:34:05:B7:A1:AE:F2 Certificate issuer: /CN=DF19949CE17DC116E7B7C2248C933405B7A1AEF2 Certificate serial: 750251ED3FF3B8FE1D9A8EB6D22DEC0CDE415373 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft Manifest number: 029D Signing time: Wed 25 Mar 2026 07:32:09 +0000 Manifest this update: Wed 25 Mar 2026 07:27:09 +0000 Manifest next update: Sat 28 Mar 2026 17:31:09 +0000 Files and hashes: 1: 3130332e3136362e3233342e302f32342d3234203d3e20313430343037.roa (hash: 2lTJuwgktOu4lo9SNeOCA4rDFu8XBUgqcawUv+9j6hA=) 2: DF19949CE17DC116E7B7C2248C933405B7A1AEF2.crl (hash: 6wBS7BOGXb9Zk9kVbM7aIgbhkkPPOwpi1s933E5I12o=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.crl rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 17:31:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:02:51:ed:3f:f3:b8:fe:1d:9a:8e:b6:d2:2d:ec:0c:de:41:53:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF19949CE17DC116E7B7C2248C933405B7A1AEF2 Validity Not Before: Mar 25 07:27:09 2026 GMT Not After : Mar 28 17:31:09 2026 GMT Subject: CN=FCEFD9D20A15F4BE22C50D468535A5F26E2E9D49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:41:8c:79:2d:a6:fa:bc:56:7f:7d:57:f1:9f: 04:ca:ba:78:fc:98:65:36:21:ba:12:b2:35:61:a4: ff:be:b8:f2:25:ef:c1:45:55:05:21:63:c6:e1:98: ff:01:d7:24:cb:40:28:fa:80:c6:14:59:77:a1:34: 3f:df:35:24:ed:1a:8c:ef:fe:d0:88:2c:ad:68:d3: 50:b0:a7:78:53:0c:42:88:81:f3:ff:61:52:e6:64: 9e:89:89:10:21:6d:17:71:c8:29:32:49:a5:57:a5: bd:4f:41:21:7c:38:32:c9:d2:39:6d:72:c0:39:e6: 16:b3:15:a1:b2:7b:56:31:3e:51:03:a6:d1:5e:0c: e9:3e:a5:99:16:b0:e9:fd:d5:8b:2f:da:75:ce:1c: b3:4d:89:80:8d:f4:4c:2e:81:67:04:c6:9b:fc:36: 7f:89:e9:a0:f2:5d:6d:9a:50:d8:2c:28:82:4b:b1: 92:8f:44:9d:ac:cc:5b:4d:82:4f:04:eb:40:8c:3c: fb:6f:74:83:de:d4:af:45:fa:9c:5a:aa:b6:09:54: e8:d5:2b:af:c4:0f:f0:e2:03:73:1d:37:81:ea:0c: 18:72:c7:9f:7f:fa:8e:7d:dc:17:eb:1a:64:6a:4e: 0b:1f:d2:c3:af:f4:39:a7:c1:e3:a9:42:ad:61:fd: 7b:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:EF:D9:D2:0A:15:F4:BE:22:C5:0D:46:85:35:A5:F2:6E:2E:9D:49 X509v3 Authority Key Identifier: keyid:DF:19:94:9C:E1:7D:C1:16:E7:B7:C2:24:8C:93:34:05:B7:A1:AE:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:ef:e4:71:54:3d:b3:bd:fe:8e:1b:62:2e:37:58:78:ae:03: ea:d1:8f:6e:d9:e9:96:79:82:9a:2e:5d:9e:b7:e4:93:7c:8d: 34:3e:ca:2f:f5:cf:7b:bd:f1:b9:d9:a9:d3:1c:9d:ef:8c:11: 46:f2:b2:ab:fd:f7:de:65:67:3c:af:76:a6:5a:7d:c2:b1:3a: 87:ce:13:0d:88:3d:61:91:9f:a3:35:12:c5:b5:37:f3:43:18: 7c:00:94:94:62:3d:35:de:58:36:96:6a:76:23:d3:35:a4:66: 8e:db:92:c6:da:cf:d7:51:c6:de:09:21:4b:aa:77:48:b5:83: 18:02:1e:63:1c:a8:e6:f2:15:82:98:ef:85:40:94:39:b9:22: d3:3a:5b:ed:14:94:3d:1f:f0:06:d7:36:b1:ae:62:73:f2:f8: d1:8c:dc:19:70:1a:14:b9:b0:8f:b1:0f:1c:d5:1e:f9:40:92: 02:f4:00:bf:90:2d:ad:f9:eb:60:01:eb:32:f7:ae:b4:40:87: ac:bd:61:76:ed:d2:db:08:a5:89:bf:f5:d2:39:b0:ad:c1:30: a3:46:79:23:a8:c6:0b:01:20:59:da:56:98:45:18:ee:63:c0: f1:64:92:f4:56:74:e3:e4:f8:3e:31:aa:ba:28:35:dd:a6:8a: 99:ab:7e:17 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdQJR7T/zuP4dmo620i3sDN5BU3MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREYxOTk0OUNFMTdEQzExNkU3QjdDMjI0OEM5MzM0MDVC N0ExQUVGMjAeFw0yNjAzMjUwNzI3MDlaFw0yNjAzMjgxNzMxMDlaMDMxMTAvBgNV BAMTKEZDRUZEOUQyMEExNUY0QkUyMkM1MEQ0Njg1MzVBNUYyNkUyRTlENDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMQYx5Lab6vFZ/fVfxnwTKunj8 mGU2IboSsjVhpP++uPIl78FFVQUhY8bhmP8B1yTLQCj6gMYUWXehND/fNSTtGozv /tCILK1o01Cwp3hTDEKIgfP/YVLmZJ6JiRAhbRdxyCkySaVXpb1PQSF8ODLJ0jlt csA55hazFaGye1YxPlEDptFeDOk+pZkWsOn91Ysv2nXOHLNNiYCN9EwugWcExpv8 Nn+J6aDyXW2aUNgsKIJLsZKPRJ2szFtNgk8E60CMPPtvdIPe1K9F+pxaqrYJVOjV K6/ED/DiA3MdN4HqDBhyx59/+o593BfrGmRqTgsf0sOv9DmnweOpQq1h/XuVAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU/O/Z0goV9L4ixQ1GhTWl8m4unUkwHwYDVR0j BBgwFoAU3xmUnOF9wRbnt8IkjJM0BbehrvIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YWVmNzg2Yi02MjI2LTQ0YWYtODUyZC0xZmIwNDVjNGRlYjMvMC9ERjE5OTQ5Q0Ux N0RDMTE2RTdCN0MyMjQ4QzkzMzQwNUI3QTFBRUYyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREYxOTk0OUNFMTdEQzExNkU3QjdDMjI0OEM5MzM0MDVCN0Ex QUVGMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2FlZjc4NmItNjIyNi00NGFmLTg1 MmQtMWZiMDQ1YzRkZWIzLzAvREYxOTk0OUNFMTdEQzExNkU3QjdDMjI0OEM5MzM0 MDVCN0ExQUVGMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHnv5HFUPbO9/o4bYi43WHiuA+rRj27Z6ZZ5 gpouXZ635JN8jTQ+yi/1z3u98bnZqdMcne+MEUbysqv9995lZzyvdqZafcKxOofO Ew2IPWGRn6M1EsW1N/NDGHwAlJRiPTXeWDaWanYj0zWkZo7bksbaz9dRxt4JIUuq d0i1gxgCHmMcqObyFYKY74VAlDm5ItM6W+0UlD0f8AbXNrGuYnPy+NGM3BlwGhS5 sI+xDxzVHvlAkgL0AL+QLa3562AB6zL3rrRAh6y9YXbt0tsIpYm/9dI5sK3BMKNG eSOoxgsBIFnaVphFGO5jwPFkkvRWdOPk+D4xqrooNd2mipmrfhc= -----END CERTIFICATE-----Generated at Thu Mar 26 08:57:13 2026 by rpki-client