$ rpki-client -vvf repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft File: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft (raw, json) Hash identifier: jnnHCraR9Qhbq1uLb2GcD7lesde7QBzsC571BYoAezk= Subject key identifier: 9B:AD:89:3B:34:E5:CF:49:42:A9:02:78:80:42:55:83:C0:EB:F5:21 Authority key identifier: D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 Certificate issuer: /CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Certificate serial: 5CAC79CF6A9FF093AF2CE948A821D99D399DC00A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft Manifest number: 0275 Signing time: Thu 26 Mar 2026 00:04:57 +0000 Manifest this update: Wed 25 Mar 2026 23:59:57 +0000 Manifest next update: Sun 29 Mar 2026 01:19:57 +0000 Files and hashes: 1: D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl (hash: 9mCzx6co7TDnx2BD0L9eQ+RCSKg4k9Db5YHwBf3zxUs=) 2: 3130332e3138332e362e302f32332d3234203d3e20313439343037.roa (hash: HNI0ArO+KsvaMgGqtyRRpqs1evvFTKgd+Siy8K2ur7A=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 01:19:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:ac:79:cf:6a:9f:f0:93:af:2c:e9:48:a8:21:d9:9d:39:9d:c0:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26 Validity Not Before: Mar 25 23:59:57 2026 GMT Not After : Mar 29 01:19:57 2026 GMT Subject: CN=9BAD893B34E5CF4942A9027880425583C0EBF521 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:39:7e:ee:af:f5:5c:ce:76:98:e7:f9:ab:42: 52:89:4c:d1:9f:e3:1c:46:be:b3:e8:59:d1:fc:00: cf:e9:40:a2:8c:81:2b:f1:5e:39:6a:02:83:a0:d1: 16:7b:a4:97:65:d9:76:26:ad:8a:45:38:ca:3f:66: df:bd:74:60:60:d3:4a:db:8a:ed:88:48:be:25:6c: 20:bc:c7:33:61:62:81:86:b7:0c:df:d3:1d:66:f9: 34:a6:ae:4a:6b:2b:4b:64:32:30:fc:50:d8:23:02: 81:28:df:73:00:c1:bc:6c:26:5e:a0:49:83:39:dc: 60:0c:86:e2:81:59:04:3d:c1:f8:c9:54:6d:c6:2a: f7:8d:e2:ab:88:1b:b4:36:32:07:ff:5e:85:75:ca: 57:9b:9c:6d:0c:ab:de:37:65:c8:c0:6e:14:bd:36: f3:b9:c5:35:d1:f3:47:04:2b:62:d4:4e:16:d3:78: f7:3c:30:93:34:75:52:c5:c0:32:d5:19:c4:3a:2b: 92:6f:13:9b:ac:64:13:16:19:e6:fb:64:89:0f:c1: 45:f6:8d:7e:38:ee:49:a6:81:98:33:8a:d5:81:a0: 4d:9f:29:8e:4f:14:30:5c:27:28:9f:de:da:b1:a8: 94:0d:3b:81:b8:8f:50:3a:8f:9b:cf:a8:fe:1b:1c: 17:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:AD:89:3B:34:E5:CF:49:42:A9:02:78:80:42:55:83:C0:EB:F5:21 X509v3 Authority Key Identifier: keyid:D2:1A:35:97:D7:B5:EB:D9:A5:47:68:0F:1C:2E:D7:A4:64:DD:9F:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cc5605d-f17a-4010-9253-210c64f148bd/0/D21A3597D7B5EBD9A547680F1C2ED7A464DD9F26.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption be:63:a2:4f:30:36:bd:9d:1f:21:1a:e8:3b:4c:0e:23:db:50: c4:0b:29:5c:a4:19:d7:09:3e:c0:58:f2:0d:47:e8:53:12:95: d7:39:f7:85:da:4a:84:64:6f:bb:e5:e2:10:85:76:85:85:26: 45:85:c5:8a:ce:4d:64:49:4b:ea:f3:dc:bf:0b:29:ae:f5:9d: 0a:b1:4e:55:4e:c2:df:b9:b6:3c:58:3b:15:16:a8:94:ab:eb: 72:21:7d:b5:ed:b3:fe:d8:d6:04:d8:2e:39:1e:53:65:f1:1c: 8d:96:42:85:35:67:bb:aa:1d:bc:60:d5:05:91:08:3c:4b:03: 15:c2:cf:85:4e:bf:10:5f:54:cf:cc:bd:0b:02:fe:92:a5:7f: bf:bd:52:72:bb:f1:73:c3:d8:85:63:66:00:7d:7b:08:d6:e9: 31:e8:bd:83:fe:0d:97:d5:a2:d3:ba:ae:1b:a1:7c:96:9c:67: 64:f4:3f:4f:6d:1b:cc:80:ed:fd:b0:0c:b3:57:8a:c2:3e:75: 73:c4:a7:97:b9:a2:e3:ce:0e:d7:0c:e3:fd:a5:60:b6:51:21: 07:1d:0b:b6:db:69:6e:e7:bd:8b:2e:ed:07:42:22:a7:b6:90: c1:4b:28:c2:d6:75:62:e9:f4:38:eb:bd:ec:30:e4:0f:34:5d: 59:53:b6:b5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXKx5z2qf8JOvLOlIqCHZnTmdwAowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2 NEREOUYyNjAeFw0yNjAzMjUyMzU5NTdaFw0yNjAzMjkwMTE5NTdaMDMxMTAvBgNV BAMTKDlCQUQ4OTNCMzRFNUNGNDk0MkE5MDI3ODgwNDI1NTgzQzBFQkY1MjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1OX7ur/VcznaY5/mrQlKJTNGf 4xxGvrPoWdH8AM/pQKKMgSvxXjlqAoOg0RZ7pJdl2XYmrYpFOMo/Zt+9dGBg00rb iu2ISL4lbCC8xzNhYoGGtwzf0x1m+TSmrkprK0tkMjD8UNgjAoEo33MAwbxsJl6g SYM53GAMhuKBWQQ9wfjJVG3GKveN4quIG7Q2Mgf/XoV1ylebnG0Mq943ZcjAbhS9 NvO5xTXR80cEK2LUThbTePc8MJM0dVLFwDLVGcQ6K5JvE5usZBMWGeb7ZIkPwUX2 jX447kmmgZgzitWBoE2fKY5PFDBcJyif3tqxqJQNO4G4j1A6j5vPqP4bHBcpAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUm62JOzTlz0lCqQJ4gEJVg8Dr9SEwHwYDVR0j BBgwFoAU0ho1l9e169mlR2gPHC7XpGTdnyYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z Y2M1NjA1ZC1mMTdhLTQwMTAtOTI1My0yMTBjNjRmMTQ4YmQvMC9EMjFBMzU5N0Q3 QjVFQkQ5QTU0NzY4MEYxQzJFRDdBNDY0REQ5RjI2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3QTQ2NERE OUYyNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2NjNTYwNWQtZjE3YS00MDEwLTky NTMtMjEwYzY0ZjE0OGJkLzAvRDIxQTM1OTdEN0I1RUJEOUE1NDc2ODBGMUMyRUQ3 QTQ2NEREOUYyNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAL5jok8wNr2dHyEa6DtMDiPbUMQLKVykGdcJ PsBY8g1H6FMSldc594XaSoRkb7vl4hCFdoWFJkWFxYrOTWRJS+rz3L8LKa71nQqx TlVOwt+5tjxYOxUWqJSr63IhfbXts/7Y1gTYLjkeU2XxHI2WQoU1Z7uqHbxg1QWR CDxLAxXCz4VOvxBfVM/MvQsC/pKlf7+9UnK78XPD2IVjZgB9ewjW6THovYP+DZfV otO6rhuhfJacZ2T0P09tG8yA7f2wDLNXisI+dXPEp5e5ouPODtcM4/2lYLZRIQcd C7bbaW7nvYsu7QdCIqe2kMFLKMLWdWLp9Djrveww5A80XVlTtrU= -----END CERTIFICATE-----Generated at Thu Mar 26 21:58:30 2026 by rpki-client