$ rpki-client -vvf repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft File: 5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft (raw, json) Hash identifier: taSBFAgZPYYvdrac85GVenDyVlE2AXgqSVouruQzxwo= Subject key identifier: AA:A5:BF:F0:B0:8D:8B:11:3B:A6:E8:60:D5:D8:77:DA:87:1D:83:38 Authority key identifier: 5B:D3:41:A6:D4:6A:F5:2C:FF:23:A5:D1:E2:58:94:94:EE:AC:A2:70 Certificate issuer: /CN=5BD341A6D46AF52CFF23A5D1E2589494EEACA270 Certificate serial: 250C5DBA2D1CA8DC3573CBFAF8FD5420F70AA249 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft Manifest number: 02E3 Signing time: Tue 24 Mar 2026 20:10:58 +0000 Manifest this update: Tue 24 Mar 2026 20:05:58 +0000 Manifest next update: Fri 27 Mar 2026 20:49:58 +0000 Files and hashes: 1: 5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl (hash: cO9qJypC2eHUdRCNxmDF4DtBVEQ5iLfBxoobSplVq6k=) 2: 3130332e3137392e36362e302f32332d3234203d3e20313531303030.roa (hash: bcZ9qQT0HvAnyExnxlI05eaei51KPs6LOG2hjtNqzjc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 20:49:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:0c:5d:ba:2d:1c:a8:dc:35:73:cb:fa:f8:fd:54:20:f7:0a:a2:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5BD341A6D46AF52CFF23A5D1E2589494EEACA270 Validity Not Before: Mar 24 20:05:58 2026 GMT Not After : Mar 27 20:49:58 2026 GMT Subject: CN=AAA5BFF0B08D8B113BA6E860D5D877DA871D8338 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:53:5e:b5:f0:62:79:60:dd:5c:38:78:ea:d8: 19:3e:a7:a0:2b:c8:2f:81:dc:3f:ea:bc:a4:e3:fb: 25:0d:1e:a4:dd:d3:c8:2b:de:df:3a:51:e2:fd:77: b3:91:49:2f:d7:60:11:2e:57:d1:89:5a:d0:c2:51: 4c:1f:01:1d:11:15:29:33:1b:51:d3:fa:6f:8c:90: 38:ba:a4:7e:db:7a:9a:21:91:49:08:0a:8d:8a:36: 60:6a:86:4b:b8:37:61:24:b2:06:3e:ae:4f:e5:a5: 03:c2:09:92:81:77:29:84:51:78:cb:63:8e:b4:83: 6a:f8:9a:36:dc:35:b8:fb:74:01:5c:59:78:7c:d9: 3b:74:39:20:53:b9:41:1b:d5:cd:13:3c:7b:9c:89: bf:ac:6a:ce:1c:9e:86:85:5f:91:07:ed:58:28:de: 88:0a:c3:f2:a4:ea:5c:89:1c:28:0a:f9:65:76:89: 71:98:94:ff:08:05:9a:7c:d4:89:21:b4:7d:ae:f7: 1d:32:85:88:c3:f7:eb:0a:3d:eb:a2:9d:20:68:e3: bc:bd:c5:c5:21:5e:8f:60:4d:34:80:ad:8f:24:c7: fd:37:9e:76:ad:dd:c7:45:10:c3:dd:4d:4f:71:03: b9:13:22:12:e9:ca:3b:dc:23:af:3a:ad:61:2f:3b: 5d:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:A5:BF:F0:B0:8D:8B:11:3B:A6:E8:60:D5:D8:77:DA:87:1D:83:38 X509v3 Authority Key Identifier: keyid:5B:D3:41:A6:D4:6A:F5:2C:FF:23:A5:D1:E2:58:94:94:EE:AC:A2:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3e12743d-d56d-4a77-90e2-c52e6dfe06c2/0/5BD341A6D46AF52CFF23A5D1E2589494EEACA270.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:55:d9:9e:a8:ef:0e:60:e3:47:1a:d2:7d:7b:16:73:28:d8: 92:61:6b:3d:02:a5:0c:03:0b:46:56:3d:5d:6a:6a:50:11:9b: 01:0a:ed:da:11:5a:7b:f6:7c:39:58:f3:e7:e2:40:bc:cd:3c: 9b:26:8f:2e:36:f3:e0:c6:40:95:06:00:22:ba:33:78:f3:bd: d4:02:b5:4a:1f:35:1b:c7:09:60:93:c2:3c:32:7c:4a:06:55: 17:26:27:b1:c4:7e:1a:dc:93:48:3c:c7:ef:41:6d:18:f5:a4: f7:fb:a3:37:ea:12:e9:da:a3:ec:ef:c5:fc:10:0d:8d:d8:a0: 1f:23:0e:16:76:76:c4:da:53:15:0f:22:27:82:06:e3:7d:d4: 09:06:bd:44:ad:d1:b1:d4:41:b0:65:fe:78:a7:f9:2a:ab:0c: 24:80:4e:ee:76:b5:8e:28:9d:3f:35:d8:0b:08:0c:4e:f6:99: 6f:7a:85:6c:a9:b2:0c:b6:0d:2a:8a:b9:8c:12:01:b7:22:1a: 15:e0:b7:b0:73:5a:d3:01:a4:6e:0a:bf:d5:00:95:d2:8e:d1: c0:53:44:b3:d4:b4:c0:9f:de:6c:af:ab:82:ab:6d:6a:fa:24: a0:4c:d2:b6:b1:66:9b:78:f9:1d:0c:8c:42:7f:c2:fb:6b:5f: 11:64:0b:13 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJQxdui0cqNw1c8v6+P1UIPcKokkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0OTRF RUFDQTI3MDAeFw0yNjAzMjQyMDA1NThaFw0yNjAzMjcyMDQ5NThaMDMxMTAvBgNV BAMTKEFBQTVCRkYwQjA4RDhCMTEzQkE2RTg2MEQ1RDg3N0RBODcxRDgzMzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiU1618GJ5YN1cOHjq2Bk+p6Ar yC+B3D/qvKTj+yUNHqTd08gr3t86UeL9d7ORSS/XYBEuV9GJWtDCUUwfAR0RFSkz G1HT+m+MkDi6pH7bepohkUkICo2KNmBqhku4N2EksgY+rk/lpQPCCZKBdymEUXjL Y460g2r4mjbcNbj7dAFcWXh82Tt0OSBTuUEb1c0TPHucib+sas4cnoaFX5EH7Vgo 3ogKw/Kk6lyJHCgK+WV2iXGYlP8IBZp81IkhtH2u9x0yhYjD9+sKPeuinSBo47y9 xcUhXo9gTTSArY8kx/03nnat3cdFEMPdTU9xA7kTIhLpyjvcI686rWEvO109AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUqqW/8LCNixE7puhg1dh32ocdgzgwHwYDVR0j BBgwFoAUW9NBptRq9Sz/I6XR4liUlO6sonAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZTEyNzQzZC1kNTZkLTRhNzctOTBlMi1jNTJlNmRmZTA2YzIvMC81QkQzNDFBNkQ0 NkFGNTJDRkYyM0E1RDFFMjU4OTQ5NEVFQUNBMjcwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0OTRFRUFD QTI3MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2UxMjc0M2QtZDU2ZC00YTc3LTkw ZTItYzUyZTZkZmUwNmMyLzAvNUJEMzQxQTZENDZBRjUyQ0ZGMjNBNUQxRTI1ODk0 OTRFRUFDQTI3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADlV2Z6o7w5g40ca0n17FnMo2JJhaz0CpQwD C0ZWPV1qalARmwEK7doRWnv2fDlY8+fiQLzNPJsmjy428+DGQJUGACK6M3jzvdQC tUofNRvHCWCTwjwyfEoGVRcmJ7HEfhrck0g8x+9BbRj1pPf7ozfqEunao+zvxfwQ DY3YoB8jDhZ2dsTaUxUPIieCBuN91AkGvUSt0bHUQbBl/nin+SqrDCSATu52tY4o nT812AsIDE72mW96hWypsgy2DSqKuYwSAbciGhXgt7BzWtMBpG4Kv9UAldKO0cBT RLPUtMCf3myvq4KrbWr6JKBM0raxZpt4+R0MjEJ/wvtrXxFkCxM= -----END CERTIFICATE-----Generated at Thu Mar 26 10:37:54 2026 by rpki-client