$ rpki-client -vvf repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.mft File: 68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.mft (raw, json) Hash identifier: rSZAu5u4Q+ezS3JbMH44DqC9RFNuYxyG24OSIRELzNA= Subject key identifier: 53:1A:BE:37:94:DB:D6:EA:84:DB:CB:EE:C3:E0:7C:0F:58:D9:7C:4F Authority key identifier: 68:D5:78:2F:BA:DB:91:4C:FD:74:AE:28:DA:59:78:4A:5A:AE:AA:F8 Certificate issuer: /CN=68D5782FBADB914CFD74AE28DA59784A5AAEAAF8 Certificate serial: 61709A3F09177C4199F192C6F68A2C5A6E67CFDB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.mft Manifest number: 04C4 Signing time: Tue 24 Mar 2026 16:01:08 +0000 Manifest this update: Tue 24 Mar 2026 15:56:08 +0000 Manifest next update: Sat 28 Mar 2026 02:46:08 +0000 Files and hashes: 1: 68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.crl (hash: Xbb7qg6V1y0I8FsYvJZEDA8f+AkaWo+wyPwC7IUWubQ=) 2: 3130332e3136312e3131312e302f32342d3234203d3e20313431363135.roa (hash: g4MCHQFO3MQThoyM2TjwQb6nRcwAjTBYmahYDBr6bho=) 3: 3130332e3136312e3131302e302f32342d3234203d3e20313431363135.roa (hash: LmeqzYeHbwqjRvKuIbroVaXCpVEz8bLJBtycTcCFJu4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.crl rsync://repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 02:46:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:70:9a:3f:09:17:7c:41:99:f1:92:c6:f6:8a:2c:5a:6e:67:cf:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68D5782FBADB914CFD74AE28DA59784A5AAEAAF8 Validity Not Before: Mar 24 15:56:08 2026 GMT Not After : Mar 28 02:46:08 2026 GMT Subject: CN=531ABE3794DBD6EA84DBCBEEC3E07C0F58D97C4F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:9c:87:ba:27:d4:d7:74:8a:42:86:bc:f6:00: 8d:72:63:de:d2:94:66:f5:24:94:c2:ac:7e:26:c0: fc:77:53:90:d4:2b:13:61:ad:17:e0:ee:17:02:ab: f7:06:16:b5:22:df:56:c9:ed:4a:7b:89:b5:67:0e: 48:67:eb:b0:a3:2e:f5:e7:98:df:46:0e:c5:3a:bf: 10:80:02:bb:cd:0d:a7:0d:e0:54:86:75:09:f0:7a: fc:69:a0:ba:c3:9d:07:49:b7:1c:cc:34:e0:34:af: c9:bd:5d:bf:76:9e:1a:7e:3a:ed:1d:46:76:6a:bb: e5:dd:e1:6e:90:a2:64:e7:d2:97:0b:28:69:88:8c: 3a:6c:a7:1f:60:91:d7:b7:d3:71:d5:26:66:9b:07: 42:87:f5:f2:1d:29:65:22:97:6d:4a:4b:bf:78:d1: 89:8f:02:80:62:13:e4:fd:f7:82:b0:c6:85:64:81: b5:60:e6:3b:b7:69:d8:5c:29:b4:fa:c9:59:60:a6: 3a:c6:c9:f0:eb:fa:43:cf:1d:aa:b2:d0:0e:14:06: ac:b8:08:fb:b5:65:97:08:b8:2d:b5:65:df:63:a7: 69:0c:d4:73:cd:b6:6f:b9:56:f2:96:48:fd:49:b5: 22:40:cc:2f:ff:2e:a6:3d:b8:ce:b1:4a:31:7d:ea: 04:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:1A:BE:37:94:DB:D6:EA:84:DB:CB:EE:C3:E0:7C:0F:58:D9:7C:4F X509v3 Authority Key Identifier: keyid:68:D5:78:2F:BA:DB:91:4C:FD:74:AE:28:DA:59:78:4A:5A:AE:AA:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3f408e44-3e9c-45e5-bca4-5dfbd4b27130/0/68D5782FBADB914CFD74AE28DA59784A5AAEAAF8.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:6f:4e:a8:41:45:b6:d5:42:2d:75:cd:e9:42:51:70:80:f2: 30:24:b9:cd:05:f3:46:36:1f:6a:42:81:81:67:07:95:c5:01: db:0b:5f:8d:cc:51:94:7f:0a:5d:62:f8:4a:8a:83:20:37:94: a0:8d:fd:12:30:18:46:8f:61:17:05:04:24:86:f9:6c:d7:d2: bd:2a:b2:af:7e:ec:54:0c:2b:19:e1:e9:06:58:cf:7a:9d:97: 91:e2:24:d9:3c:e1:99:e6:25:36:1e:74:69:6d:14:ad:68:e8: 50:cf:46:fe:6c:eb:b5:71:ff:5c:96:21:5a:26:75:33:2a:7f: 1f:42:f2:ad:25:87:4f:6e:e4:a0:eb:d5:52:03:39:52:92:32: b1:74:aa:12:ea:81:c5:3b:7c:d7:d3:41:21:dd:f4:9e:5c:32: c9:03:10:0f:af:e5:b7:64:2e:7f:59:5e:67:be:07:9d:7e:bd: ff:2e:e4:55:82:89:01:02:ff:3d:c6:b6:60:19:9b:8a:76:0a: 33:62:29:3e:0a:6b:47:3f:4d:3f:02:16:f4:50:59:c6:0d:70: 35:4a:05:b2:14:c4:dc:48:06:af:f2:36:e5:2f:5c:d2:d8:b8: 6c:95:d3:07:7b:cf:ab:da:28:fd:cd:37:80:48:a6:f0:54:92: 60:e3:b2:39 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYXCaPwkXfEGZ8ZLG9oosWm5nz9swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjhENTc4MkZCQURCOTE0Q0ZENzRBRTI4REE1OTc4NEE1 QUFFQUFGODAeFw0yNjAzMjQxNTU2MDhaFw0yNjAzMjgwMjQ2MDhaMDMxMTAvBgNV BAMTKDUzMUFCRTM3OTREQkQ2RUE4NERCQ0JFRUMzRTA3QzBGNThEOTdDNEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMnIe6J9TXdIpChrz2AI1yY97S lGb1JJTCrH4mwPx3U5DUKxNhrRfg7hcCq/cGFrUi31bJ7Up7ibVnDkhn67CjLvXn mN9GDsU6vxCAArvNDacN4FSGdQnwevxpoLrDnQdJtxzMNOA0r8m9Xb92nhp+Ou0d RnZqu+Xd4W6QomTn0pcLKGmIjDpspx9gkde303HVJmabB0KH9fIdKWUil21KS794 0YmPAoBiE+T994KwxoVkgbVg5ju3adhcKbT6yVlgpjrGyfDr+kPPHaqy0A4UBqy4 CPu1ZZcIuC21Zd9jp2kM1HPNtm+5VvKWSP1JtSJAzC//LqY9uM6xSjF96gTJAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUUxq+N5Tb1uqE28vuw+B8D1jZfE8wHwYDVR0j BBgwFoAUaNV4L7rbkUz9dK4o2ll4SlquqvgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZjQwOGU0NC0zZTljLTQ1ZTUtYmNhNC01ZGZiZDRiMjcxMzAvMC82OEQ1NzgyRkJB REI5MTRDRkQ3NEFFMjhEQTU5Nzg0QTVBQUVBQUY4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjhENTc4MkZCQURCOTE0Q0ZENzRBRTI4REE1OTc4NEE1QUFF QUFGOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vM2Y0MDhlNDQtM2U5Yy00NWU1LWJj YTQtNWRmYmQ0YjI3MTMwLzAvNjhENTc4MkZCQURCOTE0Q0ZENzRBRTI4REE1OTc4 NEE1QUFFQUFGOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKFvTqhBRbbVQi11zelCUXCA8jAkuc0F80Y2 H2pCgYFnB5XFAdsLX43MUZR/Cl1i+EqKgyA3lKCN/RIwGEaPYRcFBCSG+WzX0r0q sq9+7FQMKxnh6QZYz3qdl5HiJNk84ZnmJTYedGltFK1o6FDPRv5s67Vx/1yWIVom dTMqfx9C8q0lh09u5KDr1VIDOVKSMrF0qhLqgcU7fNfTQSHd9J5cMskDEA+v5bdk Ln9ZXme+B51+vf8u5FWCiQEC/z3GtmAZm4p2CjNiKT4Ka0c/TT8CFvRQWcYNcDVK BbIUxNxIBq/yNuUvXNLYuGyV0wd7z6vaKP3NN4BIpvBUkmDjsjk= -----END CERTIFICATE-----Generated at Thu Mar 26 16:56:13 2026 by rpki-client