$ rpki-client -vvf repo-rpki.idnic.net/repo/431a9426-3c35-470e-bf34-30e7e41602cb/0/024ABFF2959A6144CC4889C70F77F968FA410EF1.mft File: 024ABFF2959A6144CC4889C70F77F968FA410EF1.mft (raw, json) Hash identifier: ukAIRdYkI0wThRLQbiaK0+on39NXAqS0R7+GkRuIMkU= Subject key identifier: 2D:A8:20:31:8F:AD:30:E4:1E:64:58:A9:A2:5A:6D:6D:F5:AB:B4:DD Authority key identifier: 02:4A:BF:F2:95:9A:61:44:CC:48:89:C7:0F:77:F9:68:FA:41:0E:F1 Certificate issuer: /CN=024ABFF2959A6144CC4889C70F77F968FA410EF1 Certificate serial: 736E1D73301DD4BA74758D0B06944C0C36B82E40 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/024ABFF2959A6144CC4889C70F77F968FA410EF1.cer Subject info access: rsync://repo-rpki.idnic.net/repo/431a9426-3c35-470e-bf34-30e7e41602cb/0/024ABFF2959A6144CC4889C70F77F968FA410EF1.mft Manifest number: 031C Signing time: Wed 25 Mar 2026 08:11:21 +0000 Manifest this update: Wed 25 Mar 2026 08:06:21 +0000 Manifest next update: Sat 28 Mar 2026 12:18:21 +0000 Files and hashes: 1: 3130332e3137362e34342e302f32342d3234203d3e20313437313238.roa (hash: Dc4qfVtP8INNtKjh1IR53nYnK3S3BQyGrJeyd5Z5XHM=) 2: 3130332e3137362e34342e302f32332d3233203d3e20313437313238.roa (hash: QdIixnzSq8N8sCH+dxKebIKtXdrr8qVttS8Xci0wB7M=) 3: 024ABFF2959A6144CC4889C70F77F968FA410EF1.crl (hash: zjfHa7EONtR3a/fOLI84eEr2kKrkfMf08u2gfjkOWvc=) 4: 3130332e3137362e34352e302f32342d3234203d3e20313437313238.roa (hash: QO9yzDb4CC7G7ZrOt9x3m3LlZY080vHY8ADNw1G145c=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/431a9426-3c35-470e-bf34-30e7e41602cb/0/024ABFF2959A6144CC4889C70F77F968FA410EF1.crl rsync://repo-rpki.idnic.net/repo/431a9426-3c35-470e-bf34-30e7e41602cb/0/024ABFF2959A6144CC4889C70F77F968FA410EF1.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/024ABFF2959A6144CC4889C70F77F968FA410EF1.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 12:18:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:6e:1d:73:30:1d:d4:ba:74:75:8d:0b:06:94:4c:0c:36:b8:2e:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=024ABFF2959A6144CC4889C70F77F968FA410EF1 Validity Not Before: Mar 25 08:06:21 2026 GMT Not After : Mar 28 12:18:21 2026 GMT Subject: CN=2DA820318FAD30E41E6458A9A25A6D6DF5ABB4DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:62:dd:2f:c2:fc:7d:ad:22:19:cd:d7:50:f6: e2:08:10:61:9f:6a:ef:e3:65:14:e5:9c:31:d0:e7: 40:c9:65:ed:f3:02:b5:a9:ba:f1:d9:63:3d:f0:94: 9a:35:e5:ea:91:b0:09:16:e6:79:ad:b7:68:0c:20: ac:bd:87:fe:d4:8b:c7:76:bd:d6:4f:7a:ca:76:4f: db:63:44:3d:f0:f1:d2:b6:15:45:ba:42:04:6f:f5: 96:17:19:23:3c:c4:f5:bb:5c:5e:3a:6b:1a:94:f0: fe:c4:93:54:64:3f:38:dd:7c:7b:27:9f:97:8d:2f: c1:6c:65:ec:90:5a:f7:7b:90:3d:4f:66:3b:86:7a: 56:80:6f:04:90:25:7e:d5:d3:81:9e:16:a0:3e:3b: 8a:f9:32:66:4c:19:0f:8b:7f:14:0a:b7:da:a5:19: 96:a1:56:01:e7:d4:36:b3:ff:b0:59:0e:1d:31:eb: ba:d0:f7:20:0f:95:0b:0b:89:ec:a7:fd:62:30:24: 48:9d:05:77:7c:ea:ed:4e:ad:47:2e:7c:57:ab:0e: 54:68:80:a6:56:65:3f:34:69:cb:47:34:23:15:bd: 54:28:2c:b1:be:53:59:c8:5e:75:59:30:53:fb:e1: 46:e7:63:9c:90:21:b5:e0:65:e2:87:07:7e:8a:c2: 6a:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:A8:20:31:8F:AD:30:E4:1E:64:58:A9:A2:5A:6D:6D:F5:AB:B4:DD X509v3 Authority Key Identifier: keyid:02:4A:BF:F2:95:9A:61:44:CC:48:89:C7:0F:77:F9:68:FA:41:0E:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/431a9426-3c35-470e-bf34-30e7e41602cb/0/024ABFF2959A6144CC4889C70F77F968FA410EF1.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/024ABFF2959A6144CC4889C70F77F968FA410EF1.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/431a9426-3c35-470e-bf34-30e7e41602cb/0/024ABFF2959A6144CC4889C70F77F968FA410EF1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:b4:47:77:66:5e:d3:34:24:71:fd:93:b6:e1:32:fa:a5:33: f9:1d:9c:98:63:55:72:b8:ce:cd:07:47:8e:d3:9c:c8:f8:d3: ec:5b:3f:7b:50:47:9d:f8:7d:4e:c7:19:79:68:de:7e:d8:4f: 6a:c5:32:44:9b:e9:0c:a9:f3:fa:69:b7:86:7e:68:58:a0:03: df:8c:3d:35:ce:ce:d5:4c:4a:47:5b:a8:3a:68:d0:25:be:32: 8d:f6:0b:40:f9:3b:6e:e6:d6:cc:a0:bd:27:2f:52:cd:e4:8e: 28:c0:e5:54:0e:b6:48:78:08:fd:ae:6b:c5:2e:ae:3a:54:6e: a3:e0:66:59:84:5a:02:49:d5:d2:fc:80:2f:39:bf:29:e5:3d: 12:d7:30:d3:ff:f3:89:4d:47:ea:06:ac:12:bf:b4:00:96:ab: 8c:15:17:07:47:dd:24:96:4d:9c:51:2b:a9:fe:33:70:ce:57: bc:b4:4d:c5:72:36:21:f0:e6:45:33:60:8d:88:bc:83:65:c4: 1f:9d:f3:3f:bf:f3:0a:ed:c8:c9:90:be:11:88:60:fb:a8:61: 0f:dd:37:24:8f:4d:c1:ec:28:32:24:d2:cb:70:41:ad:33:91: 8a:ed:11:d4:09:b7:21:3a:93:87:75:ae:28:45:25:56:8c:a7: 13:78:81:9c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUc24dczAd1Lp0dY0LBpRMDDa4LkAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDI0QUJGRjI5NTlBNjE0NENDNDg4OUM3MEY3N0Y5NjhG QTQxMEVGMTAeFw0yNjAzMjUwODA2MjFaFw0yNjAzMjgxMjE4MjFaMDMxMTAvBgNV BAMTKDJEQTgyMDMxOEZBRDMwRTQxRTY0NThBOUEyNUE2RDZERjVBQkI0REQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXYt0vwvx9rSIZzddQ9uIIEGGf au/jZRTlnDHQ50DJZe3zArWpuvHZYz3wlJo15eqRsAkW5nmtt2gMIKy9h/7Ui8d2 vdZPesp2T9tjRD3w8dK2FUW6QgRv9ZYXGSM8xPW7XF46axqU8P7Ek1RkPzjdfHsn n5eNL8FsZeyQWvd7kD1PZjuGelaAbwSQJX7V04GeFqA+O4r5MmZMGQ+LfxQKt9ql GZahVgHn1Daz/7BZDh0x67rQ9yAPlQsLieyn/WIwJEidBXd86u1OrUcufFerDlRo gKZWZT80actHNCMVvVQoLLG+U1nIXnVZMFP74UbnY5yQIbXgZeKHB36KwmrHAgMB AAGjggI8MIICODAdBgNVHQ4EFgQULaggMY+tMOQeZFipolptbfWrtN0wHwYDVR0j BBgwFoAUAkq/8pWaYUTMSInHD3f5aPpBDvEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 MzFhOTQyNi0zYzM1LTQ3MGUtYmYzNC0zMGU3ZTQxNjAyY2IvMC8wMjRBQkZGMjk1 OUE2MTQ0Q0M0ODg5QzcwRjc3Rjk2OEZBNDEwRUYxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMDI0QUJGRjI5NTlBNjE0NENDNDg4OUM3MEY3N0Y5NjhGQTQx MEVGMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDMxYTk0MjYtM2MzNS00NzBlLWJm MzQtMzBlN2U0MTYwMmNiLzAvMDI0QUJGRjI5NTlBNjE0NENDNDg4OUM3MEY3N0Y5 NjhGQTQxMEVGMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJe0R3dmXtM0JHH9k7bhMvqlM/kdnJhjVXK4 zs0HR47TnMj40+xbP3tQR534fU7HGXlo3n7YT2rFMkSb6Qyp8/ppt4Z+aFigA9+M PTXOztVMSkdbqDpo0CW+Mo32C0D5O27m1sygvScvUs3kjijA5VQOtkh4CP2ua8Uu rjpUbqPgZlmEWgJJ1dL8gC85vynlPRLXMNP/84lNR+oGrBK/tACWq4wVFwdH3SSW TZxRK6n+M3DOV7y0TcVyNiHw5kUzYI2IvINlxB+d8z+/8wrtyMmQvhGIYPuoYQ/d NySPTcHsKDIk0stwQa0zkYrtEdQJtyE6k4d1rihFJVaMpxN4gZw= -----END CERTIFICATE-----Generated at Thu Mar 26 18:24:37 2026 by rpki-client