$ rpki-client -vvf repo-rpki.idnic.net/repo/4759476e-6adb-4f2e-be75-8467259e128f/0/AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40.mft File: AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40.mft (raw, json) Hash identifier: m4WkbeKi0+kFl/526n2E7J8qqBX08qu4vOHkUtce91M= Subject key identifier: D2:DD:E1:AA:A2:50:F5:17:AF:47:A3:0B:C7:C5:54:0F:F7:99:FC:48 Authority key identifier: AE:DA:3A:68:76:F2:BB:6E:33:C8:1B:B2:8B:08:F9:F3:6C:80:DC:40 Certificate issuer: /CN=AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40 Certificate serial: 0884AD51B40BB2127BDCD60334F19B89CFB9437A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4759476e-6adb-4f2e-be75-8467259e128f/0/AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40.mft Manifest number: 0232 Signing time: Tue 24 Mar 2026 14:11:54 +0000 Manifest this update: Tue 24 Mar 2026 14:06:54 +0000 Manifest next update: Fri 27 Mar 2026 23:54:54 +0000 Files and hashes: 1: 3130332e31372e3134322e302f32332d3233203d3e2039333431.roa (hash: 7zBTS0bU7PgzGa8PCcebIzMScdeyLBIAzKr1yoDxbbo=) 2: 3130332e31372e3134322e302f32342d3234203d3e2039333431.roa (hash: aDPjpRT6pfd3T7ltNqLLQRA6RqqiOtEG5C4gW/hEaTI=) 3: 3130332e31372e3134332e302f32342d3234203d3e2039333431.roa (hash: 0GFIWUiUrqRfAE/w3eKveKOv4M+2LjJoosY6Pp8ypUc=) 4: AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40.crl (hash: kC7vNkLWVlin5Z3pTf1k3mMkCekGD4fiS21fLn4L1xg=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4759476e-6adb-4f2e-be75-8467259e128f/0/AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40.crl rsync://repo-rpki.idnic.net/repo/4759476e-6adb-4f2e-be75-8467259e128f/0/AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 23:54:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:84:ad:51:b4:0b:b2:12:7b:dc:d6:03:34:f1:9b:89:cf:b9:43:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40 Validity Not Before: Mar 24 14:06:54 2026 GMT Not After : Mar 27 23:54:54 2026 GMT Subject: CN=D2DDE1AAA250F517AF47A30BC7C5540FF799FC48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:50:e7:12:84:27:9d:56:aa:9c:06:95:e2:c1: 51:6d:ed:6e:d6:1b:9f:f2:d6:99:1a:15:d8:fa:72: c2:03:cc:33:93:89:28:5d:fc:e3:eb:e6:c3:29:55: f4:c6:db:6e:d2:c6:c5:88:51:69:f5:b9:fe:e3:cd: dc:3d:6f:e1:06:ba:6d:ac:36:b7:83:55:23:2a:d2: 02:63:1b:40:95:bd:2d:89:89:95:87:fc:4b:24:9e: 8a:52:25:7f:d4:9c:c8:9b:f3:d0:df:24:2f:32:7c: bf:3e:e6:c6:4b:94:f3:1f:e9:9c:03:19:5d:65:16: 00:1c:08:0b:33:78:7d:ed:cb:5c:5b:20:bb:94:ab: 07:5f:e2:1e:9f:1e:fc:ae:71:26:88:80:c1:fc:26: b4:da:a8:5d:32:85:65:bf:5a:98:53:f7:08:c1:d4: b2:1f:af:a2:8d:8c:e9:f9:bd:ee:65:ed:2e:af:ca: 4c:c5:c6:16:80:a8:cc:5f:43:08:ab:6a:c5:92:1c: 51:2c:09:b5:a4:de:84:c9:b9:f7:23:d6:cc:cf:d4: b2:5c:f8:a8:ff:33:e6:a6:c2:ce:ff:20:17:e2:85: de:17:51:49:5b:58:e1:47:57:52:52:f2:55:12:e7: 2d:02:e1:a5:a0:59:98:38:cf:29:bf:19:8d:58:6f: 0b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:DD:E1:AA:A2:50:F5:17:AF:47:A3:0B:C7:C5:54:0F:F7:99:FC:48 X509v3 Authority Key Identifier: keyid:AE:DA:3A:68:76:F2:BB:6E:33:C8:1B:B2:8B:08:F9:F3:6C:80:DC:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4759476e-6adb-4f2e-be75-8467259e128f/0/AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4759476e-6adb-4f2e-be75-8467259e128f/0/AEDA3A6876F2BB6E33C81BB28B08F9F36C80DC40.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:0a:5e:b1:94:e0:65:12:1c:e5:2a:ea:82:83:f4:24:3a:81: 8b:44:fe:bb:04:1a:d6:e7:c4:7d:d6:62:5c:45:cc:1d:b7:e8: 89:58:7d:09:de:e6:99:c5:dd:d7:2b:c4:51:36:81:2f:cd:7e: e0:55:f5:fe:df:01:27:e4:f1:76:45:17:8d:10:1e:bd:1d:a1: 95:8c:97:2c:7c:14:da:5a:55:c0:04:30:81:d3:06:ae:1e:b4: 0f:95:b4:7f:1d:e3:62:ff:a8:8d:bc:53:59:23:7c:56:2a:38: 7f:0a:9e:3d:f2:a1:6c:46:f3:e4:e1:44:45:0a:67:bf:d6:23: c4:0f:f9:40:9d:5b:d1:63:76:9f:b7:99:16:7a:bf:17:b0:48: a5:dc:bd:d1:07:46:5d:ff:74:57:89:62:4b:7e:0b:bd:13:ae: 29:7f:ef:22:63:af:9a:13:e5:32:10:5d:c0:41:60:ee:d5:72: a0:25:b9:94:0d:fe:9f:74:6a:04:8a:7b:30:4a:c6:bc:eb:e2: 25:63:cb:30:67:54:11:29:50:12:70:e0:4b:c6:6f:2c:89:19: 53:3c:0e:7b:12:5a:ce:82:4a:fc:64:34:36:66:d4:1b:21:8e: d0:71:a6:12:ca:c2:9d:2f:af:4e:af:38:40:bf:1e:ff:69:3f: e6:a2:05:9a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCIStUbQLshJ73NYDNPGbic+5Q3owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUVEQTNBNjg3NkYyQkI2RTMzQzgxQkIyOEIwOEY5RjM2 QzgwREM0MDAeFw0yNjAzMjQxNDA2NTRaFw0yNjAzMjcyMzU0NTRaMDMxMTAvBgNV BAMTKEQyRERFMUFBQTI1MEY1MTdBRjQ3QTMwQkM3QzU1NDBGRjc5OUZDNDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsUOcShCedVqqcBpXiwVFt7W7W G5/y1pkaFdj6csIDzDOTiShd/OPr5sMpVfTG227SxsWIUWn1uf7jzdw9b+EGum2s NreDVSMq0gJjG0CVvS2JiZWH/EsknopSJX/UnMib89DfJC8yfL8+5sZLlPMf6ZwD GV1lFgAcCAszeH3ty1xbILuUqwdf4h6fHvyucSaIgMH8JrTaqF0yhWW/WphT9wjB 1LIfr6KNjOn5ve5l7S6vykzFxhaAqMxfQwirasWSHFEsCbWk3oTJufcj1szP1LJc +Kj/M+amws7/IBfihd4XUUlbWOFHV1JS8lUS5y0C4aWgWZg4zym/GY1YbwuPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU0t3hqqJQ9RevR6MLx8VUD/eZ/EgwHwYDVR0j BBgwFoAUrto6aHbyu24zyBuyiwj582yA3EAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NzU5NDc2ZS02YWRiLTRmMmUtYmU3NS04NDY3MjU5ZTEyOGYvMC9BRURBM0E2ODc2 RjJCQjZFMzNDODFCQjI4QjA4RjlGMzZDODBEQzQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQUVEQTNBNjg3NkYyQkI2RTMzQzgxQkIyOEIwOEY5RjM2Qzgw REM0MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNDc1OTQ3NmUtNmFkYi00ZjJlLWJl NzUtODQ2NzI1OWUxMjhmLzAvQUVEQTNBNjg3NkYyQkI2RTMzQzgxQkIyOEIwOEY5 RjM2QzgwREM0MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJUKXrGU4GUSHOUq6oKD9CQ6gYtE/rsEGtbn xH3WYlxFzB236IlYfQne5pnF3dcrxFE2gS/NfuBV9f7fASfk8XZFF40QHr0doZWM lyx8FNpaVcAEMIHTBq4etA+VtH8d42L/qI28U1kjfFYqOH8Knj3yoWxG8+ThREUK Z7/WI8QP+UCdW9Fjdp+3mRZ6vxewSKXcvdEHRl3/dFeJYkt+C70Tril/7yJjr5oT 5TIQXcBBYO7VcqAluZQN/p90agSKezBKxrzr4iVjyzBnVBEpUBJw4EvGbyyJGVM8 DnsSWs6CSvxkNDZm1BshjtBxphLKwp0vr06vOEC/Hv9pP+aiBZo= -----END CERTIFICATE-----Generated at Thu Mar 26 13:34:47 2026 by rpki-client