$ rpki-client -vvf repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft File: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft (raw, json) Hash identifier: zEP/8C+AWNOsPb5fc9vx+xcddiVz8F2ZSN2QOc7fsG0= Subject key identifier: 2A:A6:96:DF:5F:C8:0A:BE:57:EE:48:62:1C:D6:A7:9A:09:2F:F3:26 Authority key identifier: 28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC Certificate issuer: /CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Certificate serial: 24174E87E8981F60D011E3AF2F41124CEE71EC34 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft Manifest number: D2 Signing time: Tue 24 Mar 2026 18:53:31 +0000 Manifest this update: Tue 24 Mar 2026 18:48:31 +0000 Manifest next update: Sat 28 Mar 2026 02:39:31 +0000 Files and hashes: 1: 3130332e3135352e3139302e302f32342d3234203d3e20313431303637.roa (hash: 4k5l0oKGlgrseypJOAcgbZ3voSGQS5pK7FIolyad81E=) 2: 28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl (hash: bUY6aoM1sHzdRIjMgeILBQbweS1xb4DAJrTgGr3vxDk=) 3: 323430363a373534303a3a2f33322d3332203d3e20313431303637.roa (hash: tGZJC6gHp+rBRUU+fviXr/Qmv6Fq3jy2euNYPnmiMt4=) 4: 3130332e3135352e3139312e302f32342d3234203d3e20313431303637.roa (hash: HqTyhMmIQNWyd9Uu39hBDh2ymSKez80mYyj1XdusXb0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 02:39:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:17:4e:87:e8:98:1f:60:d0:11:e3:af:2f:41:12:4c:ee:71:ec:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28B305C66336C433AB601BA6F0B352E6C57E9BEC Validity Not Before: Mar 24 18:48:31 2026 GMT Not After : Mar 28 02:39:31 2026 GMT Subject: CN=2AA696DF5FC80ABE57EE48621CD6A79A092FF326 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:f3:5d:7b:5c:d8:2f:44:44:40:b7:31:b5:fa: bc:20:fd:85:b1:b3:0d:f5:c6:b9:2a:04:ef:56:57: 7c:a6:22:fc:ac:4d:ae:a6:86:4e:73:41:7b:4b:9a: 93:e7:b6:3f:87:00:88:b9:da:e2:59:4c:db:4b:c2: 1a:2a:b9:f2:8b:f6:d6:de:e1:ac:c7:02:fb:cf:19: a0:a4:3e:2d:92:75:a7:b1:71:a5:a1:a6:cd:5a:cc: cb:02:8d:6e:9d:d6:51:97:42:58:8a:8d:2b:3a:5a: 0e:b2:b4:98:bf:59:2b:76:67:87:ed:c2:41:72:6e: 41:31:c3:b1:45:43:d0:03:b2:86:f1:06:c2:26:55: f1:34:08:33:0f:11:26:74:12:95:bd:63:30:2b:f6: 1e:8c:4c:79:01:a7:fb:60:28:4e:d7:c0:f6:dd:0f: 21:7c:c7:22:e8:1d:12:d0:01:c4:fa:3d:9f:ba:41: d2:2d:e4:4e:e2:28:3d:7f:12:01:cc:12:60:36:f7: d3:ee:1c:db:21:aa:7f:3c:3a:21:0a:50:9d:84:5d: f9:6d:d6:44:47:06:f8:2d:dc:e3:5d:15:44:31:55: a6:8d:9a:22:87:2f:e7:44:2d:ac:8b:75:09:33:61: 18:01:c1:05:62:ce:71:4b:ff:31:16:1c:e9:72:19: 14:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:A6:96:DF:5F:C8:0A:BE:57:EE:48:62:1C:D6:A7:9A:09:2F:F3:26 X509v3 Authority Key Identifier: keyid:28:B3:05:C6:63:36:C4:33:AB:60:1B:A6:F0:B3:52:E6:C5:7E:9B:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28B305C66336C433AB601BA6F0B352E6C57E9BEC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4b6e9b51-bd87-4905-9bf4-a848a44e5ba5/0/28B305C66336C433AB601BA6F0B352E6C57E9BEC.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption e9:6b:d4:24:ae:77:6a:4b:4c:44:fe:0a:a8:b4:cf:2f:2e:3d: 26:8e:db:a5:a3:d6:21:78:c0:13:1e:e5:99:24:6b:1c:ba:59: a3:0d:3b:ae:69:54:3e:a9:5a:59:ee:0a:38:e4:6d:83:56:32: c8:e6:ca:e1:48:66:f8:44:43:eb:47:bf:9e:57:b9:5f:e5:67: c8:10:a9:fb:32:a2:fd:af:ab:20:f6:de:68:ed:46:b5:c7:4b: 45:10:3c:d4:3d:80:5e:a2:c7:36:2a:ed:82:09:6a:cb:71:9f: 94:3a:8a:ba:7f:51:3d:87:d1:a2:de:d7:e3:c2:43:52:00:08: 32:b2:4b:ab:be:12:fd:d0:4f:1b:00:4f:5b:04:b3:e5:45:89: 14:e2:d6:17:34:20:1b:17:86:d8:b9:34:18:47:9b:68:1b:26: b2:fb:89:6c:43:b5:93:13:b7:be:ff:19:45:1e:2c:3b:f9:66: 37:65:e8:89:b1:2b:96:73:d8:48:dd:15:c4:78:68:88:95:a6: 49:6d:05:c6:a4:f4:dd:ef:bc:f8:10:55:bf:8b:6a:8e:ba:8e: c5:a1:98:13:af:0c:fa:74:d5:c9:cf:19:22:80:af:7b:c7:dd: 1f:1a:76:ce:22:06:99:f1:fa:77:7d:6a:88:c7:ec:ce:ca:7d: 18:63:d0:f8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJBdOh+iYH2DQEeOvL0ESTO5x7DQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZD NTdFOUJFQzAeFw0yNjAzMjQxODQ4MzFaFw0yNjAzMjgwMjM5MzFaMDMxMTAvBgNV BAMTKDJBQTY5NkRGNUZDODBBQkU1N0VFNDg2MjFDRDZBNzlBMDkyRkYzMjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp8117XNgvRERAtzG1+rwg/YWx sw31xrkqBO9WV3ymIvysTa6mhk5zQXtLmpPntj+HAIi52uJZTNtLwhoqufKL9tbe 4azHAvvPGaCkPi2SdaexcaWhps1azMsCjW6d1lGXQliKjSs6Wg6ytJi/WSt2Z4ft wkFybkExw7FFQ9ADsobxBsImVfE0CDMPESZ0EpW9YzAr9h6MTHkBp/tgKE7XwPbd DyF8xyLoHRLQAcT6PZ+6QdIt5E7iKD1/EgHMEmA299PuHNshqn88OiEKUJ2EXflt 1kRHBvgt3ONdFUQxVaaNmiKHL+dELayLdQkzYRgBwQViznFL/zEWHOlyGRTTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUKqaW31/ICr5X7khiHNanmgkv8yYwHwYDVR0j BBgwFoAUKLMFxmM2xDOrYBum8LNS5sV+m+wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YjZlOWI1MS1iZDg3LTQ5MDUtOWJmNC1hODQ4YTQ0ZTViYTUvMC8yOEIzMDVDNjYz MzZDNDMzQUI2MDFCQTZGMEIzNTJFNkM1N0U5QkVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUyRTZDNTdF OUJFQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGI2ZTliNTEtYmQ4Ny00OTA1LTli ZjQtYTg0OGE0NGU1YmE1LzAvMjhCMzA1QzY2MzM2QzQzM0FCNjAxQkE2RjBCMzUy RTZDNTdFOUJFQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAOlr1CSud2pLTET+Cqi0zy8uPSaO26Wj1iF4 wBMe5Zkkaxy6WaMNO65pVD6pWlnuCjjkbYNWMsjmyuFIZvhEQ+tHv55XuV/lZ8gQ qfsyov2vqyD23mjtRrXHS0UQPNQ9gF6ixzYq7YIJastxn5Q6irp/UT2H0aLe1+PC Q1IACDKyS6u+Ev3QTxsAT1sEs+VFiRTi1hc0IBsXhti5NBhHm2gbJrL7iWxDtZMT t77/GUUeLDv5Zjdl6ImxK5Zz2EjdFcR4aIiVpkltBcak9N3vvPgQVb+Lao66jsWh mBOvDPp01cnPGSKAr3vH3R8ads4iBpnx+nd9aojH7M7KfRhj0Pg= -----END CERTIFICATE-----Generated at Thu Mar 26 05:57:58 2026 by rpki-client