$ rpki-client -vvf repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft File: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft (raw, json) Hash identifier: oZekkdaulHdK9yEqcuYBb1bEBf+99E/Q6h9ghNIcAcc= Subject key identifier: 68:34:77:36:4F:48:DB:19:18:6C:FD:17:57:BA:B3:F8:E1:8D:A8:4F Authority key identifier: 3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F Certificate issuer: /CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Certificate serial: 07645C82BD16EFEC245441211739176AA97EB883 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft Manifest number: 023E Signing time: Wed 25 Mar 2026 02:01:01 +0000 Manifest this update: Wed 25 Mar 2026 01:56:01 +0000 Manifest next update: Sat 28 Mar 2026 11:01:01 +0000 Files and hashes: 1: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl (hash: F1+qXTOKLZzjGFj1jpTVqZZnKmTDWgF8uW8QKU01YDM=) 2: 3130332e36352e39362e302f32332d3234203d3e203536323539.roa (hash: GJQ3NUFsB2nVnSk1uRZagjtzrc7ng31cjwY1HHOp2FQ=) 3: 3130332e31302e3235332e302f32342d3234203d3e203536323539.roa (hash: HvzvMBj5qU+NExWSjTWqrdpmvH/WBtBrlcSKkhbhERc=) 4: 3130332e32382e3136332e302f32342d3234203d3e203536323539.roa (hash: NAFqFIaSAImXyE9eWh33YjJ4/n4BJqvDNhOBlZ2+l28=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 11:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:64:5c:82:bd:16:ef:ec:24:54:41:21:17:39:17:6a:a9:7e:b8:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Validity Not Before: Mar 25 01:56:01 2026 GMT Not After : Mar 28 11:01:01 2026 GMT Subject: CN=683477364F48DB19186CFD1757BAB3F8E18DA84F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:9d:d7:cb:f3:2d:05:73:11:c4:0b:a7:22:17: 47:de:a4:bf:ae:37:2c:b6:b3:54:d7:33:b4:ac:a5: 43:d8:d9:63:f1:5d:5c:b9:19:d8:dc:5c:ca:ec:db: 85:34:12:3c:e7:ac:3d:68:90:a7:78:4e:66:bd:fe: 11:bf:56:e4:40:b3:a0:6d:56:ce:6f:4f:27:3c:8a: f6:aa:d1:e8:c8:8d:e6:94:fa:d5:af:84:85:da:fe: 1d:23:05:ad:48:e2:18:24:dd:57:5f:63:a1:15:48: a3:35:c9:d3:08:25:6f:7a:28:4d:8c:9b:22:fe:58: 0e:25:22:43:4d:24:2b:51:fa:a1:92:9a:13:cb:76: cc:8e:1d:77:3e:fe:87:74:fd:d1:57:cd:73:9e:33: 99:57:41:d6:44:1a:80:01:9b:db:a4:9f:41:f0:f4: 3b:31:ca:70:5c:ee:3d:ad:a3:d5:5c:2b:ec:d2:90: 89:ef:a8:5a:4b:18:d1:da:e1:12:e0:b6:1b:81:a1: 27:cb:d6:89:71:88:48:0a:0c:b9:1f:ff:af:b6:ca: 29:8b:6d:e2:8b:b2:4c:bb:e3:48:a1:99:eb:0f:a1: 18:e4:09:73:23:e4:30:ab:05:dd:42:50:ee:f5:2b: a2:a2:7d:db:90:b9:0b:dd:4e:7c:f4:55:7b:14:19: a5:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:34:77:36:4F:48:DB:19:18:6C:FD:17:57:BA:B3:F8:E1:8D:A8:4F X509v3 Authority Key Identifier: keyid:3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:95:44:23:c0:26:75:40:01:46:ec:de:e9:69:24:4c:d8:03: df:2f:15:c6:bf:9b:44:c5:0c:10:65:5d:dd:f3:65:c6:9d:ff: 7c:f1:46:77:4d:d6:74:26:74:25:74:62:e7:b8:e8:13:79:e4: 0c:2e:e9:8c:46:e8:67:d8:90:e6:23:d9:ba:62:97:fe:d8:23: 41:ab:e3:bd:0e:95:5b:c3:11:d7:51:ee:c2:1d:3b:5f:06:e7: 9d:9f:d5:ce:94:d8:4a:1f:24:1f:39:ab:1f:d0:f1:d6:ff:f8: 14:a1:5c:a8:37:ac:cd:84:31:50:56:71:9d:c9:ac:fd:b8:11: 21:6b:58:ca:b1:4a:ef:79:aa:22:b2:5e:8c:c7:8d:9b:d3:57: 79:8c:df:ec:3a:bc:5f:07:a3:e9:6a:c2:db:20:86:5d:01:56: 92:8c:0c:c1:b4:26:bc:08:9d:38:66:d7:8d:1e:da:ca:29:85: 3f:bd:67:95:1d:0e:f3:09:c3:c8:b5:79:73:6f:3c:2c:c5:4d: a4:e6:eb:a5:6d:28:e5:f9:95:90:44:36:6d:b7:a7:f4:62:8b: 73:2f:a8:41:17:a3:62:d6:14:ab:fb:ad:bf:1c:fe:e1:47:7a: 09:73:de:85:ef:0b:cf:fc:bd:8d:6c:9c:9d:af:31:16:87:b8: 0d:5e:98:4f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUB2Rcgr0W7+wkVEEhFzkXaql+uIMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4 NUMzNUU0RjAeFw0yNjAzMjUwMTU2MDFaFw0yNjAzMjgxMTAxMDFaMDMxMTAvBgNV BAMTKDY4MzQ3NzM2NEY0OERCMTkxODZDRkQxNzU3QkFCM0Y4RTE4REE4NEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgndfL8y0FcxHEC6ciF0fepL+u Nyy2s1TXM7SspUPY2WPxXVy5GdjcXMrs24U0EjznrD1okKd4Tma9/hG/VuRAs6Bt Vs5vTyc8ivaq0ejIjeaU+tWvhIXa/h0jBa1I4hgk3VdfY6EVSKM1ydMIJW96KE2M myL+WA4lIkNNJCtR+qGSmhPLdsyOHXc+/od0/dFXzXOeM5lXQdZEGoABm9ukn0Hw 9DsxynBc7j2to9VcK+zSkInvqFpLGNHa4RLgthuBoSfL1olxiEgKDLkf/6+2yimL beKLsky740ihmesPoRjkCXMj5DCrBd1CUO71K6KifduQuQvdTnz0VXsUGaVvAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUaDR3Nk9I2xkYbP0XV7qz+OGNqE8wHwYDVR0j BBgwFoAUPXifr19+vmk4xMcj3NLu14XDXk8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ZDk3MDAzMi0wOGVhLTQ4OTAtYmRiYS02MzA5YTQ5NzkxN2QvMC8zRDc4OUZBRjVG N0VCRTY5MzhDNEM3MjNEQ0QyRUVENzg1QzM1RTRGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVFRDc4NUMz NUU0Ri5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNGQ5NzAwMzItMDhlYS00ODkwLWJk YmEtNjMwOWE0OTc5MTdkLzAvM0Q3ODlGQUY1RjdFQkU2OTM4QzRDNzIzRENEMkVF RDc4NUMzNUU0Ri5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALWVRCPAJnVAAUbs3ulpJEzYA98vFca/m0TF DBBlXd3zZcad/3zxRndN1nQmdCV0Yue46BN55Awu6YxG6GfYkOYj2bpil/7YI0Gr 470OlVvDEddR7sIdO18G552f1c6U2EofJB85qx/Q8db/+BShXKg3rM2EMVBWcZ3J rP24ESFrWMqxSu95qiKyXozHjZvTV3mM3+w6vF8Ho+lqwtsghl0BVpKMDMG0JrwI nThm140e2sophT+9Z5UdDvMJw8i1eXNvPCzFTaTm66VtKOX5lZBENm23p/Rii3Mv qEEXo2LWFKv7rb8c/uFHeglz3oXvC8/8vY1snJ2vMRaHuA1emE8= -----END CERTIFICATE-----Generated at Thu Mar 26 16:02:29 2026 by rpki-client