$ rpki-client -vvf repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft File: 843FDF32A52D11795BBFB0918ABF926E0A210870.mft (raw, json) Hash identifier: aAP3sAEcN+EjBvedDN9Cdmjl969PqzYcuSI6bIb0ZlE= Subject key identifier: 9E:E5:62:1A:ED:A8:0A:9E:77:10:F4:33:D4:21:79:D4:74:BD:48:C5 Authority key identifier: 84:3F:DF:32:A5:2D:11:79:5B:BF:B0:91:8A:BF:92:6E:0A:21:08:70 Certificate issuer: /CN=843FDF32A52D11795BBFB0918ABF926E0A210870 Certificate serial: 1828444F3D19BCD1AA3574A5B7A081718E553DC7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer Subject info access: rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft Manifest number: 0157 Signing time: Wed 25 Mar 2026 16:32:27 +0000 Manifest this update: Wed 25 Mar 2026 16:27:27 +0000 Manifest next update: Sat 28 Mar 2026 17:44:27 +0000 Files and hashes: 1: 3231302e38372e3132342e302f32332d3234203d3e20313532303539.roa (hash: EWhTaEy0kSyTN6Oh9f79SCw3rvXkaSbLCftfTIrzMKE=) 2: 843FDF32A52D11795BBFB0918ABF926E0A210870.crl (hash: 1crRCMUkl4WCdKh0K2pIztDPAutOF1VS9Df3T3GNKO8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.crl rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 17:44:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:28:44:4f:3d:19:bc:d1:aa:35:74:a5:b7:a0:81:71:8e:55:3d:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=843FDF32A52D11795BBFB0918ABF926E0A210870 Validity Not Before: Mar 25 16:27:27 2026 GMT Not After : Mar 28 17:44:27 2026 GMT Subject: CN=9EE5621AEDA80A9E7710F433D42179D474BD48C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:77:44:a5:ec:32:6c:b0:da:42:0c:85:64:38: 09:fa:99:2e:43:52:c4:39:ec:04:2d:db:c1:44:99: 2f:e3:ba:bd:85:b8:1d:14:73:d0:01:8d:ee:fb:de: 94:76:91:9d:88:f2:c3:1d:51:a5:12:24:81:05:49: 1c:65:7d:52:c6:16:a9:c1:35:75:99:70:1c:49:66: 07:ec:21:a4:37:67:f8:e9:6b:36:8b:74:49:f0:4d: cc:73:36:af:b5:31:23:4e:1f:b9:82:47:ea:61:f2: 14:52:b5:46:54:98:c5:ea:cb:c5:03:10:b2:7e:b3: ab:9e:69:1c:25:74:83:08:b0:1e:16:ef:b5:5a:c6: 01:e5:d0:c3:05:51:c7:f8:d1:fd:d9:bf:ec:9c:41: 9e:bf:7a:71:f0:04:5c:08:ee:80:cc:5c:23:2f:73: a3:63:b5:ac:e7:b9:76:8b:68:3c:0c:b7:58:bb:75: 97:27:2c:33:9a:ef:76:28:2e:e7:12:06:79:b2:cd: 89:5c:a2:78:3d:37:c8:a4:01:70:3c:15:52:4f:45: 85:aa:9f:e3:98:04:7f:ce:f3:32:b6:a2:38:39:26: ba:97:10:9c:7d:4d:29:b1:11:d0:36:55:a9:6d:42: b8:63:14:df:8e:5b:20:4b:e3:93:13:9d:b2:16:f9: 2e:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:E5:62:1A:ED:A8:0A:9E:77:10:F4:33:D4:21:79:D4:74:BD:48:C5 X509v3 Authority Key Identifier: keyid:84:3F:DF:32:A5:2D:11:79:5B:BF:B0:91:8A:BF:92:6E:0A:21:08:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/843FDF32A52D11795BBFB0918ABF926E0A210870.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/57be8b7c-232f-47e8-9cdd-8817d39b70ea/0/843FDF32A52D11795BBFB0918ABF926E0A210870.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:c2:74:d8:a6:aa:8b:31:a3:20:01:98:ea:b7:68:fb:b8:2c: c3:35:de:0e:a1:bd:df:0c:e2:d5:e5:e4:41:2f:b8:6d:53:f5: e3:e6:7a:6b:a8:41:51:17:94:d8:b1:18:71:1c:b4:bf:50:e4: 12:9a:a8:0e:2c:87:bb:64:0b:d1:24:6b:65:be:db:0e:58:38: fd:ec:e0:cc:af:e9:33:bc:0d:1a:9e:a6:69:51:f3:ce:4d:d3: be:a6:be:47:59:62:d8:e7:e2:e7:a2:63:ee:2e:d8:50:35:27: 5d:bc:72:60:c5:18:13:e3:50:3a:d8:05:2e:70:e9:d6:09:e8: e3:0f:3f:86:5d:5c:cb:23:5c:34:db:e1:5f:f2:4d:c0:ea:54: be:35:f6:b4:0a:bd:8a:41:2b:8b:0a:d0:c6:84:31:28:aa:56: 29:3f:6f:a8:ba:99:98:71:25:db:12:3c:85:f0:19:8c:ae:32: 2c:2b:ad:1e:93:77:aa:88:d8:f8:03:6f:72:66:08:6c:81:cd: 4c:bc:43:d4:65:cb:35:d9:dd:eb:35:2d:ba:cd:ac:49:07:ed: 7e:45:96:cd:00:c5:b3:77:be:10:23:2e:87:96:28:19:d6:70: 66:ae:85:79:58:d6:78:9a:e6:bd:17:ac:16:06:dd:ed:9e:2c: 3f:f1:c7:55 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGChETz0ZvNGqNXSlt6CBcY5VPccwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjkyNkUw QTIxMDg3MDAeFw0yNjAzMjUxNjI3MjdaFw0yNjAzMjgxNzQ0MjdaMDMxMTAvBgNV BAMTKDlFRTU2MjFBRURBODBBOUU3NzEwRjQzM0Q0MjE3OUQ0NzRCRDQ4QzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBd0Sl7DJssNpCDIVkOAn6mS5D UsQ57AQt28FEmS/jur2FuB0Uc9ABje773pR2kZ2I8sMdUaUSJIEFSRxlfVLGFqnB NXWZcBxJZgfsIaQ3Z/jpazaLdEnwTcxzNq+1MSNOH7mCR+ph8hRStUZUmMXqy8UD ELJ+s6ueaRwldIMIsB4W77VaxgHl0MMFUcf40f3Zv+ycQZ6/enHwBFwI7oDMXCMv c6NjtaznuXaLaDwMt1i7dZcnLDOa73YoLucSBnmyzYlcong9N8ikAXA8FVJPRYWq n+OYBH/O8zK2ojg5JrqXEJx9TSmxEdA2ValtQrhjFN+OWyBL45MTnbIW+S47AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUnuViGu2oCp53EPQz1CF51HS9SMUwHwYDVR0j BBgwFoAUhD/fMqUtEXlbv7CRir+SbgohCHAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 N2JlOGI3Yy0yMzJmLTQ3ZTgtOWNkZC04ODE3ZDM5YjcwZWEvMC84NDNGREYzMkE1 MkQxMTc5NUJCRkIwOTE4QUJGOTI2RTBBMjEwODcwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjkyNkUwQTIx MDg3MC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTdiZThiN2MtMjMyZi00N2U4LTlj ZGQtODgxN2QzOWI3MGVhLzAvODQzRkRGMzJBNTJEMTE3OTVCQkZCMDkxOEFCRjky NkUwQTIxMDg3MC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAnCdNimqosxoyABmOq3aPu4LMM13g6hvd8M 4tXl5EEvuG1T9ePmemuoQVEXlNixGHEctL9Q5BKaqA4sh7tkC9Eka2W+2w5YOP3s 4Myv6TO8DRqepmlR885N076mvkdZYtjn4ueiY+4u2FA1J128cmDFGBPjUDrYBS5w 6dYJ6OMPP4ZdXMsjXDTb4V/yTcDqVL419rQKvYpBK4sK0MaEMSiqVik/b6i6mZhx JdsSPIXwGYyuMiwrrR6Td6qI2PgDb3JmCGyBzUy8Q9RlyzXZ3es1LbrNrEkH7X5F ls0AxbN3vhAjLoeWKBnWcGauhXlY1nia5r0XrBYG3e2eLD/xx1U= -----END CERTIFICATE-----Generated at Thu Mar 26 12:06:25 2026 by rpki-client