$ rpki-client -vvf repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft File: D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft (raw, json) Hash identifier: F4JjOuAi53lt1dGX7hiIo1hmYFAwdjbxBmJ2X8aXeO8= Subject key identifier: 87:68:66:50:2D:7F:F3:34:51:6B:D5:1B:9A:BE:CD:00:D1:63:28:D9 Authority key identifier: D9:D0:73:0D:B5:12:95:FE:C5:BD:48:0C:DD:42:B5:E8:51:7C:8F:DB Certificate issuer: /CN=D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB Certificate serial: 5EB85E372C42635540CC0CFBBD95340328F2FAF8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft Manifest number: 028D Signing time: Wed 25 Mar 2026 11:52:14 +0000 Manifest this update: Wed 25 Mar 2026 11:47:14 +0000 Manifest next update: Sat 28 Mar 2026 19:02:14 +0000 Files and hashes: 1: D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl (hash: 1SO0mdmrhsAoAhmGA+JhE+YKrHSk6stHbkoKTsdY2nA=) 2: 3130332e3138332e3235302e302f32332d3234203d3e2034383030.roa (hash: pN4ghT04j5zTe3lEB7yWGrreTGcCSMxjpmVgBxWJn+Y=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 19:02:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:b8:5e:37:2c:42:63:55:40:cc:0c:fb:bd:95:34:03:28:f2:fa:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB Validity Not Before: Mar 25 11:47:14 2026 GMT Not After : Mar 28 19:02:14 2026 GMT Subject: CN=876866502D7FF334516BD51B9ABECD00D16328D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:26:e7:49:0a:b3:54:4e:ab:e7:e5:86:91:8f: 39:ed:22:d6:e3:0e:b1:48:16:8e:5a:d8:d4:b2:cc: 9b:2b:0b:29:40:cb:7d:c9:8f:d4:aa:30:ca:b1:0d: 14:7f:5e:86:44:e5:41:95:44:0b:a9:72:73:79:5f: 61:93:f8:ed:3a:64:dc:ca:e8:0c:12:b5:56:a0:1d: 0f:dc:85:40:35:dc:1d:b0:d0:cd:6b:36:08:09:fc: d5:f3:21:90:e9:da:ff:ed:71:b2:14:6c:76:48:3f: 4e:78:d5:e4:d6:c6:ad:cd:84:40:a9:8b:58:b4:76: bb:4e:6d:61:f1:c0:fd:04:e7:fb:5e:55:16:c3:3a: fa:9e:23:83:38:9a:45:83:73:4c:b3:32:58:2d:97: d8:d4:cc:c0:42:06:8b:73:20:01:79:ce:87:46:74: 7a:fd:d7:34:98:28:c4:28:d4:3b:c1:5e:f7:ae:b5: a8:8c:12:1a:04:71:fc:aa:dd:b0:50:31:85:60:41: aa:9c:04:0b:d9:ea:4e:3e:50:25:99:72:c3:70:a8: 6b:72:15:b0:6b:39:b5:a6:29:9a:22:b3:ff:3d:6f: 1a:6b:0b:ed:d6:bc:aa:58:48:e5:e2:5b:31:4d:a9: 43:ff:e6:a4:ff:01:d8:a2:f8:4e:0d:45:76:2d:be: ae:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:68:66:50:2D:7F:F3:34:51:6B:D5:1B:9A:BE:CD:00:D1:63:28:D9 X509v3 Authority Key Identifier: keyid:D9:D0:73:0D:B5:12:95:FE:C5:BD:48:0C:DD:42:B5:E8:51:7C:8F:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5ae2b8b3-dec8-41cf-a16d-e1171561d725/0/D9D0730DB51295FEC5BD480CDD42B5E8517C8FDB.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:f9:97:43:c8:c6:77:3c:31:47:06:d0:52:6c:08:a0:1d:d6: a1:34:67:1c:6f:fa:62:d9:9a:4b:b4:62:d5:53:b9:44:a2:37: e2:a0:ee:71:26:c7:e7:cb:80:e4:cd:1c:84:22:af:ea:85:ac: ca:41:90:9e:38:5f:69:05:30:fc:ac:74:ac:fb:99:ce:16:c0: 1f:6c:e6:01:39:04:c1:76:80:c4:15:7c:b9:9c:f1:b3:ff:5f: 3f:98:c5:e2:ec:da:96:21:1c:1a:a4:a1:19:0e:6f:e2:be:71: 61:37:68:c4:06:7a:0c:dd:44:2d:bc:11:20:77:d9:12:5c:03: 12:7c:6e:72:27:b9:76:11:c3:59:62:b4:98:66:9d:ce:72:67: c2:a8:d7:b4:ce:fe:71:ec:13:a0:8b:24:c5:2d:c9:5e:8b:3f: a0:da:50:df:ce:22:0a:ff:24:6a:d4:ac:e3:6c:7c:79:ba:4e: 29:64:c0:4e:8b:09:90:53:91:6b:8b:4f:c9:5a:7c:bc:d8:69: 73:fd:1a:67:8e:2f:8b:cf:eb:00:89:cc:3c:03:5e:1f:26:0c: 24:ee:bb:8e:a9:20:d9:ec:36:dc:0e:c6:05:87:8e:1b:50:76: 2e:89:c9:43:ac:52:22:d5:db:79:49:0f:52:a8:cd:da:50:92: a0:a6:b3:43 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXrheNyxCY1VAzAz7vZU0Ayjy+vgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1RTg1 MTdDOEZEQjAeFw0yNjAzMjUxMTQ3MTRaFw0yNjAzMjgxOTAyMTRaMDMxMTAvBgNV BAMTKDg3Njg2NjUwMkQ3RkYzMzQ1MTZCRDUxQjlBQkVDRDAwRDE2MzI4RDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6JudJCrNUTqvn5YaRjzntItbj DrFIFo5a2NSyzJsrCylAy33Jj9SqMMqxDRR/XoZE5UGVRAupcnN5X2GT+O06ZNzK 6AwStVagHQ/chUA13B2w0M1rNggJ/NXzIZDp2v/tcbIUbHZIP0541eTWxq3NhECp i1i0drtObWHxwP0E5/teVRbDOvqeI4M4mkWDc0yzMlgtl9jUzMBCBotzIAF5zodG dHr91zSYKMQo1DvBXveutaiMEhoEcfyq3bBQMYVgQaqcBAvZ6k4+UCWZcsNwqGty FbBrObWmKZois/89bxprC+3WvKpYSOXiWzFNqUP/5qT/Adii+E4NRXYtvq47AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUh2hmUC1/8zRRa9Ubmr7NANFjKNkwHwYDVR0j BBgwFoAU2dBzDbUSlf7FvUgM3UK16FF8j9swDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 YWUyYjhiMy1kZWM4LTQxY2YtYTE2ZC1lMTE3MTU2MWQ3MjUvMC9EOUQwNzMwREI1 MTI5NUZFQzVCRDQ4MENERDQyQjVFODUxN0M4RkRCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1RTg1MTdD OEZEQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWFlMmI4YjMtZGVjOC00MWNmLWEx NmQtZTExNzE1NjFkNzI1LzAvRDlEMDczMERCNTEyOTVGRUM1QkQ0ODBDREQ0MkI1 RTg1MTdDOEZEQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAH75l0PIxnc8MUcG0FJsCKAd1qE0Zxxv+mLZ mku0YtVTuUSiN+Kg7nEmx+fLgOTNHIQir+qFrMpBkJ44X2kFMPysdKz7mc4WwB9s 5gE5BMF2gMQVfLmc8bP/Xz+YxeLs2pYhHBqkoRkOb+K+cWE3aMQGegzdRC28ESB3 2RJcAxJ8bnInuXYRw1litJhmnc5yZ8Ko17TO/nHsE6CLJMUtyV6LP6DaUN/OIgr/ JGrUrONsfHm6TilkwE6LCZBTkWuLT8lafLzYaXP9GmeOL4vP6wCJzDwDXh8mDCTu u46pINnsNtwOxgWHjhtQdi6JyUOsUiLV23lJD1KozdpQkqCms0M= -----END CERTIFICATE-----Generated at Thu Mar 26 14:07:47 2026 by rpki-client