$ rpki-client -vvf repo-rpki.idnic.net/repo/61e44665-e846-455b-aa1a-d5ab07deedf3/0/9D21366ED4E3738A5F50E524109806C98D710BD3.mft File: 9D21366ED4E3738A5F50E524109806C98D710BD3.mft (raw, json) Hash identifier: 8ABP9naKFAvKDssKUGPB6dAGwNZ0kSiUHLq8D4GYnYk= Subject key identifier: B7:A2:F6:6F:1A:BF:82:AE:99:FF:A5:AF:67:4C:10:5A:4A:83:D7:A4 Authority key identifier: 9D:21:36:6E:D4:E3:73:8A:5F:50:E5:24:10:98:06:C9:8D:71:0B:D3 Certificate issuer: /CN=9D21366ED4E3738A5F50E524109806C98D710BD3 Certificate serial: 177F9BB3E1119B6FB5D6E655728A4B0E0B666584 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/9D21366ED4E3738A5F50E524109806C98D710BD3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/61e44665-e846-455b-aa1a-d5ab07deedf3/0/9D21366ED4E3738A5F50E524109806C98D710BD3.mft Manifest number: 0108 Signing time: Tue 24 Mar 2026 16:20:00 +0000 Manifest this update: Tue 24 Mar 2026 16:15:00 +0000 Manifest next update: Sat 28 Mar 2026 00:42:00 +0000 Files and hashes: 1: 9D21366ED4E3738A5F50E524109806C98D710BD3.crl (hash: WdpfAr9lBv7SgCnJAl3hyHSuX9q5EflPTQ8COUsbM/U=) 2: 3136302e32352e3131382e302f32332d3234203d3e20313533303936.roa (hash: TUzFMsEIFjmnDLri6vPKTFWHWFqmADC1pDUr5mNeK+o=) 3: 3136302e32352e3131392e302f32342d3234203d3e20313533303936.roa (hash: l9ERQS2lY9vY7cqdtac+IvPm2s0vxFEvQIVHJEks1Zc=) 4: 3136302e32352e3131382e302f32342d3234203d3e20313533303936.roa (hash: Nzl8vY9SfxTMTS+PrIiEnPNs8vGKrloce/myFfDThWk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/61e44665-e846-455b-aa1a-d5ab07deedf3/0/9D21366ED4E3738A5F50E524109806C98D710BD3.crl rsync://repo-rpki.idnic.net/repo/61e44665-e846-455b-aa1a-d5ab07deedf3/0/9D21366ED4E3738A5F50E524109806C98D710BD3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/9D21366ED4E3738A5F50E524109806C98D710BD3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 00:42:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:7f:9b:b3:e1:11:9b:6f:b5:d6:e6:55:72:8a:4b:0e:0b:66:65:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9D21366ED4E3738A5F50E524109806C98D710BD3 Validity Not Before: Mar 24 16:15:00 2026 GMT Not After : Mar 28 00:42:00 2026 GMT Subject: CN=B7A2F66F1ABF82AE99FFA5AF674C105A4A83D7A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:43:df:d6:cc:d9:12:d5:c4:9c:f1:66:fc:74: 26:70:33:9a:83:f6:f3:f3:42:67:b5:11:75:ba:09: 24:cf:93:a5:d0:58:bd:cb:fd:1d:a1:c9:10:9f:a1: eb:50:57:56:46:c5:dc:2c:b2:94:a2:c9:62:44:e0: 5d:07:2a:85:ba:0a:18:4e:5d:ee:b3:73:c1:ce:f2: 89:f8:fb:d0:92:4e:13:d0:10:ef:c2:68:fb:91:b6: 94:0b:a9:19:3d:fe:04:18:e5:0a:f1:c6:01:19:a9: 1a:5c:e5:eb:2b:5f:fc:c6:41:70:57:35:00:04:8f: 1d:b7:5b:37:e4:6c:6d:ba:83:ec:e8:50:b3:6f:30: d7:e3:fd:95:9a:34:16:89:81:b2:ee:12:9c:5c:95: 53:5b:ec:50:b3:85:b9:36:3d:ab:5d:73:67:04:22: ee:e5:4e:8f:1e:64:56:00:ec:58:ba:93:37:f3:5e: 4a:a2:01:ba:a0:40:fc:ac:50:e5:27:7c:ea:34:5b: f7:ce:dc:bd:45:28:79:fa:25:2e:ba:7f:8a:38:0c: 89:2e:6f:a4:84:a1:7b:4f:97:aa:4b:17:7e:d2:21: 3a:6f:40:b0:f5:57:71:ca:e8:73:35:a9:3f:93:15: 0e:a8:d4:b0:f4:69:d0:c7:0c:0c:b7:15:91:8d:05: 2e:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:A2:F6:6F:1A:BF:82:AE:99:FF:A5:AF:67:4C:10:5A:4A:83:D7:A4 X509v3 Authority Key Identifier: keyid:9D:21:36:6E:D4:E3:73:8A:5F:50:E5:24:10:98:06:C9:8D:71:0B:D3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/61e44665-e846-455b-aa1a-d5ab07deedf3/0/9D21366ED4E3738A5F50E524109806C98D710BD3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/9D21366ED4E3738A5F50E524109806C98D710BD3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/61e44665-e846-455b-aa1a-d5ab07deedf3/0/9D21366ED4E3738A5F50E524109806C98D710BD3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:34:6d:1a:8e:43:c7:cd:02:c9:4f:8d:cd:f5:4a:07:9e:1d: ac:16:01:55:72:fa:5c:ff:89:98:8e:b6:b1:b5:09:50:44:c1: 62:d5:d0:c3:5a:62:4b:a0:67:e8:ec:d6:96:f3:3a:1d:2c:04: 14:4a:4f:40:ef:b9:ba:2d:6d:fe:48:8d:87:84:d4:06:50:da: a4:6d:22:dd:6a:f4:2f:d4:b1:a5:c6:1b:0d:30:9d:d8:ba:f3: 48:d4:3d:bd:a6:62:32:32:93:84:cb:6a:34:4a:31:97:e2:97: 16:13:6f:8b:5c:18:66:cd:2e:43:53:c7:72:15:22:29:7d:9e: 59:4b:95:0b:c9:88:83:a7:d9:f6:93:64:0a:17:97:1f:37:f7: a8:a6:ab:26:58:35:19:bf:2a:88:8b:06:a9:73:50:ab:e6:77: 8a:d2:04:a4:09:78:87:71:10:a4:00:61:dc:8f:ba:f9:da:04: 34:34:9a:36:39:d8:72:cc:a2:78:58:10:cb:aa:d0:bd:1b:29: cc:8d:f4:3e:3a:5b:e0:3d:c4:c6:90:1c:37:0d:ab:c2:0d:b9: 51:f1:b3:18:d6:53:34:7b:1a:d0:b6:ce:c4:3e:ca:53:fb:85: 3c:41:48:41:27:af:f3:eb:e4:77:e2:8c:be:a7:0d:e9:44:36: fb:81:57:f3 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUF3+bs+ERm2+11uZVcopLDgtmZYQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUQyMTM2NkVENEUzNzM4QTVGNTBFNTI0MTA5ODA2Qzk4 RDcxMEJEMzAeFw0yNjAzMjQxNjE1MDBaFw0yNjAzMjgwMDQyMDBaMDMxMTAvBgNV BAMTKEI3QTJGNjZGMUFCRjgyQUU5OUZGQTVBRjY3NEMxMDVBNEE4M0Q3QTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjQ9/WzNkS1cSc8Wb8dCZwM5qD 9vPzQme1EXW6CSTPk6XQWL3L/R2hyRCfoetQV1ZGxdwsspSiyWJE4F0HKoW6ChhO Xe6zc8HO8on4+9CSThPQEO/CaPuRtpQLqRk9/gQY5QrxxgEZqRpc5esrX/zGQXBX NQAEjx23WzfkbG26g+zoULNvMNfj/ZWaNBaJgbLuEpxclVNb7FCzhbk2Patdc2cE Iu7lTo8eZFYA7Fi6kzfzXkqiAbqgQPysUOUnfOo0W/fO3L1FKHn6JS66f4o4DIku b6SEoXtPl6pLF37SITpvQLD1V3HK6HM1qT+TFQ6o1LD0adDHDAy3FZGNBS4lAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUt6L2bxq/gq6Z/6WvZ0wQWkqD16QwHwYDVR0j BBgwFoAUnSE2btTjc4pfUOUkEJgGyY1xC9MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 MWU0NDY2NS1lODQ2LTQ1NWItYWExYS1kNWFiMDdkZWVkZjMvMC85RDIxMzY2RUQ0 RTM3MzhBNUY1MEU1MjQxMDk4MDZDOThENzEwQkQzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvOUQyMTM2NkVENEUzNzM4QTVGNTBFNTI0MTA5ODA2Qzk4RDcx MEJEMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNjFlNDQ2NjUtZTg0Ni00NTViLWFh MWEtZDVhYjA3ZGVlZGYzLzAvOUQyMTM2NkVENEUzNzM4QTVGNTBFNTI0MTA5ODA2 Qzk4RDcxMEJEMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACE0bRqOQ8fNAslPjc31SgeeHawWAVVy+lz/ iZiOtrG1CVBEwWLV0MNaYkugZ+js1pbzOh0sBBRKT0Dvubotbf5IjYeE1AZQ2qRt It1q9C/UsaXGGw0wndi680jUPb2mYjIyk4TLajRKMZfilxYTb4tcGGbNLkNTx3IV Iil9nllLlQvJiIOn2faTZAoXlx8396imqyZYNRm/KoiLBqlzUKvmd4rSBKQJeIdx EKQAYdyPuvnaBDQ0mjY52HLMonhYEMuq0L0bKcyN9D46W+A9xMaQHDcNq8INuVHx sxjWUzR7GtC2zsQ+ylP7hTxBSEEnr/Pr5HfijL6nDelENvuBV/M= -----END CERTIFICATE-----Generated at Thu Mar 26 23:52:04 2026 by rpki-client