$ rpki-client -vvf repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.mft File: 428173DF58B0C16D8FB92F81F342D6017FB0CECA.mft (raw, json) Hash identifier: W8Gw9HU8GdDgw8kGPlth/jUasIQANCGN86cHrc6n7yc= Subject key identifier: 9D:37:1E:03:B8:83:EF:62:50:2B:BE:21:7E:A6:34:05:20:56:82:A2 Authority key identifier: 42:81:73:DF:58:B0:C1:6D:8F:B9:2F:81:F3:42:D6:01:7F:B0:CE:CA Certificate issuer: /CN=428173DF58B0C16D8FB92F81F342D6017FB0CECA Certificate serial: 3C564966DBE4687975D33A8F03BC19C29C4932F7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428173DF58B0C16D8FB92F81F342D6017FB0CECA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.mft Manifest number: 0233 Signing time: Wed 25 Mar 2026 00:31:31 +0000 Manifest this update: Wed 25 Mar 2026 00:26:31 +0000 Manifest next update: Sat 28 Mar 2026 11:22:31 +0000 Files and hashes: 1: 3130332e3139312e33392e302f32342d3234203d3e20313439393233.roa (hash: Hm8P4hacYfkZNd8sZfNbLj4+ngt9DzF5s+/x8t3BFqA=) 2: 428173DF58B0C16D8FB92F81F342D6017FB0CECA.crl (hash: LL7b3ghPgDskwyaBsgk4NbMHeE03aU7o8JA4PnyUZMs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.crl rsync://repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428173DF58B0C16D8FB92F81F342D6017FB0CECA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 11:22:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:56:49:66:db:e4:68:79:75:d3:3a:8f:03:bc:19:c2:9c:49:32:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428173DF58B0C16D8FB92F81F342D6017FB0CECA Validity Not Before: Mar 25 00:26:31 2026 GMT Not After : Mar 28 11:22:31 2026 GMT Subject: CN=9D371E03B883EF62502BBE217EA63405205682A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:13:19:dd:47:1a:87:79:e0:ce:ca:a9:df:d3: 4a:13:6a:50:a5:37:3e:60:6b:82:69:93:a5:14:5d: cd:eb:f9:65:d2:38:b3:48:3b:df:1d:38:06:c7:bb: b6:89:7e:20:f5:23:23:5f:52:91:b6:c8:9d:11:4f: d4:94:74:12:94:b1:2f:af:ec:0d:1f:1e:51:8a:60: 1a:ae:b8:fe:2d:b4:d1:6f:4e:c6:6e:d8:67:e9:a5: 65:0f:2a:97:31:ea:d4:be:74:c3:22:93:aa:dc:76: 4d:65:72:33:4e:6d:15:de:ba:54:25:43:f8:d4:37: e1:1a:36:f9:6d:0d:ab:2b:a7:5b:9c:86:3b:6e:94: 5b:c4:cd:ff:96:d8:9a:be:6c:22:2c:d4:a4:8d:d3: da:d2:69:a6:bc:4b:f7:0d:61:9a:8a:9a:58:e9:d7: b8:d2:ae:cb:d6:50:57:2b:eb:fd:21:31:1a:0e:f3: c6:8b:a7:b2:b0:79:bf:c0:6d:04:c1:3c:7d:2e:51: 95:55:36:15:c1:10:c8:5a:5e:a9:d7:30:a0:57:7a: 24:43:9b:52:b7:0f:34:c1:9b:a7:7d:ab:ba:18:70: 89:8f:63:d3:0b:bf:d8:3d:60:e3:89:e6:07:8d:6d: 5e:1b:da:0a:27:c6:c4:d4:87:bd:e3:a5:51:8c:00: 45:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:37:1E:03:B8:83:EF:62:50:2B:BE:21:7E:A6:34:05:20:56:82:A2 X509v3 Authority Key Identifier: keyid:42:81:73:DF:58:B0:C1:6D:8F:B9:2F:81:F3:42:D6:01:7F:B0:CE:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/428173DF58B0C16D8FB92F81F342D6017FB0CECA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/65f84278-e06d-4119-ba44-5c32968a8bbd/0/428173DF58B0C16D8FB92F81F342D6017FB0CECA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:3c:13:1e:f5:f8:9b:c8:ba:68:f6:0e:81:86:c3:cf:1c:38: d0:31:98:3a:29:66:5e:b3:4b:0b:6b:16:86:96:8e:98:a2:33: c7:68:e6:bb:77:b3:cc:42:6e:f7:fe:4c:d3:11:c0:fa:e4:c4: eb:6e:36:36:ac:98:ba:0a:fa:84:b1:da:e6:4f:8a:bd:bd:23: 95:29:3a:19:40:f0:d8:4f:83:a7:3b:94:0f:c1:16:8f:a7:45: 0c:4d:02:66:5d:f9:06:6d:43:9c:3d:bd:2c:f3:23:12:fe:ad: c5:00:3f:0c:a2:cd:5f:9e:90:25:06:6c:63:e5:c0:2a:22:52: 44:aa:c8:df:54:26:d1:8a:e3:f4:5b:b8:1a:d7:9e:c3:db:49: 91:9d:88:d4:89:1c:96:1e:bc:6d:4b:dd:0d:ce:77:74:23:f4: d1:58:73:a0:0b:ad:f6:13:06:fb:64:ac:69:2c:ac:83:4a:84: ea:e9:2e:f7:ce:1f:2d:aa:17:30:3d:e5:75:94:f1:26:63:d2: 0f:75:fc:6d:08:c7:b5:27:99:5b:8a:38:37:b4:3a:fc:7b:37: 0f:01:e6:9e:f7:92:73:8e:94:e3:34:b1:58:e7:50:85:55:f1: e9:28:85:04:a9:a6:8f:f3:cd:0b:71:e0:a4:e2:22:3c:99:f4: 03:72:3f:cb -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPFZJZtvkaHl10zqPA7wZwpxJMvcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI4MTczREY1OEIwQzE2RDhGQjkyRjgxRjM0MkQ2MDE3 RkIwQ0VDQTAeFw0yNjAzMjUwMDI2MzFaFw0yNjAzMjgxMTIyMzFaMDMxMTAvBgNV BAMTKDlEMzcxRTAzQjg4M0VGNjI1MDJCQkUyMTdFQTYzNDA1MjA1NjgyQTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnExndRxqHeeDOyqnf00oTalCl Nz5ga4Jpk6UUXc3r+WXSOLNIO98dOAbHu7aJfiD1IyNfUpG2yJ0RT9SUdBKUsS+v 7A0fHlGKYBquuP4ttNFvTsZu2GfppWUPKpcx6tS+dMMik6rcdk1lcjNObRXeulQl Q/jUN+EaNvltDasrp1uchjtulFvEzf+W2Jq+bCIs1KSN09rSaaa8S/cNYZqKmljp 17jSrsvWUFcr6/0hMRoO88aLp7Kweb/AbQTBPH0uUZVVNhXBEMhaXqnXMKBXeiRD m1K3DzTBm6d9q7oYcImPY9MLv9g9YOOJ5geNbV4b2gonxsTUh73jpVGMAEV3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUnTceA7iD72JQK74hfqY0BSBWgqIwHwYDVR0j BBgwFoAUQoFz31iwwW2PuS+B80LWAX+wzsowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 NWY4NDI3OC1lMDZkLTQxMTktYmE0NC01YzMyOTY4YThiYmQvMC80MjgxNzNERjU4 QjBDMTZEOEZCOTJGODFGMzQyRDYwMTdGQjBDRUNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDI4MTczREY1OEIwQzE2RDhGQjkyRjgxRjM0MkQ2MDE3RkIw Q0VDQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNjVmODQyNzgtZTA2ZC00MTE5LWJh NDQtNWMzMjk2OGE4YmJkLzAvNDI4MTczREY1OEIwQzE2RDhGQjkyRjgxRjM0MkQ2 MDE3RkIwQ0VDQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGE8Ex71+JvIumj2DoGGw88cONAxmDopZl6z SwtrFoaWjpiiM8do5rt3s8xCbvf+TNMRwPrkxOtuNjasmLoK+oSx2uZPir29I5Up OhlA8NhPg6c7lA/BFo+nRQxNAmZd+QZtQ5w9vSzzIxL+rcUAPwyizV+ekCUGbGPl wCoiUkSqyN9UJtGK4/RbuBrXnsPbSZGdiNSJHJYevG1L3Q3Od3Qj9NFYc6ALrfYT BvtkrGksrINKhOrpLvfOHy2qFzA95XWU8SZj0g91/G0Ix7UnmVuKODe0Ovx7Nw8B 5p73knOOlOM0sVjnUIVV8ekohQSppo/zzQtx4KTiIjyZ9ANyP8s= -----END CERTIFICATE-----Generated at Thu Mar 26 11:30:27 2026 by rpki-client