$ rpki-client -vvf repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft File: 85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft (raw, json) Hash identifier: rfbCr6CJGgvY83l7TYjzOk9+68KD9Rk+EcRNE6RZwq4= Subject key identifier: 63:C5:43:5E:FE:2C:52:DC:E7:2C:19:8F:A6:93:DF:37:52:54:8F:1C Authority key identifier: 85:E8:DE:B3:87:42:E3:90:C7:BF:B3:4B:1E:4A:BA:C3:1D:33:7A:C3 Certificate issuer: /CN=85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3 Certificate serial: 7431A6B448D072473A21D42382AF359A00E2705A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft Manifest number: 02F4 Signing time: Wed 25 Mar 2026 09:21:47 +0000 Manifest this update: Wed 25 Mar 2026 09:16:47 +0000 Manifest next update: Sat 28 Mar 2026 11:58:47 +0000 Files and hashes: 1: 85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl (hash: FLkb4KEk/yas/H4I0BOYV5YwG945bzhuve4mzsWIr20=) 2: 3130332e3137382e3137342e302f32332d3234203d3e20313337333331.roa (hash: gonve5wIJ3O85bDiwHHm2xjnNdsU9xH6JAbxD3Ax5a8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 11:58:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:31:a6:b4:48:d0:72:47:3a:21:d4:23:82:af:35:9a:00:e2:70:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3 Validity Not Before: Mar 25 09:16:47 2026 GMT Not After : Mar 28 11:58:47 2026 GMT Subject: CN=63C5435EFE2C52DCE72C198FA693DF3752548F1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:3d:eb:e0:8d:6d:4e:3a:ca:fd:e3:c5:0b:56: ae:ef:95:77:eb:9a:e6:4f:d3:94:fa:74:eb:33:b6: f4:89:a0:25:e0:ea:96:ed:5d:0a:a7:06:a4:d2:61: d3:3d:23:3d:d0:b2:9a:a5:f1:64:e3:2d:e9:04:54: 34:47:46:32:1d:4e:19:09:d4:d4:26:8b:4c:90:59: 20:89:eb:22:b1:20:0c:cd:e1:d8:08:24:7b:28:8b: 3d:87:5e:cd:38:8c:60:30:03:1c:61:93:11:63:c4: c2:79:1b:f1:cd:c1:15:3c:45:4a:98:33:e7:8d:99: d0:c3:5f:7f:f0:71:8f:88:8f:f3:90:93:6e:f1:2b: 2a:1f:cd:85:cd:8b:8c:73:62:a6:21:74:80:64:3d: 81:45:5f:8b:b9:c0:e0:e4:b2:40:7a:7e:de:d1:d5: 63:c9:bd:5d:53:10:67:71:c0:09:b0:fe:e3:a1:9a: 1f:e2:62:51:af:62:f9:a5:ca:a3:dc:87:33:45:94: 2f:d3:c8:0f:d5:1f:45:79:d1:da:00:b4:fd:6d:2a: 54:97:0e:f1:0b:81:31:d7:ab:2b:2e:b4:e1:8f:6c: 05:61:60:55:54:c1:42:e0:f6:c7:24:e0:b9:01:46: 37:1a:5e:0b:b6:df:20:b0:e4:03:a4:4d:66:e3:c2: 67:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:C5:43:5E:FE:2C:52:DC:E7:2C:19:8F:A6:93:DF:37:52:54:8F:1C X509v3 Authority Key Identifier: keyid:85:E8:DE:B3:87:42:E3:90:C7:BF:B3:4B:1E:4A:BA:C3:1D:33:7A:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:8d:a0:c1:71:02:e5:a9:f0:64:d9:a4:84:91:af:9f:21:a5: 41:f0:d7:3e:c3:3e:6f:24:89:32:25:0d:52:a8:1b:a6:1d:64: 83:c5:e0:1e:07:01:a9:65:0d:54:1b:4a:a8:87:0c:f8:8e:ce: 0e:f1:a5:e0:cb:29:4d:bc:f0:c2:5d:68:f4:60:fd:aa:7c:2f: ae:c3:d4:e8:5e:68:5f:30:ae:f3:16:38:19:67:f9:1b:ff:ef: 86:8d:73:c2:a8:29:2b:05:06:93:6a:1b:c4:c8:cf:c7:a1:b0: 05:f3:4a:d5:8a:a8:b9:6a:60:c1:0d:9f:30:1f:e9:da:c8:02: 3c:00:cc:4c:e9:8e:d8:a4:a9:90:8c:e5:4e:f4:b1:d0:7a:94: 09:52:51:a9:d8:34:f3:96:0d:3e:4a:7b:2a:6d:61:d4:a1:cc: 8c:e3:fa:24:8a:1d:bb:87:34:13:8d:ef:3a:bb:86:dd:ef:26: 98:a3:68:39:cd:fd:e4:6a:70:0d:7c:3f:70:72:3d:08:cb:20: 1f:63:24:42:6d:48:78:d3:7a:95:de:1c:17:28:f1:46:28:56: 0f:3b:d7:26:27:eb:1c:33:f1:71:e5:d4:c3:44:12:6d:e5:71: 3b:63:f5:7a:35:56:7d:02:3c:48:50:94:a4:9d:31:b2:1e:89: 0d:7b:d7:eb -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUdDGmtEjQckc6IdQjgq81mgDicFowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJBQzMx RDMzN0FDMzAeFw0yNjAzMjUwOTE2NDdaFw0yNjAzMjgxMTU4NDdaMDMxMTAvBgNV BAMTKDYzQzU0MzVFRkUyQzUyRENFNzJDMTk4RkE2OTNERjM3NTI1NDhGMUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxPevgjW1OOsr948ULVq7vlXfr muZP05T6dOsztvSJoCXg6pbtXQqnBqTSYdM9Iz3Qspql8WTjLekEVDRHRjIdThkJ 1NQmi0yQWSCJ6yKxIAzN4dgIJHsoiz2HXs04jGAwAxxhkxFjxMJ5G/HNwRU8RUqY M+eNmdDDX3/wcY+Ij/OQk27xKyofzYXNi4xzYqYhdIBkPYFFX4u5wODkskB6ft7R 1WPJvV1TEGdxwAmw/uOhmh/iYlGvYvmlyqPchzNFlC/TyA/VH0V50doAtP1tKlSX DvELgTHXqysutOGPbAVhYFVUwULg9sck4LkBRjcaXgu23yCw5AOkTWbjwmc5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUY8VDXv4sUtznLBmPppPfN1JUjxwwHwYDVR0j BBgwFoAUhejes4dC45DHv7NLHkq6wx0zesMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 ZDdmOWVmNC1mOTlmLTQ0ZmYtYjk2OC03MGQ0NTI0ZDcyMDcvMC84NUU4REVCMzg3 NDJFMzkwQzdCRkIzNEIxRTRBQkFDMzFEMzM3QUMzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJBQzMxRDMz N0FDMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNmQ3ZjllZjQtZjk5Zi00NGZmLWI5 NjgtNzBkNDUyNGQ3MjA3LzAvODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJB QzMxRDMzN0FDMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGmNoMFxAuWp8GTZpISRr58hpUHw1z7DPm8k iTIlDVKoG6YdZIPF4B4HAallDVQbSqiHDPiOzg7xpeDLKU288MJdaPRg/ap8L67D 1OheaF8wrvMWOBln+Rv/74aNc8KoKSsFBpNqG8TIz8ehsAXzStWKqLlqYMENnzAf 6drIAjwAzEzpjtikqZCM5U70sdB6lAlSUanYNPOWDT5KeyptYdShzIzj+iSKHbuH NBON7zq7ht3vJpijaDnN/eRqcA18P3ByPQjLIB9jJEJtSHjTepXeHBco8UYoVg87 1yYn6xwz8XHl1MNEEm3lcTtj9Xo1Vn0CPEhQlKSdMbIeiQ171+s= -----END CERTIFICATE-----Generated at Thu Mar 26 23:06:15 2026 by rpki-client