$ rpki-client -vvf repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft File: D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft (raw, json) Hash identifier: 8n+W+ik3PX8I1dtReye02ae2kVXqat8fJMqlOVbr1i8= Subject key identifier: 38:EB:B1:39:16:EC:A3:FD:AC:72:7E:38:20:FF:DD:FA:B4:86:3D:0C Authority key identifier: D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 Certificate issuer: /CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Certificate serial: 17049682673DE02D7A70EC2859F88B12F12F2561 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft Manifest number: E0 Signing time: Thu 26 Mar 2026 15:50:02 +0000 Manifest this update: Thu 26 Mar 2026 15:45:02 +0000 Manifest next update: Sun 29 Mar 2026 23:08:02 +0000 Files and hashes: 1: D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl (hash: B+ZswEHnGfCL8ZUOo2GxbSJXpRmspymLVuHQAenwHic=) 2: 3136302e32322e3138372e302f32342d3234203d3e20313532383233.roa (hash: hp0FWXodRjkZ1xCt3tnFlPQ3FclJlDZduoZ/rI+jC6E=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 23:08:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:04:96:82:67:3d:e0:2d:7a:70:ec:28:59:f8:8b:12:f1:2f:25:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Validity Not Before: Mar 26 15:45:02 2026 GMT Not After : Mar 29 23:08:02 2026 GMT Subject: CN=38EBB13916ECA3FDAC727E3820FFDDFAB4863D0C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:eb:d0:e9:36:03:1d:79:b2:bb:32:36:48:55: c2:d6:a5:4c:e5:ab:6a:82:81:d9:fb:5a:1c:83:76: f5:6b:02:36:91:cb:05:10:c1:50:96:87:e1:65:86: df:90:04:8c:01:eb:e7:2c:5f:e3:a9:40:38:56:73: 1b:82:e2:31:e5:08:c2:57:1f:d5:88:27:e6:ff:f7: 4d:82:6c:95:f2:20:94:b4:09:a2:85:4e:82:8d:84: 5b:eb:fa:71:fa:53:3b:1b:9b:41:8b:d9:b8:76:3b: 26:e4:ad:2a:be:7d:29:1d:fc:68:b8:cf:97:72:af: 05:4c:7d:36:d1:6e:b4:83:bb:50:d7:09:3b:8b:48: 65:b1:eb:fb:3a:ec:be:5f:46:7c:32:56:86:d0:17: 28:07:52:96:dd:f9:90:4f:3e:2a:45:c6:57:b8:51: 55:95:83:46:63:14:bd:cc:06:3d:b4:40:3d:fc:35: 76:47:d3:d4:7b:9c:3a:97:8f:c3:47:83:c7:d3:a2: 52:6e:c1:60:31:03:6d:7e:51:f3:3f:5b:37:4c:ce: 07:2e:45:ea:1d:bc:d0:13:4e:74:0e:46:f1:97:ee: 75:d8:8f:9c:89:9d:6f:b1:f6:3e:70:8e:61:07:7d: 79:45:2e:21:a4:47:48:fa:f8:13:81:4f:c7:94:8c: 27:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:EB:B1:39:16:EC:A3:FD:AC:72:7E:38:20:FF:DD:FA:B4:86:3D:0C X509v3 Authority Key Identifier: keyid:D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:e6:9c:f3:0b:0b:e5:a9:dd:38:08:d4:3c:33:45:5b:e4:66: bf:cc:ff:70:58:62:f4:fa:08:6e:ae:65:e0:c7:90:ec:ca:66: c8:83:9c:e7:89:5a:d4:80:6b:8e:76:cd:b1:fa:de:88:84:5f: 60:6f:54:b3:68:22:90:e1:be:4e:d3:9b:6c:97:f0:9f:42:b7: 5a:af:e1:e8:50:b2:48:3a:84:91:fd:29:97:8a:fb:e8:82:e1: 80:9f:4a:b2:bb:c1:73:3a:56:b3:50:42:69:74:81:64:c2:fc: 01:49:0f:e7:6c:68:ef:de:5e:f4:08:4e:9e:80:8a:ec:92:2e: 3a:8b:97:9e:5e:99:dc:4d:fa:56:15:20:16:64:1b:44:d1:4f: af:8e:2b:cb:7c:47:49:ca:35:ec:ec:d8:b2:58:ba:8d:d1:e6: 8f:e9:4c:76:6a:13:58:88:76:ea:fd:19:b2:9f:47:91:c9:f8: b8:89:5c:63:ce:6b:90:c1:f4:94:9d:03:22:10:90:21:64:ae: a1:53:6a:b4:4e:22:3d:6c:50:23:a6:41:10:dc:cd:2e:b2:95: 09:de:68:82:1e:d4:ca:45:7f:eb:8c:b7:04:ee:05:98:2d:12: ad:f3:90:e4:78:46:73:9c:86:8d:6c:22:c3:a2:73:45:c5:21: 8d:c7:a5:ed -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFwSWgmc94C16cOwoWfiLEvEvJWEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZDMzJC NEZBMjhGMDAeFw0yNjAzMjYxNTQ1MDJaFw0yNjAzMjkyMzA4MDJaMDMxMTAvBgNV BAMTKDM4RUJCMTM5MTZFQ0EzRkRBQzcyN0UzODIwRkZEREZBQjQ4NjNEMEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK69DpNgMdebK7MjZIVcLWpUzl q2qCgdn7WhyDdvVrAjaRywUQwVCWh+Flht+QBIwB6+csX+OpQDhWcxuC4jHlCMJX H9WIJ+b/902CbJXyIJS0CaKFToKNhFvr+nH6Uzsbm0GL2bh2OybkrSq+fSkd/Gi4 z5dyrwVMfTbRbrSDu1DXCTuLSGWx6/s67L5fRnwyVobQFygHUpbd+ZBPPipFxle4 UVWVg0ZjFL3MBj20QD38NXZH09R7nDqXj8NHg8fTolJuwWAxA21+UfM/WzdMzgcu ReodvNATTnQORvGX7nXYj5yJnW+x9j5wjmEHfXlFLiGkR0j6+BOBT8eUjCdlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUOOuxORbso/2scn44IP/d+rSGPQwwHwYDVR0j BBgwFoAU07Ddu44H/NmKOZyQxbP8MrT6KPAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 ZDlmOThmMy03MmYwLTQwMDYtYmU5OS1iOWE5ZThkOWQyYmYvMC9EM0IwRERCQjhF MDdGQ0Q5OEEzOTlDOTBDNUIzRkMzMkI0RkEyOEYwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZDMzJCNEZB MjhGMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vN2Q5Zjk4ZjMtNzJmMC00MDA2LWJl OTktYjlhOWU4ZDlkMmJmLzAvRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZD MzJCNEZBMjhGMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKzmnPMLC+Wp3TgI1DwzRVvkZr/M/3BYYvT6 CG6uZeDHkOzKZsiDnOeJWtSAa452zbH63oiEX2BvVLNoIpDhvk7Tm2yX8J9Ct1qv 4ehQskg6hJH9KZeK++iC4YCfSrK7wXM6VrNQQml0gWTC/AFJD+dsaO/eXvQITp6A iuySLjqLl55emdxN+lYVIBZkG0TRT6+OK8t8R0nKNezs2LJYuo3R5o/pTHZqE1iI dur9GbKfR5HJ+LiJXGPOa5DB9JSdAyIQkCFkrqFTarROIj1sUCOmQRDczS6ylQne aIIe1MpFf+uMtwTuBZgtEq3zkOR4RnOcho1sIsOic0XFIY3Hpe0= -----END CERTIFICATE-----Generated at Fri Mar 27 08:16:12 2026 by rpki-client