$ rpki-client -vvf repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft File: D4D0F3E6E684847D602FC73758893CE2BB05D399.mft (raw, json) Hash identifier: BfoCTDIak1xhAFlWJkRmHIHvFKed91MsU5YUPtqZtlI= Subject key identifier: 85:0C:CA:BB:8D:6C:36:79:B8:B7:C3:1E:29:BC:5B:CB:F5:1F:1E:BC Authority key identifier: D4:D0:F3:E6:E6:84:84:7D:60:2F:C7:37:58:89:3C:E2:BB:05:D3:99 Certificate issuer: /CN=D4D0F3E6E684847D602FC73758893CE2BB05D399 Certificate serial: 6D14EFA907D7B69FEF95A62C6B12ABC7C68483DA Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer Subject info access: rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft Manifest number: 0203 Signing time: Tue 24 Mar 2026 20:10:51 +0000 Manifest this update: Tue 24 Mar 2026 20:05:51 +0000 Manifest next update: Sat 28 Mar 2026 03:27:51 +0000 Files and hashes: 1: D4D0F3E6E684847D602FC73758893CE2BB05D399.crl (hash: 4VYfXyMEp3ST/9q1ASiGNzngGLjkE7ql0053KM1u7yY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.crl rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 03:27:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:14:ef:a9:07:d7:b6:9f:ef:95:a6:2c:6b:12:ab:c7:c6:84:83:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4D0F3E6E684847D602FC73758893CE2BB05D399 Validity Not Before: Mar 24 20:05:51 2026 GMT Not After : Mar 28 03:27:51 2026 GMT Subject: CN=850CCABB8D6C3679B8B7C31E29BC5BCBF51F1EBC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:72:d5:e3:c2:1a:51:8f:7e:c1:1d:d3:bc:2b: aa:55:80:a2:ff:18:f6:63:1b:b5:f8:9f:03:26:b0: 90:23:7c:29:15:f4:ef:7b:d3:98:35:96:6a:45:c1: db:85:ab:73:98:1d:2d:d3:22:b0:e6:91:93:0f:9d: 1a:c4:9d:89:70:88:c4:58:76:0b:14:4d:e4:9e:26: 55:0c:0b:ca:54:f7:5f:2a:c4:00:a5:50:ed:dc:0e: 15:c2:cc:d3:d4:5d:a8:e1:82:b0:da:27:75:51:88: b0:fc:62:59:d7:9c:f4:0d:b2:3b:3a:bc:38:d3:0e: 19:fa:24:90:0a:f9:e3:0a:2b:bc:65:df:6e:bc:bb: 89:77:9d:8e:6a:79:70:83:1f:e0:e8:27:df:a9:6b: 4c:0d:ff:e2:4d:02:d1:b9:d4:95:69:f5:99:ce:40: b3:96:38:96:a6:e6:94:1c:3f:c0:4e:2b:cf:f2:74: 88:74:c2:fb:1b:19:d9:93:4a:7d:6e:a9:56:c3:3c: 0f:69:04:35:ec:6c:38:bb:1d:ab:f1:24:28:08:c6: 28:dc:a5:fa:56:17:67:55:1e:93:76:09:1a:98:be: 7a:46:68:76:de:20:10:e9:a3:90:a5:0b:7c:00:29: 5b:51:78:9c:94:ff:4f:37:8a:1a:b7:7f:9a:19:39: 72:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:0C:CA:BB:8D:6C:36:79:B8:B7:C3:1E:29:BC:5B:CB:F5:1F:1E:BC X509v3 Authority Key Identifier: keyid:D4:D0:F3:E6:E6:84:84:7D:60:2F:C7:37:58:89:3C:E2:BB:05:D3:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4D0F3E6E684847D602FC73758893CE2BB05D399.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/823530ec-990e-41d7-9d78-b77e20d76bcd/0/D4D0F3E6E684847D602FC73758893CE2BB05D399.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bc:03:ec:d3:82:3c:31:ec:10:f3:6d:11:06:4d:07:35:34:01: 55:76:19:ba:e9:67:92:f8:df:e8:91:ab:da:8d:48:bd:b8:d8: 1a:76:5f:62:12:d0:8c:e9:f2:61:01:e5:e0:1e:9b:6b:19:00: 92:35:9c:c3:48:3a:8c:99:af:e8:94:b6:a6:a7:8d:f6:d6:0e: 5d:4b:91:8e:fe:4b:b7:c5:b4:17:bb:d1:29:3a:c6:93:ab:bb: 09:ed:6c:ba:38:b5:f2:0f:cc:97:86:c9:df:d5:cc:13:68:4e: ea:a3:e0:76:55:c2:c2:f1:4a:e9:03:34:0b:57:ed:16:9c:22: 03:7a:5d:b1:ff:1d:09:9a:c9:b7:fb:62:3d:ba:f1:12:0d:a7: 24:04:65:78:58:e6:3c:b3:0c:ec:f6:f8:a1:00:6a:fa:af:ea: 2c:34:38:20:c3:fc:fc:38:32:e5:17:68:23:58:c4:99:a2:fc: 9b:1a:14:c5:d2:8e:2c:98:92:2b:37:24:11:7e:05:c9:13:cd: f2:0a:e3:18:f0:57:01:7f:0d:b2:4e:34:c2:6a:5f:f7:46:c5: 49:e7:07:89:2b:17:0d:d1:bc:b8:6e:e8:ab:66:a3:bd:cd:da: 82:a4:ed:39:95:2b:48:4f:af:0f:66:f1:25:07:16:ac:12:40: de:a4:39:a7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUbRTvqQfXtp/vlaYsaxKrx8aEg9owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTNDRTJC QjA1RDM5OTAeFw0yNjAzMjQyMDA1NTFaFw0yNjAzMjgwMzI3NTFaMDMxMTAvBgNV BAMTKDg1MENDQUJCOEQ2QzM2NzlCOEI3QzMxRTI5QkM1QkNCRjUxRjFFQkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkctXjwhpRj37BHdO8K6pVgKL/ GPZjG7X4nwMmsJAjfCkV9O9705g1lmpFwduFq3OYHS3TIrDmkZMPnRrEnYlwiMRY dgsUTeSeJlUMC8pU918qxAClUO3cDhXCzNPUXajhgrDaJ3VRiLD8YlnXnPQNsjs6 vDjTDhn6JJAK+eMKK7xl3268u4l3nY5qeXCDH+DoJ9+pa0wN/+JNAtG51JVp9ZnO QLOWOJam5pQcP8BOK8/ydIh0wvsbGdmTSn1uqVbDPA9pBDXsbDi7HavxJCgIxijc pfpWF2dVHpN2CRqYvnpGaHbeIBDpo5ClC3wAKVtReJyU/083ihq3f5oZOXLlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUhQzKu41sNnm4t8MeKbxby/UfHrwwHwYDVR0j BBgwFoAU1NDz5uaEhH1gL8c3WIk84rsF05kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 MjM1MzBlYy05OTBlLTQxZDctOWQ3OC1iNzdlMjBkNzZiY2QvMC9ENEQwRjNFNkU2 ODQ4NDdENjAyRkM3Mzc1ODg5M0NFMkJCMDVEMzk5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTNDRTJCQjA1 RDM5OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODIzNTMwZWMtOTkwZS00MWQ3LTlk NzgtYjc3ZTIwZDc2YmNkLzAvRDREMEYzRTZFNjg0ODQ3RDYwMkZDNzM3NTg4OTND RTJCQjA1RDM5OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALwD7NOCPDHsEPNtEQZNBzU0AVV2GbrpZ5L4 3+iRq9qNSL242Bp2X2IS0Izp8mEB5eAem2sZAJI1nMNIOoyZr+iUtqanjfbWDl1L kY7+S7fFtBe70Sk6xpOruwntbLo4tfIPzJeGyd/VzBNoTuqj4HZVwsLxSukDNAtX 7RacIgN6XbH/HQmaybf7Yj268RINpyQEZXhY5jyzDOz2+KEAavqv6iw0OCDD/Pw4 MuUXaCNYxJmi/JsaFMXSjiyYkis3JBF+BckTzfIK4xjwVwF/DbJONMJqX/dGxUnn B4krFw3RvLhu6Ktmo73N2oKk7TmVK0hPrw9m8SUHFqwSQN6kOac= -----END CERTIFICATE-----Generated at Fri Mar 27 00:33:43 2026 by rpki-client