$ rpki-client -vvf repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.mft File: 58D7DC530F3BA4ACD0488062170E1581B67D61EA.mft (raw, json) Hash identifier: Cs3radmr4WaGPt/ebu6ylUY+Nf7nJacb9h2bLJXxvMg= Subject key identifier: 8A:14:96:1C:DC:4F:6C:88:4B:40:7D:33:2A:4E:3A:FF:EF:B5:A5:AE Authority key identifier: 58:D7:DC:53:0F:3B:A4:AC:D0:48:80:62:17:0E:15:81:B6:7D:61:EA Certificate issuer: /CN=58D7DC530F3BA4ACD0488062170E1581B67D61EA Certificate serial: 3C106333DB62C4621E9CDF59F1F8D89C3A34BB6B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/58D7DC530F3BA4ACD0488062170E1581B67D61EA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.mft Manifest number: 0566 Signing time: Tue 24 Mar 2026 19:11:15 +0000 Manifest this update: Tue 24 Mar 2026 19:06:15 +0000 Manifest next update: Sat 28 Mar 2026 06:01:15 +0000 Files and hashes: 1: 58D7DC530F3BA4ACD0488062170E1581B67D61EA.crl (hash: DGK8qS97pe6zK/9lhAhLkJgAbucboX4Jf1/u7pqmmpY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.crl rsync://repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/58D7DC530F3BA4ACD0488062170E1581B67D61EA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 06:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:10:63:33:db:62:c4:62:1e:9c:df:59:f1:f8:d8:9c:3a:34:bb:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=58D7DC530F3BA4ACD0488062170E1581B67D61EA Validity Not Before: Mar 24 19:06:15 2026 GMT Not After : Mar 28 06:01:15 2026 GMT Subject: CN=8A14961CDC4F6C884B407D332A4E3AFFEFB5A5AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:99:37:1d:b9:81:93:cf:03:94:b8:80:9c:e5: 09:11:4c:76:5e:cf:57:f1:6e:53:42:2b:e7:5d:e7: 29:2a:1a:63:25:44:02:91:74:5d:8e:a7:ea:79:b7: ef:24:ac:23:19:b6:1c:fc:e7:d0:28:bf:60:ef:10: fb:36:e4:ed:f2:b5:a9:f9:c2:a8:45:c6:c9:6c:1c: 98:41:c0:bb:12:39:62:3c:ca:b0:86:2d:a4:dc:77: 89:b4:6d:a2:f9:4c:09:9d:ba:39:db:4d:1e:10:31: f7:ee:80:1f:1e:37:59:fb:e5:39:d7:05:ab:c2:8e: c1:ab:c6:06:b3:29:50:c0:98:b3:11:8e:36:11:72: 0b:ce:3f:1c:e7:71:98:38:c6:31:bf:ea:1d:20:5d: 53:a2:af:d5:6f:fd:31:81:34:2c:86:ad:37:96:29: c2:23:f3:ef:36:dc:38:17:33:3e:53:76:8e:59:03: d2:63:ac:02:f5:22:60:53:93:7f:fb:c0:a6:0d:d8: cc:a8:17:89:f1:1b:a0:88:0e:9a:84:2d:2a:54:9e: 51:82:1b:1b:2c:97:67:58:a0:b5:50:4d:71:6a:33: d0:98:0a:62:a9:3e:f0:78:ec:6d:32:20:57:da:3b: 89:d8:fb:23:56:8b:8e:30:64:97:b5:6c:0f:7c:4a: 12:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:14:96:1C:DC:4F:6C:88:4B:40:7D:33:2A:4E:3A:FF:EF:B5:A5:AE X509v3 Authority Key Identifier: keyid:58:D7:DC:53:0F:3B:A4:AC:D0:48:80:62:17:0E:15:81:B6:7D:61:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/58D7DC530F3BA4ACD0488062170E1581B67D61EA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/82fa3a39-e0ec-4fc1-9b54-353e07f005dd/0/58D7DC530F3BA4ACD0488062170E1581B67D61EA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:31:5e:1b:46:4b:19:14:40:4f:1c:ba:ba:7e:08:e2:07:39: 6c:d1:72:7b:5d:59:27:dc:2f:6b:99:f1:fe:29:43:a4:b4:0f: dc:68:7f:30:78:fb:62:f7:af:b0:81:71:56:de:d4:fb:53:5f: 4b:da:ce:90:e8:59:d5:74:f4:e5:61:05:21:c0:72:2c:43:a2: a9:95:8f:a3:24:c4:24:48:68:54:a0:9b:f0:ad:6d:00:f2:74: be:ba:25:47:1f:ec:2f:9f:ad:a7:ba:0c:fa:2b:96:8f:68:16: b6:4f:5d:2e:06:33:28:b9:c6:55:83:f9:fa:4c:01:da:22:86: c9:4a:ca:3a:5c:24:aa:22:c4:6c:2e:be:70:b4:39:49:99:50: 4e:f5:e6:44:fa:66:e7:5f:6e:6e:65:62:0b:d8:69:c9:76:c3: 2c:8d:d1:43:c3:d3:c8:cd:3f:4c:1e:31:6b:b4:85:a9:e5:49: 3e:11:ae:92:e5:6f:7e:2d:04:c4:52:e2:21:6c:c7:57:04:ff: f5:b3:d0:fa:61:83:a8:f1:dc:fa:4f:d3:e4:cb:8b:a5:89:06: a3:fc:5e:3a:f7:be:4b:56:aa:38:75:f3:a9:04:b4:3d:99:87: 05:74:3d:78:1e:ec:3c:39:20:0f:f2:f3:59:b7:a1:76:ac:b6: 7b:dd:63:3c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPBBjM9tixGIenN9Z8fjYnDo0u2swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNThEN0RDNTMwRjNCQTRBQ0QwNDg4MDYyMTcwRTE1ODFC NjdENjFFQTAeFw0yNjAzMjQxOTA2MTVaFw0yNjAzMjgwNjAxMTVaMDMxMTAvBgNV BAMTKDhBMTQ5NjFDREM0RjZDODg0QjQwN0QzMzJBNEUzQUZGRUZCNUE1QUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUmTcduYGTzwOUuICc5QkRTHZe z1fxblNCK+dd5ykqGmMlRAKRdF2Op+p5t+8krCMZthz859Aov2DvEPs25O3ytan5 wqhFxslsHJhBwLsSOWI8yrCGLaTcd4m0baL5TAmdujnbTR4QMffugB8eN1n75TnX BavCjsGrxgazKVDAmLMRjjYRcgvOPxzncZg4xjG/6h0gXVOir9Vv/TGBNCyGrTeW KcIj8+823DgXMz5Tdo5ZA9JjrAL1ImBTk3/7wKYN2MyoF4nxG6CIDpqELSpUnlGC Gxssl2dYoLVQTXFqM9CYCmKpPvB47G0yIFfaO4nY+yNWi44wZJe1bA98ShLHAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUihSWHNxPbIhLQH0zKk46/++1pa4wHwYDVR0j BBgwFoAUWNfcUw87pKzQSIBiFw4VgbZ9YeowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 MmZhM2EzOS1lMGVjLTRmYzEtOWI1NC0zNTNlMDdmMDA1ZGQvMC81OEQ3REM1MzBG M0JBNEFDRDA0ODgwNjIxNzBFMTU4MUI2N0Q2MUVBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNThEN0RDNTMwRjNCQTRBQ0QwNDg4MDYyMTcwRTE1ODFCNjdE NjFFQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODJmYTNhMzktZTBlYy00ZmMxLTli NTQtMzUzZTA3ZjAwNWRkLzAvNThEN0RDNTMwRjNCQTRBQ0QwNDg4MDYyMTcwRTE1 ODFCNjdENjFFQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHoxXhtGSxkUQE8curp+COIHOWzRcntdWSfc L2uZ8f4pQ6S0D9xofzB4+2L3r7CBcVbe1PtTX0vazpDoWdV09OVhBSHAcixDoqmV j6MkxCRIaFSgm/CtbQDydL66JUcf7C+frae6DPorlo9oFrZPXS4GMyi5xlWD+fpM AdoihslKyjpcJKoixGwuvnC0OUmZUE715kT6Zudfbm5lYgvYacl2wyyN0UPD08jN P0weMWu0hanlST4RrpLlb34tBMRS4iFsx1cE//Wz0Pphg6jx3PpP0+TLi6WJBqP8 Xjr3vktWqjh186kEtD2ZhwV0PXge7Dw5IA/y81m3oXastnvdYzw= -----END CERTIFICATE-----Generated at Thu Mar 26 11:54:37 2026 by rpki-client