$ rpki-client -vvf repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft File: 95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft (raw, json) Hash identifier: Kf+m/biOxa0RmgDQTIFwrNc+2fTBQ5zwNk2ZuGlmrek= Subject key identifier: 31:47:FE:05:66:72:F9:DF:50:E6:47:EB:AF:AE:7C:FE:DA:78:62:2A Authority key identifier: 95:FA:C3:8A:5C:B2:CE:A3:E5:FF:E2:49:56:26:A7:BE:A3:28:D6:89 Certificate issuer: /CN=95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689 Certificate serial: 272FC20831D634770346023F7923B2F2BDB52D3E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer Subject info access: rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft Manifest number: 0125 Signing time: Tue 24 Mar 2026 12:01:36 +0000 Manifest this update: Tue 24 Mar 2026 11:56:36 +0000 Manifest next update: Fri 27 Mar 2026 12:49:36 +0000 Files and hashes: 1: 3136302e31392e38382e302f32342d3234203d3e20313437303838.roa (hash: +Xk0mxGkc/lCxZDeUptrpwZhCqCSnBV/uCVgeNZ+WpY=) 2: 95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.crl (hash: tBxMcKb8vWogmrfqVKZhsPoC2aunjhk6j8SAvNtX+M4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.crl rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 12:49:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:2f:c2:08:31:d6:34:77:03:46:02:3f:79:23:b2:f2:bd:b5:2d:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689 Validity Not Before: Mar 24 11:56:36 2026 GMT Not After : Mar 27 12:49:36 2026 GMT Subject: CN=3147FE056672F9DF50E647EBAFAE7CFEDA78622A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:22:f4:de:27:35:6e:a1:07:80:7c:d7:dd:22: 0e:02:53:43:7f:97:6a:0b:3e:1d:88:67:14:c5:0b: 49:11:7f:80:cd:9e:34:7b:f8:fb:3f:2f:5f:58:b5: 30:43:8b:1d:54:d6:1e:13:6f:3d:4a:cf:1b:37:ef: 76:39:c2:17:0a:01:af:f4:33:14:81:57:78:e6:1e: 4d:f5:8c:bb:15:70:b2:ba:e6:3d:0e:07:c1:08:b8: 2a:d7:1c:b5:cc:fb:21:b1:66:f5:cb:e7:51:30:08: 18:86:c4:fb:e9:9a:eb:0f:5a:37:64:cd:6b:71:66: 5b:d0:e9:0c:35:1c:fa:21:eb:1d:f7:cf:6b:71:9f: 37:8f:1c:b6:66:93:93:3c:ed:75:8a:7c:04:db:20: c0:92:7c:f8:53:8b:2a:ff:0f:84:3c:25:a9:22:5d: 2b:e8:aa:a6:17:58:07:2d:72:d6:96:4f:92:53:53: 9b:81:75:12:d4:36:67:e0:73:28:6b:3d:23:36:68: b7:ec:ed:58:63:6c:a1:38:b4:23:b3:b3:b2:4f:d1: fd:3d:f3:8c:cf:9e:3d:a1:df:2a:de:55:e4:68:7d: a8:9d:0b:ab:4c:82:7f:b0:81:96:50:b6:ae:26:d0: aa:75:b1:d6:3e:ff:22:78:88:28:48:c7:92:83:09: 41:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:47:FE:05:66:72:F9:DF:50:E6:47:EB:AF:AE:7C:FE:DA:78:62:2A X509v3 Authority Key Identifier: keyid:95:FA:C3:8A:5C:B2:CE:A3:E5:FF:E2:49:56:26:A7:BE:A3:28:D6:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:1b:a4:11:4a:86:a3:08:4e:84:0e:e1:20:65:f1:eb:92:33: 01:e4:39:48:89:e4:5c:67:ad:5b:bd:ed:cc:4e:72:8f:fd:e9: 3d:e3:30:bf:46:8a:06:87:63:a9:05:5e:dc:2d:e4:f0:bf:a4: bd:7f:38:ce:79:ed:9c:d3:b2:ed:ec:f3:00:0d:6a:67:eb:bf: 1e:46:57:08:0a:6e:40:cd:80:90:f9:7a:a3:a4:86:ad:16:c4: 7f:6e:b6:d9:dc:57:42:df:aa:5b:26:37:fa:c6:24:56:d0:e5: 99:ce:d1:45:15:0d:0a:9e:7e:61:f9:03:f4:ac:60:a0:66:53: 9b:dd:8c:5e:51:d3:fb:0f:6f:a6:36:5e:40:47:c8:18:6e:56: 21:4b:15:72:8c:c6:aa:f0:3d:a6:32:55:ef:42:34:d2:97:ec: b0:90:9d:b1:57:ec:26:c3:f4:fb:2b:9d:59:7c:99:e5:39:4b: 32:27:25:b2:e2:46:73:01:6a:45:ee:63:f5:95:8b:a8:9a:27: f3:0d:b8:55:9e:57:43:0e:c1:d6:0e:cb:26:c9:82:1d:97:06: c3:3f:ec:25:dd:f6:7a:1b:8e:7b:7a:6a:73:14:6d:31:3f:0d: 44:33:e1:f3:c3:3e:c1:d5:07:5b:e2:2f:2b:7d:77:8e:06:72: 1d:ae:6f:77 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJy/CCDHWNHcDRgI/eSOy8r21LT4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTVGQUMzOEE1Q0IyQ0VBM0U1RkZFMjQ5NTYyNkE3QkVB MzI4RDY4OTAeFw0yNjAzMjQxMTU2MzZaFw0yNjAzMjcxMjQ5MzZaMDMxMTAvBgNV BAMTKDMxNDdGRTA1NjY3MkY5REY1MEU2NDdFQkFGQUU3Q0ZFREE3ODYyMkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4IvTeJzVuoQeAfNfdIg4CU0N/ l2oLPh2IZxTFC0kRf4DNnjR7+Ps/L19YtTBDix1U1h4Tbz1Kzxs373Y5whcKAa/0 MxSBV3jmHk31jLsVcLK65j0OB8EIuCrXHLXM+yGxZvXL51EwCBiGxPvpmusPWjdk zWtxZlvQ6Qw1HPoh6x33z2txnzePHLZmk5M87XWKfATbIMCSfPhTiyr/D4Q8Jaki XSvoqqYXWActctaWT5JTU5uBdRLUNmfgcyhrPSM2aLfs7VhjbKE4tCOzs7JP0f09 84zPnj2h3yreVeRofaidC6tMgn+wgZZQtq4m0Kp1sdY+/yJ4iChIx5KDCUG5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMUf+BWZy+d9Q5kfrr658/tp4YiowHwYDVR0j BBgwFoAUlfrDilyyzqPl/+JJVianvqMo1okwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 NGRhNDE1Yi01ZjE3LTQ2MDItOWJkOS1mZDg0YWMyY2FlODYvMC85NUZBQzM4QTVD QjJDRUEzRTVGRkUyNDk1NjI2QTdCRUEzMjhENjg5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvOTVGQUMzOEE1Q0IyQ0VBM0U1RkZFMjQ5NTYyNkE3QkVBMzI4 RDY4OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODRkYTQxNWItNWYxNy00NjAyLTli ZDktZmQ4NGFjMmNhZTg2LzAvOTVGQUMzOEE1Q0IyQ0VBM0U1RkZFMjQ5NTYyNkE3 QkVBMzI4RDY4OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACQbpBFKhqMIToQO4SBl8euSMwHkOUiJ5Fxn rVu97cxOco/96T3jML9GigaHY6kFXtwt5PC/pL1/OM557ZzTsu3s8wANamfrvx5G VwgKbkDNgJD5eqOkhq0WxH9uttncV0LfqlsmN/rGJFbQ5ZnO0UUVDQqefmH5A/Ss YKBmU5vdjF5R0/sPb6Y2XkBHyBhuViFLFXKMxqrwPaYyVe9CNNKX7LCQnbFX7CbD 9PsrnVl8meU5SzInJbLiRnMBakXuY/WVi6iaJ/MNuFWeV0MOwdYOyybJgh2XBsM/ 7CXd9nobjnt6anMUbTE/DUQz4fPDPsHVB1viLyt9d44Gch2ub3c= -----END CERTIFICATE-----Generated at Thu Mar 26 13:08:14 2026 by rpki-client