$ rpki-client -vvf repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft File: 861DE86D91E4C7508D388EDBC70834681B43B5CA.mft (raw, json) Hash identifier: ZM0pWcP3kSOsbg9m/u05BScQqybZAeb3iO+kihiESLQ= Subject key identifier: DF:F0:62:D6:DF:AF:8F:FB:5D:88:A3:7E:92:57:9A:5C:52:F5:F4:A5 Authority key identifier: 86:1D:E8:6D:91:E4:C7:50:8D:38:8E:DB:C7:08:34:68:1B:43:B5:CA Certificate issuer: /CN=861DE86D91E4C7508D388EDBC70834681B43B5CA Certificate serial: 69581D228A1E49603C419B6ABCE50AEDA9D60C56 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft Manifest number: 0515 Signing time: Wed 25 Mar 2026 11:21:46 +0000 Manifest this update: Wed 25 Mar 2026 11:16:46 +0000 Manifest next update: Sat 28 Mar 2026 18:32:46 +0000 Files and hashes: 1: 861DE86D91E4C7508D388EDBC70834681B43B5CA.crl (hash: O17qz12Rp7ciBSnLzHP3UFdCq6VgZDKkPm3nYvau/d4=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.crl rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 18:32:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:58:1d:22:8a:1e:49:60:3c:41:9b:6a:bc:e5:0a:ed:a9:d6:0c:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=861DE86D91E4C7508D388EDBC70834681B43B5CA Validity Not Before: Mar 25 11:16:46 2026 GMT Not After : Mar 28 18:32:46 2026 GMT Subject: CN=DFF062D6DFAF8FFB5D88A37E92579A5C52F5F4A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:08:91:0c:5f:7e:cb:6b:2b:25:1a:f3:a1:dd: 58:f1:aa:13:bf:d7:57:7d:37:af:d5:8c:d5:bd:c0: c1:bd:e8:72:f7:9f:77:9a:d6:e5:79:e8:7d:b5:0d: b9:fd:ba:8f:fc:b0:e5:87:65:ee:db:56:85:80:fd: fa:fd:39:b6:4e:de:33:50:3c:9d:84:f9:06:e0:a2: b7:dc:b4:da:d6:17:8f:8f:62:23:39:05:01:49:6e: 16:f9:8c:f6:83:fd:33:5b:97:54:ad:0d:16:18:9b: 7f:6f:2c:0a:8c:e1:97:1d:d1:e3:33:8b:78:91:72: 99:98:e2:5d:e2:bd:cd:6d:a8:7c:3a:b1:43:e0:4b: f0:0f:ea:ff:34:5e:fc:a2:50:70:d1:3c:e9:cc:58: ed:04:60:8d:45:dd:db:00:92:7d:00:56:70:18:e1: 06:33:f7:9e:6f:88:d8:5c:09:80:f6:d4:14:34:88: 34:08:69:b6:66:82:9a:53:5d:2b:d5:ec:f2:ef:f1: 46:ef:23:9e:5b:ec:34:0f:4c:0c:82:86:ff:1c:cb: 60:82:66:e7:cf:4b:8f:04:87:59:a2:4b:48:d1:45: 88:ef:37:9e:5d:d4:87:07:ce:ad:02:d9:65:7f:b1: 87:68:22:09:34:55:cc:6a:12:f3:6c:c4:aa:38:ff: 90:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:F0:62:D6:DF:AF:8F:FB:5D:88:A3:7E:92:57:9A:5C:52:F5:F4:A5 X509v3 Authority Key Identifier: keyid:86:1D:E8:6D:91:E4:C7:50:8D:38:8E:DB:C7:08:34:68:1B:43:B5:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/861DE86D91E4C7508D388EDBC70834681B43B5CA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/869f2988-cab3-45aa-97e5-6385f07ff1cd/0/861DE86D91E4C7508D388EDBC70834681B43B5CA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:a4:26:7f:ce:d0:df:ab:23:61:f0:8e:0e:3e:19:15:e7:86: bb:ce:5d:30:af:b8:c1:54:9e:64:0d:86:c0:92:3f:42:f1:e2: 15:8b:56:c2:d7:ee:f2:6c:0a:55:e4:08:fe:90:62:9e:89:f4: cf:3f:1a:2b:92:81:20:f4:da:f5:93:d3:fa:9e:40:0d:7b:5c: 78:fe:d4:ed:c5:a8:f1:34:c4:24:f1:f1:8b:b7:45:f7:a2:83: a3:b5:1f:66:0e:3e:c0:9b:a1:36:04:8d:fb:59:57:4d:c8:cf: e8:08:60:62:85:9b:ec:5b:50:9f:3b:95:0b:a7:86:f0:e0:b2: 56:32:54:89:e2:cb:fa:d2:39:15:54:0c:49:2c:06:b4:af:72: 4b:00:52:cd:ae:f2:b8:40:7d:21:0d:07:d4:84:7b:7a:a2:14: 13:1d:25:7a:e7:ec:17:6e:2a:70:80:87:d8:cf:1e:45:59:52: ea:85:93:9c:5a:64:fd:5c:74:1d:ec:57:2c:17:6c:e3:ce:52: b4:52:32:88:98:f8:f5:f1:1b:83:df:1c:66:da:09:5e:df:05: 5f:bd:6c:86:51:e6:23:b6:3a:e6:3b:94:53:7f:ff:02:cb:67: 04:e6:bd:1b:09:0b:03:a5:ce:7e:c2:93:1b:60:59:50:30:3d: 17:4a:af:a5 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUaVgdIooeSWA8QZtqvOUK7anWDFYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0Njgx QjQzQjVDQTAeFw0yNjAzMjUxMTE2NDZaFw0yNjAzMjgxODMyNDZaMDMxMTAvBgNV BAMTKERGRjA2MkQ2REZBRjhGRkI1RDg4QTM3RTkyNTc5QTVDNTJGNUY0QTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDCJEMX37LayslGvOh3VjxqhO/ 11d9N6/VjNW9wMG96HL3n3ea1uV56H21Dbn9uo/8sOWHZe7bVoWA/fr9ObZO3jNQ PJ2E+QbgorfctNrWF4+PYiM5BQFJbhb5jPaD/TNbl1StDRYYm39vLAqM4Zcd0eMz i3iRcpmY4l3ivc1tqHw6sUPgS/AP6v80XvyiUHDRPOnMWO0EYI1F3dsAkn0AVnAY 4QYz955viNhcCYD21BQ0iDQIabZmgppTXSvV7PLv8UbvI55b7DQPTAyChv8cy2CC ZufPS48Eh1miS0jRRYjvN55d1IcHzq0C2WV/sYdoIgk0VcxqEvNsxKo4/5BTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU3/Bi1t+vj/tdiKN+kleaXFL19KUwHwYDVR0j BBgwFoAUhh3obZHkx1CNOI7bxwg0aBtDtcowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 NjlmMjk4OC1jYWIzLTQ1YWEtOTdlNS02Mzg1ZjA3ZmYxY2QvMC84NjFERTg2RDkx RTRDNzUwOEQzODhFREJDNzA4MzQ2ODFCNDNCNUNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0NjgxQjQz QjVDQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vODY5ZjI5ODgtY2FiMy00NWFhLTk3 ZTUtNjM4NWYwN2ZmMWNkLzAvODYxREU4NkQ5MUU0Qzc1MDhEMzg4RURCQzcwODM0 NjgxQjQzQjVDQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALakJn/O0N+rI2Hwjg4+GRXnhrvOXTCvuMFU nmQNhsCSP0Lx4hWLVsLX7vJsClXkCP6QYp6J9M8/GiuSgSD02vWT0/qeQA17XHj+ 1O3FqPE0xCTx8Yu3Rfeig6O1H2YOPsCboTYEjftZV03Iz+gIYGKFm+xbUJ87lQun hvDgslYyVIniy/rSORVUDEksBrSvcksAUs2u8rhAfSENB9SEe3qiFBMdJXrn7Bdu KnCAh9jPHkVZUuqFk5xaZP1cdB3sVywXbOPOUrRSMoiY+PXxG4PfHGbaCV7fBV+9 bIZR5iO2OuY7lFN//wLLZwTmvRsJCwOlzn7CkxtgWVAwPRdKr6U= -----END CERTIFICATE-----Generated at Thu Mar 26 19:46:15 2026 by rpki-client