$ rpki-client -vvf repo-rpki.idnic.net/repo/8ad33770-f151-43f3-9569-6a27d7504240/0/285A5330FE006D3660B306BEE40EC7FEABA96574.mft File: 285A5330FE006D3660B306BEE40EC7FEABA96574.mft (raw, json) Hash identifier: TjZ/zj5WugQCxJHckWoRAc7FkbnkXghbyxBRRo/yUxI= Subject key identifier: DA:64:85:2D:CC:9D:0B:CE:A5:1A:7F:AA:8B:64:18:24:7F:6A:FD:1C Authority key identifier: 28:5A:53:30:FE:00:6D:36:60:B3:06:BE:E4:0E:C7:FE:AB:A9:65:74 Certificate issuer: /CN=285A5330FE006D3660B306BEE40EC7FEABA96574 Certificate serial: 26A44F021FC8E34706B37FD9BA9880BF4A3B2A58 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/285A5330FE006D3660B306BEE40EC7FEABA96574.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8ad33770-f151-43f3-9569-6a27d7504240/0/285A5330FE006D3660B306BEE40EC7FEABA96574.mft Manifest number: 0258 Signing time: Wed 25 Mar 2026 10:11:00 +0000 Manifest this update: Wed 25 Mar 2026 10:06:00 +0000 Manifest next update: Sat 28 Mar 2026 21:59:00 +0000 Files and hashes: 1: 3130332e3139312e3132392e302f32342d3234203d3e20313439393230.roa (hash: NcRBqt1Wn/tuGvM1xfS0JFewwd6sRo22gfKxjNahc88=) 2: 285A5330FE006D3660B306BEE40EC7FEABA96574.crl (hash: 1xx7wWHqjykrqv502ADpz0rn4fWi/VZaY5U2HmK80Lc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8ad33770-f151-43f3-9569-6a27d7504240/0/285A5330FE006D3660B306BEE40EC7FEABA96574.crl rsync://repo-rpki.idnic.net/repo/8ad33770-f151-43f3-9569-6a27d7504240/0/285A5330FE006D3660B306BEE40EC7FEABA96574.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/285A5330FE006D3660B306BEE40EC7FEABA96574.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 21:59:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:a4:4f:02:1f:c8:e3:47:06:b3:7f:d9:ba:98:80:bf:4a:3b:2a:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=285A5330FE006D3660B306BEE40EC7FEABA96574 Validity Not Before: Mar 25 10:06:00 2026 GMT Not After : Mar 28 21:59:00 2026 GMT Subject: CN=DA64852DCC9D0BCEA51A7FAA8B6418247F6AFD1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b8:f5:5a:8d:96:b6:08:33:34:19:c9:b7:79: 76:fa:cc:67:eb:0e:1e:2e:5f:6a:1a:10:79:55:da: d8:68:d7:3c:a6:69:67:ce:f4:51:10:e7:d3:cb:d6: 5b:3c:0d:18:ae:43:8a:0c:c7:5b:c2:19:e5:09:99: a5:54:a3:68:0a:04:47:da:56:2e:2b:11:cc:bd:c0: 05:ab:3f:c0:0d:b9:7e:f5:8e:0b:f9:eb:9a:44:e3: fb:fb:75:85:d1:27:03:51:28:b0:05:a5:b2:2a:12: 48:cc:e8:29:05:17:8f:e9:c4:b4:3a:93:5c:59:bf: 8c:0f:37:2b:58:44:3d:b6:fa:6c:a2:d0:cb:37:a8: 4e:d6:f0:08:1b:93:3a:54:3f:12:44:a5:46:e5:ba: 7a:63:90:d3:6d:e5:8c:72:6f:61:5d:8b:30:42:a0: b9:58:00:61:a1:19:0d:fd:81:03:f2:a5:85:83:cf: 9f:26:11:e7:85:96:88:aa:33:14:bb:09:fb:63:33: 66:35:7b:f0:0f:ed:73:1f:9b:9d:3f:51:c2:6a:82: 45:56:98:7a:11:96:94:73:f1:d6:53:d5:64:4c:0d: 03:20:da:9e:ce:da:de:38:36:b7:6b:0b:67:e9:4c: e6:c3:12:5a:9f:a5:5e:63:d1:4e:95:f0:87:42:2e: 35:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:64:85:2D:CC:9D:0B:CE:A5:1A:7F:AA:8B:64:18:24:7F:6A:FD:1C X509v3 Authority Key Identifier: keyid:28:5A:53:30:FE:00:6D:36:60:B3:06:BE:E4:0E:C7:FE:AB:A9:65:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8ad33770-f151-43f3-9569-6a27d7504240/0/285A5330FE006D3660B306BEE40EC7FEABA96574.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/285A5330FE006D3660B306BEE40EC7FEABA96574.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8ad33770-f151-43f3-9569-6a27d7504240/0/285A5330FE006D3660B306BEE40EC7FEABA96574.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:b2:1b:9b:1f:86:83:78:b5:1b:58:f4:4b:95:8b:c6:d1:10: ee:4d:90:56:2b:9c:a8:b3:18:8b:e7:64:92:7e:f5:57:f3:7e: d8:c0:9f:f4:ab:1b:60:ea:43:7d:dd:82:45:98:14:9a:24:0c: 4b:c2:af:c6:91:6b:96:c1:ee:96:77:d7:53:83:8c:ca:de:84: 6e:c3:c3:09:e5:c4:cc:05:c1:7e:b1:b2:42:b0:21:56:2c:cd: ee:e3:ad:62:a0:44:75:a8:f4:76:ed:79:e0:f5:5e:4d:5a:f7: cc:72:f0:90:48:24:3e:29:aa:a9:e5:5e:fe:99:ab:29:d1:2f: a1:66:21:96:69:38:31:4e:1b:fa:b6:e6:17:c2:9a:5c:56:ba: 8f:4f:ff:0a:f6:4c:33:b2:2e:03:4d:08:ff:f7:45:f1:e6:cf: 6f:5d:70:47:8b:62:1d:e8:46:12:60:a1:ee:1c:f0:b8:dc:d1: 6e:d9:8f:3e:f3:7b:b2:ff:67:f8:11:be:71:17:85:f6:da:28: 35:be:82:79:42:cd:80:cb:5a:de:b9:34:0a:93:7b:ef:52:e0: d4:52:07:4a:86:76:19:cc:31:75:63:66:e7:65:94:7c:ff:f5: 95:71:b7:a7:ea:0e:f9:91:8e:1f:47:21:e0:7c:36:c6:93:55: 05:ff:74:45 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJqRPAh/I40cGs3/ZupiAv0o7KlgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjg1QTUzMzBGRTAwNkQzNjYwQjMwNkJFRTQwRUM3RkVB QkE5NjU3NDAeFw0yNjAzMjUxMDA2MDBaFw0yNjAzMjgyMTU5MDBaMDMxMTAvBgNV BAMTKERBNjQ4NTJEQ0M5RDBCQ0VBNTFBN0ZBQThCNjQxODI0N0Y2QUZEMUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9uPVajZa2CDM0Gcm3eXb6zGfr Dh4uX2oaEHlV2tho1zymaWfO9FEQ59PL1ls8DRiuQ4oMx1vCGeUJmaVUo2gKBEfa Vi4rEcy9wAWrP8ANuX71jgv565pE4/v7dYXRJwNRKLAFpbIqEkjM6CkFF4/pxLQ6 k1xZv4wPNytYRD22+myi0Ms3qE7W8AgbkzpUPxJEpUblunpjkNNt5Yxyb2FdizBC oLlYAGGhGQ39gQPypYWDz58mEeeFloiqMxS7CftjM2Y1e/AP7XMfm50/UcJqgkVW mHoRlpRz8dZT1WRMDQMg2p7O2t44NrdrC2fpTObDElqfpV5j0U6V8IdCLjUZAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU2mSFLcydC86lGn+qi2QYJH9q/RwwHwYDVR0j BBgwFoAUKFpTMP4AbTZgswa+5A7H/qupZXQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YWQzMzc3MC1mMTUxLTQzZjMtOTU2OS02YTI3ZDc1MDQyNDAvMC8yODVBNTMzMEZF MDA2RDM2NjBCMzA2QkVFNDBFQzdGRUFCQTk2NTc0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjg1QTUzMzBGRTAwNkQzNjYwQjMwNkJFRTQwRUM3RkVBQkE5 NjU3NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGFkMzM3NzAtZjE1MS00M2YzLTk1 NjktNmEyN2Q3NTA0MjQwLzAvMjg1QTUzMzBGRTAwNkQzNjYwQjMwNkJFRTQwRUM3 RkVBQkE5NjU3NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAiyG5sfhoN4tRtY9EuVi8bREO5NkFYrnKiz GIvnZJJ+9VfzftjAn/SrG2DqQ33dgkWYFJokDEvCr8aRa5bB7pZ311ODjMrehG7D wwnlxMwFwX6xskKwIVYsze7jrWKgRHWo9HbteeD1Xk1a98xy8JBIJD4pqqnlXv6Z qynRL6FmIZZpODFOG/q25hfCmlxWuo9P/wr2TDOyLgNNCP/3RfHmz29dcEeLYh3o RhJgoe4c8Ljc0W7Zjz7ze7L/Z/gRvnEXhfbaKDW+gnlCzYDLWt65NAqTe+9S4NRS B0qGdhnMMXVjZudllHz/9ZVxt6fqDvmRjh9HIeB8NsaTVQX/dEU= -----END CERTIFICATE-----Generated at Thu Mar 26 19:53:26 2026 by rpki-client