$ rpki-client -vvf repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft File: 2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft (raw, json) Hash identifier: X+Gm8SwqXCDE5no3oYp8j6bo+tRNMr61e6BUvoIdpjc= Subject key identifier: 0A:EF:1C:B7:62:36:99:EB:E2:5F:D7:28:8D:8E:EA:6C:31:A4:FB:34 Authority key identifier: 26:64:CB:E1:0F:2B:9F:F1:BE:C5:0A:6A:85:DC:7A:A5:2B:9F:17:FA Certificate issuer: /CN=2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA Certificate serial: 3E68A13BC548BAA9FEA26C23BA75CF640B727AB0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft Manifest number: 040E Signing time: Tue 24 Mar 2026 17:52:26 +0000 Manifest this update: Tue 24 Mar 2026 17:47:26 +0000 Manifest next update: Fri 27 Mar 2026 20:47:26 +0000 Files and hashes: 1: 2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl (hash: YdAwDtVcJ04q7eI+/abx/I1GXFcQ8hs1eFBF8lSwIPw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 20:47:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:68:a1:3b:c5:48:ba:a9:fe:a2:6c:23:ba:75:cf:64:0b:72:7a:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA Validity Not Before: Mar 24 17:47:26 2026 GMT Not After : Mar 27 20:47:26 2026 GMT Subject: CN=0AEF1CB7623699EBE25FD7288D8EEA6C31A4FB34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:0c:22:bd:92:bb:f9:3e:f2:aa:e9:dc:dc:4f: 40:ed:9d:8e:f3:26:3b:04:48:12:10:20:22:2a:21: 5b:c3:17:a4:04:30:8f:4e:32:1b:34:30:e8:35:10: 50:7d:ab:fd:17:20:d0:02:3a:49:78:6f:87:66:9d: 77:7d:38:3f:c1:d1:65:88:b5:67:57:b0:c0:b5:62: b7:30:41:3c:54:d1:b4:3e:4d:88:95:83:5e:02:d1: f6:64:41:07:7c:7a:a6:44:f4:00:c4:0d:52:51:92: dc:20:34:3e:9d:2c:2e:e9:d7:d2:82:1b:0e:81:1b: 12:c2:2c:cc:5c:c9:e6:2e:40:7e:1f:4a:d0:dc:b5: 90:c5:8b:e7:0e:e1:01:64:3b:ef:52:cb:43:93:e1: 64:62:58:40:40:60:8f:0e:a6:41:b9:6e:b6:c4:da: aa:c3:bf:80:66:44:aa:a2:ec:53:bc:ca:44:bd:99: 32:65:5d:01:35:3e:01:a6:fd:56:62:b9:01:96:a2: be:f8:75:16:26:2a:c7:71:b8:cb:23:37:bc:7a:1a: 87:7c:1d:45:b2:e9:25:b3:21:f1:cc:02:4a:b5:2f: 10:b8:e0:b7:87:9c:03:cf:d7:9e:11:40:46:fa:1f: 88:02:6e:7a:8a:f7:4b:f0:c4:f9:1c:58:ec:e4:dd: 4d:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:EF:1C:B7:62:36:99:EB:E2:5F:D7:28:8D:8E:EA:6C:31:A4:FB:34 X509v3 Authority Key Identifier: keyid:26:64:CB:E1:0F:2B:9F:F1:BE:C5:0A:6A:85:DC:7A:A5:2B:9F:17:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cf3c211-0645-4882-a4f1-46be867b7983/0/2664CBE10F2B9FF1BEC50A6A85DC7AA52B9F17FA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:22:7b:00:48:9f:6c:96:ef:26:10:13:2f:0c:5c:b7:05:93: 95:13:8c:eb:30:66:fa:8a:60:1c:18:45:d3:ad:72:ad:d1:fc: 4d:e9:c2:81:48:8d:2d:e9:0d:1c:48:d6:5d:93:8f:f6:f6:3d: 4f:1a:c4:c4:e5:f7:8f:f1:cc:a8:d1:c5:15:00:71:24:65:85: df:d1:68:5d:0d:09:4d:c3:17:36:70:86:22:0d:c6:c6:3b:04: 1e:dc:f5:c0:a8:68:9e:e7:65:11:6a:6a:aa:1c:97:bf:9d:e6: c5:0a:e6:d9:0c:83:a9:ca:ce:2f:f6:f0:87:4e:35:79:dd:05: 0e:58:0b:b9:03:d6:c8:51:ef:ae:55:9c:cb:2e:fa:ba:2e:e5: 3e:c5:a4:6b:c1:f0:2f:60:e5:ce:3d:bd:f2:ba:02:18:18:2f: 6b:d6:5c:45:6f:91:06:bc:c1:a8:0b:e3:86:2b:a1:48:6f:83: c4:8c:4d:84:32:08:2d:99:f6:a5:92:66:4d:45:57:03:b8:fe: 94:da:65:5d:cf:66:cb:d8:9d:69:5e:29:37:4e:ee:5d:71:bc: c8:15:88:90:82:8a:42:df:eb:2a:f1:5b:17:42:91:30:37:b0: e0:66:ee:c2:e4:df:cb:28:17:22:8b:b7:e4:8e:1d:95:60:c0: 7f:64:8a:d9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUPmihO8VIuqn+omwjunXPZAtyerAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdBQTUy QjlGMTdGQTAeFw0yNjAzMjQxNzQ3MjZaFw0yNjAzMjcyMDQ3MjZaMDMxMTAvBgNV BAMTKDBBRUYxQ0I3NjIzNjk5RUJFMjVGRDcyODhEOEVFQTZDMzFBNEZCMzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzDCK9krv5PvKq6dzcT0DtnY7z JjsESBIQICIqIVvDF6QEMI9OMhs0MOg1EFB9q/0XINACOkl4b4dmnXd9OD/B0WWI tWdXsMC1YrcwQTxU0bQ+TYiVg14C0fZkQQd8eqZE9ADEDVJRktwgND6dLC7p19KC Gw6BGxLCLMxcyeYuQH4fStDctZDFi+cO4QFkO+9Sy0OT4WRiWEBAYI8OpkG5brbE 2qrDv4BmRKqi7FO8ykS9mTJlXQE1PgGm/VZiuQGWor74dRYmKsdxuMsjN7x6God8 HUWy6SWzIfHMAkq1LxC44LeHnAPP154RQEb6H4gCbnqK90vwxPkcWOzk3U3JAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUCu8ct2I2meviX9cojY7qbDGk+zQwHwYDVR0j BBgwFoAUJmTL4Q8rn/G+xQpqhdx6pSufF/owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 Y2YzYzIxMS0wNjQ1LTQ4ODItYTRmMS00NmJlODY3Yjc5ODMvMC8yNjY0Q0JFMTBG MkI5RkYxQkVDNTBBNkE4NURDN0FBNTJCOUYxN0ZBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdBQTUyQjlG MTdGQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGNmM2MyMTEtMDY0NS00ODgyLWE0 ZjEtNDZiZTg2N2I3OTgzLzAvMjY2NENCRTEwRjJCOUZGMUJFQzUwQTZBODVEQzdB QTUyQjlGMTdGQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHciewBIn2yW7yYQEy8MXLcFk5UTjOswZvqK YBwYRdOtcq3R/E3pwoFIjS3pDRxI1l2Tj/b2PU8axMTl94/xzKjRxRUAcSRlhd/R aF0NCU3DFzZwhiINxsY7BB7c9cCoaJ7nZRFqaqocl7+d5sUK5tkMg6nKzi/28IdO NXndBQ5YC7kD1shR765VnMsu+rou5T7FpGvB8C9g5c49vfK6AhgYL2vWXEVvkQa8 wagL44YroUhvg8SMTYQyCC2Z9qWSZk1FVwO4/pTaZV3PZsvYnWleKTdO7l1xvMgV iJCCikLf6yrxWxdCkTA3sOBm7sLk38soFyKLt+SOHZVgwH9kitk= -----END CERTIFICATE-----Generated at Thu Mar 26 13:08:15 2026 by rpki-client