$ rpki-client -vvf repo-rpki.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/DE4325727D17555F6DABCC72788E361C741D47CF.mft File: DE4325727D17555F6DABCC72788E361C741D47CF.mft (raw, json) Hash identifier: vIAtLdrYzNt18RzWv0QXSo0fgmzq6SZJJTftaUatGfg= Subject key identifier: 58:6A:84:AD:9F:CE:9B:B7:B2:58:0D:19:1D:4E:E4:9C:02:54:18:3C Authority key identifier: DE:43:25:72:7D:17:55:5F:6D:AB:CC:72:78:8E:36:1C:74:1D:47:CF Certificate issuer: /CN=DE4325727D17555F6DABCC72788E361C741D47CF Certificate serial: 3BAB74CCD8D0D7CCD220046119CA86D9190431C5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DE4325727D17555F6DABCC72788E361C741D47CF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/DE4325727D17555F6DABCC72788E361C741D47CF.mft Manifest number: 021E Signing time: Wed 25 Mar 2026 00:30:03 +0000 Manifest this update: Wed 25 Mar 2026 00:25:03 +0000 Manifest next update: Sat 28 Mar 2026 02:21:03 +0000 Files and hashes: 1: 3130332e3135352e32342e302f32332d3233203d3e20313431303734.roa (hash: gsdXX/duHLIGBlXHNlDaHKiWX/urg+G15cVtwivSaZc=) 2: 323430363a363263303a3a2f33322d3332203d3e20313431303734.roa (hash: 5WZW84f5HKjOAxkfssvW8CwqxpjYyS1AvzYSlCFenJ8=) 3: 3130332e3135352e32342e302f32342d3234203d3e20313431303734.roa (hash: dHsvYJlAkWLZ+9oRBKQmKMQW97rJ2/h7gXe20m1YARk=) 4: 3130332e3135352e32352e302f32342d3234203d3e20313431303734.roa (hash: t/STBzz8ddYfLmUydecDyGfVBJtfAeKtMXZhDBw1IOw=) 5: DE4325727D17555F6DABCC72788E361C741D47CF.crl (hash: c77qu2NNXmKDMVsnxKXpSkWAt2Sv24dMX/eObyGx5WE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/DE4325727D17555F6DABCC72788E361C741D47CF.crl rsync://repo-rpki.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/DE4325727D17555F6DABCC72788E361C741D47CF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DE4325727D17555F6DABCC72788E361C741D47CF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 02:21:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:ab:74:cc:d8:d0:d7:cc:d2:20:04:61:19:ca:86:d9:19:04:31:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DE4325727D17555F6DABCC72788E361C741D47CF Validity Not Before: Mar 25 00:25:03 2026 GMT Not After : Mar 28 02:21:03 2026 GMT Subject: CN=586A84AD9FCE9BB7B2580D191D4EE49C0254183C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:aa:38:d4:7c:2c:f0:9a:9a:2d:a8:bb:9f:d9: 7d:df:0c:a1:5e:08:e9:a5:ce:e7:37:92:7f:26:b0: 55:fa:32:fe:0e:8d:6d:f8:a2:ff:7a:92:94:3c:12: e9:4f:eb:bd:b0:8b:9c:5a:11:8d:f0:82:ca:94:43: a3:94:22:af:08:d0:ec:bb:ec:0b:b7:d8:2c:fd:c1: a9:91:81:e5:6d:4e:24:3b:1c:47:a1:6c:ac:da:8c: 8c:6d:df:1e:2f:32:b5:2e:78:da:26:dd:09:24:58: 81:97:b7:fd:2a:c9:63:50:af:b9:93:db:2e:43:af: 6a:e3:30:d1:33:b9:2c:db:45:30:1d:60:34:f6:5a: c6:5c:f4:b4:45:3a:49:14:09:0d:c0:dd:18:ae:f3: 05:bd:5c:90:48:f3:b7:d7:cd:b4:06:8d:2f:76:d5: d4:05:17:6f:1c:b2:24:32:da:ec:44:15:6a:5d:af: 85:55:3c:1d:e4:24:95:96:10:33:5c:d5:db:14:b7: 68:a4:86:f4:33:ff:53:97:e2:77:8b:36:4a:43:dc: 83:d2:8f:d9:a0:f6:c2:b3:f1:23:48:be:5e:14:d4: 43:2e:1e:ec:ad:f0:39:df:35:04:ae:e2:c9:bf:85: 7a:f8:52:2a:fa:19:ab:e7:3c:1a:ea:9e:b0:45:df: cf:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:6A:84:AD:9F:CE:9B:B7:B2:58:0D:19:1D:4E:E4:9C:02:54:18:3C X509v3 Authority Key Identifier: keyid:DE:43:25:72:7D:17:55:5F:6D:AB:CC:72:78:8E:36:1C:74:1D:47:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/DE4325727D17555F6DABCC72788E361C741D47CF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DE4325727D17555F6DABCC72788E361C741D47CF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/907608ce-c3f8-44eb-aee7-b784ae20c9c7/0/DE4325727D17555F6DABCC72788E361C741D47CF.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:dd:e6:19:52:32:4d:0d:9e:8b:23:7f:65:f5:f8:dd:9e:ad: bb:d5:dc:73:a0:aa:36:c6:a4:3e:d7:89:a0:40:ba:bc:fe:0a: 23:6b:15:7a:b5:33:8d:7f:31:8e:a6:89:10:b9:55:ae:9c:c5: 7f:ad:86:9c:dc:6e:c8:11:0f:5e:37:1c:c1:a9:3b:41:59:d7: b0:ad:6e:e5:1e:86:19:a1:cf:a7:b0:b1:91:44:b7:ba:0f:3c: d4:a9:18:aa:c4:61:af:9a:03:bd:67:91:5e:34:01:5b:4b:6a: 96:0e:8f:e4:ee:9c:ec:d9:1f:2c:6f:4c:28:8a:82:40:48:01: 86:13:e1:78:8d:9e:cb:9c:67:c2:49:29:0f:5a:bf:00:2c:89: 49:3f:26:06:7d:cc:72:70:b9:2f:6a:c3:62:db:d3:7d:68:91: 71:ec:28:47:f0:52:9a:4e:ec:b9:73:17:c7:89:fa:46:d9:66: b8:f9:4a:ce:70:b6:9a:0f:80:44:fd:8e:7c:64:4b:96:5c:8d: cd:6e:c0:ea:eb:d5:24:bc:ca:3c:bf:de:a9:02:54:7d:1b:f3: c5:1f:00:cf:ab:bc:0d:9b:7d:95:e7:ac:d2:2a:2b:b4:03:54: 92:a7:e1:cf:a5:8f:5e:36:98:6c:72:ba:98:41:f3:71:04:28: ba:9c:21:d7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUO6t0zNjQ18zSIARhGcqG2RkEMcUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREU0MzI1NzI3RDE3NTU1RjZEQUJDQzcyNzg4RTM2MUM3 NDFENDdDRjAeFw0yNjAzMjUwMDI1MDNaFw0yNjAzMjgwMjIxMDNaMDMxMTAvBgNV BAMTKDU4NkE4NEFEOUZDRTlCQjdCMjU4MEQxOTFENEVFNDlDMDI1NDE4M0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDqjjUfCzwmpotqLuf2X3fDKFe COmlzuc3kn8msFX6Mv4OjW34ov96kpQ8EulP672wi5xaEY3wgsqUQ6OUIq8I0Oy7 7Au32Cz9wamRgeVtTiQ7HEehbKzajIxt3x4vMrUueNom3QkkWIGXt/0qyWNQr7mT 2y5Dr2rjMNEzuSzbRTAdYDT2WsZc9LRFOkkUCQ3A3Riu8wW9XJBI87fXzbQGjS92 1dQFF28csiQy2uxEFWpdr4VVPB3kJJWWEDNc1dsUt2ikhvQz/1OX4neLNkpD3IPS j9mg9sKz8SNIvl4U1EMuHuyt8DnfNQSu4sm/hXr4Uir6GavnPBrqnrBF38/xAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUWGqErZ/Om7eyWA0ZHU7knAJUGDwwHwYDVR0j BBgwFoAU3kMlcn0XVV9tq8xyeI42HHQdR88wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 MDc2MDhjZS1jM2Y4LTQ0ZWItYWVlNy1iNzg0YWUyMGM5YzcvMC9ERTQzMjU3MjdE MTc1NTVGNkRBQkNDNzI3ODhFMzYxQzc0MUQ0N0NGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREU0MzI1NzI3RDE3NTU1RjZEQUJDQzcyNzg4RTM2MUM3NDFE NDdDRi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTA3NjA4Y2UtYzNmOC00NGViLWFl ZTctYjc4NGFlMjBjOWM3LzAvREU0MzI1NzI3RDE3NTU1RjZEQUJDQzcyNzg4RTM2 MUM3NDFENDdDRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAIjd5hlSMk0Nnosjf2X1+N2erbvV3HOgqjbG pD7XiaBAurz+CiNrFXq1M41/MY6miRC5Va6cxX+thpzcbsgRD143HMGpO0FZ17Ct buUehhmhz6ewsZFEt7oPPNSpGKrEYa+aA71nkV40AVtLapYOj+TunOzZHyxvTCiK gkBIAYYT4XiNnsucZ8JJKQ9avwAsiUk/JgZ9zHJwuS9qw2Lb031okXHsKEfwUppO 7LlzF8eJ+kbZZrj5Ss5wtpoPgET9jnxkS5Zcjc1uwOrr1SS8yjy/3qkCVH0b88Uf AM+rvA2bfZXnrNIqK7QDVJKn4c+lj142mGxyuphB83EEKLqcIdc= -----END CERTIFICATE-----Generated at Thu Mar 26 22:13:23 2026 by rpki-client