$ rpki-client -vvf repo-rpki.idnic.net/repo/908ab157-d827-49a8-bb86-28be131c3d26/0/8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36.mft File: 8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36.mft (raw, json) Hash identifier: tp2qgon2VlHWJCv42Nu+cEivYqUFb9UPRZKBMcAZF4E= Subject key identifier: 37:9C:04:CA:4F:D0:8C:85:50:9C:4E:19:D6:AE:48:D7:9E:53:48:14 Authority key identifier: 8E:20:59:B2:D2:44:85:85:D1:1E:D2:B0:14:3F:EF:C0:E9:B2:DA:36 Certificate issuer: /CN=8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36 Certificate serial: 204179B51FF685D6105C23442BDA3329088AD973 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36.cer Subject info access: rsync://repo-rpki.idnic.net/repo/908ab157-d827-49a8-bb86-28be131c3d26/0/8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36.mft Manifest number: 0102 Signing time: Wed 25 Mar 2026 10:10:54 +0000 Manifest this update: Wed 25 Mar 2026 10:05:54 +0000 Manifest next update: Sat 28 Mar 2026 10:11:54 +0000 Files and hashes: 1: 8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36.crl (hash: HGiTAXhUvXITDbHQiIsmuDSBRqrJWKoIewdTDO44kQ4=) 2: 3136302e32322e3235312e302f32342d3234203d3e20313430343536.roa (hash: 9NuukBIDDZ7f6DuKuIwjkGDhtnMzcPyVVkUYuDF3dPM=) 3: 3136302e32322e3235302e302f32332d3233203d3e20313430343536.roa (hash: NLnyyxEhnshl8M0vZmmh6y422VBLzdBQzG682UNLOQc=) 4: 3136302e32322e3235302e302f32342d3234203d3e20313430343536.roa (hash: OJeztSNPa6Ny2Jrl9pv1yxSSkQT/t6rbcjh/ieoX/VA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/908ab157-d827-49a8-bb86-28be131c3d26/0/8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36.crl rsync://repo-rpki.idnic.net/repo/908ab157-d827-49a8-bb86-28be131c3d26/0/8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 10:11:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:41:79:b5:1f:f6:85:d6:10:5c:23:44:2b:da:33:29:08:8a:d9:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36 Validity Not Before: Mar 25 10:05:54 2026 GMT Not After : Mar 28 10:11:54 2026 GMT Subject: CN=379C04CA4FD08C85509C4E19D6AE48D79E534814 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:1e:00:14:e2:05:42:66:ad:c2:d7:d9:12:2a: 8f:72:e6:95:b1:88:38:6c:69:7e:88:37:7b:4c:24: a7:76:c4:8f:1f:5a:40:53:cf:97:83:0e:c8:4a:b7: 6d:92:c2:c0:21:7d:d3:4e:39:90:9d:32:1b:fe:21: f2:66:3a:f5:ff:25:ac:e8:78:96:aa:c0:48:08:66: 98:df:92:85:2d:e0:d1:42:ab:85:14:e2:11:10:97: ef:c0:49:50:3d:a1:09:b6:3a:ec:11:d2:d2:22:cc: bb:0c:88:b4:32:e0:6e:87:23:3f:13:85:3a:60:67: f8:d0:28:28:5c:9f:ad:ef:06:93:69:39:27:a8:0f: 3c:c1:2f:f5:34:66:c1:c6:79:3d:1c:da:12:c8:10: 4a:a0:8e:dc:55:ac:9d:20:1e:f6:ca:57:8c:54:3e: f1:3d:99:ae:90:e2:84:af:a3:37:b5:22:ee:59:e1: 5e:5f:0e:5e:94:a4:f2:29:95:34:27:5e:f7:61:da: 78:f7:29:3f:9f:4f:6f:fd:df:d4:a6:3f:aa:02:07: 75:1d:25:c4:d9:a5:2d:73:07:b1:9b:10:17:6d:d7: 42:60:3a:99:14:21:08:4f:c6:ab:df:44:a2:c1:03: bd:6e:84:7a:47:80:7b:bb:4b:64:88:10:a5:56:f5: e5:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:9C:04:CA:4F:D0:8C:85:50:9C:4E:19:D6:AE:48:D7:9E:53:48:14 X509v3 Authority Key Identifier: keyid:8E:20:59:B2:D2:44:85:85:D1:1E:D2:B0:14:3F:EF:C0:E9:B2:DA:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/908ab157-d827-49a8-bb86-28be131c3d26/0/8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/908ab157-d827-49a8-bb86-28be131c3d26/0/8E2059B2D2448585D11ED2B0143FEFC0E9B2DA36.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:9b:b3:eb:4f:c6:88:47:b8:a1:83:f3:6a:a3:0e:d7:99:e9: 85:f4:64:6d:da:0f:41:a0:42:b8:bd:4f:1c:43:e2:0c:e3:c1: 4e:d1:e4:87:9a:c0:76:88:34:f6:d8:29:7e:83:77:65:da:78: 98:37:bd:a2:6c:30:78:d0:e5:ab:2f:61:04:91:5c:44:c2:00: 1e:b2:e8:f8:6a:cd:b6:35:8a:0a:5a:5c:2a:67:5d:89:8e:ea: 35:cb:ff:0d:fb:b6:02:32:52:04:b7:75:fc:10:95:5a:4a:40: c8:d7:b4:72:b9:3a:fe:5e:ba:ad:cf:dd:a1:be:73:55:4f:0a: 20:05:aa:9c:a8:5d:75:b6:58:dc:1c:17:ef:6b:cc:9e:47:91: ba:14:be:cd:c7:c0:bb:f1:2a:70:0b:bc:16:86:e5:c4:4f:21: 7e:a7:4a:d5:bb:78:32:fd:37:c6:46:9d:71:ad:ab:42:a7:e3: bf:b2:e8:12:cb:2a:85:a8:e9:72:40:9c:66:9a:10:02:73:ca: b4:fb:26:1c:e9:d9:da:a8:1e:b2:23:e0:b2:e4:4d:10:e3:45: b8:4a:a6:73:a0:e2:cd:6a:e5:c3:8c:56:39:39:0e:26:29:d0: 9e:be:59:ef:b8:3b:2c:70:21:85:d3:77:a8:37:97:b1:46:2e: 7d:b2:2a:b9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUIEF5tR/2hdYQXCNEK9ozKQiK2XMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEUyMDU5QjJEMjQ0ODU4NUQxMUVEMkIwMTQzRkVGQzBF OUIyREEzNjAeFw0yNjAzMjUxMDA1NTRaFw0yNjAzMjgxMDExNTRaMDMxMTAvBgNV BAMTKDM3OUMwNENBNEZEMDhDODU1MDlDNEUxOUQ2QUU0OEQ3OUU1MzQ4MTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8HgAU4gVCZq3C19kSKo9y5pWx iDhsaX6IN3tMJKd2xI8fWkBTz5eDDshKt22SwsAhfdNOOZCdMhv+IfJmOvX/Jazo eJaqwEgIZpjfkoUt4NFCq4UU4hEQl+/ASVA9oQm2OuwR0tIizLsMiLQy4G6HIz8T hTpgZ/jQKChcn63vBpNpOSeoDzzBL/U0ZsHGeT0c2hLIEEqgjtxVrJ0gHvbKV4xU PvE9ma6Q4oSvoze1Iu5Z4V5fDl6UpPIplTQnXvdh2nj3KT+fT2/939SmP6oCB3Ud JcTZpS1zB7GbEBdt10JgOpkUIQhPxqvfRKLBA71uhHpHgHu7S2SIEKVW9eV7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUN5wEyk/QjIVQnE4Z1q5I155TSBQwHwYDVR0j BBgwFoAUjiBZstJEhYXRHtKwFD/vwOmy2jYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 MDhhYjE1Ny1kODI3LTQ5YTgtYmI4Ni0yOGJlMTMxYzNkMjYvMC84RTIwNTlCMkQy NDQ4NTg1RDExRUQyQjAxNDNGRUZDMEU5QjJEQTM2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvOEUyMDU5QjJEMjQ0ODU4NUQxMUVEMkIwMTQzRkVGQzBFOUIy REEzNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTA4YWIxNTctZDgyNy00OWE4LWJi ODYtMjhiZTEzMWMzZDI2LzAvOEUyMDU5QjJEMjQ0ODU4NUQxMUVEMkIwMTQzRkVG QzBFOUIyREEzNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHebs+tPxohHuKGD82qjDteZ6YX0ZG3aD0Gg Qri9TxxD4gzjwU7R5IeawHaINPbYKX6Dd2XaeJg3vaJsMHjQ5asvYQSRXETCAB6y 6PhqzbY1igpaXCpnXYmO6jXL/w37tgIyUgS3dfwQlVpKQMjXtHK5Ov5euq3P3aG+ c1VPCiAFqpyoXXW2WNwcF+9rzJ5HkboUvs3HwLvxKnALvBaG5cRPIX6nStW7eDL9 N8ZGnXGtq0Kn47+y6BLLKoWo6XJAnGaaEAJzyrT7Jhzp2dqoHrIj4LLkTRDjRbhK pnOg4s1q5cOMVjk5DiYp0J6+We+4OyxwIYXTd6g3l7FGLn2yKrk= -----END CERTIFICATE-----Generated at Thu Mar 26 13:54:29 2026 by rpki-client