$ rpki-client -vvf repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft File: 0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft (raw, json) Hash identifier: zEMgPkhWa80F4PBC08g9h6/kewsWlzjXGXwYjcAbRvA= Subject key identifier: 91:EB:3E:5E:00:67:08:91:46:85:B1:A4:DF:2D:25:62:8C:A2:4B:E8 Authority key identifier: 0A:FD:8F:6B:02:40:5F:4D:E9:A9:46:84:0C:C5:AE:2E:6A:C8:E4:0C Certificate issuer: /CN=0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C Certificate serial: 514AF082C2F0B919B9E9FAA4878A88178A3B5063 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft Manifest number: 04BA Signing time: Wed 25 Mar 2026 19:50:03 +0000 Manifest this update: Wed 25 Mar 2026 19:45:03 +0000 Manifest next update: Sat 28 Mar 2026 21:10:03 +0000 Files and hashes: 1: 0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl (hash: VKQgpjHS6lgBMfoj0Sqgzdo0nbDd1Rg1dwAxJi3ol/0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 21:10:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:4a:f0:82:c2:f0:b9:19:b9:e9:fa:a4:87:8a:88:17:8a:3b:50:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C Validity Not Before: Mar 25 19:45:03 2026 GMT Not After : Mar 28 21:10:03 2026 GMT Subject: CN=91EB3E5E006708914685B1A4DF2D25628CA24BE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:08:9f:ca:d2:dc:f4:76:85:d7:f4:89:17:af: 26:42:74:4a:7c:d0:86:a9:e8:6f:5c:37:2d:80:49: a8:00:ee:51:26:01:3f:22:1b:8c:65:9d:81:6a:63: 63:f5:e6:e2:08:f3:8d:f0:fe:0c:f7:89:df:20:48: e8:c2:b1:a7:60:c9:11:7d:eb:02:44:0a:0d:dc:8c: f9:29:d7:d3:81:0b:c7:29:1c:3b:ed:44:8b:b4:c0: 50:3f:47:ea:c1:8e:a8:93:de:e2:bb:b0:5b:ad:96: 65:1c:4a:48:86:8e:7c:45:42:51:f3:b1:2a:c7:a6: 03:ff:6b:d8:ed:fc:32:73:c6:8c:93:69:4b:68:f2: 18:c4:9f:31:f9:57:15:f7:58:e7:4f:be:b0:05:f6: 66:c6:dc:08:36:f9:a9:b2:0f:84:35:d3:5f:91:ae: 3d:aa:7f:02:4e:c0:00:6f:19:ff:09:80:20:87:90: e2:10:03:3b:c4:82:c8:04:06:b8:6f:bb:3d:68:c4: d8:01:7a:45:07:9b:65:08:50:59:17:78:25:d5:5d: 5e:46:8d:e3:2f:f3:73:e6:de:b9:92:92:07:92:c9: e4:2e:c1:10:80:41:75:5b:36:41:84:9a:0d:6f:21: 92:72:fe:1b:cc:99:8a:81:f1:c6:39:f0:e0:33:95: c9:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:EB:3E:5E:00:67:08:91:46:85:B1:A4:DF:2D:25:62:8C:A2:4B:E8 X509v3 Authority Key Identifier: keyid:0A:FD:8F:6B:02:40:5F:4D:E9:A9:46:84:0C:C5:AE:2E:6A:C8:E4:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/947c6ecb-0bae-45c3-aada-43a6a171c046/0/0AFD8F6B02405F4DE9A946840CC5AE2E6AC8E40C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:5c:ad:fa:7c:cc:c3:13:ee:26:f6:37:88:3e:f6:95:04:41: 10:64:c6:0c:dc:ac:48:fe:9a:c9:5b:54:02:95:17:39:c5:71: 9c:c9:f3:6f:67:e7:bd:89:4e:4a:aa:b9:e5:1c:13:7d:e3:a5: 99:eb:8b:a9:4d:35:26:9f:5b:4e:7b:6d:57:27:ec:5d:74:46: 38:ae:22:4e:86:4f:80:e3:65:58:f4:f1:8a:39:19:0f:09:bd: 12:08:3b:b9:e0:4f:f7:ef:9a:9b:14:ed:0a:5e:43:0a:7a:d6: 8f:fe:75:df:79:51:6a:ae:17:72:51:1a:8b:7b:da:f8:81:f6: a5:26:79:60:c5:a4:e7:d9:c6:a1:42:68:83:32:07:a7:f5:44: 03:2c:f6:4d:5d:c3:25:5f:20:42:65:a5:42:29:9a:4f:76:a3: 43:76:77:c1:d8:3f:fa:be:36:28:e6:a7:2c:74:0f:21:57:8d: 43:c7:b0:eb:0d:7c:4e:fa:39:13:bd:d4:3f:53:96:f6:4f:0a: 4e:a2:f0:3e:0d:64:16:1c:de:49:ab:df:be:4d:08:5d:5b:09: 0b:70:d1:f3:a4:11:02:67:57:76:a2:20:ef:99:60:d7:60:8c: b2:9e:72:5c:b9:d8:77:a1:13:07:1d:18:57:82:55:06:75:fb: 73:20:dd:2c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUUUrwgsLwuRm56fqkh4qIF4o7UGMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFFMkU2 QUM4RTQwQzAeFw0yNjAzMjUxOTQ1MDNaFw0yNjAzMjgyMTEwMDNaMDMxMTAvBgNV BAMTKDkxRUIzRTVFMDA2NzA4OTE0Njg1QjFBNERGMkQyNTYyOENBMjRCRTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6CJ/K0tz0doXX9IkXryZCdEp8 0Iap6G9cNy2ASagA7lEmAT8iG4xlnYFqY2P15uII843w/gz3id8gSOjCsadgyRF9 6wJECg3cjPkp19OBC8cpHDvtRIu0wFA/R+rBjqiT3uK7sFutlmUcSkiGjnxFQlHz sSrHpgP/a9jt/DJzxoyTaUto8hjEnzH5VxX3WOdPvrAF9mbG3Ag2+amyD4Q101+R rj2qfwJOwABvGf8JgCCHkOIQAzvEgsgEBrhvuz1oxNgBekUHm2UIUFkXeCXVXV5G jeMv83Pm3rmSkgeSyeQuwRCAQXVbNkGEmg1vIZJy/hvMmYqB8cY58OAzlckbAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUkes+XgBnCJFGhbGk3y0lYoyiS+gwHwYDVR0j BBgwFoAUCv2PawJAX03pqUaEDMWuLmrI5AwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NDdjNmVjYi0wYmFlLTQ1YzMtYWFkYS00M2E2YTE3MWMwNDYvMC8wQUZEOEY2QjAy NDA1RjRERTlBOTQ2ODQwQ0M1QUUyRTZBQzhFNDBDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFFMkU2QUM4 RTQwQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTQ3YzZlY2ItMGJhZS00NWMzLWFh ZGEtNDNhNmExNzFjMDQ2LzAvMEFGRDhGNkIwMjQwNUY0REU5QTk0Njg0MENDNUFF MkU2QUM4RTQwQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKRcrfp8zMMT7ib2N4g+9pUEQRBkxgzcrEj+ mslbVAKVFznFcZzJ829n572JTkqqueUcE33jpZnri6lNNSafW057bVcn7F10Rjiu Ik6GT4DjZVj08Yo5GQ8JvRIIO7ngT/fvmpsU7QpeQwp61o/+dd95UWquF3JRGot7 2viB9qUmeWDFpOfZxqFCaIMyB6f1RAMs9k1dwyVfIEJlpUIpmk92o0N2d8HYP/q+ Nijmpyx0DyFXjUPHsOsNfE76ORO91D9TlvZPCk6i8D4NZBYc3kmr375NCF1bCQtw 0fOkEQJnV3aiIO+ZYNdgjLKecly52HehEwcdGFeCVQZ1+3Mg3Sw= -----END CERTIFICATE-----Generated at Thu Mar 26 13:30:57 2026 by rpki-client