$ rpki-client -vvf repo-rpki.idnic.net/repo/94e1ac7c-904d-493f-ba5e-5e0837dcbd29/0/86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E.mft File: 86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E.mft (raw, json) Hash identifier: m+leXnQwZCQc7MfsT8g/UjzL9bOktaUDS7s7KmzZQrA= Subject key identifier: D9:6A:9D:5C:FD:9A:56:66:8F:CF:99:23:C3:E0:00:12:AC:BD:92:CB Authority key identifier: 86:E6:79:5A:CA:B9:9C:F2:9C:E7:C7:E1:0D:7F:CC:E7:E2:FF:26:3E Certificate issuer: /CN=86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E Certificate serial: 2CD7B9AA2B47004BA4ABC2AE251A443F89A202B4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E.cer Subject info access: rsync://repo-rpki.idnic.net/repo/94e1ac7c-904d-493f-ba5e-5e0837dcbd29/0/86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E.mft Manifest number: 028A Signing time: Thu 26 Mar 2026 00:32:05 +0000 Manifest this update: Thu 26 Mar 2026 00:27:05 +0000 Manifest next update: Sun 29 Mar 2026 12:16:05 +0000 Files and hashes: 1: 3130332e3138362e39332e302f32342d3234203d3e20313439363937.roa (hash: XXX3H+Kx4KtZFlR+1yxyZNf6/aQm/kvRNmPkGrt0bBU=) 2: 3130332e3138362e39322e302f32342d3234203d3e20313439363937.roa (hash: S2I1Rsjv579X48PlNdNNUlZ5cCuw34WCjOICWZBzNII=) 3: 86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E.crl (hash: KOqr1WKciYm1hKp/RejjIJdmy+RN64kikVFIQPSASDE=) 4: 3130332e3138362e39322e302f32332d3234203d3e20313439363937.roa (hash: yvcS+4k20Y8iRZaWxf96+9kxISErdYY6WtdAGoUwpMc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/94e1ac7c-904d-493f-ba5e-5e0837dcbd29/0/86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E.crl rsync://repo-rpki.idnic.net/repo/94e1ac7c-904d-493f-ba5e-5e0837dcbd29/0/86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 12:16:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:d7:b9:aa:2b:47:00:4b:a4:ab:c2:ae:25:1a:44:3f:89:a2:02:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E Validity Not Before: Mar 26 00:27:05 2026 GMT Not After : Mar 29 12:16:05 2026 GMT Subject: CN=D96A9D5CFD9A56668FCF9923C3E00012ACBD92CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:d7:fe:df:e0:69:45:ce:66:b7:d2:be:47:32: 19:c5:37:43:49:3b:94:f7:84:bc:8c:87:02:5e:9f: 74:9e:7a:03:e5:59:39:80:aa:3d:f6:3b:73:53:2b: 63:d0:69:0e:2e:16:dc:fb:ad:de:8f:9f:3e:4e:16: 96:de:a1:7a:d2:80:0b:25:7f:2c:8d:bf:0f:47:f3: f2:21:5d:d6:08:c1:84:c2:1a:0b:17:cd:7c:e7:92: f8:a3:c9:9d:1c:79:a6:b7:14:d6:6d:3f:81:03:58: 72:1d:61:32:c3:9d:b1:a0:4f:a7:b5:e3:f0:30:41: ee:51:d7:02:6d:1c:c6:92:f2:d1:d2:09:ef:1d:0e: 66:7e:30:83:35:07:ee:b9:ca:23:59:93:22:6b:4d: 3a:d9:62:37:e9:4e:06:0a:e3:7b:72:18:04:79:54: b0:f5:83:bf:06:e3:cc:61:a3:0d:7d:f9:28:60:53: 5a:2a:18:10:e0:99:85:07:83:4c:d4:a7:7b:73:c9: 45:85:be:c2:25:a0:1b:10:b5:16:fb:a5:ec:98:76: 8a:54:8b:b4:14:17:cc:8c:1b:4c:9a:a5:b2:a8:de: de:c8:b5:bf:94:58:36:8e:2f:e6:91:b0:43:78:61: dc:b9:7e:e8:c9:d8:e7:18:97:46:48:66:02:1b:e0: 78:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:6A:9D:5C:FD:9A:56:66:8F:CF:99:23:C3:E0:00:12:AC:BD:92:CB X509v3 Authority Key Identifier: keyid:86:E6:79:5A:CA:B9:9C:F2:9C:E7:C7:E1:0D:7F:CC:E7:E2:FF:26:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/94e1ac7c-904d-493f-ba5e-5e0837dcbd29/0/86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/94e1ac7c-904d-493f-ba5e-5e0837dcbd29/0/86E6795ACAB99CF29CE7C7E10D7FCCE7E2FF263E.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:a7:32:9b:79:e9:87:a1:b1:24:54:b8:2c:a1:ae:ee:e5:56: 91:94:58:9d:ce:4f:d6:f0:c9:d2:08:aa:48:42:d1:b1:4d:af: 5d:6f:40:8b:77:65:db:c1:c9:0a:4c:8e:fa:13:5d:50:91:e8: dc:23:5f:3c:db:d3:80:b9:30:90:6b:db:55:33:89:8d:08:87: 77:bb:9e:48:dd:81:27:e0:f3:40:d3:0f:cf:bf:c2:a2:15:a2: bb:ea:4a:25:6f:a5:a4:ae:0e:76:1b:4a:5a:b3:ae:05:bf:91: 14:84:2c:d5:0e:ac:04:be:57:df:0e:a9:2e:ee:4b:9d:65:96: 71:f9:01:b3:97:f8:46:15:76:e2:b5:1b:14:85:75:ac:1f:75: 3d:6a:88:0c:6b:a6:de:cb:bf:9d:ea:8b:74:7e:db:52:72:9e: 39:79:0b:2a:90:b2:4d:48:c4:81:4a:9e:a2:06:ac:fc:20:71: 4c:7f:03:fe:fe:88:8f:12:eb:15:cc:1e:9c:ce:63:11:7c:7d: ec:2a:d6:fa:49:79:dc:c7:41:39:a1:e7:5a:ac:2e:68:44:d4: 68:e0:f7:1f:92:94:ca:f3:cb:c6:5e:74:98:ae:59:ff:5d:63: b4:0b:3c:e8:62:19:af:9c:39:cb:d9:fd:d3:b3:61:6b:df:e0: 85:bc:70:c3 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULNe5qitHAEukq8KuJRpEP4miArQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODZFNjc5NUFDQUI5OUNGMjlDRTdDN0UxMEQ3RkNDRTdF MkZGMjYzRTAeFw0yNjAzMjYwMDI3MDVaFw0yNjAzMjkxMjE2MDVaMDMxMTAvBgNV BAMTKEQ5NkE5RDVDRkQ5QTU2NjY4RkNGOTkyM0MzRTAwMDEyQUNCRDkyQ0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf1/7f4GlFzma30r5HMhnFN0NJ O5T3hLyMhwJen3SeegPlWTmAqj32O3NTK2PQaQ4uFtz7rd6Pnz5OFpbeoXrSgAsl fyyNvw9H8/IhXdYIwYTCGgsXzXznkvijyZ0ceaa3FNZtP4EDWHIdYTLDnbGgT6e1 4/AwQe5R1wJtHMaS8tHSCe8dDmZ+MIM1B+65yiNZkyJrTTrZYjfpTgYK43tyGAR5 VLD1g78G48xhow19+ShgU1oqGBDgmYUHg0zUp3tzyUWFvsIloBsQtRb7peyYdopU i7QUF8yMG0yapbKo3t7Itb+UWDaOL+aRsEN4Ydy5fujJ2OcYl0ZIZgIb4HjRAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU2WqdXP2aVmaPz5kjw+AAEqy9ksswHwYDVR0j BBgwFoAUhuZ5Wsq5nPKc58fhDX/M5+L/Jj4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NGUxYWM3Yy05MDRkLTQ5M2YtYmE1ZS01ZTA4MzdkY2JkMjkvMC84NkU2Nzk1QUNB Qjk5Q0YyOUNFN0M3RTEwRDdGQ0NFN0UyRkYyNjNFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODZFNjc5NUFDQUI5OUNGMjlDRTdDN0UxMEQ3RkNDRTdFMkZG MjYzRS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTRlMWFjN2MtOTA0ZC00OTNmLWJh NWUtNWUwODM3ZGNiZDI5LzAvODZFNjc5NUFDQUI5OUNGMjlDRTdDN0UxMEQ3RkND RTdFMkZGMjYzRS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAK2nMpt56YehsSRUuCyhru7lVpGUWJ3OT9bw ydIIqkhC0bFNr11vQIt3ZdvByQpMjvoTXVCR6NwjXzzb04C5MJBr21UziY0Ih3e7 nkjdgSfg80DTD8+/wqIVorvqSiVvpaSuDnYbSlqzrgW/kRSELNUOrAS+V98OqS7u S51llnH5AbOX+EYVduK1GxSFdawfdT1qiAxrpt7Lv53qi3R+21Jynjl5CyqQsk1I xIFKnqIGrPwgcUx/A/7+iI8S6xXMHpzOYxF8fewq1vpJedzHQTmh51qsLmhE1Gjg 9x+SlMrzy8ZedJiuWf9dY7QLPOhiGa+cOcvZ/dOzYWvf4IW8cMM= -----END CERTIFICATE-----Generated at Thu Mar 26 10:14:24 2026 by rpki-client