$ rpki-client -vvf repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft File: AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft (raw, json) Hash identifier: Utd/CqZa0G6JE9l3KswGyQfFT3DeWmM7Df+qQhe+DUs= Subject key identifier: 75:07:D1:63:E0:37:CC:F7:21:15:4B:7A:FD:64:EB:7B:6D:5A:E2:5A Authority key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Certificate issuer: /CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Certificate serial: 731D12433E109B6D397F0C33A8EC44A917F0A09B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject info access: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft Manifest number: 0108 Signing time: Wed 25 Mar 2026 02:21:57 +0000 Manifest this update: Wed 25 Mar 2026 02:16:57 +0000 Manifest next update: Sat 28 Mar 2026 07:29:57 +0000 Files and hashes: 1: 3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa (hash: okMulqCwmQrHdU+kO0nYzAvF/vvi8wTCEKi+VdDT9lQ=) 2: AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl (hash: 7dmvLJRLFTyQpIZGP6Je5WxTcZT2o3ZwHSHaPCnEYfY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 07:29:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:1d:12:43:3e:10:9b:6d:39:7f:0c:33:a8:ec:44:a9:17:f0:a0:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Validity Not Before: Mar 25 02:16:57 2026 GMT Not After : Mar 28 07:29:57 2026 GMT Subject: CN=7507D163E037CCF721154B7AFD64EB7B6D5AE25A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:e5:0a:f1:46:e1:f2:dc:0f:6f:e7:e7:61:c5: 39:35:d0:c5:93:5b:c8:dd:9d:63:2d:44:ec:d2:bf: 18:58:63:28:97:63:a6:d7:23:18:e7:fd:65:db:14: 85:8c:b6:f3:0f:bc:bc:86:ba:c8:37:a2:84:51:29: 8c:3f:84:d6:08:ec:56:80:e7:ec:ac:cf:7d:66:7b: f1:a2:e9:76:06:3d:a1:78:67:10:d4:f3:8e:30:06: 21:3c:7c:4a:4e:07:5a:ae:8d:a0:3a:7f:27:1f:eb: 0c:a7:93:56:01:ae:a8:e1:1a:a4:8f:45:7b:9a:13: ca:d5:65:00:d1:00:05:84:00:53:78:33:36:9d:5f: 53:56:84:32:52:17:73:a8:49:0f:9f:5a:f8:0c:68: 9e:ea:a3:73:3f:e3:b0:ac:8d:80:c0:05:52:81:c3: 28:be:b0:77:36:d2:bb:c0:d1:b7:50:c5:7f:6a:c0: ab:d3:77:e9:30:15:23:3c:9e:26:6c:bd:ee:ec:57: 08:fa:92:a7:8e:e9:0e:8d:86:12:30:ef:8c:fe:31: 72:e4:bb:34:c5:d0:68:34:f8:f6:49:ea:1b:7c:7a: f6:32:b3:be:b6:df:0d:41:e7:9b:d9:ca:ed:43:99: ee:4b:25:4c:7c:14:fb:36:30:45:bb:4a:53:ca:02: 3c:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:07:D1:63:E0:37:CC:F7:21:15:4B:7A:FD:64:EB:7B:6D:5A:E2:5A X509v3 Authority Key Identifier: keyid:AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:8f:e3:60:79:33:d4:08:43:32:be:ad:ef:07:7d:f3:7a:49: 8f:03:14:fa:12:ff:68:bc:fe:49:5a:1d:b5:66:39:b1:22:88: 50:49:1e:6a:77:78:44:2c:ef:3f:ef:fc:42:1c:6f:fc:31:67: 8c:49:14:a8:0e:1a:41:f6:a5:d2:9d:81:6d:c1:3a:36:a9:db: 9f:b0:7a:e9:c8:76:0a:5e:09:32:bd:ab:06:7b:b9:ca:16:4c: 7d:b7:30:fb:26:09:05:af:2c:e1:fa:2f:81:88:08:48:9e:e1: a8:dd:0e:a8:56:e7:37:a6:d9:93:93:a1:fb:ae:cc:c7:6e:65: 60:72:1a:38:58:0b:08:83:31:69:18:05:28:3a:4a:1a:8f:8f: 2e:fb:7c:c7:75:f7:5a:47:ab:da:9d:01:27:af:b3:46:76:6d: 2f:c0:f9:b3:0e:6e:fa:ad:0c:72:4d:08:ec:56:bd:2a:1f:44: 04:c2:26:06:5f:6a:68:1e:3b:82:7c:ea:2a:19:54:5c:19:e3: c9:57:04:00:f0:c0:5e:9f:6f:b8:91:e8:40:8f:95:41:22:d2: 3d:31:75:5f:fb:d2:7f:0f:15:68:8c:52:4b:2b:ac:89:85:0c: e1:6e:56:1e:43:dd:6e:da:2f:5e:c9:36:68:52:17:eb:ce:0c: c3:7d:cf:0f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUcx0SQz4Qm205fwwzqOxEqRfwoJswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQw MkQ2QUYyMTAeFw0yNjAzMjUwMjE2NTdaFw0yNjAzMjgwNzI5NTdaMDMxMTAvBgNV BAMTKDc1MDdEMTYzRTAzN0NDRjcyMTE1NEI3QUZENjRFQjdCNkQ1QUUyNUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx5QrxRuHy3A9v5+dhxTk10MWT W8jdnWMtROzSvxhYYyiXY6bXIxjn/WXbFIWMtvMPvLyGusg3ooRRKYw/hNYI7FaA 5+ysz31me/Gi6XYGPaF4ZxDU844wBiE8fEpOB1qujaA6fycf6wynk1YBrqjhGqSP RXuaE8rVZQDRAAWEAFN4MzadX1NWhDJSF3OoSQ+fWvgMaJ7qo3M/47CsjYDABVKB wyi+sHc20rvA0bdQxX9qwKvTd+kwFSM8niZsve7sVwj6kqeO6Q6NhhIw74z+MXLk uzTF0Gg0+PZJ6ht8evYys7623w1B55vZyu1Dme5LJUx8FPs2MEW7SlPKAjxhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUdQfRY+A3zPchFUt6/WTre21a4lowHwYDVR0j BBgwFoAUqj1/UDyZwKtjDVTFKDg8NALWryEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMC9BQTNEN0Y1MDND OTlDMEFCNjMwRDU0QzUyODM4M0MzNDAyRDZBRjIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQwMkQ2 QUYyMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOTZjZDAzMjUtMzFhZi00ZmZlLThi ZWItZTc3OTk3ZTZjM2UxLzAvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODND MzQwMkQ2QUYyMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADiP42B5M9QIQzK+re8HffN6SY8DFPoS/2i8 /klaHbVmObEiiFBJHmp3eEQs7z/v/EIcb/wxZ4xJFKgOGkH2pdKdgW3BOjap25+w eunIdgpeCTK9qwZ7ucoWTH23MPsmCQWvLOH6L4GICEie4ajdDqhW5zem2ZOTofuu zMduZWByGjhYCwiDMWkYBSg6ShqPjy77fMd191pHq9qdASevs0Z2bS/A+bMObvqt DHJNCOxWvSofRATCJgZfamgeO4J86ioZVFwZ48lXBADwwF6fb7iR6ECPlUEi0j0x dV/70n8PFWiMUksrrImFDOFuVh5D3W7aL17JNmhSF+vODMN9zw8= -----END CERTIFICATE-----Generated at Thu Mar 26 15:16:00 2026 by rpki-client