$ rpki-client -vvf repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft File: B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft (raw, json) Hash identifier: nqFu9l6Jz5slhiMbzC8pSy916UYQkm6V0e/i46HRlK0= Subject key identifier: 6F:67:8F:D5:18:C3:6A:FC:0F:4D:3F:71:6C:AA:24:9E:BC:31:06:FF Authority key identifier: B5:E9:7B:71:FA:FA:24:FF:8F:A2:B1:A3:35:58:D8:0A:98:25:4D:B2 Certificate issuer: /CN=B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2 Certificate serial: 360F12149868A72B2897CE58E0F6CB206004B633 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft Manifest number: 0253 Signing time: Tue 24 Mar 2026 10:12:21 +0000 Manifest this update: Tue 24 Mar 2026 10:07:21 +0000 Manifest next update: Fri 27 Mar 2026 16:56:21 +0000 Files and hashes: 1: 3130332e3138382e3235332e302f32342d3234203d3e20313439373337.roa (hash: Sj/j171l33JI7ePr4g2BFw5WUoQjNjQFEAH4ivYj0QM=) 2: 3130332e3138382e3235322e302f32332d3233203d3e20313439373337.roa (hash: jokIBMvTnzkYHW/XHAeX7hxaG3x1GkvBjnS33CW0bpg=) 3: B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl (hash: sVHipNrIJ6+oMMeMBSmgzLYHH6pYxp6Ksty3ceTIUjM=) 4: 3130332e3138382e3235322e302f32342d3234203d3e20313439373337.roa (hash: Ecgrbu6B3OibUjb6EMgW5BudmheK1y9j1Ehe3erMDBM=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 16:56:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:0f:12:14:98:68:a7:2b:28:97:ce:58:e0:f6:cb:20:60:04:b6:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2 Validity Not Before: Mar 24 10:07:21 2026 GMT Not After : Mar 27 16:56:21 2026 GMT Subject: CN=6F678FD518C36AFC0F4D3F716CAA249EBC3106FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:3e:0b:e3:2f:49:97:e4:21:68:4b:80:f7:e4: aa:78:13:59:3b:3b:45:50:a3:9a:3a:2d:d3:c3:f5: fe:60:1b:55:12:40:2f:72:46:9c:03:54:d7:74:d4: 5e:51:f7:93:5a:b1:c7:57:4a:9d:0c:03:ac:24:57: a0:ce:14:d2:5a:98:68:3c:dd:46:3f:86:80:4b:b3: 15:b8:84:4a:70:72:09:d1:1c:b8:26:87:a8:2b:e1: 6a:43:c8:55:e1:9c:a2:7f:9f:2a:77:75:f8:bd:bc: 3a:8b:c9:1c:ea:3f:38:7c:b0:05:db:c2:4d:03:8b: 83:82:a1:2b:5f:9c:03:fb:9e:8a:f4:b2:12:16:1f: 85:7e:93:89:1c:04:86:d8:79:de:bd:31:ec:bd:f1: 02:23:a7:99:30:b1:fe:b3:f8:b8:06:66:f2:ba:f2: 0e:d5:e8:ce:b0:0f:7b:a5:8f:be:4f:e7:14:44:99: f4:cc:64:02:86:50:5f:9f:9b:10:ea:0b:84:00:a7: 4f:0c:6a:3b:c3:13:55:67:e5:f5:2d:f0:e7:1d:da: ff:94:3e:cf:37:06:bd:2b:2a:58:46:fb:ba:09:63: 43:4e:51:33:32:f4:8a:a0:8b:48:8d:34:71:04:a8: 31:f8:69:48:36:d7:65:4d:73:59:34:13:05:cc:06: 74:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:67:8F:D5:18:C3:6A:FC:0F:4D:3F:71:6C:AA:24:9E:BC:31:06:FF X509v3 Authority Key Identifier: keyid:B5:E9:7B:71:FA:FA:24:FF:8F:A2:B1:A3:35:58:D8:0A:98:25:4D:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9aed098b-49b1-4f53-b75a-273e11c25149/0/B5E97B71FAFA24FF8FA2B1A33558D80A98254DB2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:98:21:22:0b:fa:ee:9f:16:ca:50:46:0b:52:c0:8a:12:89: b4:e8:ff:1a:9c:60:13:05:4b:e4:8d:fa:32:58:28:ff:8d:03: c3:dc:f7:70:83:69:32:cf:65:8c:f1:86:ad:5d:2a:b1:eb:aa: cb:40:0e:95:4e:1c:b6:a8:bb:d3:39:83:53:7e:1e:a7:6c:a6: a8:2f:c8:7f:78:bc:09:2d:cc:ae:e7:24:ac:53:a0:c1:f6:69: 6b:4f:96:21:72:9e:c3:cb:ec:71:67:84:b0:b0:04:e3:3c:33: bb:bf:de:e1:9f:61:7b:d5:9f:c7:bb:68:05:42:47:d6:d5:e5: 4a:5a:31:0c:61:29:63:93:1d:70:93:0c:05:70:e1:e4:1e:d9: 20:1d:7a:f6:9f:c8:9d:c6:11:b1:93:2a:55:50:56:e6:7e:5c: 32:3d:b9:16:5d:7f:d5:2b:e7:a5:e7:2e:56:39:db:db:19:ed: d5:d9:35:d6:77:36:7b:e0:57:64:01:bd:c1:9e:76:ea:27:10: 65:b5:78:84:80:1f:d9:22:8b:e7:eb:e4:3f:47:c4:02:d9:3e: 81:d9:ab:af:c5:62:fd:cc:2b:0d:6c:f9:a4:f3:76:53:a5:30: 30:25:2f:16:64:28:42:f0:08:2a:6c:aa:7b:6a:c3:b0:9a:d4: f2:6e:86:46 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNg8SFJhopysol85Y4PbLIGAEtjMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4MEE5 ODI1NERCMjAeFw0yNjAzMjQxMDA3MjFaFw0yNjAzMjcxNjU2MjFaMDMxMTAvBgNV BAMTKDZGNjc4RkQ1MThDMzZBRkMwRjREM0Y3MTZDQUEyNDlFQkMzMTA2RkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRPgvjL0mX5CFoS4D35Kp4E1k7 O0VQo5o6LdPD9f5gG1USQC9yRpwDVNd01F5R95NascdXSp0MA6wkV6DOFNJamGg8 3UY/hoBLsxW4hEpwcgnRHLgmh6gr4WpDyFXhnKJ/nyp3dfi9vDqLyRzqPzh8sAXb wk0Di4OCoStfnAP7nor0shIWH4V+k4kcBIbYed69Mey98QIjp5kwsf6z+LgGZvK6 8g7V6M6wD3ulj75P5xREmfTMZAKGUF+fmxDqC4QAp08MajvDE1Vn5fUt8Ocd2v+U Ps83Br0rKlhG+7oJY0NOUTMy9Iqgi0iNNHEEqDH4aUg212VNc1k0EwXMBnSBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUb2eP1RjDavwPTT9xbKoknrwxBv8wHwYDVR0j BBgwFoAUtel7cfr6JP+PorGjNVjYCpglTbIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 YWVkMDk4Yi00OWIxLTRmNTMtYjc1YS0yNzNlMTFjMjUxNDkvMC9CNUU5N0I3MUZB RkEyNEZGOEZBMkIxQTMzNTU4RDgwQTk4MjU0REIyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4MEE5ODI1 NERCMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOWFlZDA5OGItNDliMS00ZjUzLWI3 NWEtMjczZTExYzI1MTQ5LzAvQjVFOTdCNzFGQUZBMjRGRjhGQTJCMUEzMzU1OEQ4 MEE5ODI1NERCMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABCYISIL+u6fFspQRgtSwIoSibTo/xqcYBMF S+SN+jJYKP+NA8Pc93CDaTLPZYzxhq1dKrHrqstADpVOHLaou9M5g1N+Hqdspqgv yH94vAktzK7nJKxToMH2aWtPliFynsPL7HFnhLCwBOM8M7u/3uGfYXvVn8e7aAVC R9bV5UpaMQxhKWOTHXCTDAVw4eQe2SAdevafyJ3GEbGTKlVQVuZ+XDI9uRZdf9Ur 56XnLlY529sZ7dXZNdZ3NnvgV2QBvcGeduonEGW1eISAH9kii+fr5D9HxALZPoHZ q6/FYv3MKw1s+aTzdlOlMDAlLxZkKELwCCpsqntqw7Ca1PJuhkY= -----END CERTIFICATE-----Generated at Thu Mar 26 09:21:32 2026 by rpki-client