$ rpki-client -vvf repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.mft File: 3308A0FBD29F359AD61CAA389208E1D74CC28164.mft (raw, json) Hash identifier: yRkVOZ1AUsRXHzekNyIVaipbN8weZ40gVbcBQucSgxU= Subject key identifier: 0C:2F:6D:54:34:07:CB:98:43:88:86:12:FA:0C:45:CA:ED:FE:02:37 Authority key identifier: 33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64 Certificate issuer: /CN=3308A0FBD29F359AD61CAA389208E1D74CC28164 Certificate serial: 3F9F2686D8F55CDFB78C24DD8C83A15F716C34E2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.mft Manifest number: 013F Signing time: Wed 25 Mar 2026 23:32:35 +0000 Manifest this update: Wed 25 Mar 2026 23:27:35 +0000 Manifest next update: Sun 29 Mar 2026 00:21:35 +0000 Files and hashes: 1: 3132312e3130312e3138362e302f32342d3234203d3e203338373835.roa (hash: /XDSaVsrSjwe2U97ABDcqea/xKaB2R3seZrfdL8XTtc=) 2: 3132312e3130312e3138342e302f32342d3234203d3e203338373835.roa (hash: t/PNdhAimXVY10CPtXNhPj7zhZ0aTYHgcrFrXGZksrU=) 3: 3132312e3130312e3138392e302f32342d3234203d3e203338373835.roa (hash: cAXi7QLRcU3xQealltM+krJDl+01MknkHHhrGkik9hw=) 4: 3132312e3130312e3138372e302f32342d3234203d3e203338373835.roa (hash: flxUwmIBm5LywlVGg9yH6C9JGyBpXiBZMWw156cr79I=) 5: 3132312e3130312e3138352e302f32342d3234203d3e203338373835.roa (hash: kADPVhjKR2TSlyiLPxQ0miUTvXZPeeWVGY0lXhCRU+w=) 6: 3132312e3130312e3139312e302f32342d3234203d3e203338373835.roa (hash: 6Ozj0bnQCOOfsbCl5pz0EmWWOULaKdCGv4cZ3l8WpRo=) 7: 3308A0FBD29F359AD61CAA389208E1D74CC28164.crl (hash: UqkV6uqPgdbfckzamsRAODrw30yoobXLq5qjgXs8DVg=) 8: 3132312e3130312e3138382e302f32342d3234203d3e203338373835.roa (hash: u43zTi9Bk1sJznU4k2t//pSN767UMyRsnCd0m+J61t0=) 9: 3132312e3130312e3139302e302f32342d3234203d3e203338373835.roa (hash: 1R2O/r6j/Z2JIvpI1gj24JgeK9sd0xzW94a+KDUM1Bk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 00:21:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:9f:26:86:d8:f5:5c:df:b7:8c:24:dd:8c:83:a1:5f:71:6c:34:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3308A0FBD29F359AD61CAA389208E1D74CC28164 Validity Not Before: Mar 25 23:27:35 2026 GMT Not After : Mar 29 00:21:35 2026 GMT Subject: CN=0C2F6D543407CB9843888612FA0C45CAEDFE0237 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:29:ea:1c:d2:01:d1:c3:cf:a8:14:73:4c:82: 6e:64:7d:c1:f2:75:36:a1:85:3a:70:5c:55:7a:5a: 84:21:59:ce:54:55:f4:a7:51:ec:b0:c1:0b:a4:01: d2:cb:2d:3a:79:2a:de:ff:79:67:7e:34:42:32:11: 38:0b:b9:c6:51:10:bd:67:df:57:83:2c:a1:74:e5: bc:06:07:b9:2a:27:48:77:7e:23:df:45:a9:f8:a5: 06:04:b1:97:7c:20:0b:8c:a9:2d:31:04:2b:94:12: b0:94:80:a3:87:0c:fe:f2:14:ce:1d:f2:4a:02:55: 10:0a:09:e9:8f:64:0b:a4:35:33:3a:7b:6d:73:8b: 56:7f:31:f2:97:84:b7:86:e5:46:9f:8a:a2:83:74: 8c:8c:96:0a:6d:6b:9e:95:e8:c0:54:a3:c4:58:20: 47:2c:51:60:9f:63:81:71:6f:10:32:7a:0d:48:c0: 97:44:02:05:a7:96:c3:6d:8e:bd:bb:7c:05:5b:d2: a3:7b:1a:c3:de:1e:04:48:51:2a:53:d8:6f:73:dc: 9a:d5:e8:c8:95:1a:38:01:f6:1c:bf:6b:15:4b:e4: d7:dc:8e:5e:c3:39:46:7b:81:16:64:db:49:a5:2f: 08:0e:92:14:d7:da:4e:e8:bc:e4:17:90:74:30:a1: ba:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:2F:6D:54:34:07:CB:98:43:88:86:12:FA:0C:45:CA:ED:FE:02:37 X509v3 Authority Key Identifier: keyid:33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c3:53:cf:78:24:2d:28:19:46:46:72:d6:a5:6b:59:79:32:b0: 96:a5:1f:77:e9:96:c3:e3:b8:ee:02:7a:5d:98:36:de:c4:a6: 3b:13:6b:24:7e:c2:3b:07:57:ee:3c:c7:53:31:5c:07:df:82: ec:a8:04:be:44:5f:9f:cc:90:a2:91:08:4e:4c:94:97:66:c1: 46:ec:7e:7a:87:93:9c:34:c2:52:95:d2:e0:0e:ac:68:4f:a7: 00:8a:23:19:fc:45:f6:6f:fa:21:4a:cd:b5:10:13:d6:db:50: 94:a4:66:46:b5:b3:e7:f2:e2:62:8e:9a:3e:0a:27:ae:1a:d4: 78:01:0e:9d:5a:ba:f6:3d:fd:d1:bd:30:b7:2b:c4:c3:0f:89: 98:6f:e9:3a:eb:4d:cb:35:ff:ba:42:42:58:8a:9f:c6:f4:01: 66:fe:66:ae:c9:35:35:7c:59:30:79:46:57:4d:28:11:c7:ea: 1b:2d:97:2f:de:76:44:0a:7d:48:b0:e4:db:da:40:fe:37:00: ee:0c:ae:c8:01:76:4f:9f:30:e0:2f:56:9b:32:4a:d6:be:14: 7c:15:d7:f4:cb:b1:e4:6f:93:e8:40:84:54:8b:76:c4:c9:36: 6c:2e:47:70:46:c0:77:8f:02:9f:b0:ff:93:cb:9e:d6:2f:a4: 73:e3:01:dc -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUP58mhtj1XN+3jCTdjIOhX3FsNOIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0 Q0MyODE2NDAeFw0yNjAzMjUyMzI3MzVaFw0yNjAzMjkwMDIxMzVaMDMxMTAvBgNV BAMTKDBDMkY2RDU0MzQwN0NCOTg0Mzg4ODYxMkZBMEM0NUNBRURGRTAyMzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFKeoc0gHRw8+oFHNMgm5kfcHy dTahhTpwXFV6WoQhWc5UVfSnUeywwQukAdLLLTp5Kt7/eWd+NEIyETgLucZREL1n 31eDLKF05bwGB7kqJ0h3fiPfRan4pQYEsZd8IAuMqS0xBCuUErCUgKOHDP7yFM4d 8koCVRAKCemPZAukNTM6e21zi1Z/MfKXhLeG5UafiqKDdIyMlgpta56V6MBUo8RY IEcsUWCfY4FxbxAyeg1IwJdEAgWnlsNtjr27fAVb0qN7GsPeHgRIUSpT2G9z3JrV 6MiVGjgB9hy/axVL5Nfcjl7DOUZ7gRZk20mlLwgOkhTX2k7ovOQXkHQwobo/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUDC9tVDQHy5hDiIYS+gxFyu3+AjcwHwYDVR0j BBgwFoAUMwig+9KfNZrWHKo4kgjh10zCgWQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NTcyZGZiZS00Y2EwLTRhNDYtODAzNy00OTY4ZWQ5N2NhZGMvMC8zMzA4QTBGQkQy OUYzNTlBRDYxQ0FBMzg5MjA4RTFENzRDQzI4MTY0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0Q0My ODE2NC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTU3MmRmYmUtNGNhMC00YTQ2LTgw MzctNDk2OGVkOTdjYWRjLzAvMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUx RDc0Q0MyODE2NC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMNTz3gkLSgZRkZy1qVrWXkysJalH3fplsPj uO4Cel2YNt7EpjsTayR+wjsHV+48x1MxXAffguyoBL5EX5/MkKKRCE5MlJdmwUbs fnqHk5w0wlKV0uAOrGhPpwCKIxn8RfZv+iFKzbUQE9bbUJSkZka1s+fy4mKOmj4K J64a1HgBDp1auvY9/dG9MLcrxMMPiZhv6TrrTcs1/7pCQliKn8b0AWb+Zq7JNTV8 WTB5RldNKBHH6hstly/edkQKfUiw5NvaQP43AO4MrsgBdk+fMOAvVpsySta+FHwV 1/TLseRvk+hAhFSLdsTJNmwuR3BGwHePAp+w/5PLntYvpHPjAdw= -----END CERTIFICATE-----Generated at Thu Mar 26 18:07:22 2026 by rpki-client