$ rpki-client -vvf repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft File: 67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft (raw, json) Hash identifier: 4/8nhxG6ZbqufqGtZ+FTN6B5ePrEVdasqiEgM/Qz5pk= Subject key identifier: CD:83:6F:25:C1:70:50:8B:E0:29:98:5D:BE:71:E8:12:98:67:7C:6F Authority key identifier: 67:A4:28:D3:DC:89:DD:EF:5B:E7:AC:43:FB:7C:88:17:5E:C3:87:1F Certificate issuer: /CN=67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F Certificate serial: 4686953E884A5F772C98E321016D79F21D814CE4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft Manifest number: 020F Signing time: Tue 24 Mar 2026 19:31:31 +0000 Manifest this update: Tue 24 Mar 2026 19:26:31 +0000 Manifest next update: Fri 27 Mar 2026 22:16:31 +0000 Files and hashes: 1: 3130332e35392e39342e302f32332d3234203d3e20313336303532.roa (hash: 8iEgHOEIqDfpr7gSt8jxyho1deCIzw83qW565uPVSgs=) 2: 67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.crl (hash: RQgac+eBsaxk+e9np7l/ZBy2myHDUp04r/U6dlVOWJs=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.crl rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 22:16:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:86:95:3e:88:4a:5f:77:2c:98:e3:21:01:6d:79:f2:1d:81:4c:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F Validity Not Before: Mar 24 19:26:31 2026 GMT Not After : Mar 27 22:16:31 2026 GMT Subject: CN=CD836F25C170508BE029985DBE71E81298677C6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:14:87:01:35:61:38:a3:1d:67:f3:14:d6:43: 55:d2:86:52:8a:99:17:e4:48:6c:b0:8b:93:f0:61: 0e:9d:40:7f:5b:5b:2f:fc:8f:ad:3f:d9:e0:cf:36: b8:d9:23:51:7b:eb:46:06:e5:11:83:bd:da:75:ec: d1:6f:86:18:4a:1a:cf:3b:a8:ef:1f:2d:a9:48:21: fc:23:f6:fc:4a:af:db:fe:e4:1f:cb:0c:8e:1f:9a: d1:75:eb:a3:35:fe:a0:23:de:d5:2c:36:fa:d1:43: 16:b8:56:04:24:0d:33:e5:4c:12:de:6d:02:f0:b2: 8a:1f:f0:27:82:da:40:ef:9b:74:27:f0:a8:6b:09: e3:09:c8:b4:25:d2:d8:53:e7:f4:03:07:26:ea:ca: 1a:d3:54:c2:96:50:7b:c6:3e:37:b1:00:ec:f3:ca: b9:7e:e7:5b:0d:50:a4:d3:19:47:0d:43:e3:f7:3a: 11:74:26:1b:54:c0:1f:1f:2e:fa:e3:34:ca:49:ac: bc:e4:f7:05:cf:22:77:50:25:77:8e:01:5b:2f:20: 37:71:37:8d:72:76:9a:ff:06:ac:de:34:c6:97:48: 0e:fd:af:71:82:ea:6f:07:c2:6a:00:97:55:e4:61: 2c:5d:8e:83:d6:f7:8f:5a:74:b5:d6:b7:8e:d8:98: 0c:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:83:6F:25:C1:70:50:8B:E0:29:98:5D:BE:71:E8:12:98:67:7C:6F X509v3 Authority Key Identifier: keyid:67:A4:28:D3:DC:89:DD:EF:5B:E7:AC:43:FB:7C:88:17:5E:C3:87:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a66a8f28-9a03-4376-b612-31f5ad1c1ed6/0/67A428D3DC89DDEF5BE7AC43FB7C88175EC3871F.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c0:55:de:87:70:20:49:94:ed:d5:ba:2e:9c:4c:8c:71:94:e1: f9:ad:58:38:8d:ca:4b:af:5e:48:91:bc:2d:89:ba:c7:ae:51: 39:a7:9d:be:40:10:86:38:16:84:46:c1:9d:4b:c0:02:a9:2e: 54:f1:d7:66:32:2f:e2:a2:5e:d2:72:d0:7f:fb:e2:0b:ff:bb: af:5d:e0:07:3d:fa:0c:54:3a:fb:c7:a5:6b:da:b1:2e:57:38: 62:7c:38:6c:c5:e9:c3:91:4a:45:01:3d:62:34:4f:9e:bb:da: 4e:a9:c6:f7:ed:4e:23:cd:81:ec:70:ed:b9:9a:3d:6b:68:e8: 77:df:09:cd:99:ea:72:1b:fc:80:99:5e:98:c7:3d:cd:e5:0e: 37:39:f7:fd:a8:9a:94:42:ef:aa:9b:fc:75:93:b8:d7:57:4b: 26:a1:4b:ca:39:cf:46:a0:69:9e:12:51:1f:b1:69:e9:8f:9d: 92:cb:d6:08:9b:12:1e:e4:58:b6:51:9b:9e:14:bc:5d:a3:d1: 98:d2:01:51:41:20:51:9e:61:19:90:cb:d9:4c:f1:e5:df:70: 1b:0b:d1:cd:0e:bf:5f:d0:56:bf:7e:89:87:e1:af:8b:1d:4b: 9f:24:4e:84:eb:60:82:6b:d7:b5:44:1b:93:46:84:ce:bf:55: c5:cb:84:96 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURoaVPohKX3csmOMhAW158h2BTOQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjdBNDI4RDNEQzg5RERFRjVCRTdBQzQzRkI3Qzg4MTc1 RUMzODcxRjAeFw0yNjAzMjQxOTI2MzFaFw0yNjAzMjcyMjE2MzFaMDMxMTAvBgNV BAMTKENEODM2RjI1QzE3MDUwOEJFMDI5OTg1REJFNzFFODEyOTg2NzdDNkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9FIcBNWE4ox1n8xTWQ1XShlKK mRfkSGywi5PwYQ6dQH9bWy/8j60/2eDPNrjZI1F760YG5RGDvdp17NFvhhhKGs87 qO8fLalIIfwj9vxKr9v+5B/LDI4fmtF166M1/qAj3tUsNvrRQxa4VgQkDTPlTBLe bQLwsoof8CeC2kDvm3Qn8KhrCeMJyLQl0thT5/QDBybqyhrTVMKWUHvGPjexAOzz yrl+51sNUKTTGUcNQ+P3OhF0JhtUwB8fLvrjNMpJrLzk9wXPIndQJXeOAVsvIDdx N41ydpr/BqzeNMaXSA79r3GC6m8HwmoAl1XkYSxdjoPW949adLXWt47YmAwVAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzYNvJcFwUIvgKZhdvnHoEphnfG8wHwYDVR0j BBgwFoAUZ6Qo09yJ3e9b56xD+3yIF17Dhx8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NjZhOGYyOC05YTAzLTQzNzYtYjYxMi0zMWY1YWQxYzFlZDYvMC82N0E0MjhEM0RD ODlEREVGNUJFN0FDNDNGQjdDODgxNzVFQzM4NzFGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjdBNDI4RDNEQzg5RERFRjVCRTdBQzQzRkI3Qzg4MTc1RUMz ODcxRi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTY2YThmMjgtOWEwMy00Mzc2LWI2 MTItMzFmNWFkMWMxZWQ2LzAvNjdBNDI4RDNEQzg5RERFRjVCRTdBQzQzRkI3Qzg4 MTc1RUMzODcxRi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAMBV3odwIEmU7dW6LpxMjHGU4fmtWDiNykuv XkiRvC2JuseuUTmnnb5AEIY4FoRGwZ1LwAKpLlTx12YyL+KiXtJy0H/74gv/u69d 4Ac9+gxUOvvHpWvasS5XOGJ8OGzF6cORSkUBPWI0T5672k6pxvftTiPNgexw7bma PWto6HffCc2Z6nIb/ICZXpjHPc3lDjc59/2ompRC76qb/HWTuNdXSyahS8o5z0ag aZ4SUR+xaemPnZLL1gibEh7kWLZRm54UvF2j0ZjSAVFBIFGeYRmQy9lM8eXfcBsL 0c0Ov1/QVr9+iYfhr4sdS58kToTrYIJr17VEG5NGhM6/VcXLhJY= -----END CERTIFICATE-----Generated at Thu Mar 26 10:54:44 2026 by rpki-client