$ rpki-client -vvf repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft File: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft (raw, json) Hash identifier: YWWqgQ7MoP28QFgPJSIt9Cq6pztthgS562ekENMxGNI= Subject key identifier: 6C:D3:FE:63:3F:35:CC:A2:C9:CC:28:5D:E4:70:3E:70:07:0D:5C:A5 Authority key identifier: 40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A Certificate issuer: /CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Certificate serial: 0FF29AAB70E2B7F1237765506F3D42E0AD7FA33D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft Manifest number: 0243 Signing time: Tue 24 Mar 2026 19:02:07 +0000 Manifest this update: Tue 24 Mar 2026 18:57:07 +0000 Manifest next update: Sat 28 Mar 2026 04:14:07 +0000 Files and hashes: 1: 40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl (hash: HBH8srNINfFjWdmyv/rk/A7D7f2/oNV6B7CzMAZfFPc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 04:14:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:f2:9a:ab:70:e2:b7:f1:23:77:65:50:6f:3d:42:e0:ad:7f:a3:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40B28402A891E6B34EB9A2F6AF76CB17DA9B003A Validity Not Before: Mar 24 18:57:07 2026 GMT Not After : Mar 28 04:14:07 2026 GMT Subject: CN=6CD3FE633F35CCA2C9CC285DE4703E70070D5CA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:b5:e5:49:a8:23:20:eb:f9:2d:a4:5e:dd:b0: f7:1f:52:92:9f:90:46:d3:85:8a:a9:e9:aa:8b:15: 84:ac:d5:ce:0c:e6:43:23:3f:fa:ca:b5:de:ba:e1: f5:b6:35:5c:9d:9c:0a:a0:c6:bc:9d:cf:33:b6:9b: 6b:df:0e:80:75:d8:90:77:b3:a4:76:d0:92:af:52: 00:fa:3a:1b:fc:9c:61:ed:e9:ad:b7:39:d9:cc:a9: 17:0f:71:4f:bf:07:90:08:2e:56:59:38:48:2f:6f: 6f:13:97:04:17:25:d5:77:2d:bd:0b:bb:20:ae:24: 4b:f5:24:0d:04:c2:05:55:7b:e7:56:31:b4:90:5a: 97:ee:6f:c3:44:5f:fe:b2:6c:2c:ea:7d:85:a5:c6: 1a:25:25:07:34:8f:21:9d:d7:c4:62:d9:f2:18:0d: 91:68:77:05:83:9e:a5:15:f8:42:96:24:1d:b2:36: 0f:9a:f3:52:eb:a4:bf:a6:74:1d:62:46:7f:40:67: b3:7a:d1:32:e3:43:e1:40:9a:9d:59:1f:0f:49:75: f1:ae:12:6b:1e:02:c5:d4:6d:4d:c7:3b:33:56:13: 6d:0a:71:72:74:1c:60:3d:70:a5:e7:34:8f:c8:06: 05:c2:b9:e1:e3:89:15:5b:e9:56:76:48:58:8e:e9: 62:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:D3:FE:63:3F:35:CC:A2:C9:CC:28:5D:E4:70:3E:70:07:0D:5C:A5 X509v3 Authority Key Identifier: keyid:40:B2:84:02:A8:91:E6:B3:4E:B9:A2:F6:AF:76:CB:17:DA:9B:00:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a72bb871-018d-4d21-9913-fc946c38794f/0/40B28402A891E6B34EB9A2F6AF76CB17DA9B003A.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:53:20:33:82:3e:73:7d:df:b9:6e:78:b9:da:aa:5f:af:15: 54:10:02:0d:23:99:fe:28:00:cb:6f:ae:3a:87:07:37:50:20: 8e:b9:e2:4b:04:27:a3:5e:e6:69:4e:79:72:91:12:ba:86:a6: 7b:e1:73:b6:c7:60:4a:ab:35:6c:af:75:3d:4c:59:11:1f:18: 28:c6:5e:44:1c:e0:62:ce:d6:81:a7:bc:d6:2b:35:0a:ba:2b: 19:48:58:a3:6c:1e:71:10:b7:4d:dd:63:44:c4:25:a1:be:6f: 32:24:fe:5f:f0:56:3a:19:8b:e8:d0:16:cc:63:76:bb:cb:e0: 51:8f:f0:58:58:f3:73:a9:8d:36:be:67:03:de:bd:16:cd:7b: 19:77:ae:fd:71:f5:2d:63:13:30:1a:a7:e7:57:48:f3:ff:e9: 30:92:e5:19:a1:26:e1:aa:a6:9c:c9:64:e9:94:b5:34:a6:42: ec:71:d6:b2:ab:b6:6e:24:51:73:cf:81:c9:29:49:15:3e:2e: d2:2f:25:8e:c2:96:70:12:6d:05:e3:2d:2b:ba:67:c5:ed:bb: 02:29:30:3d:3d:ba:9d:32:24:fc:82:50:14:20:6c:35:e6:bb: 87:fa:15:cc:29:39:66:3a:a3:87:b1:aa:bc:19:17:5b:46:a1: 55:a6:6f:2a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUD/Kaq3Dit/Ejd2VQbz1C4K1/oz0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdE QTlCMDAzQTAeFw0yNjAzMjQxODU3MDdaFw0yNjAzMjgwNDE0MDdaMDMxMTAvBgNV BAMTKDZDRDNGRTYzM0YzNUNDQTJDOUNDMjg1REU0NzAzRTcwMDcwRDVDQTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZteVJqCMg6/ktpF7dsPcfUpKf kEbThYqp6aqLFYSs1c4M5kMjP/rKtd664fW2NVydnAqgxrydzzO2m2vfDoB12JB3 s6R20JKvUgD6Ohv8nGHt6a23OdnMqRcPcU+/B5AILlZZOEgvb28TlwQXJdV3Lb0L uyCuJEv1JA0EwgVVe+dWMbSQWpfub8NEX/6ybCzqfYWlxholJQc0jyGd18Ri2fIY DZFodwWDnqUV+EKWJB2yNg+a81LrpL+mdB1iRn9AZ7N60TLjQ+FAmp1ZHw9JdfGu EmseAsXUbU3HOzNWE20KcXJ0HGA9cKXnNI/IBgXCueHjiRVb6VZ2SFiO6WIdAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUbNP+Yz81zKLJzChd5HA+cAcNXKUwHwYDVR0j BBgwFoAUQLKEAqiR5rNOuaL2r3bLF9qbADowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzJiYjg3MS0wMThkLTRkMjEtOTkxMy1mYzk0NmMzODc5NGYvMC80MEIyODQwMkE4 OTFFNkIzNEVCOUEyRjZBRjc2Q0IxN0RBOUIwMDNBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNCMTdEQTlC MDAzQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYTcyYmI4NzEtMDE4ZC00ZDIxLTk5 MTMtZmM5NDZjMzg3OTRmLzAvNDBCMjg0MDJBODkxRTZCMzRFQjlBMkY2QUY3NkNC MTdEQTlCMDAzQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHxTIDOCPnN937lueLnaql+vFVQQAg0jmf4o AMtvrjqHBzdQII654ksEJ6Ne5mlOeXKRErqGpnvhc7bHYEqrNWyvdT1MWREfGCjG XkQc4GLO1oGnvNYrNQq6KxlIWKNsHnEQt03dY0TEJaG+bzIk/l/wVjoZi+jQFsxj drvL4FGP8FhY83OpjTa+ZwPevRbNexl3rv1x9S1jEzAap+dXSPP/6TCS5RmhJuGq ppzJZOmUtTSmQuxx1rKrtm4kUXPPgckpSRU+LtIvJY7ClnASbQXjLSu6Z8XtuwIp MD09up0yJPyCUBQgbDXmu4f6FcwpOWY6o4exqrwZF1tGoVWmbyo= -----END CERTIFICATE-----Generated at Fri Mar 27 00:53:26 2026 by rpki-client