$ rpki-client -vvf repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft File: 20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft (raw, json) Hash identifier: hXbPg5k7lWt+ST9WhRi/ZjoCjHXVcbnUiVtn5B+vr5s= Subject key identifier: 8D:80:2F:30:01:80:34:65:F6:F3:D6:60:B5:1C:9E:39:3A:2B:1B:DA Authority key identifier: 20:A4:A2:CE:A0:09:88:40:AF:6A:1C:5B:F3:D8:4E:41:5D:7F:18:D5 Certificate issuer: /CN=20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5 Certificate serial: 7C8841B8EDEB7DDD19999E4F43285D52DDEABC22 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft Manifest number: FB Signing time: Wed 25 Mar 2026 08:30:01 +0000 Manifest this update: Wed 25 Mar 2026 08:25:01 +0000 Manifest next update: Sat 28 Mar 2026 15:12:01 +0000 Files and hashes: 1: 20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.crl (hash: Zi0e78KBlcWl6cCfzRSgmXAYx22r2/5RtA2n3A1hAUU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.crl rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 15:12:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:88:41:b8:ed:eb:7d:dd:19:99:9e:4f:43:28:5d:52:dd:ea:bc:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5 Validity Not Before: Mar 25 08:25:01 2026 GMT Not After : Mar 28 15:12:01 2026 GMT Subject: CN=8D802F3001803465F6F3D660B51C9E393A2B1BDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:45:bf:ba:59:ed:c9:59:25:87:3a:ff:a8:14: 1d:5c:81:99:ef:86:76:29:1c:9c:39:3e:aa:ea:2b: 6f:2f:f6:37:49:a2:8d:0a:d4:01:e1:d3:cf:34:23: 8f:d6:24:4d:0d:fa:d1:ba:d5:90:1f:3f:82:69:a2: d5:74:33:70:a3:88:e3:52:52:c9:93:14:ce:df:d5: 67:b8:e0:f0:d3:5c:c6:0b:99:3f:85:3f:57:e4:70: 46:49:15:bd:2d:53:b8:df:c4:a5:45:fa:bb:0a:b0: 58:60:85:4f:35:b9:be:4a:19:6d:12:d4:49:a8:02: 6c:67:06:c1:4e:42:c8:f0:4c:c1:7c:6b:ae:bb:75: 93:27:1b:fe:4e:d7:ad:ff:94:ed:59:5e:47:4e:58: b8:0a:65:73:d9:29:1f:95:6d:22:44:f1:68:22:f1: fa:d3:29:cb:c7:6e:95:69:7c:21:48:21:98:79:41: 2b:4f:a7:4d:81:c1:4c:ea:50:d2:25:77:0c:26:f5: db:3d:02:da:ce:6d:2c:4e:9a:51:39:5a:da:46:7b: 20:cf:38:aa:66:da:93:fd:8d:a6:c9:0b:f1:07:bc: a8:8c:67:3a:7b:51:53:62:04:d7:88:bc:f0:a7:a5: 26:68:e3:c7:9c:af:9f:cd:07:bc:54:f6:03:57:57: 43:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:80:2F:30:01:80:34:65:F6:F3:D6:60:B5:1C:9E:39:3A:2B:1B:DA X509v3 Authority Key Identifier: keyid:20:A4:A2:CE:A0:09:88:40:AF:6A:1C:5B:F3:D8:4E:41:5D:7F:18:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ac81e6ec-c87b-4fdb-a2fa-ecc470c41d53/0/20A4A2CEA0098840AF6A1C5BF3D84E415D7F18D5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:fe:2e:40:9d:a6:f3:84:8c:57:7f:b5:2e:9f:ce:c3:45:a5: 16:2c:e0:db:d9:17:57:aa:9d:6b:b3:a3:c8:78:6a:f9:53:41: 93:db:9b:1f:0a:28:46:3a:36:ba:68:1f:d9:57:84:ce:a0:15: 60:7c:5f:04:7b:be:64:86:da:df:c6:8a:91:3c:43:23:86:eb: 54:c5:2d:7b:ed:75:ba:66:3f:8b:8a:d4:19:43:89:e2:a7:98: 2a:5d:27:5f:63:c8:67:0e:88:56:f1:7e:dd:28:3b:f1:e2:f3: d1:35:1a:77:c7:cb:30:fe:97:f3:d7:84:c3:f1:de:c3:f2:2c: 77:09:f4:d9:17:40:06:c4:4e:0a:68:00:6b:36:43:09:db:b9: ab:38:80:48:0c:89:ac:4d:38:65:80:ed:4f:74:66:b2:06:6d: fe:73:9e:3c:f2:56:ec:9e:f6:58:87:4c:2e:23:39:43:f7:b1: 8b:38:66:45:c1:2f:d7:bb:aa:bb:ec:67:fc:12:f1:e1:ac:0e: 79:11:bd:d6:c7:7a:46:85:0e:98:aa:0a:d7:d5:ff:c1:ea:0d: bb:6c:35:66:87:28:30:3e:35:f9:c6:9c:0a:35:65:c1:7b:72: 84:23:56:4c:96:db:58:65:47:e7:1e:43:55:3f:08:f9:19:c5: 8a:33:16:63 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfIhBuO3rfd0ZmZ5PQyhdUt3qvCIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBBNEEyQ0VBMDA5ODg0MEFGNkExQzVCRjNEODRFNDE1 RDdGMThENTAeFw0yNjAzMjUwODI1MDFaFw0yNjAzMjgxNTEyMDFaMDMxMTAvBgNV BAMTKDhEODAyRjMwMDE4MDM0NjVGNkYzRDY2MEI1MUM5RTM5M0EyQjFCREEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Rb+6We3JWSWHOv+oFB1cgZnv hnYpHJw5PqrqK28v9jdJoo0K1AHh0880I4/WJE0N+tG61ZAfP4JpotV0M3CjiONS UsmTFM7f1We44PDTXMYLmT+FP1fkcEZJFb0tU7jfxKVF+rsKsFhghU81ub5KGW0S 1EmoAmxnBsFOQsjwTMF8a667dZMnG/5O163/lO1ZXkdOWLgKZXPZKR+VbSJE8Wgi 8frTKcvHbpVpfCFIIZh5QStPp02BwUzqUNIldwwm9ds9AtrObSxOmlE5WtpGeyDP OKpm2pP9jabJC/EHvKiMZzp7UVNiBNeIvPCnpSZo48ecr5/NB7xU9gNXV0NZAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUjYAvMAGANGX289ZgtRyeOTorG9owHwYDVR0j BBgwFoAUIKSizqAJiECvahxb89hOQV1/GNUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h YzgxZTZlYy1jODdiLTRmZGItYTJmYS1lY2M0NzBjNDFkNTMvMC8yMEE0QTJDRUEw MDk4ODQwQUY2QTFDNUJGM0Q4NEU0MTVEN0YxOEQ1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjBBNEEyQ0VBMDA5ODg0MEFGNkExQzVCRjNEODRFNDE1RDdG MThENS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYWM4MWU2ZWMtYzg3Yi00ZmRiLWEy ZmEtZWNjNDcwYzQxZDUzLzAvMjBBNEEyQ0VBMDA5ODg0MEFGNkExQzVCRjNEODRF NDE1RDdGMThENS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHP+LkCdpvOEjFd/tS6fzsNFpRYs4NvZF1eq nWuzo8h4avlTQZPbmx8KKEY6NrpoH9lXhM6gFWB8XwR7vmSG2t/GipE8QyOG61TF LXvtdbpmP4uK1BlDieKnmCpdJ19jyGcOiFbxft0oO/Hi89E1GnfHyzD+l/PXhMPx 3sPyLHcJ9NkXQAbETgpoAGs2Qwnbuas4gEgMiaxNOGWA7U90ZrIGbf5znjzyVuye 9liHTC4jOUP3sYs4ZkXBL9e7qrvsZ/wS8eGsDnkRvdbHekaFDpiqCtfV/8HqDbts NWaHKDA+NfnGnAo1ZcF7coQjVkyW21hlR+ceQ1U/CPkZxYozFmM= -----END CERTIFICATE-----Generated at Thu Mar 26 15:58:57 2026 by rpki-client