$ rpki-client -vvf repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft File: 0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft (raw, json) Hash identifier: UDYHeMGyJLflbt3SK1xWbcUnJ8z6dZFQMs/LalTj5a4= Subject key identifier: 5F:82:DC:0F:9C:E2:B0:9B:7B:F8:F0:F0:17:CF:61:F7:EA:4D:11:EC Authority key identifier: 0C:E1:E1:11:46:E2:51:D0:CD:52:BD:83:7A:1A:0A:CD:B7:E0:BA:0C Certificate issuer: /CN=0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C Certificate serial: 2DC710A2AE029AF7A4EC7816B0ED607DA47E11CE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft Manifest number: 0190 Signing time: Wed 25 Mar 2026 05:13:08 +0000 Manifest this update: Wed 25 Mar 2026 05:08:08 +0000 Manifest next update: Sat 28 Mar 2026 09:04:08 +0000 Files and hashes: 1: 323030313a6466303a663963303a3a2f34382d3438203d3e20313439393037.roa (hash: dQqh/UiHoQw/70mJd+ZId7SvE382IQVHD0RnWmbxwtI=) 2: 3130332e3139302e3131322e302f32342d3234203d3e20313439393037.roa (hash: RiJQOn+iteWsGaHDQ7CJgxTOw5x3cmMgsW4Cbj99H/E=) 3: 0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.crl (hash: p+N8DCdBp5bzinJaxJh+BX3gwh5RgFcbF0iGm/oDOJQ=) 4: 3130332e3139302e3131332e302f32342d3234203d3e20313439393037.roa (hash: 3qwvc0M9032XGDH7vraV4T7cy4QhAdHQHEpVds7HICk=) 5: 3130332e3139302e3131322e302f32332d3234203d3e20313439393037.roa (hash: ki0hIXEeGo8cU77Xr7lKfx7zoFMhB4mSH2tdcqcaUcQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.crl rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 09:04:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:c7:10:a2:ae:02:9a:f7:a4:ec:78:16:b0:ed:60:7d:a4:7e:11:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C Validity Not Before: Mar 25 05:08:08 2026 GMT Not After : Mar 28 09:04:08 2026 GMT Subject: CN=5F82DC0F9CE2B09B7BF8F0F017CF61F7EA4D11EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:17:7b:82:d7:12:b6:bb:73:a0:8c:64:06:69: 56:5f:6c:c5:8e:5b:82:2a:a2:21:a7:5b:87:c5:97: 54:0c:40:5c:55:b8:2e:78:a4:09:61:3a:b9:bd:e7: b1:63:3c:a8:2c:41:5b:b8:ae:c7:90:43:f0:da:44: 40:ec:0d:b8:f6:90:de:df:1d:92:28:de:fe:65:d4: 7a:7b:dd:ba:06:0e:bc:32:23:63:7a:33:d4:5b:6d: 43:2d:e0:5b:f5:45:8a:94:d8:43:bb:28:c6:7d:67: 03:98:ee:6b:ac:91:6e:5e:90:17:99:3f:a3:11:8c: 28:47:88:cb:3d:a8:90:79:44:84:26:6b:9f:75:07: 23:2b:b4:ae:02:d1:28:07:da:2d:ed:ac:3b:b2:92: 88:b9:6a:cb:46:03:cd:9a:7a:a9:3d:11:38:27:2a: 65:46:10:75:12:d7:44:03:cd:a4:a0:3b:df:17:18: 9c:94:7c:89:ce:30:9c:30:bf:e2:a3:47:62:ec:e2: 32:44:16:ba:40:80:fc:b6:44:f7:8a:84:d2:a4:af: be:a5:84:4e:2e:6d:e2:c5:fe:3d:e5:bb:5f:93:68: 71:92:97:9d:1c:61:26:59:e6:d6:eb:70:4d:46:2b: ab:ad:05:a5:39:a4:5f:49:05:94:6b:02:e7:38:d1: 08:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:82:DC:0F:9C:E2:B0:9B:7B:F8:F0:F0:17:CF:61:F7:EA:4D:11:EC X509v3 Authority Key Identifier: keyid:0C:E1:E1:11:46:E2:51:D0:CD:52:BD:83:7A:1A:0A:CD:B7:E0:BA:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b0516a7a-4195-44b3-a24e-cf8ed578d791/0/0CE1E11146E251D0CD52BD837A1A0ACDB7E0BA0C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:cf:5d:ba:aa:88:7d:cc:65:e0:2b:4d:50:3c:84:b9:e0:ee: d2:8f:b5:50:3d:46:59:96:df:6a:6d:b6:03:dc:75:75:42:ea: 77:20:d7:aa:bb:db:7a:d9:ee:b3:8c:63:c7:cf:ce:8e:8a:82: 47:d2:87:f9:3a:c6:83:23:40:4a:2a:b4:62:4d:2c:c4:cc:05: 77:87:f4:e6:16:4d:17:dc:17:fe:71:33:10:95:65:01:73:c0: ec:8a:07:e5:89:15:da:6a:dc:a3:18:2f:4c:d0:37:5e:d5:20: 50:a1:86:6b:a4:16:e4:11:a6:72:8f:fe:ca:f9:de:c9:ed:a2: d1:52:53:04:ea:20:b7:5d:95:1e:12:ea:db:d9:41:28:e7:65: 68:37:3e:eb:42:22:ef:5b:db:54:cc:3c:1b:e4:18:f4:57:5e: 99:ef:02:39:3f:ad:59:23:4d:e7:5e:a6:1e:26:82:50:1d:33: 7a:8e:53:3a:b7:7b:3f:6f:36:33:1b:21:e1:7d:f1:69:2e:4c: 1d:3b:dd:48:c3:74:36:17:de:97:64:41:26:13:96:80:7c:c0: d8:0f:1f:f1:6d:23:26:6a:88:f4:9f:be:20:b8:f3:66:7e:b9: e6:52:9e:4d:57:40:ef:8c:c0:45:f6:d0:56:2a:e4:ef:4d:a3: e4:ae:08:d8 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIULccQoq4Cmvek7HgWsO1gfaR+Ec4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMENFMUUxMTE0NkUyNTFEMENENTJCRDgzN0ExQTBBQ0RC N0UwQkEwQzAeFw0yNjAzMjUwNTA4MDhaFw0yNjAzMjgwOTA0MDhaMDMxMTAvBgNV BAMTKDVGODJEQzBGOUNFMkIwOUI3QkY4RjBGMDE3Q0Y2MUY3RUE0RDExRUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAF3uC1xK2u3OgjGQGaVZfbMWO W4IqoiGnW4fFl1QMQFxVuC54pAlhOrm957FjPKgsQVu4rseQQ/DaREDsDbj2kN7f HZIo3v5l1Hp73boGDrwyI2N6M9RbbUMt4Fv1RYqU2EO7KMZ9ZwOY7muskW5ekBeZ P6MRjChHiMs9qJB5RIQma591ByMrtK4C0SgH2i3trDuykoi5astGA82aeqk9ETgn KmVGEHUS10QDzaSgO98XGJyUfInOMJwwv+KjR2Ls4jJEFrpAgPy2RPeKhNKkr76l hE4ubeLF/j3lu1+TaHGSl50cYSZZ5tbrcE1GK6utBaU5pF9JBZRrAuc40QgPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUX4LcD5zisJt7+PDwF89h9+pNEewwHwYDVR0j BBgwFoAUDOHhEUbiUdDNUr2DehoKzbfgugwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MDUxNmE3YS00MTk1LTQ0YjMtYTI0ZS1jZjhlZDU3OGQ3OTEvMC8wQ0UxRTExMTQ2 RTI1MUQwQ0Q1MkJEODM3QTFBMEFDREI3RTBCQTBDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMENFMUUxMTE0NkUyNTFEMENENTJCRDgzN0ExQTBBQ0RCN0Uw QkEwQy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjA1MTZhN2EtNDE5NS00NGIzLWEy NGUtY2Y4ZWQ1NzhkNzkxLzAvMENFMUUxMTE0NkUyNTFEMENENTJCRDgzN0ExQTBB Q0RCN0UwQkEwQy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABHPXbqqiH3MZeArTVA8hLng7tKPtVA9RlmW 32pttgPcdXVC6ncg16q723rZ7rOMY8fPzo6KgkfSh/k6xoMjQEoqtGJNLMTMBXeH 9OYWTRfcF/5xMxCVZQFzwOyKB+WJFdpq3KMYL0zQN17VIFChhmukFuQRpnKP/sr5 3sntotFSUwTqILddlR4S6tvZQSjnZWg3PutCIu9b21TMPBvkGPRXXpnvAjk/rVkj Tedeph4mglAdM3qOUzq3ez9vNjMbIeF98WkuTB073UjDdDYX3pdkQSYTloB8wNgP H/FtIyZqiPSfviC482Z+ueZSnk1XQO+MwEX20FYq5O9No+SuCNg= -----END CERTIFICATE-----Generated at Thu Mar 26 15:21:04 2026 by rpki-client