$ rpki-client -vvf repo-rpki.idnic.net/repo/b3370d24-a656-4336-842b-9bd5dca2b40a/0/A2F125E1CDB95BA2AF5636AF284A399496555F38.mft File: A2F125E1CDB95BA2AF5636AF284A399496555F38.mft (raw, json) Hash identifier: /dPoIjUAQVUSJPRmAmjbqwy98i53Cn8bN+G+RxBflCY= Subject key identifier: 94:10:64:98:CC:3A:81:9D:9C:3E:7D:A5:99:65:F5:0D:8B:B3:0D:7C Authority key identifier: A2:F1:25:E1:CD:B9:5B:A2:AF:56:36:AF:28:4A:39:94:96:55:5F:38 Certificate issuer: /CN=A2F125E1CDB95BA2AF5636AF284A399496555F38 Certificate serial: 17F6C87089E136FA402E207B0D9C798941361428 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A2F125E1CDB95BA2AF5636AF284A399496555F38.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b3370d24-a656-4336-842b-9bd5dca2b40a/0/A2F125E1CDB95BA2AF5636AF284A399496555F38.mft Manifest number: 024D Signing time: Thu 26 Mar 2026 07:32:12 +0000 Manifest this update: Thu 26 Mar 2026 07:27:12 +0000 Manifest next update: Sun 29 Mar 2026 18:29:12 +0000 Files and hashes: 1: 3130332e3139312e3231382e302f32332d3234203d3e20313439393330.roa (hash: eU4CsIBkCNHWwkLGYk1dQXK+PlYTeSPnN5JLGBDdwoE=) 2: 3130332e3139312e3231382e302f32342d3234203d3e20313439393330.roa (hash: GYOdgB5E6zAfN6csGwKvCQu8t1dBnuZsHYI8ZcYsOXc=) 3: 3130332e3139312e3231392e302f32342d3234203d3e20313439393330.roa (hash: wMwayzIPwqMBIP88IOsXTpqmzpX3PVf3WfVEJ/JlX8M=) 4: A2F125E1CDB95BA2AF5636AF284A399496555F38.crl (hash: xDlNZYaw2HuhgDwLejkeO+7/lE5+nDC1x/KThi1CeSo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b3370d24-a656-4336-842b-9bd5dca2b40a/0/A2F125E1CDB95BA2AF5636AF284A399496555F38.crl rsync://repo-rpki.idnic.net/repo/b3370d24-a656-4336-842b-9bd5dca2b40a/0/A2F125E1CDB95BA2AF5636AF284A399496555F38.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A2F125E1CDB95BA2AF5636AF284A399496555F38.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 16:25:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:f6:c8:70:89:e1:36:fa:40:2e:20:7b:0d:9c:79:89:41:36:14:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A2F125E1CDB95BA2AF5636AF284A399496555F38 Validity Not Before: Mar 26 07:27:12 2026 GMT Not After : Mar 29 18:29:12 2026 GMT Subject: CN=94106498CC3A819D9C3E7DA59965F50D8BB30D7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:a5:68:5f:17:da:4b:9b:35:29:a1:2b:0a:f2: b6:bc:6e:c1:e1:76:69:fa:3f:b6:82:34:19:44:8a: 86:72:89:08:01:9c:a3:3f:f4:33:3a:2b:de:db:2e: 45:8a:d7:6f:a4:21:68:d8:68:5f:09:7c:7f:3e:29: 01:cc:61:66:3f:d8:99:26:42:f6:03:4a:2a:11:14: 01:ba:32:c5:14:33:02:49:f9:d9:9b:4c:aa:d3:86: 5f:ad:d7:e9:34:97:41:3e:eb:a2:fb:e5:d3:48:97: d0:63:52:31:04:6b:d1:ac:11:7b:bd:67:de:fc:1a: 39:f2:a9:78:09:2d:18:1b:a9:9f:45:7c:dd:06:93: e4:73:25:c2:3c:62:b1:95:40:99:72:3c:1b:e4:a0: 4d:0a:66:ca:03:5d:1a:ed:e9:f3:a1:fe:24:78:99: c6:04:5c:8b:71:e5:46:bf:0d:59:da:28:04:08:6b: 08:38:b8:9f:0c:bb:86:2c:62:58:08:d8:eb:3a:3f: 8e:ef:0a:10:fa:e5:55:1a:b8:0b:45:c8:4e:c5:39: fd:e0:03:62:4f:0e:6e:31:aa:27:dd:f2:b5:ba:2f: fb:29:75:c4:95:22:43:0b:6d:5b:3f:f4:0a:45:93: 49:e3:fb:0d:15:8c:db:d6:c1:54:bf:12:98:b6:fe: 62:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:10:64:98:CC:3A:81:9D:9C:3E:7D:A5:99:65:F5:0D:8B:B3:0D:7C X509v3 Authority Key Identifier: keyid:A2:F1:25:E1:CD:B9:5B:A2:AF:56:36:AF:28:4A:39:94:96:55:5F:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b3370d24-a656-4336-842b-9bd5dca2b40a/0/A2F125E1CDB95BA2AF5636AF284A399496555F38.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A2F125E1CDB95BA2AF5636AF284A399496555F38.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b3370d24-a656-4336-842b-9bd5dca2b40a/0/A2F125E1CDB95BA2AF5636AF284A399496555F38.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:ad:60:57:ea:4c:34:2f:35:0b:e8:4e:af:fd:89:4e:f3:23: b3:56:b4:5e:2d:1f:4b:b8:93:8e:8e:5c:03:42:e8:3d:45:d1: b2:d6:9e:6c:35:bb:2d:96:26:69:c9:63:7f:76:3e:86:bf:a5: da:1d:ae:ad:6b:cb:a7:8e:8b:b4:21:42:c8:17:2d:eb:b4:8e: 70:a3:4b:34:15:eb:1a:2b:bb:52:8c:af:99:2c:0e:af:19:db: ad:3a:13:7c:1e:05:f1:6d:9d:53:15:c8:80:ed:fe:fc:83:bb: 04:6d:a1:21:66:3e:02:76:72:5d:ff:f8:ec:22:1d:6e:37:93: 79:5d:8a:d4:39:0a:1d:d5:79:3c:e4:95:18:c9:e7:4b:d3:94: 56:60:0a:38:d1:52:fa:71:c4:65:fb:72:50:d3:fd:8b:52:68: 50:df:75:41:0c:cb:25:a5:ef:21:13:e5:a6:c8:ef:06:00:78: 39:30:57:56:f5:b7:a7:30:ed:85:8d:aa:4f:f6:01:b2:d2:2c: 79:46:c0:a4:50:2b:2e:3f:46:41:44:80:0b:3d:61:91:bd:a1: ff:97:78:c8:1c:e1:0d:37:c0:8c:b3:f3:ef:b2:90:e3:55:ac: 7d:01:9d:c8:3b:6e:79:0a:23:e0:29:91:ef:94:a6:05:bf:25: be:4b:0a:cd -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUF/bIcInhNvpALiB7DZx5iUE2FCgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTJGMTI1RTFDREI5NUJBMkFGNTYzNkFGMjg0QTM5OTQ5 NjU1NUYzODAeFw0yNjAzMjYwNzI3MTJaFw0yNjAzMjkxODI5MTJaMDMxMTAvBgNV BAMTKDk0MTA2NDk4Q0MzQTgxOUQ5QzNFN0RBNTk5NjVGNTBEOEJCMzBEN0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNpWhfF9pLmzUpoSsK8ra8bsHh dmn6P7aCNBlEioZyiQgBnKM/9DM6K97bLkWK12+kIWjYaF8JfH8+KQHMYWY/2Jkm QvYDSioRFAG6MsUUMwJJ+dmbTKrThl+t1+k0l0E+66L75dNIl9BjUjEEa9GsEXu9 Z978GjnyqXgJLRgbqZ9FfN0Gk+RzJcI8YrGVQJlyPBvkoE0KZsoDXRrt6fOh/iR4 mcYEXItx5Ua/DVnaKAQIawg4uJ8Mu4YsYlgI2Os6P47vChD65VUauAtFyE7FOf3g A2JPDm4xqifd8rW6L/spdcSVIkMLbVs/9ApFk0nj+w0VjNvWwVS/Epi2/mLHAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUlBBkmMw6gZ2cPn2lmWX1DYuzDXwwHwYDVR0j BBgwFoAUovEl4c25W6KvVjavKEo5lJZVXzgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MzM3MGQyNC1hNjU2LTQzMzYtODQyYi05YmQ1ZGNhMmI0MGEvMC9BMkYxMjVFMUNE Qjk1QkEyQUY1NjM2QUYyODRBMzk5NDk2NTU1RjM4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQTJGMTI1RTFDREI5NUJBMkFGNTYzNkFGMjg0QTM5OTQ5NjU1 NUYzOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYjMzNzBkMjQtYTY1Ni00MzM2LTg0 MmItOWJkNWRjYTJiNDBhLzAvQTJGMTI1RTFDREI5NUJBMkFGNTYzNkFGMjg0QTM5 OTQ5NjU1NUYzOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEKtYFfqTDQvNQvoTq/9iU7zI7NWtF4tH0u4 k46OXANC6D1F0bLWnmw1uy2WJmnJY392Poa/pdodrq1ry6eOi7QhQsgXLeu0jnCj SzQV6xoru1KMr5ksDq8Z2606E3weBfFtnVMVyIDt/vyDuwRtoSFmPgJ2cl3/+Owi HW43k3lditQ5Ch3VeTzklRjJ50vTlFZgCjjRUvpxxGX7clDT/YtSaFDfdUEMyyWl 7yET5abI7wYAeDkwV1b1t6cw7YWNqk/2AbLSLHlGwKRQKy4/RkFEgAs9YZG9of+X eMgc4Q03wIyz8++ykONVrH0Bncg7bnkKI+Apke+UpgW/Jb5LCs0= -----END CERTIFICATE-----Generated at Thu Mar 26 13:07:35 2026 by rpki-client