$ rpki-client -vvf repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft File: 2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft (raw, json) Hash identifier: CW8hym81G5KrVgYECB1GYtPG2zjHnzWkh90S8nIb748= Subject key identifier: 82:8B:53:82:B9:E0:66:58:25:EE:37:4E:21:1C:D9:93:67:06:20:7A Authority key identifier: 25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 Certificate issuer: /CN=2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2 Certificate serial: 469D214547D51502828AD6DC21DF07BD11D7B377 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft Manifest number: 0130 Signing time: Tue 24 Mar 2026 12:51:45 +0000 Manifest this update: Tue 24 Mar 2026 12:46:45 +0000 Manifest next update: Fri 27 Mar 2026 23:59:45 +0000 Files and hashes: 1: 3136302e31392e38342e302f32332d3233203d3e20313532373534.roa (hash: bSChIDo0CglmTqFSV6p630tLNxr15ZtjkZahOcEGfmY=) 2: 2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl (hash: z+otFOhY2+twum/3dhNZqJhYEpmZjcQk2rFmy9bAmF4=) 3: 3136302e31392e38352e302f32342d3234203d3e20313532373534.roa (hash: +OevkhB7r44OnQm82LNlP8LRDK9Y7/yxi7S+eG9f5A4=) 4: 3136302e31392e38342e302f32342d3234203d3e20313532373534.roa (hash: 58riNyfqbPP7fKRqZA+ufvmL363qEOUl7N/mxlGGnOA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 23:59:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:9d:21:45:47:d5:15:02:82:8a:d6:dc:21:df:07:bd:11:d7:b3:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2 Validity Not Before: Mar 24 12:46:45 2026 GMT Not After : Mar 27 23:59:45 2026 GMT Subject: CN=828B5382B9E0665825EE374E211CD9936706207A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b4:81:72:17:c1:0d:6e:f2:7d:c2:0a:d8:af: d9:8f:ea:9d:a0:b1:d1:f3:a8:7c:a6:de:cf:d8:2a: 31:e9:69:6f:2d:2a:70:70:5e:4c:9a:8b:8d:5c:da: 7c:41:12:0d:b3:7e:21:6b:87:fd:2f:f3:41:db:6f: 3c:76:b1:4d:0b:f0:8e:e3:0b:ba:1a:ab:af:59:fc: 82:49:97:d7:62:5d:8d:1f:43:0e:dd:85:7c:e9:63: 89:07:81:36:db:24:55:4b:7b:fe:01:97:e1:f5:84: a7:c8:85:5a:24:07:bc:75:97:67:42:7b:2d:d5:11: 0b:dc:2c:79:af:04:54:b5:75:ad:04:91:cb:4d:c1: 0e:4c:97:8d:91:1a:11:e2:dd:29:64:61:79:01:6c: 58:3a:1c:0f:15:7d:60:62:9e:f6:4b:04:c4:9c:07: 37:98:6a:26:9a:ad:36:f0:2c:d6:de:82:45:44:74: 47:c4:fb:11:20:6d:48:fa:75:04:f7:38:0c:0a:63: 71:15:d4:40:36:a3:6d:90:e8:a9:18:01:71:a6:8b: 5b:75:48:22:a2:15:61:da:a0:14:ad:4d:ad:65:b2: d4:29:4c:a0:fe:3e:2d:b5:b9:6e:83:7d:61:56:a8: 13:12:0f:4e:07:d0:ff:d2:1b:3d:07:7c:95:77:9b: 29:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:8B:53:82:B9:E0:66:58:25:EE:37:4E:21:1C:D9:93:67:06:20:7A X509v3 Authority Key Identifier: keyid:25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption cd:a5:a5:46:43:04:f1:24:b8:3c:0e:63:2d:a2:3a:16:1a:11: c5:81:35:9c:e0:26:ce:9e:12:05:44:d5:43:68:11:3a:f6:76: e5:a0:38:7a:44:6a:30:3d:df:cc:71:52:37:be:9c:22:83:b1: 99:ce:ca:28:80:59:f2:6c:2e:a1:23:f7:c5:03:a1:4a:89:5f: a3:02:74:ef:51:4c:b9:34:6e:70:9f:93:df:f7:de:ae:3c:36: c6:2c:9b:85:f5:13:7e:67:57:1c:fc:3d:af:0e:56:99:80:5b: e8:bf:bb:27:a2:ab:c5:c5:94:53:35:f9:1a:b2:b0:90:02:e5: 30:32:76:e1:ca:f4:56:79:aa:63:99:21:81:4c:2a:e7:56:79: 8e:44:37:06:6a:d5:1f:de:f0:db:07:28:d2:30:51:35:ce:b2: 56:21:1a:57:78:1e:7d:73:4c:d6:bb:e4:55:8b:e0:91:16:79: 86:ca:fb:bc:18:51:6e:02:84:24:9f:95:7e:e1:55:ae:d7:5a: e1:94:02:07:aa:5d:b5:01:85:4b:da:18:57:8e:08:93:b7:c3: ad:56:64:cd:d0:54:6c:8a:14:1d:ab:da:05:c1:7b:5d:c3:82: dc:16:18:ff:a0:35:6f:71:cd:ee:c9:3d:ee:10:ec:02:08:71: b7:a0:06:4f -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIURp0hRUfVFQKCitbcId8HvRHXs3cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZGMTdE Q0Q2RkRDMjAeFw0yNjAzMjQxMjQ2NDVaFw0yNjAzMjcyMzU5NDVaMDMxMTAvBgNV BAMTKDgyOEI1MzgyQjlFMDY2NTgyNUVFMzc0RTIxMUNEOTkzNjcwNjIwN0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCytIFyF8ENbvJ9wgrYr9mP6p2g sdHzqHym3s/YKjHpaW8tKnBwXkyai41c2nxBEg2zfiFrh/0v80Hbbzx2sU0L8I7j C7oaq69Z/IJJl9diXY0fQw7dhXzpY4kHgTbbJFVLe/4Bl+H1hKfIhVokB7x1l2dC ey3VEQvcLHmvBFS1da0EkctNwQ5Ml42RGhHi3SlkYXkBbFg6HA8VfWBinvZLBMSc BzeYaiaarTbwLNbegkVEdEfE+xEgbUj6dQT3OAwKY3EV1EA2o22Q6KkYAXGmi1t1 SCKiFWHaoBStTa1lstQpTKD+Pi21uW6DfWFWqBMSD04H0P/SGz0HfJV3myn3AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUgotTgrngZlgl7jdOIRzZk2cGIHowHwYDVR0j BBgwFoAUJRXUv573quWuvCL1LBf/F9zW/cIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i YTA5OGYwMC1hMGEwLTRiNWMtOWU4My02MDY3MzcxMjhjYjEvMC8yNTE1RDRCRjlF RjdBQUU1QUVCQzIyRjUyQzE3RkYxN0RDRDZGREMyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZGMTdEQ0Q2 RkRDMi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmEwOThmMDAtYTBhMC00YjVjLTll ODMtNjA2NzM3MTI4Y2IxLzAvMjUxNUQ0QkY5RUY3QUFFNUFFQkMyMkY1MkMxN0ZG MTdEQ0Q2RkRDMi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAM2lpUZDBPEkuDwOYy2iOhYaEcWBNZzgJs6e EgVE1UNoETr2duWgOHpEajA938xxUje+nCKDsZnOyiiAWfJsLqEj98UDoUqJX6MC dO9RTLk0bnCfk9/33q48NsYsm4X1E35nVxz8Pa8OVpmAW+i/uyeiq8XFlFM1+Rqy sJAC5TAyduHK9FZ5qmOZIYFMKudWeY5ENwZq1R/e8NsHKNIwUTXOslYhGld4Hn1z TNa75FWL4JEWeYbK+7wYUW4ChCSflX7hVa7XWuGUAgeqXbUBhUvaGFeOCJO3w61W ZM3QVGyKFB2r2gXBe13DgtwWGP+gNW9xze7JPe4Q7AIIcbegBk8= -----END CERTIFICATE-----Generated at Thu Mar 26 13:53:38 2026 by rpki-client