$ rpki-client -vvf repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft File: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft (raw, json) Hash identifier: iYKQOdrog1S8r0R3u+Ln6OvX3BsA+9GBcLKEri5HClQ= Subject key identifier: 63:C1:38:E6:FC:9F:9D:AE:4A:E6:67:7B:3F:D5:54:27:E1:83:1C:AD Authority key identifier: 3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 Certificate issuer: /CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Certificate serial: 61306B002C10743DADB784D638725905F75418AB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft Manifest number: 04E9 Signing time: Wed 25 Mar 2026 01:02:35 +0000 Manifest this update: Wed 25 Mar 2026 00:57:35 +0000 Manifest next update: Sat 28 Mar 2026 08:24:35 +0000 Files and hashes: 1: 3130332e32342e35392e302f32342d3234203d3e203436303532.roa (hash: QKBrvi0RsDMYjSNqwszDPfOesbOlEOIHdE8u3xcyVKM=) 2: 3130332e32342e35382e302f32342d3234203d3e203436303532.roa (hash: q/CV3YIPQOm1aZYip5fIR1K9i7bDSVO+nIFF+ycG0Go=) 3: 3130332e32342e35372e302f32342d3234203d3e203436303532.roa (hash: zCUg4ypvv2GlwnHN93OEr6YWYy+0fl7UKwqXyrw+mYs=) 4: 3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl (hash: FMMCjjtxJ4VB+0Um1k+ozNuNtK0P8NsP2TYfuNyBWzQ=) 5: 3130332e32342e35362e302f32342d3234203d3e203436303532.roa (hash: 0yCL5KXTraWL90iq30pQr9XlRbIvmMrP24hOvDxVdWE=) 6: 3230322e392e38352e302f32342d3234203d3e203436303532.roa (hash: rkHE7dCGWjwiXKSo5AmkFhmGB4j/W88po8KuTJD9fS0=) 7: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (hash: ceA/XjkZTjtckNNE+B0y8t16H7RYtmT+yFrD+MsXpYk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 08:24:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:30:6b:00:2c:10:74:3d:ad:b7:84:d6:38:72:59:05:f7:54:18:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Validity Not Before: Mar 25 00:57:35 2026 GMT Not After : Mar 28 08:24:35 2026 GMT Subject: CN=63C138E6FC9F9DAE4AE6677B3FD55427E1831CAD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:78:16:6b:02:2f:7c:d7:07:ba:e8:b3:7f:1b: 88:fb:24:ef:d7:22:37:4a:ae:52:75:9d:47:03:70: f8:01:e0:8d:21:03:6a:17:06:c6:34:43:9d:8b:91: 05:f3:41:a3:1e:af:01:52:01:c0:7d:ec:0b:04:39: bc:75:52:7d:5e:88:1b:dd:d2:d5:72:d3:17:db:9a: 37:71:e9:d2:5d:e0:b8:20:02:7a:57:4a:6c:b4:45: 7e:62:46:f3:da:02:5b:2b:ad:3c:ed:5c:15:a8:01: 2c:13:89:74:7a:d9:12:bb:05:46:59:1a:ce:0e:86: 46:3e:24:bc:b9:2e:0d:45:78:b7:36:e5:2c:a6:14: 76:c3:40:fc:d8:d9:1e:f1:87:e5:f3:01:34:48:4d: 4f:51:87:02:82:43:4f:ad:3e:7a:9f:2b:57:6e:0d: 14:d3:e1:aa:e1:e6:a1:9d:e1:2c:6b:90:88:7f:f0: 8a:5b:94:38:13:4d:84:97:93:37:d6:9c:a1:e5:79: c2:0c:46:6c:42:fc:34:9d:69:31:da:e3:16:7a:4b: 9d:46:fb:79:fd:ad:d7:66:90:d6:ef:ac:9b:30:7c: ed:dc:da:e9:0d:06:17:15:63:3b:bf:83:94:5f:da: 70:b9:73:86:32:8d:93:0b:5b:80:d9:4f:5a:3a:30: d6:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:C1:38:E6:FC:9F:9D:AE:4A:E6:67:7B:3F:D5:54:27:E1:83:1C:AD X509v3 Authority Key Identifier: keyid:3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:db:7b:7f:0a:b9:01:21:71:72:67:62:f7:7c:c2:3f:54:a1: 0a:e4:c5:ee:ed:02:44:c6:d0:f0:b5:51:64:12:b6:19:20:10: 41:37:be:26:29:5e:69:5d:a6:f1:91:85:80:8d:87:60:d0:2f: ce:11:59:0c:8a:45:7e:d6:7f:93:38:c2:74:0e:f7:47:2f:4d: 5b:21:92:1c:e7:59:a9:e2:8a:85:4b:e5:62:49:50:c2:e1:83: 3a:c5:23:ce:bb:35:13:32:58:09:40:95:05:ab:2f:e3:02:a7: af:e1:69:82:08:92:24:83:5d:06:fc:61:83:1f:02:9a:85:06: 6d:9d:57:8e:cb:6b:c3:d5:71:de:04:ff:1d:d5:b9:05:40:94: f5:88:aa:61:00:8e:9e:e7:18:01:0e:65:35:99:3b:5a:4a:b7: e1:e0:b1:31:27:39:7b:1c:18:7f:27:3c:bd:e7:4c:46:50:3d: 1b:99:f8:19:a5:41:3e:96:b2:23:3c:c9:3c:12:2a:e6:76:b5: 27:c5:ae:bb:a2:17:9c:72:fb:04:df:7c:6f:09:9c:24:b0:37: ca:cf:87:20:68:36:78:e4:1a:5a:08:3b:5c:1e:4c:2f:7f:9b: d6:d5:5e:37:8e:14:4a:fd:4b:8b:8a:15:8d:67:6e:71:4f:2e: aa:fa:1f:ce -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUYTBrACwQdD2tt4TWOHJZBfdUGKswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFE QzlBMTI2OTAeFw0yNjAzMjUwMDU3MzVaFw0yNjAzMjgwODI0MzVaMDMxMTAvBgNV BAMTKDYzQzEzOEU2RkM5RjlEQUU0QUU2Njc3QjNGRDU1NDI3RTE4MzFDQUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBeBZrAi981we66LN/G4j7JO/X IjdKrlJ1nUcDcPgB4I0hA2oXBsY0Q52LkQXzQaMerwFSAcB97AsEObx1Un1eiBvd 0tVy0xfbmjdx6dJd4LggAnpXSmy0RX5iRvPaAlsrrTztXBWoASwTiXR62RK7BUZZ Gs4OhkY+JLy5Lg1FeLc25SymFHbDQPzY2R7xh+XzATRITU9RhwKCQ0+tPnqfK1du DRTT4arh5qGd4SxrkIh/8IpblDgTTYSXkzfWnKHlecIMRmxC/DSdaTHa4xZ6S51G +3n9rddmkNbvrJswfO3c2ukNBhcVYzu/g5Rf2nC5c4YyjZMLW4DZT1o6MNZPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUY8E45vyfna5K5md7P9VUJ+GDHK0wHwYDVR0j BBgwFoAUPRPG+52yLOE0cGMlNXwg4dyaEmkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZDFlZTVlMi0zMzhjLTRkMjAtODA3ZS1lNTBiNzU1ODNkYjgvMC8zRDEzQzZGQjlE QjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURDOUExMjY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFEQzlB MTI2OS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmQxZWU1ZTItMzM4Yy00ZDIwLTgw N2UtZTUwYjc1NTgzZGI4LzAvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIw RTFEQzlBMTI2OS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFjbe38KuQEhcXJnYvd8wj9UoQrkxe7tAkTG 0PC1UWQSthkgEEE3viYpXmldpvGRhYCNh2DQL84RWQyKRX7Wf5M4wnQO90cvTVsh khznWaniioVL5WJJUMLhgzrFI867NRMyWAlAlQWrL+MCp6/haYIIkiSDXQb8YYMf ApqFBm2dV47La8PVcd4E/x3VuQVAlPWIqmEAjp7nGAEOZTWZO1pKt+HgsTEnOXsc GH8nPL3nTEZQPRuZ+BmlQT6WsiM8yTwSKuZ2tSfFrruiF5xy+wTffG8JnCSwN8rP hyBoNnjkGloIO1weTC9/m9bVXjeOFEr9S4uKFY1nbnFPLqr6H84= -----END CERTIFICATE-----Generated at Thu Mar 26 12:59:59 2026 by rpki-client