$ rpki-client -vvf repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft File: 21AC220B77A77D0516BC73B4C29C8363DD00911B.mft (raw, json) Hash identifier: 4YguEJCHh9QhF74t8mr5wciiRmOVSbxNU+ZO7y5tQBE= Subject key identifier: 70:97:83:A3:6B:50:F7:39:78:EE:59:BC:0C:11:C7:D9:28:B1:75:41 Authority key identifier: 21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B Certificate issuer: /CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Certificate serial: 6B3C3D5DF55B1CFCE6B9879FDF8178E6636B4346 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft Manifest number: 051B Signing time: Tue 24 Mar 2026 10:21:10 +0000 Manifest this update: Tue 24 Mar 2026 10:16:10 +0000 Manifest next update: Fri 27 Mar 2026 20:55:10 +0000 Files and hashes: 1: 3130332e39342e3136382e302f32322d3234203d3e20313336313139.roa (hash: IywsBHZCpESzPvpzBYMa3aM5xr+uzQrgr/hs4zyGEfk=) 2: 21AC220B77A77D0516BC73B4C29C8363DD00911B.crl (hash: hyeeBQBfabbIm+th9QVPDWreI6pvwMgXyfH65gYt8Ts=) 3: 3230322e31302e35392e302f32342d3234203d3e20313336313139.roa (hash: p7znIjGrzIeqiJgSyw1Go9JzIhUPDTiZx2kzEBcMX+M=) 4: 323430313a343863303a3a2f33322d3438203d3e20313336313139.roa (hash: J7Eqzk0rLCECjOwGjEdw1vCeBneDceSExg8FEmGDsVA=) 5: 3230322e31302e35382e302f32342d3234203d3e20313336313139.roa (hash: FqumLAE5ExkmaatbD11ff744L2iTMEhUHWhZUQWOtLU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 20:55:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:3c:3d:5d:f5:5b:1c:fc:e6:b9:87:9f:df:81:78:e6:63:6b:43:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Validity Not Before: Mar 24 10:16:10 2026 GMT Not After : Mar 27 20:55:10 2026 GMT Subject: CN=709783A36B50F73978EE59BC0C11C7D928B17541 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:cd:31:08:a8:44:88:a7:15:d9:d1:2a:da:82: 4c:78:97:4a:4c:d0:eb:38:b3:4b:2d:f6:e4:ac:4f: 05:9f:01:0a:73:0b:77:e5:d7:8f:bf:16:d2:09:df: 4f:e5:4f:84:8a:f4:6f:bb:24:1c:64:43:42:2f:fa: b5:8d:15:63:7b:b2:ad:a5:d1:83:73:ed:e7:7e:1e: 10:f6:2d:0f:c4:74:5f:ca:c1:6d:c8:5c:ef:6b:3f: b8:f1:11:84:67:c4:6b:67:12:9c:d1:8a:e0:88:0d: 1f:13:5e:01:e1:df:38:b6:74:5c:03:82:21:9f:48: 33:ef:c7:e7:1d:3f:52:09:32:f9:76:ea:60:da:e8: 03:1a:73:16:88:06:e3:13:55:51:f6:f0:b1:b1:11: 84:00:96:f2:0c:8e:93:d6:79:d9:c6:c2:db:ba:f2: f1:86:6e:bc:e1:b9:46:e1:23:f1:46:ef:1b:c0:07: 14:3e:4c:b7:c5:68:5b:1f:64:91:4b:10:a5:6f:5c: 0a:5a:a1:cf:c2:c4:f6:7f:53:b5:15:67:b8:f1:04: fc:dc:bc:61:b0:4b:90:ea:43:c7:05:eb:37:24:31: f8:ba:77:6b:4f:9d:1e:52:86:49:22:be:a5:99:20: 1e:00:c3:61:33:74:06:e4:f4:c2:58:62:ce:12:2b: fb:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:97:83:A3:6B:50:F7:39:78:EE:59:BC:0C:11:C7:D9:28:B1:75:41 X509v3 Authority Key Identifier: keyid:21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:18:53:9d:12:3c:32:11:21:13:10:56:9d:ff:ee:d7:55:e9: 6f:1d:8b:53:66:df:85:f6:3c:e9:62:5b:7e:28:ce:58:e2:bd: 73:76:e9:cb:91:7c:b9:ff:38:94:b7:1a:ad:10:08:20:96:cd: e4:4a:41:85:cf:b4:fb:16:63:56:91:6a:be:63:57:28:0f:2f: 82:e3:b8:3d:05:5d:14:44:f2:47:a2:2a:21:9c:a0:56:24:97: a9:8c:c6:5c:94:24:5d:35:4d:27:34:2c:2b:02:22:50:ef:38: 04:18:90:33:bd:79:10:bc:47:27:ed:76:e8:1e:b8:f8:21:c7: 9c:e4:c7:87:15:52:f6:4a:18:aa:bb:2b:21:8f:6f:85:a9:e9: 0a:6c:cb:ab:99:ff:d9:50:b0:dd:f7:77:2b:34:08:8e:ba:81: 89:ba:38:01:50:ab:ef:19:92:d2:b1:24:05:42:b3:0b:2f:f4: b8:aa:58:fe:ee:c1:82:7e:1f:2a:d3:48:a8:45:86:94:82:79: e3:0d:80:80:5a:9c:e7:df:48:5d:15:1d:33:d9:e0:4f:31:14: 19:c0:4c:fa:ac:e9:1c:80:b5:e5:0a:1c:ea:b0:cb:a7:79:92: 4f:7a:c2:41:57:a3:6b:57:be:8f:3b:86:14:b9:ee:30:ae:85: 81:c2:de:01 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUazw9XfVbHPzmuYef34F45mNrQ0YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNE RDAwOTExQjAeFw0yNjAzMjQxMDE2MTBaFw0yNjAzMjcyMDU1MTBaMDMxMTAvBgNV BAMTKDcwOTc4M0EzNkI1MEY3Mzk3OEVFNTlCQzBDMTFDN0Q5MjhCMTc1NDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyzTEIqESIpxXZ0Sragkx4l0pM 0Os4s0st9uSsTwWfAQpzC3fl14+/FtIJ30/lT4SK9G+7JBxkQ0Iv+rWNFWN7sq2l 0YNz7ed+HhD2LQ/EdF/KwW3IXO9rP7jxEYRnxGtnEpzRiuCIDR8TXgHh3zi2dFwD giGfSDPvx+cdP1IJMvl26mDa6AMacxaIBuMTVVH28LGxEYQAlvIMjpPWednGwtu6 8vGGbrzhuUbhI/FG7xvABxQ+TLfFaFsfZJFLEKVvXApaoc/CxPZ/U7UVZ7jxBPzc vGGwS5DqQ8cF6zckMfi6d2tPnR5ShkkivqWZIB4Aw2EzdAbk9MJYYs4SK/tBAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUcJeDo2tQ9zl47lm8DBHH2SixdUEwHwYDVR0j BBgwFoAUIawiC3enfQUWvHO0wpyDY90AkRswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZGFiYzBiYS05MjIyLTRjNDUtODM0Mi1lYjg2NDNjNDk2N2QvMC8yMUFDMjIwQjc3 QTc3RDA1MTZCQzczQjRDMjlDODM2M0REMDA5MTFCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNERDAw OTExQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmRhYmMwYmEtOTIyMi00YzQ1LTgz NDItZWI4NjQzYzQ5NjdkLzAvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5Qzgz NjNERDAwOTExQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACIYU50SPDIRIRMQVp3/7tdV6W8di1Nm34X2 POliW34ozljivXN26cuRfLn/OJS3Gq0QCCCWzeRKQYXPtPsWY1aRar5jVygPL4Lj uD0FXRRE8keiKiGcoFYkl6mMxlyUJF01TSc0LCsCIlDvOAQYkDO9eRC8Ryftduge uPghx5zkx4cVUvZKGKq7KyGPb4Wp6Qpsy6uZ/9lQsN33dys0CI66gYm6OAFQq+8Z ktKxJAVCswsv9LiqWP7uwYJ+HyrTSKhFhpSCeeMNgIBanOffSF0VHTPZ4E8xFBnA TPqs6RyAteUKHOqwy6d5kk96wkFXo2tXvo87hhS57jCuhYHC3gE= -----END CERTIFICATE-----Generated at Thu Mar 26 17:44:33 2026 by rpki-client