$ rpki-client -vvf repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft File: CA978B7ACEF55A251B74721E04A034CA3601A88B.mft (raw, json) Hash identifier: cK9tlAIrl2Zbb2nHbXlPQMU3dkpSroABFKerRDpfFq0= Subject key identifier: 36:F8:C5:E5:8E:F7:CA:11:97:E8:60:C9:50:71:D8:93:DF:4F:A8:DA Authority key identifier: CA:97:8B:7A:CE:F5:5A:25:1B:74:72:1E:04:A0:34:CA:36:01:A8:8B Certificate issuer: /CN=CA978B7ACEF55A251B74721E04A034CA3601A88B Certificate serial: 2BF4AFCB51D11AA12D54E21B4DCAD82C65531B9A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA978B7ACEF55A251B74721E04A034CA3601A88B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft Manifest number: 017A Signing time: Wed 25 Mar 2026 11:41:36 +0000 Manifest this update: Wed 25 Mar 2026 11:36:36 +0000 Manifest next update: Sat 28 Mar 2026 21:40:36 +0000 Files and hashes: 1: 3130332e38332e3233362e302f32342d3234203d3e20313530353430.roa (hash: 5p6wjGyXDMhYJEnC8e2hHCinkGJrBkWoW7KvueEj5dQ=) 2: 3130332e38332e3233372e302f32342d3234203d3e20313530353430.roa (hash: Y1BreLVa1ZjV8+fm+79oJJhjLUjz8il238UQwEnA8vE=) 3: CA978B7ACEF55A251B74721E04A034CA3601A88B.crl (hash: 5yRsdkep/BQ+NKbwhHZsdiWl7zOUUU4Q6yQija2y3LE=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.crl rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA978B7ACEF55A251B74721E04A034CA3601A88B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 21:40:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:f4:af:cb:51:d1:1a:a1:2d:54:e2:1b:4d:ca:d8:2c:65:53:1b:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA978B7ACEF55A251B74721E04A034CA3601A88B Validity Not Before: Mar 25 11:36:36 2026 GMT Not After : Mar 28 21:40:36 2026 GMT Subject: CN=36F8C5E58EF7CA1197E860C95071D893DF4FA8DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:aa:d7:1a:2e:ce:d2:73:f7:92:7a:0d:26:12: f2:68:f1:36:9d:b4:ec:ff:c8:34:8d:ff:0b:df:c6: 79:09:67:91:de:46:c6:8c:8f:d5:08:1c:9f:94:32: 63:c0:ab:25:ca:56:51:20:d7:b0:34:04:5e:f1:de: 3a:28:6d:ce:ff:98:8a:8b:13:60:a7:cd:d2:f7:4c: 03:0a:18:80:da:44:d2:99:d0:b0:ee:53:e8:54:12: 19:35:f0:3a:d7:0e:44:1a:93:b5:2b:d3:96:03:f7: 5b:ba:0b:27:9e:69:04:64:f7:e5:3a:4c:75:98:1f: 7d:70:3a:97:22:92:f9:0c:56:e4:23:d7:fa:87:cc: 33:92:a8:7f:84:d0:66:69:fd:01:b9:85:66:7a:0a: 7f:a5:27:31:17:88:1a:a2:69:38:d9:06:79:f5:d3: e8:47:7f:01:ac:a6:a3:3a:4c:6b:6b:92:c0:e9:61: 2f:f5:b8:57:82:67:f6:ac:60:65:95:76:b9:fc:7e: a0:35:90:79:73:1e:5f:7f:b8:f9:be:c3:a9:51:d9: 27:f4:6b:ad:f4:f8:1d:bd:f4:2f:73:6c:6e:7f:01: 1f:72:3e:97:d3:be:d6:03:81:b3:2d:d1:cd:d6:3a: a8:67:dd:d7:82:7a:fc:77:b2:14:54:f4:c9:01:a1: 9a:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:F8:C5:E5:8E:F7:CA:11:97:E8:60:C9:50:71:D8:93:DF:4F:A8:DA X509v3 Authority Key Identifier: keyid:CA:97:8B:7A:CE:F5:5A:25:1B:74:72:1E:04:A0:34:CA:36:01:A8:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA978B7ACEF55A251B74721E04A034CA3601A88B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bfa3cff7-2aa1-44df-914c-f19184f6f3b1/0/CA978B7ACEF55A251B74721E04A034CA3601A88B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:ee:d5:21:aa:87:2e:af:f1:6a:42:e0:30:40:18:ed:11:ba: e3:5f:7a:25:1f:e6:61:10:c8:a4:da:0e:a3:f5:db:3a:42:35: eb:d9:14:3f:62:5e:4f:72:f1:5a:b4:46:81:71:12:7a:58:38: 5f:ba:f4:a8:c9:1d:54:f2:5a:00:1a:63:9d:7c:5c:18:7a:9d: 2f:c4:14:f9:7e:9b:53:cb:43:ac:eb:e4:b2:2d:b8:a7:01:5d: 45:4b:7a:88:04:28:92:9d:e6:b8:72:35:82:5b:1b:34:a0:44: e7:bf:e7:ae:34:b6:ee:81:eb:06:59:f7:c7:76:dc:29:0d:f5: 51:21:13:49:96:43:49:d8:3a:e5:e3:dc:c3:05:a7:9b:e5:8b: 38:62:f8:5b:94:f9:be:7f:f0:6c:9e:89:cc:6c:4e:27:45:4a: 27:0d:83:0a:8a:0b:06:34:f4:4f:a2:c6:15:70:8d:10:cf:a5: 9c:77:48:99:3a:a3:88:ff:4c:ad:d5:eb:24:95:e4:91:e9:36: ff:be:7b:4c:98:a4:79:2c:f0:85:31:62:f9:93:ec:19:97:97: bf:84:8c:3e:32:ca:d3:52:31:48:5a:58:62:4e:77:03:48:c4: 08:b5:aa:30:73:5c:32:20:60:f7:16:a6:40:cc:99:d2:6a:fb: 5d:6b:44:d3 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUK/Svy1HRGqEtVOIbTcrYLGVTG5owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0E5NzhCN0FDRUY1NUEyNTFCNzQ3MjFFMDRBMDM0Q0Ez NjAxQTg4QjAeFw0yNjAzMjUxMTM2MzZaFw0yNjAzMjgyMTQwMzZaMDMxMTAvBgNV BAMTKDM2RjhDNUU1OEVGN0NBMTE5N0U4NjBDOTUwNzFEODkzREY0RkE4REEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNqtcaLs7Sc/eSeg0mEvJo8Tad tOz/yDSN/wvfxnkJZ5HeRsaMj9UIHJ+UMmPAqyXKVlEg17A0BF7x3joobc7/mIqL E2CnzdL3TAMKGIDaRNKZ0LDuU+hUEhk18DrXDkQak7Ur05YD91u6CyeeaQRk9+U6 THWYH31wOpcikvkMVuQj1/qHzDOSqH+E0GZp/QG5hWZ6Cn+lJzEXiBqiaTjZBnn1 0+hHfwGspqM6TGtrksDpYS/1uFeCZ/asYGWVdrn8fqA1kHlzHl9/uPm+w6lR2Sf0 a630+B299C9zbG5/AR9yPpfTvtYDgbMt0c3WOqhn3deCevx3shRU9MkBoZqrAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUNvjF5Y73yhGX6GDJUHHYk99PqNowHwYDVR0j BBgwFoAUypeLes71WiUbdHIeBKA0yjYBqIswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZmEzY2ZmNy0yYWExLTQ0ZGYtOTE0Yy1mMTkxODRmNmYzYjEvMC9DQTk3OEI3QUNF RjU1QTI1MUI3NDcyMUUwNEEwMzRDQTM2MDFBODhCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0E5NzhCN0FDRUY1NUEyNTFCNzQ3MjFFMDRBMDM0Q0EzNjAx QTg4Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmZhM2NmZjctMmFhMS00NGRmLTkx NGMtZjE5MTg0ZjZmM2IxLzAvQ0E5NzhCN0FDRUY1NUEyNTFCNzQ3MjFFMDRBMDM0 Q0EzNjAxQTg4Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFLu1SGqhy6v8WpC4DBAGO0RuuNfeiUf5mEQ yKTaDqP12zpCNevZFD9iXk9y8Vq0RoFxEnpYOF+69KjJHVTyWgAaY518XBh6nS/E FPl+m1PLQ6zr5LItuKcBXUVLeogEKJKd5rhyNYJbGzSgROe/5640tu6B6wZZ98d2 3CkN9VEhE0mWQ0nYOuXj3MMFp5vlizhi+FuU+b5/8GyeicxsTidFSicNgwqKCwY0 9E+ixhVwjRDPpZx3SJk6o4j/TK3V6ySV5JHpNv++e0yYpHks8IUxYvmT7BmXl7+E jD4yytNSMUhaWGJOdwNIxAi1qjBzXDIgYPcWpkDMmdJq+11rRNM= -----END CERTIFICATE-----Generated at Thu Mar 26 18:24:40 2026 by rpki-client