$ rpki-client -vvf repo-rpki.idnic.net/repo/bfc17cc2-f4a2-415e-8ea2-f9c47f75c4ca/0/C70A343932991281F91796DB87B011987603BBF4.mft File: C70A343932991281F91796DB87B011987603BBF4.mft (raw, json) Hash identifier: xi3BQc3w/A1fiQ30FK49NShK9Z8L/98o0hLKIBjcPXY= Subject key identifier: 8F:DF:8D:94:73:09:D7:A5:A9:31:F1:C4:0F:27:60:A0:EF:8A:19:C2 Authority key identifier: C7:0A:34:39:32:99:12:81:F9:17:96:DB:87:B0:11:98:76:03:BB:F4 Certificate issuer: /CN=C70A343932991281F91796DB87B011987603BBF4 Certificate serial: 42C0E1206FF13CC6FBEE0EBED1A516913CB62EFC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C70A343932991281F91796DB87B011987603BBF4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bfc17cc2-f4a2-415e-8ea2-f9c47f75c4ca/0/C70A343932991281F91796DB87B011987603BBF4.mft Manifest number: 0280 Signing time: Tue 24 Mar 2026 17:01:48 +0000 Manifest this update: Tue 24 Mar 2026 16:56:48 +0000 Manifest next update: Sat 28 Mar 2026 00:59:48 +0000 Files and hashes: 1: C70A343932991281F91796DB87B011987603BBF4.crl (hash: 0OMj8SpPoEaT430mLfkNJtRoToLrKI2s3djUXyODhTM=) 2: 3130332e3138342e3132302e302f32332d3233203d3e20313439363633.roa (hash: crc7GhKn9AnYAlLeRPgUvImKVvVRpJeq2KkcRuzsk7I=) 3: 3130332e3138342e3132302e302f32342d3234203d3e20313439363633.roa (hash: LB2GT5oCXXjegdmKuSVpDwI+w3SC+aDFAkzGg3DL2X4=) 4: 3130332e3138342e3132312e302f32342d3234203d3e20313439363633.roa (hash: 8nVSKMfLnOq7H4iVikz3GDhFqGNUP7VsOtUfQqLc1tA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bfc17cc2-f4a2-415e-8ea2-f9c47f75c4ca/0/C70A343932991281F91796DB87B011987603BBF4.crl rsync://repo-rpki.idnic.net/repo/bfc17cc2-f4a2-415e-8ea2-f9c47f75c4ca/0/C70A343932991281F91796DB87B011987603BBF4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C70A343932991281F91796DB87B011987603BBF4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 00:59:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:c0:e1:20:6f:f1:3c:c6:fb:ee:0e:be:d1:a5:16:91:3c:b6:2e:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C70A343932991281F91796DB87B011987603BBF4 Validity Not Before: Mar 24 16:56:48 2026 GMT Not After : Mar 28 00:59:48 2026 GMT Subject: CN=8FDF8D947309D7A5A931F1C40F2760A0EF8A19C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:0e:5b:19:97:f7:9f:01:96:96:a4:36:4d:83: 80:cf:1b:87:cc:78:d4:be:35:a4:49:35:0c:25:80: ca:8b:d5:16:40:7a:96:11:54:8a:84:2b:48:d8:d5: 6c:4a:d7:da:2e:5c:1e:b9:45:60:2f:a9:b3:de:a4: 3c:5e:86:27:74:cf:54:a9:09:d3:85:cf:e5:27:7f: 12:17:41:d2:79:7b:c6:d5:f1:21:da:9d:c3:b4:c6: dc:28:21:9e:f8:83:8e:99:84:b7:49:b2:7c:5e:35: 64:3f:cd:60:5e:7f:20:a6:61:4f:e0:09:c3:5d:e4: ad:54:c3:8d:9c:4b:ed:fa:5d:c5:af:0a:35:da:93: f1:95:2d:a8:00:31:37:74:95:ca:8a:cd:1f:87:7c: f8:b2:c0:40:7e:99:14:9d:9d:7d:59:30:f3:bf:67: ab:e0:bb:48:86:52:d9:8d:97:e9:a2:b5:52:2c:8d: a0:70:e9:e2:5f:cd:c1:b6:11:e2:d5:8c:f3:56:92: 44:86:61:ce:86:f0:cc:7d:ee:40:d2:07:c0:91:bd: 51:4f:00:b3:8b:54:be:43:a6:e9:01:81:41:31:2f: 0d:45:f8:27:45:4e:87:ae:0e:ba:c9:26:0b:e7:4b: 53:ea:fb:db:15:3e:03:7b:1d:fe:a9:f9:07:c3:13: cb:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:DF:8D:94:73:09:D7:A5:A9:31:F1:C4:0F:27:60:A0:EF:8A:19:C2 X509v3 Authority Key Identifier: keyid:C7:0A:34:39:32:99:12:81:F9:17:96:DB:87:B0:11:98:76:03:BB:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bfc17cc2-f4a2-415e-8ea2-f9c47f75c4ca/0/C70A343932991281F91796DB87B011987603BBF4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C70A343932991281F91796DB87B011987603BBF4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bfc17cc2-f4a2-415e-8ea2-f9c47f75c4ca/0/C70A343932991281F91796DB87B011987603BBF4.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9a:84:c4:20:af:a5:3c:cb:ea:00:fe:b3:05:0e:5a:dc:e7:fb: 74:38:90:80:85:e7:aa:45:1a:05:de:5f:8e:72:3b:f1:a3:85: 0c:45:52:7d:01:3c:c5:68:f1:a1:8d:36:8a:ac:ca:d3:b9:35: 84:89:a3:4e:9d:aa:84:d9:07:2e:33:70:85:22:71:bb:bb:55: 78:77:02:73:fd:5c:c3:a5:4e:1b:b3:ec:ea:7c:71:9a:b7:fa: 37:a8:84:bc:3a:09:c0:69:0e:16:43:d5:ee:7b:0b:d1:5f:2e: 36:8b:a9:1a:49:18:97:dc:b0:3e:66:0d:f5:79:d6:9d:ae:17: db:27:f0:0d:19:22:c5:17:ba:af:f5:5b:06:79:e7:52:13:66: 73:eb:63:6e:02:a6:1c:5f:0f:52:02:28:73:c6:1b:38:87:4a: 40:be:85:7e:5c:19:ca:61:d3:54:6a:96:18:62:ef:9b:80:86: 0d:54:a0:cb:e4:11:64:a6:7d:2b:a4:5b:69:0b:d4:e9:d6:c4: 1d:90:80:2e:2f:f4:90:3d:96:9a:57:fc:25:fa:bd:c3:06:fa: f4:78:1d:19:d1:5d:04:da:d3:0c:02:61:5a:7d:16:cd:f2:a9: 55:7a:bd:e5:28:8b:c5:de:e3:96:45:22:1f:43:d1:a6:ca:a8: 12:bf:91:aa -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUQsDhIG/xPMb77g6+0aUWkTy2LvwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzcwQTM0MzkzMjk5MTI4MUY5MTc5NkRCODdCMDExOTg3 NjAzQkJGNDAeFw0yNjAzMjQxNjU2NDhaFw0yNjAzMjgwMDU5NDhaMDMxMTAvBgNV BAMTKDhGREY4RDk0NzMwOUQ3QTVBOTMxRjFDNDBGMjc2MEEwRUY4QTE5QzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSDlsZl/efAZaWpDZNg4DPG4fM eNS+NaRJNQwlgMqL1RZAepYRVIqEK0jY1WxK19ouXB65RWAvqbPepDxehid0z1Sp CdOFz+UnfxIXQdJ5e8bV8SHancO0xtwoIZ74g46ZhLdJsnxeNWQ/zWBefyCmYU/g CcNd5K1Uw42cS+36XcWvCjXak/GVLagAMTd0lcqKzR+HfPiywEB+mRSdnX1ZMPO/ Z6vgu0iGUtmNl+mitVIsjaBw6eJfzcG2EeLVjPNWkkSGYc6G8Mx97kDSB8CRvVFP ALOLVL5DpukBgUExLw1F+CdFToeuDrrJJgvnS1Pq+9sVPgN7Hf6p+QfDE8s7AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUj9+NlHMJ16WpMfHEDydgoO+KGcIwHwYDVR0j BBgwFoAUxwo0OTKZEoH5F5bbh7ARmHYDu/QwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZmMxN2NjMi1mNGEyLTQxNWUtOGVhMi1mOWM0N2Y3NWM0Y2EvMC9DNzBBMzQzOTMy OTkxMjgxRjkxNzk2REI4N0IwMTE5ODc2MDNCQkY0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzcwQTM0MzkzMjk5MTI4MUY5MTc5NkRCODdCMDExOTg3NjAz QkJGNC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmZjMTdjYzItZjRhMi00MTVlLThl YTItZjljNDdmNzVjNGNhLzAvQzcwQTM0MzkzMjk5MTI4MUY5MTc5NkRCODdCMDEx OTg3NjAzQkJGNC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAJqExCCvpTzL6gD+swUOWtzn+3Q4kICF56pF GgXeX45yO/GjhQxFUn0BPMVo8aGNNoqsytO5NYSJo06dqoTZBy4zcIUicbu7VXh3 AnP9XMOlThuz7Op8cZq3+jeohLw6CcBpDhZD1e57C9FfLjaLqRpJGJfcsD5mDfV5 1p2uF9sn8A0ZIsUXuq/1WwZ551ITZnPrY24CphxfD1ICKHPGGziHSkC+hX5cGcph 01Rqlhhi75uAhg1UoMvkEWSmfSukW2kL1OnWxB2QgC4v9JA9lppX/CX6vcMG+vR4 HRnRXQTa0wwCYVp9Fs3yqVV6veUoi8Xe45ZFIh9D0abKqBK/kao= -----END CERTIFICATE-----Generated at Thu Mar 26 17:42:01 2026 by rpki-client