$ rpki-client -vvf repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft File: 21F5E152BA3E25561EA4D2E2986546412F44F15B.mft (raw, json) Hash identifier: QUD2HUKnMuJ/ErGlulKXsEWpKKUFHP32A9Ot7dbSgsg= Subject key identifier: A1:8E:6C:AE:FD:D5:29:AD:22:40:0E:E3:73:D4:A6:F0:4C:32:63:57 Authority key identifier: 21:F5:E1:52:BA:3E:25:56:1E:A4:D2:E2:98:65:46:41:2F:44:F1:5B Certificate issuer: /CN=21F5E152BA3E25561EA4D2E2986546412F44F15B Certificate serial: 3584132574D5423711233A0275A6194E234BCDA3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft Manifest number: EC Signing time: Wed 25 Mar 2026 17:12:08 +0000 Manifest this update: Wed 25 Mar 2026 17:07:08 +0000 Manifest next update: Sat 28 Mar 2026 21:19:08 +0000 Files and hashes: 1: 3130332e3130362e37372e302f32342d3234203d3e203436303233.roa (hash: CbiBxaX9ddBH1o7nomW/iHw3KqeexSYJrX7KRnYKypE=) 2: 3130332e3130362e37382e302f32332d3233203d3e203436303233.roa (hash: WYN4mrwjKunsGp4uZVpUx9nBxwBDSeavyWVXTw8bEXE=) 3: 3130332e3130362e37362e302f32332d3233203d3e203436303233.roa (hash: NaHe5YrxTvb1T+B86yAscpluwifFSNcBhISUAGBKlIw=) 4: 3130332e3130362e37362e302f32342d3234203d3e203436303233.roa (hash: +PmFbdoieOm1HYaiDNoJSgRpm6MfVAVtuXNpglouU7g=) 5: 3130332e3130362e37392e302f32342d3234203d3e203436303233.roa (hash: aO0x+zXgbPOIjgzHxX0fAcf+6eJJ6z747uBT9dWocuM=) 6: 3130332e3130362e37382e302f32342d3234203d3e203436303233.roa (hash: iSq6NwogxUEJNuToH4CRAdLPA94Ifhymd/i0qK2RpFY=) 7: 21F5E152BA3E25561EA4D2E2986546412F44F15B.crl (hash: UN7lJb2MkIzB0byZAL29QKR8Z3LFB0lYKplT7Cc3DzU=) 8: 3130332e3130362e37362e302f32322d3232203d3e203436303233.roa (hash: juQ/cwjH1toIUGh+4Z6y41hGaf2rFqJaltHbfzkfdBc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.crl rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 21:19:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:84:13:25:74:d5:42:37:11:23:3a:02:75:a6:19:4e:23:4b:cd:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21F5E152BA3E25561EA4D2E2986546412F44F15B Validity Not Before: Mar 25 17:07:08 2026 GMT Not After : Mar 28 21:19:08 2026 GMT Subject: CN=A18E6CAEFDD529AD22400EE373D4A6F04C326357 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c9:bb:2e:b4:45:43:28:e9:9a:be:d5:31:40: 17:98:0d:84:85:ab:7e:93:02:05:2b:ee:14:c3:04: 1d:17:cd:e6:cb:d4:76:17:05:7e:d4:f1:43:e7:f5: 21:8c:3c:68:12:d4:e0:f5:c3:db:f7:0d:dd:5c:18: 7f:21:56:dd:63:b0:fa:ca:6e:23:5c:f0:3e:b5:36: c5:78:da:b2:f7:03:1e:17:83:eb:4a:eb:9a:c0:37: 51:89:cb:13:6c:b3:3b:31:78:c1:c5:a3:99:ee:5e: ad:20:a4:79:1b:fa:21:8b:e4:5c:26:c4:4c:7f:76: 84:6f:e9:4b:9d:d3:29:c2:7c:ce:ef:23:a4:66:02: 5e:57:7b:40:d5:c0:57:9d:af:dc:12:90:03:43:c7: 34:37:2c:f3:0b:5c:11:0d:89:37:52:f3:c3:e5:a3: 45:c3:75:0d:60:2e:bf:c0:e0:e9:a7:55:4f:ff:7b: 11:ea:b2:6a:89:47:49:88:e2:4b:4c:9c:43:65:2c: a9:ec:35:07:b9:c0:94:fb:f6:a6:52:2e:6c:7c:48: 3e:86:d9:08:95:e7:e3:df:ab:db:d3:15:af:2f:99: cc:69:76:8e:ff:b9:84:12:22:b6:7a:42:09:5b:e4: 56:97:72:92:a4:f8:66:4c:a7:85:de:d5:8d:67:d4: f9:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:8E:6C:AE:FD:D5:29:AD:22:40:0E:E3:73:D4:A6:F0:4C:32:63:57 X509v3 Authority Key Identifier: keyid:21:F5:E1:52:BA:3E:25:56:1E:A4:D2:E2:98:65:46:41:2F:44:F1:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21F5E152BA3E25561EA4D2E2986546412F44F15B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c3dd6135-548c-4881-af78-93af9f2a2516/0/21F5E152BA3E25561EA4D2E2986546412F44F15B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:4e:92:8e:e1:c9:64:ea:14:63:b4:ef:09:54:2f:c8:c5:05: 2a:81:12:86:f8:ca:b5:5a:ad:a8:c5:54:0f:d4:13:ec:c9:15: 90:e1:1a:e4:fe:08:bc:69:94:54:67:f9:64:37:6e:57:da:f0: 4e:4a:7f:a3:4d:7d:b7:e3:e6:6d:92:48:05:01:72:e7:19:1a: 4a:89:c2:22:f1:da:f0:ca:55:b2:41:37:8f:16:46:cb:be:96: 1c:13:03:e3:2a:5c:f5:f6:fc:ed:89:1f:7d:3d:6e:9a:ad:ea: 51:7b:9e:59:43:55:92:83:78:10:9c:83:8b:2c:b5:fa:3f:79: 25:1d:d8:ec:80:68:a1:87:61:ff:88:32:7d:5f:94:a6:93:47: 5d:db:50:a1:5a:51:be:dc:6a:73:cc:bc:5c:d0:20:6a:de:1d: 39:31:83:2b:01:dd:f0:f8:e2:2f:cd:01:15:a2:4d:ca:34:08: 8c:d9:f6:ec:47:e0:e1:ac:fb:b3:f9:2f:75:4f:18:b8:e7:4d: 7b:6b:d0:a5:6d:d2:a8:e6:a2:c9:10:34:33:1f:74:df:0a:ac: cc:62:28:e3:f2:1f:e8:cf:8b:93:f9:be:7c:d5:37:79:92:7c: 34:60:4d:6c:9c:82:d2:ff:7c:4b:05:2d:bc:d0:87:70:df:ac: be:3b:7c:30 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNYQTJXTVQjcRIzoCdaYZTiNLzaMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2NDEy RjQ0RjE1QjAeFw0yNjAzMjUxNzA3MDhaFw0yNjAzMjgyMTE5MDhaMDMxMTAvBgNV BAMTKEExOEU2Q0FFRkRENTI5QUQyMjQwMEVFMzczRDRBNkYwNEMzMjYzNTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNybsutEVDKOmavtUxQBeYDYSF q36TAgUr7hTDBB0XzebL1HYXBX7U8UPn9SGMPGgS1OD1w9v3Dd1cGH8hVt1jsPrK biNc8D61NsV42rL3Ax4Xg+tK65rAN1GJyxNsszsxeMHFo5nuXq0gpHkb+iGL5Fwm xEx/doRv6Uud0ynCfM7vI6RmAl5Xe0DVwFedr9wSkANDxzQ3LPMLXBENiTdS88Pl o0XDdQ1gLr/A4OmnVU//exHqsmqJR0mI4ktMnENlLKnsNQe5wJT79qZSLmx8SD6G 2QiV5+Pfq9vTFa8vmcxpdo7/uYQSIrZ6Qglb5FaXcpKk+GZMp4Xe1Y1n1PmPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUoY5srv3VKa0iQA7jc9Sm8EwyY1cwHwYDVR0j BBgwFoAUIfXhUro+JVYepNLimGVGQS9E8VswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j M2RkNjEzNS01NDhjLTQ4ODEtYWY3OC05M2FmOWYyYTI1MTYvMC8yMUY1RTE1MkJB M0UyNTU2MUVBNEQyRTI5ODY1NDY0MTJGNDRGMTVCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2NDEyRjQ0 RjE1Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYzNkZDYxMzUtNTQ4Yy00ODgxLWFm NzgtOTNhZjlmMmEyNTE2LzAvMjFGNUUxNTJCQTNFMjU1NjFFQTREMkUyOTg2NTQ2 NDEyRjQ0RjE1Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABVOko7hyWTqFGO07wlUL8jFBSqBEob4yrVa rajFVA/UE+zJFZDhGuT+CLxplFRn+WQ3blfa8E5Kf6NNfbfj5m2SSAUBcucZGkqJ wiLx2vDKVbJBN48WRsu+lhwTA+MqXPX2/O2JH309bpqt6lF7nllDVZKDeBCcg4ss tfo/eSUd2OyAaKGHYf+IMn1flKaTR13bUKFaUb7canPMvFzQIGreHTkxgysB3fD4 4i/NARWiTco0CIzZ9uxH4OGs+7P5L3VPGLjnTXtr0KVt0qjmoskQNDMfdN8KrMxi KOPyH+jPi5P5vnzVN3mSfDRgTWycgtL/fEsFLbzQh3DfrL47fDA= -----END CERTIFICATE-----Generated at Thu Mar 26 20:13:30 2026 by rpki-client