$ rpki-client -vvf repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.mft File: 10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.mft (raw, json) Hash identifier: EhE/Sh/p/i1oEUuR5sqLzsp3ByKK1/rCSw/5HdWjFcc= Subject key identifier: CA:85:5D:85:60:CE:8E:21:BE:85:F1:3B:95:62:33:D1:F5:CD:D0:E2 Authority key identifier: 10:D3:53:6F:3D:0B:F7:F7:AC:CE:8A:68:50:5E:C0:31:4C:FA:31:7B Certificate issuer: /CN=10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B Certificate serial: 35C39E85917843004704FCF5D3A466A3CB2E4DD5 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.mft Manifest number: EB Signing time: Wed 25 Mar 2026 23:31:51 +0000 Manifest this update: Wed 25 Mar 2026 23:26:51 +0000 Manifest next update: Sun 29 Mar 2026 11:26:51 +0000 Files and hashes: 1: 10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.crl (hash: 52D6mQlC1L76YzSL0XVKmPxE7mpUW/XxVCWmU+RlCaU=) 2: 3130332e3137312e3235352e302f32342d3234203d3e20313432333939.roa (hash: HSGQJXythRbZW0WejIr3eu8cpvINsUXbBgpQ3Hdpzbo=) 3: 3130332e3137312e3235342e302f32342d3234203d3e20313432333939.roa (hash: lR/hW+eaZsPiXrhVudMo+pOinjFXG0anTiMBOASqmGk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.crl rsync://repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 11:26:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:c3:9e:85:91:78:43:00:47:04:fc:f5:d3:a4:66:a3:cb:2e:4d:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B Validity Not Before: Mar 25 23:26:51 2026 GMT Not After : Mar 29 11:26:51 2026 GMT Subject: CN=CA855D8560CE8E21BE85F13B956233D1F5CDD0E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:2c:19:1a:f4:f7:2f:84:d3:9c:d4:61:fa:dd: 10:f7:05:8f:35:b1:e0:94:dd:35:da:7a:89:51:35: be:33:ec:61:aa:46:2a:7a:49:80:47:a9:21:8d:f9: f8:95:9e:24:ff:4e:87:0a:80:54:fe:e4:75:a0:f4: c1:61:26:15:6c:92:94:66:53:24:3d:4f:a5:03:c5: 73:09:e7:15:4b:3a:eb:8a:bc:45:b7:12:16:40:7e: c8:e7:18:2f:f9:e8:4c:28:59:6d:a3:1a:05:bd:44: d3:80:51:98:51:7e:de:0d:4c:ff:e9:89:99:15:c4: 81:88:17:9a:f2:89:51:1c:0b:7c:75:f6:c1:1b:5b: 03:54:aa:34:ea:eb:cd:8e:95:98:1f:7b:2f:e8:48: 64:19:29:28:ef:a5:60:8e:4a:e6:47:9a:ca:01:99: fa:9d:1a:1a:e9:87:c7:6a:fd:34:f2:b8:b2:28:72: fb:9d:98:f3:c1:db:09:9b:88:14:4c:77:68:31:12: b4:49:9d:0f:2a:29:a1:70:2e:93:5f:27:16:53:da: 95:8c:77:45:59:ea:9f:4d:e5:02:60:8d:fa:92:b4: dc:a9:eb:a8:71:0f:3f:ce:c2:a9:7b:6b:42:ee:b4: 23:c5:e4:9f:c6:95:9d:fe:36:ea:9e:54:97:ed:bc: 68:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:85:5D:85:60:CE:8E:21:BE:85:F1:3B:95:62:33:D1:F5:CD:D0:E2 X509v3 Authority Key Identifier: keyid:10:D3:53:6F:3D:0B:F7:F7:AC:CE:8A:68:50:5E:C0:31:4C:FA:31:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cb01c967-99d0-4c21-9642-87ada67155c8/0/10D3536F3D0BF7F7ACCE8A68505EC0314CFA317B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:a1:6e:4f:4a:02:75:ee:92:43:db:83:41:e0:55:5d:ea:fb: 60:b5:ad:03:96:94:89:30:6e:25:30:c3:10:98:7d:74:dc:27: 74:de:fd:19:4f:0d:fe:a8:1d:b7:47:36:14:2d:96:02:96:30: fd:dd:ba:aa:ba:21:10:71:db:5b:b8:39:c5:0a:fa:41:a8:66: 50:f5:c6:4a:45:43:ad:2d:c3:f8:8e:1c:00:c6:98:0d:bb:98: 2d:71:95:b8:92:da:07:dd:73:b4:93:88:6a:79:51:75:4e:8b: 69:77:4e:da:87:90:04:17:56:06:ee:90:b6:45:4f:da:b8:5f: 8c:da:6f:6b:0b:96:fe:38:ce:c8:6a:c0:65:85:cf:6a:01:fc: 5c:5c:df:16:a6:77:35:73:f3:e8:a9:e9:51:b7:58:dd:fe:3b: 64:d6:62:fe:57:d6:80:fd:38:f1:1a:53:0e:61:5b:ab:6a:3d: 9d:ed:40:f5:6f:72:36:76:e4:54:ff:28:37:14:37:ff:9c:dc: 8a:7d:07:e9:11:a4:78:41:c0:4f:bc:77:5e:2e:4d:a8:22:62: e3:a6:dd:42:d6:79:6c:01:6a:25:92:20:a8:ce:71:76:47:7e: 43:15:22:42:de:04:70:f2:f8:15:a3:27:3d:1f:1a:2d:f2:6e: 0c:c4:f5:c7 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNcOehZF4QwBHBPz106Rmo8suTdUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTBEMzUzNkYzRDBCRjdGN0FDQ0U4QTY4NTA1RUMwMzE0 Q0ZBMzE3QjAeFw0yNjAzMjUyMzI2NTFaFw0yNjAzMjkxMTI2NTFaMDMxMTAvBgNV BAMTKENBODU1RDg1NjBDRThFMjFCRTg1RjEzQjk1NjIzM0QxRjVDREQwRTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0LBka9PcvhNOc1GH63RD3BY81 seCU3TXaeolRNb4z7GGqRip6SYBHqSGN+fiVniT/TocKgFT+5HWg9MFhJhVskpRm UyQ9T6UDxXMJ5xVLOuuKvEW3EhZAfsjnGC/56EwoWW2jGgW9RNOAUZhRft4NTP/p iZkVxIGIF5ryiVEcC3x19sEbWwNUqjTq682OlZgfey/oSGQZKSjvpWCOSuZHmsoB mfqdGhrph8dq/TTyuLIocvudmPPB2wmbiBRMd2gxErRJnQ8qKaFwLpNfJxZT2pWM d0VZ6p9N5QJgjfqStNyp66hxDz/Owql7a0LutCPF5J/GlZ3+NuqeVJftvGhzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUyoVdhWDOjiG+hfE7lWIz0fXN0OIwHwYDVR0j BBgwFoAUENNTbz0L9/eszopoUF7AMUz6MXswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j YjAxYzk2Ny05OWQwLTRjMjEtOTY0Mi04N2FkYTY3MTU1YzgvMC8xMEQzNTM2RjNE MEJGN0Y3QUNDRThBNjg1MDVFQzAzMTRDRkEzMTdCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTBEMzUzNkYzRDBCRjdGN0FDQ0U4QTY4NTA1RUMwMzE0Q0ZB MzE3Qi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vY2IwMWM5NjctOTlkMC00YzIxLTk2 NDItODdhZGE2NzE1NWM4LzAvMTBEMzUzNkYzRDBCRjdGN0FDQ0U4QTY4NTA1RUMw MzE0Q0ZBMzE3Qi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADOhbk9KAnXukkPbg0HgVV3q+2C1rQOWlIkw biUwwxCYfXTcJ3Te/RlPDf6oHbdHNhQtlgKWMP3duqq6IRBx21u4OcUK+kGoZlD1 xkpFQ60tw/iOHADGmA27mC1xlbiS2gfdc7STiGp5UXVOi2l3TtqHkAQXVgbukLZF T9q4X4zab2sLlv44zshqwGWFz2oB/Fxc3xamdzVz8+ip6VG3WN3+O2TWYv5X1oD9 OPEaUw5hW6tqPZ3tQPVvcjZ25FT/KDcUN/+c3Ip9B+kRpHhBwE+8d14uTagiYuOm 3ULWeWwBaiWSIKjOcXZHfkMVIkLeBHDy+BWjJz0fGi3ybgzE9cc= -----END CERTIFICATE-----Generated at Thu Mar 26 12:03:13 2026 by rpki-client