$ rpki-client -vvf repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft File: 2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft (raw, json) Hash identifier: a++pOHxk0xUNX81lTdbpi/Y6Ube1UMFIGhFWVVgkQL4= Subject key identifier: 94:99:B4:50:DB:C9:97:1D:8A:E7:E8:91:4E:7E:BB:A6:CD:E2:D3:4A Authority key identifier: 2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 Certificate issuer: /CN=2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7 Certificate serial: 7FF1762F371FFEE100A0DE7A4D007DBD9F8A875F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft Manifest number: 0D Signing time: Thu 26 Mar 2026 08:11:14 +0000 Manifest this update: Thu 26 Mar 2026 08:06:14 +0000 Manifest next update: Sun 29 Mar 2026 15:29:14 +0000 Files and hashes: 1: 2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl (hash: 6ZqrlAkjicwluoyLcOZl7oluURm/7w/jZvDMF07Lo4M=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 14:23:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:f1:76:2f:37:1f:fe:e1:00:a0:de:7a:4d:00:7d:bd:9f:8a:87:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7 Validity Not Before: Mar 26 08:06:14 2026 GMT Not After : Mar 29 15:29:14 2026 GMT Subject: CN=9499B450DBC9971D8AE7E8914E7EBBA6CDE2D34A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:3a:2f:ba:15:81:e5:d7:e2:4a:34:b4:47:1a: 33:cc:7e:9f:4e:52:a0:51:f3:9d:de:59:32:3f:39: dd:12:69:fd:a6:55:9b:48:b7:fb:23:08:e0:d1:90: dc:c6:67:86:19:a5:7c:c5:58:f4:89:47:4f:72:eb: 48:ed:54:1d:ac:86:0a:99:c2:23:b8:0f:19:cf:7b: a7:4a:e0:d6:20:95:b8:86:8a:f5:70:d3:a9:72:f1: 8d:f8:3d:33:90:37:27:39:75:12:d8:62:f2:bd:a7: 85:15:b9:8a:f1:6c:de:59:c1:ac:5e:98:c4:31:9e: 8c:c7:af:45:f9:c5:2a:b3:05:2b:2d:89:45:c4:b8: fa:f5:97:fa:f2:a5:35:57:8d:b4:2d:6c:26:1e:01: 55:72:c2:fb:19:d9:7d:34:be:50:4f:e6:c6:ce:a0: 7b:0d:6f:cb:4e:38:cc:c9:53:61:79:f6:e4:6b:ed: 53:15:80:b1:4f:e7:a9:e5:bb:c3:62:51:f2:96:da: 0a:f7:d4:2c:0e:57:5b:4b:44:d9:b8:51:e1:f3:0c: 5a:2e:89:60:65:af:10:0a:3b:d8:e7:70:fd:7a:9f: 3c:66:b6:27:16:e8:40:b5:6f:8b:b8:4d:c2:0b:e3: 79:ce:85:4e:f0:80:42:10:61:33:56:9e:7c:b9:72: 10:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:99:B4:50:DB:C9:97:1D:8A:E7:E8:91:4E:7E:BB:A6:CD:E2:D3:4A X509v3 Authority Key Identifier: keyid:2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:c7:8b:b4:51:47:1b:58:a6:b4:a0:2e:48:02:47:2c:3f:bf: 66:c6:5d:68:f2:1b:5f:51:b2:76:af:41:e3:33:3c:4c:58:62: 75:66:b1:45:9e:99:de:60:03:a0:ad:a9:0b:2e:2b:08:fb:22: b4:1a:d5:75:ea:af:24:50:2d:1f:50:20:21:24:57:31:16:fa: bc:18:5d:c7:41:54:da:17:30:a2:b7:1c:e0:69:fd:14:4e:53: ff:6b:02:2f:b0:33:b0:9d:d5:9f:b7:00:22:f8:27:d4:ff:ef: 21:db:d3:29:d0:0b:7c:28:9d:96:e7:f5:ac:a5:0c:9c:7c:22: 28:37:fb:41:8c:ed:e4:b8:68:54:f0:a8:8f:bd:51:52:b1:61: 0d:dc:3b:10:3e:ff:62:cc:91:c9:78:89:43:d8:e8:15:ab:d2: 5c:a1:e9:16:50:f9:a2:1f:6d:65:26:44:aa:12:fc:a6:20:77: 98:88:7d:11:b0:c6:93:24:40:4b:e4:47:a0:f7:73:70:6b:34: 17:12:a5:a7:06:d0:43:b0:8d:02:b6:e0:f0:42:4a:66:3a:b0: 4b:af:73:8c:75:0f:84:3f:64:cb:a8:ca:71:9e:a5:58:56:a3: 94:51:16:5d:a3:e6:8e:c0:e8:13:77:f3:a1:ce:c8:4b:ae:7c: 7f:b4:13:c6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUf/F2Lzcf/uEAoN56TQB9vZ+Kh18wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzczMTlC QjExMjdGNzAeFw0yNjAzMjYwODA2MTRaFw0yNjAzMjkxNTI5MTRaMDMxMTAvBgNV BAMTKDk0OTlCNDUwREJDOTk3MUQ4QUU3RTg5MTRFN0VCQkE2Q0RFMkQzNEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEOi+6FYHl1+JKNLRHGjPMfp9O UqBR853eWTI/Od0Saf2mVZtIt/sjCODRkNzGZ4YZpXzFWPSJR09y60jtVB2shgqZ wiO4DxnPe6dK4NYglbiGivVw06ly8Y34PTOQNyc5dRLYYvK9p4UVuYrxbN5Zwaxe mMQxnozHr0X5xSqzBSstiUXEuPr1l/rypTVXjbQtbCYeAVVywvsZ2X00vlBP5sbO oHsNb8tOOMzJU2F59uRr7VMVgLFP56nlu8NiUfKW2gr31CwOV1tLRNm4UeHzDFou iWBlrxAKO9jncP16nzxmticW6EC1b4u4TcIL43nOhU7wgEIQYTNWnny5chCtAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUlJm0UNvJlx2K5+iRTn67ps3i00owHwYDVR0j BBgwFoAULY//29GvkHo+ew6CGaNzGbsRJ/cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j YmRlM2E0Mi02MjcyLTRiNmMtYWQ4MS1jY2NmYmU5NDg4YzAvMS8yRDhGRkZEQkQx QUY5MDdBM0U3QjBFODIxOUEzNzMxOUJCMTEyN0Y3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzczMTlCQjEx MjdGNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vY2JkZTNhNDItNjI3Mi00YjZjLWFk ODEtY2NjZmJlOTQ4OGMwLzEvMkQ4RkZGREJEMUFGOTA3QTNFN0IwRTgyMTlBMzcz MTlCQjExMjdGNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKzHi7RRRxtYprSgLkgCRyw/v2bGXWjyG19R snavQeMzPExYYnVmsUWemd5gA6CtqQsuKwj7IrQa1XXqryRQLR9QICEkVzEW+rwY XcdBVNoXMKK3HOBp/RROU/9rAi+wM7Cd1Z+3ACL4J9T/7yHb0ynQC3wonZbn9ayl DJx8Iig3+0GM7eS4aFTwqI+9UVKxYQ3cOxA+/2LMkcl4iUPY6BWr0lyh6RZQ+aIf bWUmRKoS/KYgd5iIfRGwxpMkQEvkR6D3c3BrNBcSpacG0EOwjQK24PBCSmY6sEuv c4x1D4Q/ZMuoynGepVhWo5RRFl2j5o7A6BN386HOyEuufH+0E8Y= -----END CERTIFICATE-----Generated at Thu Mar 26 13:33:36 2026 by rpki-client