$ rpki-client -vvf repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft File: DD68C98D519CC8D624F664B026AEB9B289EE819C.mft (raw, json) Hash identifier: 2ePuH+34x1aKaAVsZ/RDgP5ng9+mCkbFqRT6E4g8yPk= Subject key identifier: 17:EC:9C:8F:77:0B:95:22:BA:9F:F7:5B:AA:B5:90:A8:AF:68:59:52 Authority key identifier: DD:68:C9:8D:51:9C:C8:D6:24:F6:64:B0:26:AE:B9:B2:89:EE:81:9C Certificate issuer: /CN=DD68C98D519CC8D624F664B026AEB9B289EE819C Certificate serial: 6B706436BAE25E097FA66420FE4A54B4C3725481 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft Manifest number: 0226 Signing time: Tue 24 Mar 2026 16:42:03 +0000 Manifest this update: Tue 24 Mar 2026 16:37:03 +0000 Manifest next update: Fri 27 Mar 2026 23:54:03 +0000 Files and hashes: 1: 3130332e33362e35332e302f32342d3234203d3e2039333431.roa (hash: 9XabV5C+bxTzwQpxWRFJ2J0ODxVlFWpwxY4ZIRRll5s=) 2: DD68C98D519CC8D624F664B026AEB9B289EE819C.crl (hash: kDHigQOdt7uJ2kjv1UjBFphif39G3rHwILsP73mA9lI=) 3: 3130332e33362e35322e302f32342d3234203d3e2039333431.roa (hash: 4vYKKc9gCQNLGbY6CdycYfIML4Cvt54/Y7bjgPLGEYU=) 4: 3130332e33362e35322e302f32332d3233203d3e2039333431.roa (hash: avxCSiDbdDW7kOsh1a+dBlMPbboYpQF+S49u7QzrJXw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.crl rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 23:54:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:70:64:36:ba:e2:5e:09:7f:a6:64:20:fe:4a:54:b4:c3:72:54:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DD68C98D519CC8D624F664B026AEB9B289EE819C Validity Not Before: Mar 24 16:37:03 2026 GMT Not After : Mar 27 23:54:03 2026 GMT Subject: CN=17EC9C8F770B9522BA9FF75BAAB590A8AF685952 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:8a:32:c4:ac:42:94:62:cc:03:8f:d6:5c:76: 3a:3f:a8:28:2a:9b:45:43:6d:d2:36:f0:ec:67:a7: 4a:b0:89:cd:26:95:cb:84:d4:9d:be:4d:ed:ec:d8: 1d:52:85:dc:9a:ca:ac:e9:b4:b5:b6:1c:a8:11:e9: fb:93:3e:ad:f8:80:3e:62:c4:c3:f4:59:de:a8:15: bd:d9:5a:5a:24:29:d4:d0:a8:c0:94:78:a0:00:2c: 66:3d:42:a7:b4:55:25:96:a2:97:04:ad:bd:14:d3: c7:48:79:ae:5f:db:ba:ef:00:42:87:8e:7d:13:52: 6e:f2:43:9f:66:8c:b3:e3:c8:c5:19:f7:a6:2f:da: d5:6e:31:d0:15:fd:52:73:4e:2e:51:9c:c8:22:64: bf:a4:5e:03:9e:db:27:76:cf:af:d0:b0:03:cd:f5: d3:6c:02:ab:4a:9f:66:f1:01:e1:33:cf:f6:70:16: 0b:05:2a:bb:dc:da:98:10:16:d0:b4:81:a8:88:a9: 09:ad:6d:40:dd:c7:5f:ae:a5:96:8a:26:89:2b:40: 09:d2:2e:df:4b:32:1e:ad:2d:a5:d2:c6:be:c6:b5: 89:41:2e:ee:b7:09:4c:3d:66:b1:23:51:d6:53:99: af:c4:bf:66:56:66:72:3d:a7:83:98:b7:8e:2d:78: e6:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:EC:9C:8F:77:0B:95:22:BA:9F:F7:5B:AA:B5:90:A8:AF:68:59:52 X509v3 Authority Key Identifier: keyid:DD:68:C9:8D:51:9C:C8:D6:24:F6:64:B0:26:AE:B9:B2:89:EE:81:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:96:6c:bc:b5:46:07:c4:86:c4:04:ec:9c:a6:8f:10:8f:c4: 93:aa:a8:54:9c:22:e2:fe:73:81:28:a9:40:fe:33:6f:58:dd: 87:99:b1:cf:f0:f7:e0:74:97:2c:fa:75:26:ea:61:22:76:f9: f7:cd:33:6b:b0:87:cb:d7:45:94:a0:32:65:64:b2:42:9c:2e: 7b:12:4d:a9:dc:79:40:86:55:dd:56:cd:00:61:ba:e3:c5:da: c2:ce:b6:f8:a0:8f:4c:ed:2a:09:1a:94:51:50:cb:fa:af:fc: 6e:55:97:63:94:66:a7:4a:9d:1f:b7:a2:2e:84:90:24:f9:c5: be:a9:f7:11:60:ba:10:fe:d3:9d:e8:1d:d1:b2:3b:31:fb:81: f3:45:3d:3d:4b:5b:51:04:f6:70:ef:38:95:88:99:3c:f9:b5: a6:3c:c1:be:7d:06:fe:67:96:c8:e0:9a:fb:3d:2c:c3:65:4f: 23:fe:a6:15:40:52:51:c3:fc:bd:bb:20:da:67:74:ae:37:6e: 0b:fe:51:e6:cb:53:fd:81:a1:cd:c5:48:6b:b9:b7:f2:34:4e: 93:7a:99:80:d1:20:a5:32:2c:a5:6a:1d:96:10:21:f6:f9:bf: 42:3c:60:8a:45:52:e7:49:c3:4f:03:d4:b2:1b:04:99:96:b3: cc:80:98:72 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUa3BkNrriXgl/pmQg/kpUtMNyVIEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5QjI4 OUVFODE5QzAeFw0yNjAzMjQxNjM3MDNaFw0yNjAzMjcyMzU0MDNaMDMxMTAvBgNV BAMTKDE3RUM5QzhGNzcwQjk1MjJCQTlGRjc1QkFBQjU5MEE4QUY2ODU5NTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKijLErEKUYswDj9Zcdjo/qCgq m0VDbdI28Oxnp0qwic0mlcuE1J2+Te3s2B1ShdyayqzptLW2HKgR6fuTPq34gD5i xMP0Wd6oFb3ZWlokKdTQqMCUeKAALGY9Qqe0VSWWopcErb0U08dIea5f27rvAEKH jn0TUm7yQ59mjLPjyMUZ96Yv2tVuMdAV/VJzTi5RnMgiZL+kXgOe2yd2z6/QsAPN 9dNsAqtKn2bxAeEzz/ZwFgsFKrvc2pgQFtC0gaiIqQmtbUDdx1+upZaKJokrQAnS Lt9LMh6tLaXSxr7GtYlBLu63CUw9ZrEjUdZTma/Ev2ZWZnI9p4OYt44teOaLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUF+ycj3cLlSK6n/dbqrWQqK9oWVIwHwYDVR0j BBgwFoAU3WjJjVGcyNYk9mSwJq65sonugZwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MDQzYTg4OS1jODYxLTRkMjktOWQ3Ny05MjNkOTI3ZTc2MzQvMC9ERDY4Qzk4RDUx OUNDOEQ2MjRGNjY0QjAyNkFFQjlCMjg5RUU4MTlDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5QjI4OUVF ODE5Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDA0M2E4ODktYzg2MS00ZDI5LTlk NzctOTIzZDkyN2U3NjM0LzAvREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5 QjI4OUVFODE5Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHmWbLy1RgfEhsQE7JymjxCPxJOqqFScIuL+ c4EoqUD+M29Y3YeZsc/w9+B0lyz6dSbqYSJ2+ffNM2uwh8vXRZSgMmVkskKcLnsS TanceUCGVd1WzQBhuuPF2sLOtvigj0ztKgkalFFQy/qv/G5Vl2OUZqdKnR+3oi6E kCT5xb6p9xFguhD+053oHdGyOzH7gfNFPT1LW1EE9nDvOJWImTz5taY8wb59Bv5n lsjgmvs9LMNlTyP+phVAUlHD/L27INpndK43bgv+UebLU/2Boc3FSGu5t/I0TpN6 mYDRIKUyLKVqHZYQIfb5v0I8YIpFUudJw08D1LIbBJmWs8yAmHI= -----END CERTIFICATE-----Generated at Thu Mar 26 16:07:18 2026 by rpki-client