$ rpki-client -vvf repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft File: 20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft (raw, json) Hash identifier: 86qh8WQNw365BDw+EPmTiV2FxprIPr81vXp1+ctIV5s= Subject key identifier: 30:5B:31:0C:86:61:C6:AE:AA:4E:93:E4:30:B7:CE:00:BF:48:53:DE Authority key identifier: 20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 Certificate issuer: /CN=20B15C95FA3351402D60E968AD1D9ECD289ABFF9 Certificate serial: 124D803AF0DB978AF62DE761CF76249F223A53E7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft Manifest number: 04E4 Signing time: Wed 25 Mar 2026 10:00:56 +0000 Manifest this update: Wed 25 Mar 2026 09:55:56 +0000 Manifest next update: Sat 28 Mar 2026 14:12:56 +0000 Files and hashes: 1: 3130332e3136322e302e302f32342d3234203d3e20313431363334.roa (hash: mrVcWkYKkNNL+5Z0dua06HvGJVSXAbMBn3dbcArjm/g=) 2: 20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl (hash: NUJXtcKk5FSC+vaVV5mcEBRSf96yMxn873PrNK6yE2c=) 3: 3130332e3136322e312e302f32342d3234203d3e2036393339.roa (hash: U7NnTgw4+RWSqCZvvYrAIpdq9+m5qm4ziARKzADWCYw=) 4: 3130332e3136322e312e302f32342d3234203d3e20313431363334.roa (hash: qNe08ONmrtJrbqnJHhzOzL4yLMKznA4CGtzFIsSxWok=) 5: 3130332e3136322e302e302f32332d3233203d3e20313431363334.roa (hash: BUWXw4dtky6u3IS1OVmdebvECXrPIBW5iPpOPegzgSU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 14:12:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:4d:80:3a:f0:db:97:8a:f6:2d:e7:61:cf:76:24:9f:22:3a:53:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20B15C95FA3351402D60E968AD1D9ECD289ABFF9 Validity Not Before: Mar 25 09:55:56 2026 GMT Not After : Mar 28 14:12:56 2026 GMT Subject: CN=305B310C8661C6AEAA4E93E430B7CE00BF4853DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:d2:db:c0:30:d5:a6:62:60:a0:4c:85:2d:fa: 8d:c3:34:e5:31:0a:86:19:5f:6f:7a:ea:a5:c4:66: c4:39:bb:e3:9a:01:8a:11:9e:fe:62:15:f3:25:74: a4:97:8a:32:3a:2f:35:ed:30:f2:79:9e:91:be:ef: 52:81:83:da:39:36:fa:a9:71:39:56:86:3a:44:60: ef:fc:12:bf:eb:00:94:0b:a0:f9:c5:ac:0b:6d:df: af:5b:56:1a:49:80:89:51:5a:43:6e:96:1b:b3:c1: 8a:30:1a:65:5d:ab:be:16:b3:5e:d1:5b:1c:7a:e3: f7:84:2d:6e:96:b4:cc:0b:9b:4b:19:f3:8d:14:2f: 35:05:9b:11:9b:5b:69:f3:93:a1:9f:e4:81:8a:b3: 93:e1:a4:7b:85:f0:ae:ae:92:b8:8c:24:91:be:04: 7c:eb:9e:71:dc:67:ce:19:d9:eb:01:6f:57:fb:ff: 78:c4:db:7d:18:a1:6e:16:17:1e:17:db:c6:33:0c: 2f:e0:2e:10:ae:8b:15:1f:7c:3c:a6:5f:b8:c0:df: 91:4e:9b:96:db:14:ab:53:1b:ff:58:30:5d:64:d1: 08:43:89:47:05:f9:2a:df:6c:33:e8:a0:a1:7d:cb: 4a:a6:5d:b8:f5:2d:84:a4:9e:fc:d7:a5:67:0b:d4: d4:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:5B:31:0C:86:61:C6:AE:AA:4E:93:E4:30:B7:CE:00:BF:48:53:DE X509v3 Authority Key Identifier: keyid:20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:de:80:80:d2:f7:54:7c:23:8a:2b:c0:ee:93:3f:e7:6a:97: 41:8e:f2:c2:b4:cd:eb:6f:ce:e1:36:ca:9b:b4:7f:4d:22:42: 91:bd:41:3c:2a:ca:8b:9d:d9:72:c4:42:9b:f6:99:2f:4b:4a: fc:46:12:22:64:94:a1:a1:de:da:54:f2:89:99:01:d8:4f:e8: 6c:80:9d:fe:ad:94:f7:b6:66:86:ca:05:b7:f0:6c:d2:21:2d: f4:84:3c:49:71:21:ba:8c:e3:fc:dc:8c:8d:fb:a3:9c:02:ac: 4c:80:c3:9f:0c:bf:a2:e1:91:43:fb:e7:5d:01:c0:93:be:d2: 0b:64:8a:08:ba:74:51:fc:07:8b:75:1c:3f:b6:cd:d4:36:cc: 49:3e:39:d8:c4:39:73:da:17:78:03:d5:0e:2d:e4:5d:69:60: 44:e0:b9:2b:9e:97:13:22:d3:3a:81:5c:83:46:fc:77:18:be: 66:02:13:42:ff:84:39:ae:ef:e7:56:c2:b3:d7:71:bf:ca:7b: 3a:d0:f1:dc:17:ed:12:b9:0c:bb:b1:cd:dc:ae:14:e2:cc:0f: fa:ca:67:dd:1e:b0:b4:fb:fb:1e:90:98:c1:ae:cf:d5:bb:a0: d6:a2:65:63:3f:a5:07:6b:32:61:be:60:8d:10:3e:b1:82:fa: 8d:44:14:1d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUEk2AOvDbl4r2Ledhz3YknyI6U+cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlFQ0Qy ODlBQkZGOTAeFw0yNjAzMjUwOTU1NTZaFw0yNjAzMjgxNDEyNTZaMDMxMTAvBgNV BAMTKDMwNUIzMTBDODY2MUM2QUVBQTRFOTNFNDMwQjdDRTAwQkY0ODUzREUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY0tvAMNWmYmCgTIUt+o3DNOUx CoYZX2966qXEZsQ5u+OaAYoRnv5iFfMldKSXijI6LzXtMPJ5npG+71KBg9o5Nvqp cTlWhjpEYO/8Er/rAJQLoPnFrAtt369bVhpJgIlRWkNulhuzwYowGmVdq74Ws17R Wxx64/eELW6WtMwLm0sZ840ULzUFmxGbW2nzk6Gf5IGKs5PhpHuF8K6ukriMJJG+ BHzrnnHcZ84Z2esBb1f7/3jE230YoW4WFx4X28YzDC/gLhCuixUffDymX7jA35FO m5bbFKtTG/9YMF1k0QhDiUcF+SrfbDPooKF9y0qmXbj1LYSknvzXpWcL1NSzAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUMFsxDIZhxq6qTpPkMLfOAL9IU94wHwYDVR0j BBgwFoAUILFclfozUUAtYOlorR2ezSiav/kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MTQxOTNjNC00YWJkLTRlMmMtYTFkMC0xYjVjZTMyZTQyMGIvMC8yMEIxNUM5NUZB MzM1MTQwMkQ2MEU5NjhBRDFEOUVDRDI4OUFCRkY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlFQ0QyODlB QkZGOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDE0MTkzYzQtNGFiZC00ZTJjLWEx ZDAtMWI1Y2UzMmU0MjBiLzAvMjBCMTVDOTVGQTMzNTE0MDJENjBFOTY4QUQxRDlF Q0QyODlBQkZGOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGregIDS91R8I4orwO6TP+dql0GO8sK0zetv zuE2ypu0f00iQpG9QTwqyoud2XLEQpv2mS9LSvxGEiJklKGh3tpU8omZAdhP6GyA nf6tlPe2ZobKBbfwbNIhLfSEPElxIbqM4/zcjI37o5wCrEyAw58Mv6LhkUP7510B wJO+0gtkigi6dFH8B4t1HD+2zdQ2zEk+OdjEOXPaF3gD1Q4t5F1pYETguSuelxMi 0zqBXING/HcYvmYCE0L/hDmu7+dWwrPXcb/KezrQ8dwX7RK5DLuxzdyuFOLMD/rK Z90esLT7+x6QmMGuz9W7oNaiZWM/pQdrMmG+YI0QPrGC+o1EFB0= -----END CERTIFICATE-----Generated at Thu Mar 26 07:21:48 2026 by rpki-client