$ rpki-client -vvf repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft File: B891A45840F824B9F116CBEAA3574A68343F5538.mft (raw, json) Hash identifier: QUHCl3Kv463jVoS71C25b/PUJ56qaiQLpie+CRojtPo= Subject key identifier: E8:61:BB:9B:FB:A1:2E:E3:81:DE:88:A8:74:70:C6:AE:E8:52:42:44 Authority key identifier: B8:91:A4:58:40:F8:24:B9:F1:16:CB:EA:A3:57:4A:68:34:3F:55:38 Certificate issuer: /CN=B891A45840F824B9F116CBEAA3574A68343F5538 Certificate serial: 63FAD9744E6D0B92253ABB76C2F6D7908BE5D9CC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft Manifest number: D3 Signing time: Thu 26 Mar 2026 09:52:28 +0000 Manifest this update: Thu 26 Mar 2026 09:47:28 +0000 Manifest next update: Sun 29 Mar 2026 20:17:28 +0000 Files and hashes: 1: 3130332e32382e3231382e302f32342d3234203d3e203538333835.roa (hash: LRVa/+g9Phm4DS1KM+ftjtti7KXy6ccI0ROhTKpj7KU=) 2: 3131302e39322e37342e302f32332d3234203d3e203538333835.roa (hash: XhWdokRSZKsmkPslfMXYqoYsZmB36DXqHyY6n5ueEW4=) 3: B891A45840F824B9F116CBEAA3574A68343F5538.crl (hash: ppjTCZucDjKqU3LMb34DKRw/raf4kXrP3RqBHxuGAv4=) 4: 3130332e32332e3131362e302f32332d3234203d3e203538333835.roa (hash: GOKg9RSCe07Sx9GP7mLWYk+y2Rm870vCrIk4OhiKGTc=) 5: 3130332e3234362e3136392e302f32342d3234203d3e203538333835.roa (hash: M7vZQHPEWxI5UNs6yi6gKlm3olQkDzTXBE8xEqwNtQY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.crl rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 20:17:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:fa:d9:74:4e:6d:0b:92:25:3a:bb:76:c2:f6:d7:90:8b:e5:d9:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B891A45840F824B9F116CBEAA3574A68343F5538 Validity Not Before: Mar 26 09:47:28 2026 GMT Not After : Mar 29 20:17:28 2026 GMT Subject: CN=E861BB9BFBA12EE381DE88A87470C6AEE8524244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:1b:71:a3:09:7f:2f:1c:60:20:80:d7:17:23: 7e:60:ae:57:6b:b1:4d:ce:d1:56:4d:78:72:dc:d6: 40:c5:26:92:64:3a:72:97:87:fc:07:f4:e8:5b:d1: 2a:3f:b3:15:03:ce:30:c4:ab:7c:52:07:e7:ea:81: 7a:53:38:48:47:63:37:f5:5b:f8:83:77:05:30:89: 3c:7f:05:5e:c6:0c:1a:ee:d6:d7:0d:3c:45:67:cf: af:a9:0d:53:4b:ec:c9:9e:5e:25:d5:eb:94:ed:76: 78:d5:fd:3b:83:de:c9:22:e1:a2:3a:83:29:e0:2a: 25:39:c8:94:41:42:46:21:78:20:3e:dd:f7:1e:6e: 5b:22:87:74:2e:58:10:ce:35:43:5c:74:98:84:71: 6d:b0:bf:d9:97:28:c4:14:0b:c0:90:f5:98:98:a6: b7:0a:f8:7e:a6:c8:45:a3:68:64:53:a2:c9:f5:ae: a1:9e:9c:b4:c5:6a:d1:8b:5f:c0:7e:fb:5c:7a:f0: df:ce:1b:45:10:b3:1b:f8:4b:c1:e2:18:a5:3a:b1: ef:f3:28:b2:ac:49:0d:0c:eb:7a:01:00:bd:84:6d: 2e:11:f4:6b:b3:eb:3e:0c:3c:38:6e:28:0e:02:6b: 47:2b:2a:6e:17:3d:6f:c9:3b:72:40:ab:ae:cb:16: 4e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:61:BB:9B:FB:A1:2E:E3:81:DE:88:A8:74:70:C6:AE:E8:52:42:44 X509v3 Authority Key Identifier: keyid:B8:91:A4:58:40:F8:24:B9:F1:16:CB:EA:A3:57:4A:68:34:3F:55:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B891A45840F824B9F116CBEAA3574A68343F5538.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d3925388-35c6-41d7-9dc4-db4d118d135a/0/B891A45840F824B9F116CBEAA3574A68343F5538.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:f3:8c:55:96:ae:ed:7e:58:e5:fd:ec:44:c9:43:67:18:b4: 12:cf:70:b8:81:ab:36:c4:3d:4a:26:6b:8d:88:66:40:d0:f8: c6:9f:36:0b:16:6d:fe:ed:3b:bf:3a:3f:97:18:b5:c8:a9:74: 12:0a:27:3d:78:50:40:83:94:eb:ee:98:98:c7:6a:4a:83:22: a5:99:0b:d0:36:b1:39:c1:1a:d2:15:de:01:e4:a0:fa:a6:4e: 9f:fc:61:d9:68:4a:db:f7:85:4b:f9:50:a9:2a:c0:76:0e:2f: 0e:a9:02:fe:53:a9:0c:19:02:b0:9f:64:9d:16:28:c8:ab:49: fe:b6:29:58:11:f1:96:29:3b:32:ec:4f:eb:64:78:c6:bd:95: 13:66:56:0f:3e:58:bb:20:0d:13:c9:9d:e8:a5:18:c4:96:00: c0:17:ba:c5:86:06:00:53:01:28:58:9e:cc:e9:44:47:c6:ab: 24:3c:74:64:1d:b0:93:b8:20:40:1e:d9:cd:4a:eb:2f:cf:64: b2:26:0d:e7:24:24:ff:63:de:c8:9d:8a:22:73:f9:2f:68:97: bb:7e:42:74:02:13:d2:2e:92:ce:b6:41:31:4d:79:94:72:43: b7:97:5e:f5:fb:6b:bf:d3:36:09:f3:fb:4d:ca:62:e5:a8:56: 2a:9e:a2:c2 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUY/rZdE5tC5IlOrt2wvbXkIvl2cwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRBNjgz NDNGNTUzODAeFw0yNjAzMjYwOTQ3MjhaFw0yNjAzMjkyMDE3MjhaMDMxMTAvBgNV BAMTKEU4NjFCQjlCRkJBMTJFRTM4MURFODhBODc0NzBDNkFFRTg1MjQyNDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiG3GjCX8vHGAggNcXI35grldr sU3O0VZNeHLc1kDFJpJkOnKXh/wH9Ohb0So/sxUDzjDEq3xSB+fqgXpTOEhHYzf1 W/iDdwUwiTx/BV7GDBru1tcNPEVnz6+pDVNL7MmeXiXV65TtdnjV/TuD3ski4aI6 gyngKiU5yJRBQkYheCA+3fceblsih3QuWBDONUNcdJiEcW2wv9mXKMQUC8CQ9ZiY prcK+H6myEWjaGRTosn1rqGenLTFatGLX8B++1x68N/OG0UQsxv4S8HiGKU6se/z KLKsSQ0M63oBAL2EbS4R9Guz6z4MPDhuKA4Ca0crKm4XPW/JO3JAq67LFk6LAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU6GG7m/uhLuOB3oiodHDGruhSQkQwHwYDVR0j BBgwFoAUuJGkWED4JLnxFsvqo1dKaDQ/VTgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MzkyNTM4OC0zNWM2LTQxZDctOWRjNC1kYjRkMTE4ZDEzNWEvMC9CODkxQTQ1ODQw RjgyNEI5RjExNkNCRUFBMzU3NEE2ODM0M0Y1NTM4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRBNjgzNDNG NTUzOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDM5MjUzODgtMzVjNi00MWQ3LTlk YzQtZGI0ZDExOGQxMzVhLzAvQjg5MUE0NTg0MEY4MjRCOUYxMTZDQkVBQTM1NzRB NjgzNDNGNTUzOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADPzjFWWru1+WOX97ETJQ2cYtBLPcLiBqzbE PUoma42IZkDQ+MafNgsWbf7tO786P5cYtcipdBIKJz14UECDlOvumJjHakqDIqWZ C9A2sTnBGtIV3gHkoPqmTp/8YdloStv3hUv5UKkqwHYOLw6pAv5TqQwZArCfZJ0W KMirSf62KVgR8ZYpOzLsT+tkeMa9lRNmVg8+WLsgDRPJneilGMSWAMAXusWGBgBT AShYnszpREfGqyQ8dGQdsJO4IEAe2c1K6y/PZLImDeckJP9j3sidiiJz+S9ol7t+ QnQCE9Iuks62QTFNeZRyQ7eXXvX7a7/TNgnz+03KYuWoViqeosI= -----END CERTIFICATE-----Generated at Thu Mar 26 19:46:07 2026 by rpki-client