$ rpki-client -vvf repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.mft File: BD809D8A065DB595DC069383736A1A9C4A96B267.mft (raw, json) Hash identifier: i+JRLVGg0REKHKWz5HRi4zPJY1qYyxNhdwXEcctgHPY= Subject key identifier: 16:57:03:2B:DE:9B:3D:C2:BC:13:38:31:28:80:88:0C:30:AE:A1:FE Authority key identifier: BD:80:9D:8A:06:5D:B5:95:DC:06:93:83:73:6A:1A:9C:4A:96:B2:67 Certificate issuer: /CN=BD809D8A065DB595DC069383736A1A9C4A96B267 Certificate serial: 578519F0796CF62E097EAA20E5543F17E0C3EFCF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD809D8A065DB595DC069383736A1A9C4A96B267.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.mft Manifest number: 0561 Signing time: Thu 26 Mar 2026 08:42:20 +0000 Manifest this update: Thu 26 Mar 2026 08:37:20 +0000 Manifest next update: Sun 29 Mar 2026 18:35:20 +0000 Files and hashes: 1: 34352e3132372e3133332e302f32342d3234203d3e203538343737.roa (hash: m1RDFs81kJe7cLkzIuvESdF6lsbsj7FMYtNBuW0nGcE=) 2: 34352e3132372e3133342e302f32342d3234203d3e203538343737.roa (hash: mAHS4RhjFlyuuj4wSTCANOzW1BtppaUwbd4+LpgqV3A=) 3: 34352e3132372e3133322e302f32342d3234203d3e203538343737.roa (hash: 6P/MnisWmadZujdf0MdzBBem1MXVl8xw/vKYXqNcxoU=) 4: 3130332e35362e3230352e302f32342d3234203d3e203538343737.roa (hash: Y6tvd+1XtHiukr4Lnc++EG2e4/MBcfeHFg9Xd0kGFMg=) 5: BD809D8A065DB595DC069383736A1A9C4A96B267.crl (hash: 4+uPGJkF/NlOJ0i78S3jrPcXoNr2V3rjSf7sjGylHF4=) 6: 34352e3132372e3133352e302f32342d3234203d3e20313335333630.roa (hash: lOPyN4jlxJmDfUm1Z5usitGLtQdiU+flslurwWQqLwM=) 7: 3130332e35362e3230362e302f32342d3234203d3e203538343737.roa (hash: ctlL63La/nA2o80IyG4Gn5yERO9Svxh3VS6Tj8PS2Bk=) 8: 3130332e35362e3230372e302f32342d3234203d3e203538343737.roa (hash: +FaWxeyMSXTm1A2YbWkKpjjxd9ODF5R6bPfmYjsvC3c=) 9: 3130332e35362e3230342e302f32342d3234203d3e203538343737.roa (hash: E6oSwKyWxejOo/v5HHitngqUwJ84vi0WR9s9o+kQ4qc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.crl rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD809D8A065DB595DC069383736A1A9C4A96B267.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 18:35:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:85:19:f0:79:6c:f6:2e:09:7e:aa:20:e5:54:3f:17:e0:c3:ef:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD809D8A065DB595DC069383736A1A9C4A96B267 Validity Not Before: Mar 26 08:37:20 2026 GMT Not After : Mar 29 18:35:20 2026 GMT Subject: CN=1657032BDE9B3DC2BC1338312880880C30AEA1FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:13:3f:6a:89:d2:9f:ea:f5:51:08:b4:ae:69: 06:3b:0d:92:4e:dc:5e:a4:a5:df:7e:24:9a:41:c5: 00:79:cd:d3:d8:74:be:86:b1:3d:30:44:12:ff:8b: 81:6a:87:ae:b4:23:54:dd:c2:09:98:4b:a7:81:09: 95:5b:4f:45:b8:a7:2e:46:f0:e0:d6:4e:ad:e7:a6: f0:0b:f0:1b:ee:cd:ef:25:4e:6c:a4:e1:80:4c:68: 55:cd:f0:e6:fa:2f:d4:7b:da:f3:a5:93:2c:e7:ae: 09:c2:d1:88:6d:7a:04:a2:36:73:2a:fc:cf:75:cf: 65:1d:73:dc:f5:cf:59:b3:4a:94:5d:40:c6:1a:31: 39:8b:3c:0c:f6:c6:3d:76:9b:5b:e9:d1:69:02:8c: 16:68:f9:e9:48:cb:bc:78:a4:90:4c:eb:30:af:3e: 55:ec:e7:f2:57:00:9d:97:13:08:99:d9:90:a3:65: 50:c0:52:88:a0:ca:99:25:30:b4:33:ae:e1:43:c5: 1b:a1:86:4a:f2:78:f9:d0:b5:2c:f8:1d:af:ac:01: 1e:3c:5b:51:b1:bc:ac:a5:f6:5f:17:96:50:c4:c1: c1:c5:6c:3d:2f:f2:9a:85:01:ef:74:17:56:77:1c: 96:c4:53:bf:06:b4:a7:d3:dd:f0:67:5f:91:7c:39: 76:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:57:03:2B:DE:9B:3D:C2:BC:13:38:31:28:80:88:0C:30:AE:A1:FE X509v3 Authority Key Identifier: keyid:BD:80:9D:8A:06:5D:B5:95:DC:06:93:83:73:6A:1A:9C:4A:96:B2:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD809D8A065DB595DC069383736A1A9C4A96B267.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:69:93:67:7e:aa:6f:b2:20:2e:e4:a6:69:2b:b9:cc:56:15: 50:95:70:50:e8:a3:c4:48:64:3a:2f:dc:25:ef:b1:e9:4d:14: 39:c3:1c:41:7c:97:8e:3e:d6:4b:a4:b6:8c:ad:c2:f6:a9:53: 38:7e:d1:d7:9a:0a:89:43:bc:58:33:fc:79:88:91:23:8d:be: a6:09:5a:ad:f2:b6:ef:cf:42:bb:52:60:65:01:d6:c6:f4:a1: e8:fa:07:61:01:05:f8:51:7b:b0:8c:14:a0:51:01:14:d0:b6: 61:bb:44:8b:14:bb:54:0d:f4:d3:ce:b4:89:2d:55:0e:41:2a: a2:95:1a:c1:bb:fd:79:46:24:59:d2:13:a0:f0:32:9a:80:21: 0e:67:99:b5:47:4f:31:30:76:cf:90:98:c8:e8:a5:e3:62:3a: 23:2d:ad:ac:93:28:6d:3e:d4:88:84:3a:b7:69:1b:02:d4:d4: fb:67:5b:c5:50:60:80:21:0a:8e:40:c0:da:63:8e:61:3c:c2: 23:45:77:f0:2f:ca:42:fc:ed:1d:a0:e7:6d:99:46:79:ba:04: 06:67:df:e4:a2:17:18:cb:24:ce:e9:88:66:73:3e:98:ff:be: 16:2a:43:2e:74:38:c8:55:87:01:70:b3:12:99:40:f9:3d:41: f9:ce:f1:8c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUV4UZ8Hls9i4Jfqog5VQ/F+DD788wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQ4MDlEOEEwNjVEQjU5NURDMDY5MzgzNzM2QTFBOUM0 QTk2QjI2NzAeFw0yNjAzMjYwODM3MjBaFw0yNjAzMjkxODM1MjBaMDMxMTAvBgNV BAMTKDE2NTcwMzJCREU5QjNEQzJCQzEzMzgzMTI4ODA4ODBDMzBBRUExRkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxEz9qidKf6vVRCLSuaQY7DZJO 3F6kpd9+JJpBxQB5zdPYdL6GsT0wRBL/i4Fqh660I1TdwgmYS6eBCZVbT0W4py5G 8ODWTq3npvAL8Bvuze8lTmyk4YBMaFXN8Ob6L9R72vOlkyznrgnC0YhtegSiNnMq /M91z2Udc9z1z1mzSpRdQMYaMTmLPAz2xj12m1vp0WkCjBZo+elIy7x4pJBM6zCv PlXs5/JXAJ2XEwiZ2ZCjZVDAUoigypklMLQzruFDxRuhhkryePnQtSz4Ha+sAR48 W1GxvKyl9l8XllDEwcHFbD0v8pqFAe90F1Z3HJbEU78GtKfT3fBnX5F8OXbfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUFlcDK96bPcK8EzgxKICIDDCuof4wHwYDVR0j BBgwFoAUvYCdigZdtZXcBpODc2oanEqWsmcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k M2Y4ZjU1Yy05ZTM1LTRjZTItODkwZi0wZGUzZTI0MDQ2MTEvMC9CRDgwOUQ4QTA2 NURCNTk1REMwNjkzODM3MzZBMUE5QzRBOTZCMjY3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkQ4MDlEOEEwNjVEQjU5NURDMDY5MzgzNzM2QTFBOUM0QTk2 QjI2Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDNmOGY1NWMtOWUzNS00Y2UyLTg5 MGYtMGRlM2UyNDA0NjExLzAvQkQ4MDlEOEEwNjVEQjU5NURDMDY5MzgzNzM2QTFB OUM0QTk2QjI2Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAG5pk2d+qm+yIC7kpmkrucxWFVCVcFDoo8RI ZDov3CXvselNFDnDHEF8l44+1kuktoytwvapUzh+0deaColDvFgz/HmIkSONvqYJ Wq3ytu/PQrtSYGUB1sb0oej6B2EBBfhRe7CMFKBRARTQtmG7RIsUu1QN9NPOtIkt VQ5BKqKVGsG7/XlGJFnSE6DwMpqAIQ5nmbVHTzEwds+QmMjopeNiOiMtrayTKG0+ 1IiEOrdpGwLU1PtnW8VQYIAhCo5AwNpjjmE8wiNFd/AvykL87R2g522ZRnm6BAZn 3+SiFxjLJM7piGZzPpj/vhYqQy50OMhVhwFwsxKZQPk9QfnO8Yw= -----END CERTIFICATE-----Generated at Thu Mar 26 19:05:13 2026 by rpki-client