$ rpki-client -vvf repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft File: 401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft (raw, json) Hash identifier: E+5wvaOXzomwDI20ZIPWhfHDmMFk2o0faXj+NJpQ2NU= Subject key identifier: 2D:C9:F6:8B:7C:BA:D7:A1:22:DA:11:BE:22:15:68:61:EB:03:95:2E Authority key identifier: 40:1A:A5:6A:F5:99:CC:A2:CD:71:A6:84:FF:CF:53:FF:F9:DD:E3:DD Certificate issuer: /CN=401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD Certificate serial: 64D1D2A0EF71A471956A85BB85C4708D077B0AA2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft Manifest number: 0243 Signing time: Tue 24 Mar 2026 21:12:05 +0000 Manifest this update: Tue 24 Mar 2026 21:07:05 +0000 Manifest next update: Sat 28 Mar 2026 01:27:05 +0000 Files and hashes: 1: 3130332e3136302e36392e302f32342d3234203d3e20313431363037.roa (hash: HLjZFq4/Jnmag82Gv7W9QKBRIGp+gW90e9wOgTOi2PE=) 2: 3130332e3136302e36382e302f32342d3234203d3e203438343635.roa (hash: s3cZDsm3eCD/zirL0oonykymWlAaugzxDIFPlg5sAUQ=) 3: 401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.crl (hash: XbiMjJHs4orMkeyd64iOf7MRTbViecVr/fzs1dNgmto=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.crl rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 01:27:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:d1:d2:a0:ef:71:a4:71:95:6a:85:bb:85:c4:70:8d:07:7b:0a:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD Validity Not Before: Mar 24 21:07:05 2026 GMT Not After : Mar 28 01:27:05 2026 GMT Subject: CN=2DC9F68B7CBAD7A122DA11BE22156861EB03952E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:83:91:38:90:8f:7b:35:ea:9f:5e:c8:d1:02: be:ae:b2:d4:d8:41:03:02:8d:1e:bc:36:00:82:3c: ca:55:6c:a3:92:78:b8:11:e6:50:27:4c:50:bf:b6: 0d:9b:d1:d0:94:56:d4:c9:05:b8:0f:6c:63:57:60: 21:6f:f2:50:89:d1:ad:26:99:5a:a4:f2:fb:62:0d: c4:d4:07:78:0e:da:8b:6d:a8:b3:08:03:13:2d:f2: 4b:8a:5e:fb:47:13:5e:08:d1:db:a8:9d:01:4f:8b: 1e:b3:80:9d:6e:75:e1:17:be:30:2c:88:11:fa:41: d0:c3:05:50:0e:fb:f2:7f:b1:4c:84:88:f0:80:6f: 9f:40:3d:eb:14:84:73:ff:75:0e:73:bb:34:ba:35: fb:93:17:73:4a:0b:46:1d:42:53:ca:ab:2d:bf:99: ea:fa:c1:b8:a2:3d:fe:1c:76:cf:8f:0f:cc:40:a0: 3b:85:a9:35:07:1f:ae:57:93:77:ce:d1:df:0f:d5: a9:72:f2:ee:66:84:58:11:cb:48:7f:4a:85:2a:03: 70:d8:be:33:e9:92:83:fd:0b:f4:ed:07:34:cc:60: 13:6f:f0:0e:a1:e6:2d:21:10:d1:8c:31:bc:c2:11: d9:c2:cb:a3:da:a2:d0:8b:88:99:45:85:9f:ec:9d: 8c:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:C9:F6:8B:7C:BA:D7:A1:22:DA:11:BE:22:15:68:61:EB:03:95:2E X509v3 Authority Key Identifier: keyid:40:1A:A5:6A:F5:99:CC:A2:CD:71:A6:84:FF:CF:53:FF:F9:DD:E3:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dac79fbe-4790-46be-b9b2-0359b1a18e33/0/401AA56AF599CCA2CD71A684FFCF53FFF9DDE3DD.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7e:fd:7d:fa:8b:02:3a:4e:13:8a:1b:88:35:6a:2b:20:db:f4: aa:b7:53:88:fe:ed:21:35:f6:ed:9a:17:10:85:d1:36:dd:3c: 3a:e8:8a:71:f3:b2:53:2f:af:4f:1f:74:8f:44:d6:e9:85:20: 7a:6c:7d:1e:26:0a:93:cf:38:bf:93:56:ce:76:13:c1:1b:1b: 4d:e1:10:ca:90:39:b1:12:10:72:d5:c4:de:92:b4:7d:44:24: 32:be:91:bb:6c:be:09:32:29:b1:42:96:87:93:2e:12:4e:17: 7a:8a:1d:29:c1:9e:48:c8:95:e8:10:fa:ca:54:6c:1c:6c:97: 3d:74:eb:4d:3b:6b:08:51:cc:ba:51:b4:dd:4d:2e:c9:dc:13: fd:3e:ea:1a:eb:95:0c:85:03:94:f4:e5:6d:72:1d:81:1c:5a: fa:68:46:ff:74:f5:3f:5d:0b:8f:4a:13:d5:0d:82:53:c0:6b: ee:6e:64:27:c0:e8:ea:0a:9b:bd:c4:4d:ec:50:5d:b2:98:14: 85:93:61:9a:11:e5:02:bb:4c:3a:1c:e5:c5:be:e1:12:8f:12: 4a:b6:10:df:6d:c0:a0:dc:41:c8:01:cf:42:b7:32:d2:78:7f: 36:8c:59:e4:f0:db:86:9d:25:d6:3f:f6:52:66:07:07:a2:e7: 2e:d5:7a:82 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZNHSoO9xpHGVaoW7hcRwjQd7CqIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDAxQUE1NkFGNTk5Q0NBMkNENzFBNjg0RkZDRjUzRkZG OURERTNERDAeFw0yNjAzMjQyMTA3MDVaFw0yNjAzMjgwMTI3MDVaMDMxMTAvBgNV BAMTKDJEQzlGNjhCN0NCQUQ3QTEyMkRBMTFCRTIyMTU2ODYxRUIwMzk1MkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+g5E4kI97NeqfXsjRAr6ustTY QQMCjR68NgCCPMpVbKOSeLgR5lAnTFC/tg2b0dCUVtTJBbgPbGNXYCFv8lCJ0a0m mVqk8vtiDcTUB3gO2ottqLMIAxMt8kuKXvtHE14I0duonQFPix6zgJ1udeEXvjAs iBH6QdDDBVAO+/J/sUyEiPCAb59APesUhHP/dQ5zuzS6NfuTF3NKC0YdQlPKqy2/ mer6wbiiPf4cds+PD8xAoDuFqTUHH65Xk3fO0d8P1aly8u5mhFgRy0h/SoUqA3DY vjPpkoP9C/TtBzTMYBNv8A6h5i0hENGMMbzCEdnCy6PaotCLiJlFhZ/snYxLAgMB AAGjggI8MIICODAdBgNVHQ4EFgQULcn2i3y616Ei2hG+IhVoYesDlS4wHwYDVR0j BBgwFoAUQBqlavWZzKLNcaaE/89T//nd490wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k YWM3OWZiZS00NzkwLTQ2YmUtYjliMi0wMzU5YjFhMThlMzMvMC80MDFBQTU2QUY1 OTlDQ0EyQ0Q3MUE2ODRGRkNGNTNGRkY5RERFM0RELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDAxQUE1NkFGNTk5Q0NBMkNENzFBNjg0RkZDRjUzRkZGOURE RTNERC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGFjNzlmYmUtNDc5MC00NmJlLWI5 YjItMDM1OWIxYTE4ZTMzLzAvNDAxQUE1NkFGNTk5Q0NBMkNENzFBNjg0RkZDRjUz RkZGOURERTNERC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAH79ffqLAjpOE4obiDVqKyDb9Kq3U4j+7SE1 9u2aFxCF0TbdPDroinHzslMvr08fdI9E1umFIHpsfR4mCpPPOL+TVs52E8EbG03h EMqQObESEHLVxN6StH1EJDK+kbtsvgkyKbFCloeTLhJOF3qKHSnBnkjIlegQ+spU bBxslz106007awhRzLpRtN1NLsncE/0+6hrrlQyFA5T05W1yHYEcWvpoRv909T9d C49KE9UNglPAa+5uZCfA6OoKm73ETexQXbKYFIWTYZoR5QK7TDoc5cW+4RKPEkq2 EN9twKDcQcgBz0K3MtJ4fzaMWeTw24adJdY/9lJmBwei5y7VeoI= -----END CERTIFICATE-----Generated at Thu Mar 26 12:59:45 2026 by rpki-client