$ rpki-client -vvf repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.mft File: 85EA86756371BA89BB1AE846B5C30DDB816ACDB9.mft (raw, json) Hash identifier: yyrpLbcUF511zXxgaqy/NYRfsSD2dtB6ozgw2bm85sU= Subject key identifier: EB:F0:CE:D3:28:AA:70:9F:05:46:44:70:D9:51:DC:3A:25:42:1C:4E Authority key identifier: 85:EA:86:75:63:71:BA:89:BB:1A:E8:46:B5:C3:0D:DB:81:6A:CD:B9 Certificate issuer: /CN=85EA86756371BA89BB1AE846B5C30DDB816ACDB9 Certificate serial: 0E4EAFAB4B197D0318ED0AD2F041143CD7FD8D01 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.mft Manifest number: 025E Signing time: Wed 25 Mar 2026 12:20:03 +0000 Manifest this update: Wed 25 Mar 2026 12:15:03 +0000 Manifest next update: Sat 28 Mar 2026 22:36:03 +0000 Files and hashes: 1: 3130332e3137342e37392e302f32342d3234203d3e20313331363939.roa (hash: gMUmsfmmNczaAd+9ZeeQYOcgGDct+Ydmufmg2U5oVEk=) 2: 85EA86756371BA89BB1AE846B5C30DDB816ACDB9.crl (hash: HMsVS9HDJvt+g2zWL18qmgQKF1o9DpD+6dkYwvGJCgA=) 3: 3130332e3137342e37382e302f32342d3234203d3e20313331363939.roa (hash: lKFSHdHF3wWJIcTGvyjieSUWfDWF+TAqKVs638owOUk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.crl rsync://repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:36:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:4e:af:ab:4b:19:7d:03:18:ed:0a:d2:f0:41:14:3c:d7:fd:8d:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85EA86756371BA89BB1AE846B5C30DDB816ACDB9 Validity Not Before: Mar 25 12:15:03 2026 GMT Not After : Mar 28 22:36:03 2026 GMT Subject: CN=EBF0CED328AA709F05464470D951DC3A25421C4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:07:b6:f2:d9:99:f2:16:07:4c:55:5e:d0:98: 15:24:57:b6:d2:c0:e1:80:2a:b9:bd:af:70:90:25: f4:47:aa:b0:fa:21:cd:09:bf:cb:e4:43:ab:de:4c: ae:9c:4c:0e:98:36:5b:ce:3d:0c:56:f6:eb:72:54: c4:4b:58:01:ad:2a:9b:c1:55:c0:cc:c2:72:0e:31: 35:76:fb:d4:b8:ab:c7:fc:c6:71:d2:72:ac:b6:f3: 73:71:e3:ab:8c:ef:f4:b3:2d:0d:b8:34:b4:0d:c7: 6e:2d:bc:40:7e:b5:a9:e8:c9:1d:74:5f:7d:15:79: 50:92:2e:43:5d:c7:88:f7:be:23:35:fa:b6:30:ab: cc:67:d1:1a:43:c3:16:e1:d5:6f:f6:6a:fe:d2:1c: c4:a9:10:ee:39:ab:a0:c8:d5:90:13:3e:8b:48:23: a8:73:04:9b:37:6e:f4:72:fd:56:cf:b9:79:38:c0: a8:c0:8a:2b:2f:d8:df:2c:9a:57:c4:db:52:e3:01: 7a:38:a2:a9:9b:1b:7b:43:ff:ce:98:4c:c7:b7:ab: af:df:a3:90:ff:11:e3:b7:59:08:a8:8f:ba:a9:70: 4b:4d:a8:52:a7:2b:9e:66:53:d7:99:c2:25:c1:c2: 9d:2e:ac:e9:b1:ad:1f:f8:35:96:ce:61:86:eb:05: 20:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:F0:CE:D3:28:AA:70:9F:05:46:44:70:D9:51:DC:3A:25:42:1C:4E X509v3 Authority Key Identifier: keyid:85:EA:86:75:63:71:BA:89:BB:1A:E8:46:B5:C3:0D:DB:81:6A:CD:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dbc6da19-84be-4a50-b466-1e86ddbcc35f/0/85EA86756371BA89BB1AE846B5C30DDB816ACDB9.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:46:75:e3:44:b2:4b:25:98:3f:50:2e:fc:0d:dc:79:17:6c: 04:99:10:03:b8:88:bc:b1:09:53:af:0b:2a:90:d4:ec:3c:be: 9d:e5:45:cf:2f:a1:e1:34:b0:7f:2b:6f:ca:a8:16:b6:c4:80: e1:28:f5:72:49:f5:36:02:66:7d:0f:49:86:75:90:11:6a:0e: 51:cd:a4:2f:cf:0b:d4:19:3c:04:9f:3f:a6:b7:10:ab:ea:1b: 3b:d0:59:58:57:a4:a0:d4:56:12:75:86:c9:41:f9:c4:a3:80: 2f:d5:3a:40:bb:a2:3a:9e:79:37:11:54:c6:f8:d5:fd:bd:75: 28:a1:88:66:09:4b:62:5a:e7:1a:5d:25:c0:87:94:60:5e:ea: c2:67:ff:11:56:dd:43:cc:4f:a7:73:9a:35:a8:91:3f:82:fa: 26:ba:15:15:f4:24:62:c0:17:df:1c:99:28:42:59:7b:d6:50: 17:8c:6b:ae:a8:3a:43:04:2a:f4:a9:61:15:fc:9b:64:0c:14: 21:c7:d0:14:bd:4f:03:f9:00:07:80:4b:5f:a2:20:28:1f:23: b6:f9:cd:67:05:05:ff:58:08:2b:e4:20:a8:20:2d:52:c1:8a: 1a:95:f1:f1:13:81:64:12:58:2b:7b:23:7f:a1:fb:40:63:b6: 6c:4e:62:77 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUDk6vq0sZfQMY7QrS8EEUPNf9jQEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODVFQTg2NzU2MzcxQkE4OUJCMUFFODQ2QjVDMzBEREI4 MTZBQ0RCOTAeFw0yNjAzMjUxMjE1MDNaFw0yNjAzMjgyMjM2MDNaMDMxMTAvBgNV BAMTKEVCRjBDRUQzMjhBQTcwOUYwNTQ2NDQ3MEQ5NTFEQzNBMjU0MjFDNEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTB7by2ZnyFgdMVV7QmBUkV7bS wOGAKrm9r3CQJfRHqrD6Ic0Jv8vkQ6veTK6cTA6YNlvOPQxW9utyVMRLWAGtKpvB VcDMwnIOMTV2+9S4q8f8xnHScqy283Nx46uM7/SzLQ24NLQNx24tvEB+tanoyR10 X30VeVCSLkNdx4j3viM1+rYwq8xn0RpDwxbh1W/2av7SHMSpEO45q6DI1ZATPotI I6hzBJs3bvRy/VbPuXk4wKjAiisv2N8smlfE21LjAXo4oqmbG3tD/86YTMe3q6/f o5D/EeO3WQioj7qpcEtNqFKnK55mU9eZwiXBwp0urOmxrR/4NZbOYYbrBSCTAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU6/DO0yiqcJ8FRkRw2VHcOiVCHE4wHwYDVR0j BBgwFoAUheqGdWNxuom7GuhGtcMN24FqzbkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k YmM2ZGExOS04NGJlLTRhNTAtYjQ2Ni0xZTg2ZGRiY2MzNWYvMC84NUVBODY3NTYz NzFCQTg5QkIxQUU4NDZCNUMzMEREQjgxNkFDREI5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODVFQTg2NzU2MzcxQkE4OUJCMUFFODQ2QjVDMzBEREI4MTZB Q0RCOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGJjNmRhMTktODRiZS00YTUwLWI0 NjYtMWU4NmRkYmNjMzVmLzAvODVFQTg2NzU2MzcxQkE4OUJCMUFFODQ2QjVDMzBE REI4MTZBQ0RCOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBABRGdeNEskslmD9QLvwN3HkXbASZEAO4iLyx CVOvCyqQ1Ow8vp3lRc8voeE0sH8rb8qoFrbEgOEo9XJJ9TYCZn0PSYZ1kBFqDlHN pC/PC9QZPASfP6a3EKvqGzvQWVhXpKDUVhJ1hslB+cSjgC/VOkC7ojqeeTcRVMb4 1f29dSihiGYJS2Ja5xpdJcCHlGBe6sJn/xFW3UPMT6dzmjWokT+C+ia6FRX0JGLA F98cmShCWXvWUBeMa66oOkMEKvSpYRX8m2QMFCHH0BS9TwP5AAeAS1+iICgfI7b5 zWcFBf9YCCvkIKggLVLBihqV8fETgWQSWCt7I3+h+0BjtmxOYnc= -----END CERTIFICATE-----Generated at Thu Mar 26 21:17:26 2026 by rpki-client