
$ rpki-client -vvf repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.mft
File: 2B90BB17E78B62C15179029C6583E42BD7E18277.mft (raw, json)
Hash identifier: sRSZLw3iIUfLLGuNd6XDhuSLN8xShwnQB3xTFclnfIk=
Subject key identifier: 59:D1:71:B2:0E:4E:41:F9:76:69:4A:85:2A:3C:D1:A2:BF:28:00:6F
Authority key identifier: 2B:90:BB:17:E7:8B:62:C1:51:79:02:9C:65:83:E4:2B:D7:E1:82:77
Certificate issuer: /CN=2B90BB17E78B62C15179029C6583E42BD7E18277
Certificate serial: 26ADAFDBD2FE954C571336A9427A15DC341E66ED
Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B90BB17E78B62C15179029C6583E42BD7E18277.cer
Subject info access: rsync://repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.mft
Manifest number: DA
Signing time: Thu 26 Mar 2026 18:30:45 +0000
Manifest this update: Thu 26 Mar 2026 18:25:45 +0000
Manifest next update: Mon 30 Mar 2026 05:13:45 +0000
Files and hashes: 1: 3130332e38302e3231352e302f32342d3234203d3e20313533303932.roa (hash: E4Gvpo5D/NeUbbz+zUDpV78niTppp2APH+i1gYLD2PM=)
2: 2B90BB17E78B62C15179029C6583E42BD7E18277.crl (hash: MlEwp+ojBBY0Sj6I+if/Zc3KrT9CExDZEcldeczSs+g=)
3: 3130332e38302e3231342e302f32342d3234203d3e20313533303932.roa (hash: E7LmVcTtrOc0QLca3OKgAjrGPUq24WcKvpibpJhqwMo=)
4: 3130332e38302e3231342e302f32332d3233203d3e20313533303932.roa (hash: /bOtG6Hq4cCxQBrZ1Nbmvs+Hrm8cpxmM7Q2j13q5aYY=)
Validation: OK
Signature path: rsync://repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.crl
rsync://repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.mft
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B90BB17E78B62C15179029C6583E42BD7E18277.cer
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 29 Mar 2026 20:57:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:ad:af:db:d2:fe:95:4c:57:13:36:a9:42:7a:15:dc:34:1e:66:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B90BB17E78B62C15179029C6583E42BD7E18277
Validity
Not Before: Mar 26 18:25:45 2026 GMT
Not After : Mar 30 05:13:45 2026 GMT
Subject: CN=59D171B20E4E41F976694A852A3CD1A2BF28006F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ca:f9:ca:c4:25:ce:d5:38:3c:1f:11:cc:06:
cd:c7:41:e3:28:78:b8:40:d9:51:79:77:51:06:97:
98:95:c6:c7:9d:9e:17:ff:35:f6:85:35:b7:c5:1b:
ba:80:6f:d2:d6:49:e3:79:fe:17:cc:15:2f:83:a8:
60:14:a0:3c:8b:46:a1:e4:07:ff:27:c6:c0:43:de:
72:ca:a5:6c:e2:75:59:17:d6:bc:bc:70:43:11:c2:
40:df:74:cf:c2:98:2c:91:f9:a6:ce:25:fd:d2:e5:
2a:92:75:60:d8:79:24:44:52:d1:9c:af:3f:9c:93:
e4:f0:70:89:f8:b8:8b:df:14:ff:ca:df:2e:cd:8f:
ea:58:68:e3:6a:4e:b3:20:3e:f4:20:16:5f:0e:e7:
0b:6c:b9:6c:37:73:7c:6e:4c:e1:eb:62:1f:a5:10:
b9:2d:1e:8b:4f:0a:3a:12:c7:fe:f6:b7:38:49:9e:
9f:83:9c:23:33:b5:67:9b:62:dd:22:ae:17:2d:44:
0e:0b:39:eb:38:33:65:9e:4c:32:87:df:01:f8:69:
09:11:77:49:e6:c9:c7:4d:a1:91:67:cf:26:e6:2a:
99:8e:75:32:c7:dc:50:8a:60:b2:56:73:a0:26:89:
83:ca:e5:8e:3b:ac:54:aa:c0:74:d8:17:65:84:0c:
9b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:D1:71:B2:0E:4E:41:F9:76:69:4A:85:2A:3C:D1:A2:BF:28:00:6F
X509v3 Authority Key Identifier:
keyid:2B:90:BB:17:E7:8B:62:C1:51:79:02:9C:65:83:E4:2B:D7:E1:82:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.crl
Authority Information Access:
CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2B90BB17E78B62C15179029C6583E42BD7E18277.cer
Subject Information Access:
Signed Object - URI:rsync://repo-rpki.idnic.net/repo/de5a5e6d-91ee-4497-b417-8d32f653e4b0/0/2B90BB17E78B62C15179029C6583E42BD7E18277.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:a9:32:47:7e:46:8d:da:dc:8d:ef:97:b0:5c:02:70:cc:10:
ad:92:d1:3f:19:60:23:42:09:cc:e0:91:36:fd:bc:1c:93:00:
3f:b0:18:93:f7:5b:76:fb:0e:35:78:c8:dc:49:98:2a:f4:b7:
74:a1:59:a9:4a:70:2b:ee:f0:f1:ea:d3:4c:c3:12:6c:bc:5b:
76:96:8e:3e:9f:d1:9c:ca:9b:81:79:3d:7f:04:27:06:4d:f4:
79:a6:40:4f:d4:00:f8:5b:e7:97:e0:3a:23:79:58:8c:22:d6:
41:04:cc:6e:84:9b:39:17:16:36:1a:70:40:3c:87:21:f4:79:
14:1d:c9:97:50:ba:d2:60:63:4b:d5:74:8e:d1:7e:a4:11:35:
7d:c6:7f:13:ce:75:1b:39:04:7d:10:c5:7d:77:f7:7c:95:15:
e9:df:da:2e:d2:0c:d1:26:b8:81:86:39:e4:85:a4:b6:92:68:
92:5d:cb:0f:b1:e3:19:97:ed:32:ea:57:93:27:94:12:45:d7:
38:dd:d9:3b:ca:e3:d2:ba:ea:ff:a7:a7:18:f8:c6:69:b9:b8:
01:cc:a9:9e:99:03:ec:e2:67:da:68:bf:4e:79:6b:af:25:eb:
82:19:09:17:56:ef:53:c8:50:ec:a3:4d:22:2b:0b:54:32:f0:
5f:f7:a7:3d
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUJq2v29L+lUxXEzapQnoV3DQeZu0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkI5MEJCMTdFNzhCNjJDMTUxNzkwMjlDNjU4M0U0MkJE
N0UxODI3NzAeFw0yNjAzMjYxODI1NDVaFw0yNjAzMzAwNTEzNDVaMDMxMTAvBgNV
BAMTKDU5RDE3MUIyMEU0RTQxRjk3NjY5NEE4NTJBM0NEMUEyQkYyODAwNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3yvnKxCXO1Tg8HxHMBs3HQeMo
eLhA2VF5d1EGl5iVxsednhf/NfaFNbfFG7qAb9LWSeN5/hfMFS+DqGAUoDyLRqHk
B/8nxsBD3nLKpWzidVkX1ry8cEMRwkDfdM/CmCyR+abOJf3S5SqSdWDYeSREUtGc
rz+ck+TwcIn4uIvfFP/K3y7Nj+pYaONqTrMgPvQgFl8O5wtsuWw3c3xuTOHrYh+l
ELktHotPCjoSx/72tzhJnp+DnCMztWebYt0irhctRA4LOes4M2WeTDKH3wH4aQkR
d0nmycdNoZFnzybmKpmOdTLH3FCKYLJWc6AmiYPK5Y47rFSqwHTYF2WEDJsNAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUWdFxsg5OQfl2aUqFKjzRor8oAG8wHwYDVR0j
BBgwFoAUK5C7F+eLYsFReQKcZYPkK9fhgncwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
ZTVhNWU2ZC05MWVlLTQ0OTctYjQxNy04ZDMyZjY1M2U0YjAvMC8yQjkwQkIxN0U3
OEI2MkMxNTE3OTAyOUM2NTgzRTQyQkQ3RTE4Mjc3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMkI5MEJCMTdFNzhCNjJDMTUxNzkwMjlDNjU4M0U0MkJEN0Ux
ODI3Ny5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGU1YTVlNmQtOTFlZS00NDk3LWI0
MTctOGQzMmY2NTNlNGIwLzAvMkI5MEJCMTdFNzhCNjJDMTUxNzkwMjlDNjU4M0U0
MkJEN0UxODI3Ny5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF
BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC
BQAwDQYJKoZIhvcNAQELBQADggEBAAapMkd+Ro3a3I3vl7BcAnDMEK2S0T8ZYCNC
CczgkTb9vByTAD+wGJP3W3b7DjV4yNxJmCr0t3ShWalKcCvu8PHq00zDEmy8W3aW
jj6f0ZzKm4F5PX8EJwZN9HmmQE/UAPhb55fgOiN5WIwi1kEEzG6EmzkXFjYacEA8
hyH0eRQdyZdQutJgY0vVdI7RfqQRNX3GfxPOdRs5BH0QxX1393yVFenf2i7SDNEm
uIGGOeSFpLaSaJJdyw+x4xmX7TLqV5MnlBJF1zjd2TvK49K66v+npxj4xmm5uAHM
qZ6ZA+ziZ9pov055a68l64IZCRdW71PIUOyjTSIrC1Qy8F/3pz0=
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:56:14 2026 by rpki-client