$ rpki-client -vvf repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft File: 2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft (raw, json) Hash identifier: h6j7EtOYdHHm+aEaD36VyjP79xJBncUnk8QwmI24jRc= Subject key identifier: CE:60:D9:81:46:8A:F4:FF:49:F3:08:2E:4F:E8:91:71:54:91:FF:A0 Authority key identifier: 2D:EC:7D:B2:A5:C9:62:CF:A5:3D:57:8D:EA:7D:C8:43:83:A6:33:D4 Certificate issuer: /CN=2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4 Certificate serial: 7E195E384C6021DC14271BEF7000C9E432823CCB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft Manifest number: 0533 Signing time: Wed 25 Mar 2026 19:24:04 +0000 Manifest this update: Wed 25 Mar 2026 19:19:04 +0000 Manifest next update: Sat 28 Mar 2026 23:46:04 +0000 Files and hashes: 1: 323430343a613463303a3a2f33322d3438203d3e20313338383232.roa (hash: Elof/C3fNtJbCl8TUF91oukaJ7adl9S3GZZ+iL/gCtw=) 2: 323430343a613463303a666163653a3a2f34382d3438203d3e20313338383232.roa (hash: Ymw3mKUJLuc3UElUh0Nq2GfPGIEzD27CcOXD4JJbHT8=) 3: 2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.crl (hash: glooHoc1gEae+2ZPa0neB9Nx/MhIO+BC5DJBI4pyBh0=) 4: 3130332e3133372e33382e302f32332d3234203d3e20313338383232.roa (hash: UvASTZKyP+lPiza2+zYNFb+djLhbQRam++EmghJYKgc=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.crl rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 23:46:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:19:5e:38:4c:60:21:dc:14:27:1b:ef:70:00:c9:e4:32:82:3c:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4 Validity Not Before: Mar 25 19:19:04 2026 GMT Not After : Mar 28 23:46:04 2026 GMT Subject: CN=CE60D981468AF4FF49F3082E4FE891715491FFA0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:8b:b1:40:61:96:bb:6b:7f:c0:ac:34:bd:e9: 01:35:25:7d:50:95:fe:db:51:39:37:90:de:71:e6: 0f:84:90:84:ca:b2:b4:17:e2:43:3d:9d:e3:c6:74: cf:87:16:25:f0:2e:1e:21:aa:e2:e6:22:0b:1d:d4: 46:72:b5:46:94:ca:7a:7e:08:f2:33:9f:5b:97:f2: 49:c7:b7:92:43:af:58:f0:99:f7:a1:14:3f:8a:ac: 5a:73:6b:f0:ce:ca:3a:0f:b0:2d:a1:36:e7:50:5a: f9:5f:c2:14:ad:91:ae:d0:d2:6a:95:37:21:05:f8: b1:29:fb:15:69:ed:d0:8b:ab:c5:5e:9e:4e:c6:18: 5f:a1:ce:11:0e:13:fd:51:15:6f:99:86:fe:14:98: ec:f8:eb:c6:6a:c1:46:cb:18:b1:b0:b8:fd:55:23: 11:cd:f4:0d:ab:ca:e9:e8:17:61:79:f3:86:7d:aa: 21:19:1d:d9:ed:90:11:62:74:45:2d:e4:47:62:73: c6:55:94:4e:57:92:f9:05:36:d4:95:f0:be:01:6b: 48:ae:2e:ac:af:84:d2:be:86:cf:ec:a8:de:de:35: fe:73:55:59:11:bb:f2:5d:3a:eb:77:22:b7:9c:db: 72:9c:08:92:dd:ab:4b:59:c8:09:9f:6e:e1:47:a1: d1:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:60:D9:81:46:8A:F4:FF:49:F3:08:2E:4F:E8:91:71:54:91:FF:A0 X509v3 Authority Key Identifier: keyid:2D:EC:7D:B2:A5:C9:62:CF:A5:3D:57:8D:EA:7D:C8:43:83:A6:33:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:75:bd:a8:a6:ba:7b:54:6a:97:d0:b5:50:dc:9c:92:df:f1: fd:88:b3:24:b0:2f:ea:35:60:03:5f:3e:5d:d4:38:1b:f0:31: e8:c8:d0:a4:39:ee:a7:6c:c1:d9:f1:8d:f3:78:3f:08:2f:a5: 97:d9:83:1d:a9:36:dc:04:87:b5:58:b4:2d:e9:af:74:5e:e4: 64:31:86:36:3f:a6:a5:2d:84:a0:03:23:cb:73:7b:67:9d:8f: cf:46:ff:cc:fb:16:2a:34:7d:9c:4b:bf:07:b3:44:e6:81:41: 12:7c:5b:32:49:c5:02:c2:b0:af:9e:a0:90:26:b5:7b:83:10: d7:ac:b9:bf:a9:e3:78:bf:d0:f9:55:34:cb:ac:a3:3c:8a:60: e4:22:d2:16:4e:87:cb:67:43:f8:c4:55:04:14:fb:cc:2b:fe: 9e:21:e1:bc:0c:18:24:11:86:30:35:c8:03:f9:c8:dd:59:bf: fa:41:bb:08:35:de:e5:1f:08:58:32:7c:b6:78:60:30:4e:6c: 83:ec:91:cd:ed:d1:f6:4c:e6:91:db:b0:c7:c6:c5:95:2d:7c: 9a:0a:e7:1b:de:f9:59:e0:d9:5e:e0:85:1a:e6:99:d2:bf:3a: b7:50:f5:ec:b8:83:f9:bd:88:91:64:5e:f4:31:19:b1:83:d1: bf:39:21:d9 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUfhleOExgIdwUJxvvcADJ5DKCPMswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkRFQzdEQjJBNUM5NjJDRkE1M0Q1NzhERUE3REM4NDM4 M0E2MzNENDAeFw0yNjAzMjUxOTE5MDRaFw0yNjAzMjgyMzQ2MDRaMDMxMTAvBgNV BAMTKENFNjBEOTgxNDY4QUY0RkY0OUYzMDgyRTRGRTg5MTcxNTQ5MUZGQTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfi7FAYZa7a3/ArDS96QE1JX1Q lf7bUTk3kN5x5g+EkITKsrQX4kM9nePGdM+HFiXwLh4hquLmIgsd1EZytUaUynp+ CPIzn1uX8knHt5JDr1jwmfehFD+KrFpza/DOyjoPsC2hNudQWvlfwhStka7Q0mqV NyEF+LEp+xVp7dCLq8Venk7GGF+hzhEOE/1RFW+Zhv4UmOz468ZqwUbLGLGwuP1V IxHN9A2ryunoF2F584Z9qiEZHdntkBFidEUt5Edic8ZVlE5XkvkFNtSV8L4Ba0iu LqyvhNK+hs/sqN7eNf5zVVkRu/JdOut3Irec23KcCJLdq0tZyAmfbuFHodGPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUzmDZgUaK9P9J8wguT+iRcVSR/6AwHwYDVR0j BBgwFoAULex9sqXJYs+lPVeN6n3IQ4OmM9QwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l M2JiZjFkYS1lMzE3LTQ4ZWYtYWQ2ZC1mZThhOGJmMDg0MDAvMC8yREVDN0RCMkE1 Qzk2MkNGQTUzRDU3OERFQTdEQzg0MzgzQTYzM0Q0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkRFQzdEQjJBNUM5NjJDRkE1M0Q1NzhERUE3REM4NDM4M0E2 MzNENC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZTNiYmYxZGEtZTMxNy00OGVmLWFk NmQtZmU4YThiZjA4NDAwLzAvMkRFQzdEQjJBNUM5NjJDRkE1M0Q1NzhERUE3REM4 NDM4M0E2MzNENC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBALh1vaimuntUapfQtVDcnJLf8f2IsySwL+o1 YANfPl3UOBvwMejI0KQ57qdswdnxjfN4PwgvpZfZgx2pNtwEh7VYtC3pr3Re5GQx hjY/pqUthKADI8tze2edj89G/8z7Fio0fZxLvwezROaBQRJ8WzJJxQLCsK+eoJAm tXuDENesub+p43i/0PlVNMusozyKYOQi0hZOh8tnQ/jEVQQU+8wr/p4h4bwMGCQR hjA1yAP5yN1Zv/pBuwg13uUfCFgyfLZ4YDBObIPskc3t0fZM5pHbsMfGxZUtfJoK 5xve+Vng2V7ghRrmmdK/OrdQ9ey4g/m9iJFkXvQxGbGD0b85Idk= -----END CERTIFICATE-----Generated at Thu Mar 26 10:05:57 2026 by rpki-client