$ rpki-client -vvf repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.mft File: FA86E23853549D2EF1D9F9C9222147A550E36A38.mft (raw, json) Hash identifier: SPfeh+bpRqoxQL7tfHnGv41vxf02YKk6VmfNu29FcpU= Subject key identifier: 40:BF:D4:83:C1:09:5C:8D:99:12:00:B2:75:21:76:3C:5B:D1:23:BE Authority key identifier: FA:86:E2:38:53:54:9D:2E:F1:D9:F9:C9:22:21:47:A5:50:E3:6A:38 Certificate issuer: /CN=FA86E23853549D2EF1D9F9C9222147A550E36A38 Certificate serial: 06A9D5A685F2CC25B1E40273FE475C20C845B072 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA86E23853549D2EF1D9F9C9222147A550E36A38.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.mft Manifest number: 0226 Signing time: Wed 25 Mar 2026 03:00:51 +0000 Manifest this update: Wed 25 Mar 2026 02:55:51 +0000 Manifest next update: Sat 28 Mar 2026 04:40:51 +0000 Files and hashes: 1: 3130332e35352e32382e302f32342d3234203d3e20313530343837.roa (hash: s4D3k54ePgFL3DJuO1+sPM7ighm+hIZ0dRBFdpACJIQ=) 2: FA86E23853549D2EF1D9F9C9222147A550E36A38.crl (hash: scBtvzZJXRfKmDk+7XlbltjzeYTqH0Sup2CZu4Og5DE=) 3: 3130332e35352e32382e302f32332d3234203d3e20313530343837.roa (hash: 8iSBjCuogDhcUBYZIPXuvYllDkYyp+uiEvzE8S7/ER4=) 4: 3130332e35352e32392e302f32342d3234203d3e20313530343837.roa (hash: Zcui17ZIB7y9MI9lypagYjRYe4mnYqSwkXUNcZtsFwo=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.crl rsync://repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA86E23853549D2EF1D9F9C9222147A550E36A38.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 04:40:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:a9:d5:a6:85:f2:cc:25:b1:e4:02:73:fe:47:5c:20:c8:45:b0:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FA86E23853549D2EF1D9F9C9222147A550E36A38 Validity Not Before: Mar 25 02:55:51 2026 GMT Not After : Mar 28 04:40:51 2026 GMT Subject: CN=40BFD483C1095C8D991200B27521763C5BD123BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:44:79:1f:bb:ec:39:8c:be:43:0f:98:6e:2b: be:8c:59:3e:4f:85:76:2a:9c:b5:19:7f:21:7c:a3: 33:c1:e8:7c:62:0a:a9:19:7c:72:5b:7d:9e:d3:d9: 1d:2e:1b:12:e3:70:e5:23:38:fa:75:37:6d:3c:18: c6:6f:17:45:dd:e8:0f:6a:c5:df:47:30:77:7f:89: 23:09:3f:7a:7c:0b:70:49:29:fd:12:c9:2c:c7:e4: 50:e7:1f:44:5e:d2:ef:e3:84:22:2b:ab:6e:eb:3a: 59:bc:3c:53:b0:74:e5:cd:ad:bd:89:11:c8:37:95: b8:a8:b8:0a:d6:e8:56:9a:b9:1e:53:61:d6:71:d2: 02:66:17:8c:73:d7:89:3a:42:1c:f0:f6:63:2b:e8: 0d:4d:54:17:18:4c:dd:ac:5f:2b:38:81:ea:2f:1f: c4:67:73:ce:e2:6d:f0:bd:6a:6f:2b:d7:cb:ca:b5: 3c:6e:4a:be:3b:a3:c5:5d:7f:90:35:b5:9b:c6:aa: d6:12:8c:65:3d:46:bd:7d:ee:5f:54:25:42:ac:30: fc:a0:0b:f0:49:b2:74:60:0e:7c:a3:87:e9:50:34: e1:7c:33:64:9c:b1:92:66:e8:5f:26:2b:b7:52:fd: e8:cb:ed:df:6c:e3:64:dd:fd:28:77:37:25:d1:48: 69:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:BF:D4:83:C1:09:5C:8D:99:12:00:B2:75:21:76:3C:5B:D1:23:BE X509v3 Authority Key Identifier: keyid:FA:86:E2:38:53:54:9D:2E:F1:D9:F9:C9:22:21:47:A5:50:E3:6A:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA86E23853549D2EF1D9F9C9222147A550E36A38.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e504793c-c209-469a-8e3c-eb3f5a83863f/0/FA86E23853549D2EF1D9F9C9222147A550E36A38.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:38:97:3d:ad:a2:a5:d2:78:5d:34:f6:e3:47:ab:e7:d2:ef: bc:96:d0:c4:9e:fe:95:85:ed:c0:1b:ad:b4:ce:e6:17:01:fd: 5a:86:0d:fc:a3:61:fa:07:8a:db:b1:70:cb:79:f6:5b:d6:8e: d2:5a:ec:9a:6a:c8:30:67:05:e2:db:51:62:e1:59:af:62:ce: 1c:42:bf:05:c6:b5:b6:95:36:aa:90:19:fe:7b:0d:fd:9d:d8: 6d:88:c9:86:cd:48:8e:21:5b:48:0e:41:1d:2f:2e:c2:ce:cd: 83:52:61:a9:8d:03:d9:0f:f8:1b:bd:ee:f1:93:6e:40:e0:f6: c3:08:17:57:a1:32:3a:18:f1:a6:81:58:be:e4:86:a8:9e:f5: e8:b7:ae:a5:10:bf:7b:3e:75:33:8d:6c:6e:db:f6:25:fd:f0: ba:c3:9e:1e:a0:a3:7f:d6:d4:a9:84:24:a9:9f:8c:84:a0:da: 69:bf:05:91:41:07:2f:5f:58:93:83:2e:42:74:7b:0c:0c:8c: 9c:a9:77:61:de:04:5e:27:a1:d1:f1:b6:f8:d3:92:8e:5e:46: bf:49:cc:57:3b:0a:42:fa:a0:e7:9d:61:11:30:7b:68:65:34: a5:60:ad:0f:1d:21:2a:5b:c9:f7:0b:62:91:c3:7b:4d:c3:a2: 43:93:37:7e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBqnVpoXyzCWx5AJz/kdcIMhFsHIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkE4NkUyMzg1MzU0OUQyRUYxRDlGOUM5MjIyMTQ3QTU1 MEUzNkEzODAeFw0yNjAzMjUwMjU1NTFaFw0yNjAzMjgwNDQwNTFaMDMxMTAvBgNV BAMTKDQwQkZENDgzQzEwOTVDOEQ5OTEyMDBCMjc1MjE3NjNDNUJEMTIzQkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCRHkfu+w5jL5DD5huK76MWT5P hXYqnLUZfyF8ozPB6HxiCqkZfHJbfZ7T2R0uGxLjcOUjOPp1N208GMZvF0Xd6A9q xd9HMHd/iSMJP3p8C3BJKf0SySzH5FDnH0Re0u/jhCIrq27rOlm8PFOwdOXNrb2J Ecg3lbiouArW6FaauR5TYdZx0gJmF4xz14k6Qhzw9mMr6A1NVBcYTN2sXys4geov H8Rnc87ibfC9am8r18vKtTxuSr47o8Vdf5A1tZvGqtYSjGU9Rr197l9UJUKsMPyg C/BJsnRgDnyjh+lQNOF8M2ScsZJm6F8mK7dS/ejL7d9s42Td/Sh3NyXRSGnlAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUQL/Ug8EJXI2ZEgCydSF2PFvRI74wHwYDVR0j BBgwFoAU+obiOFNUnS7x2fnJIiFHpVDjajgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l NTA0NzkzYy1jMjA5LTQ2OWEtOGUzYy1lYjNmNWE4Mzg2M2YvMC9GQTg2RTIzODUz NTQ5RDJFRjFEOUY5QzkyMjIxNDdBNTUwRTM2QTM4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRkE4NkUyMzg1MzU0OUQyRUYxRDlGOUM5MjIyMTQ3QTU1MEUz NkEzOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZTUwNDc5M2MtYzIwOS00NjlhLThl M2MtZWIzZjVhODM4NjNmLzAvRkE4NkUyMzg1MzU0OUQyRUYxRDlGOUM5MjIyMTQ3 QTU1MEUzNkEzOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAHM4lz2toqXSeF009uNHq+fS77yW0MSe/pWF 7cAbrbTO5hcB/VqGDfyjYfoHituxcMt59lvWjtJa7JpqyDBnBeLbUWLhWa9izhxC vwXGtbaVNqqQGf57Df2d2G2IyYbNSI4hW0gOQR0vLsLOzYNSYamNA9kP+Bu97vGT bkDg9sMIF1ehMjoY8aaBWL7khqie9ei3rqUQv3s+dTONbG7b9iX98LrDnh6go3/W 1KmEJKmfjISg2mm/BZFBBy9fWJODLkJ0ewwMjJypd2HeBF4nodHxtvjTko5eRr9J zFc7CkL6oOedYREwe2hlNKVgrQ8dISpbyfcLYpHDe03DokOTN34= -----END CERTIFICATE-----Generated at Thu Mar 26 19:32:00 2026 by rpki-client