$ rpki-client -vvf repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.mft File: D4DD8244BC2EB2B187B4181226714505DF8F4452.mft (raw, json) Hash identifier: M/5UI7BhdKL8ve1c9unm5atflGtfjJ5+L6DCnNk5pUI= Subject key identifier: 40:CA:97:19:C1:9D:A2:7B:7E:04:93:B9:11:80:4A:BE:11:3A:47:81 Authority key identifier: D4:DD:82:44:BC:2E:B2:B1:87:B4:18:12:26:71:45:05:DF:8F:44:52 Certificate issuer: /CN=D4DD8244BC2EB2B187B4181226714505DF8F4452 Certificate serial: 151E22AAD0BCE1D0842FC137BDAF49678120C2CE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4DD8244BC2EB2B187B4181226714505DF8F4452.cer Subject info access: rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.mft Manifest number: 0252 Signing time: Wed 25 Mar 2026 15:11:23 +0000 Manifest this update: Wed 25 Mar 2026 15:06:23 +0000 Manifest next update: Sat 28 Mar 2026 17:57:23 +0000 Files and hashes: 1: 3130332e3137302e3138362e302f32332d3234203d3e20313432333635.roa (hash: H+FNrGTWOm2rEbzW4c22NCPKDmaY/bFliACB6RDfaOU=) 2: D4DD8244BC2EB2B187B4181226714505DF8F4452.crl (hash: 55Tt3zhmdnQzG9++xCMBeDmADWkjcbkhVuRJFztslj0=) 3: 3130332e3137302e3138372e302f32342d3234203d3e20313432333635.roa (hash: WbsQ68Cu40oqUa2yh2wFEKvkhfxO2KVKndxoFM4DO5k=) 4: 3130332e3137302e3138362e302f32342d3234203d3e20313432333635.roa (hash: OXRZ526Vg7TmkLT93n/Qe4MisAG7vaUJuVBZqKmzdzU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.crl rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4DD8244BC2EB2B187B4181226714505DF8F4452.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 17:57:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:1e:22:aa:d0:bc:e1:d0:84:2f:c1:37:bd:af:49:67:81:20:c2:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4DD8244BC2EB2B187B4181226714505DF8F4452 Validity Not Before: Mar 25 15:06:23 2026 GMT Not After : Mar 28 17:57:23 2026 GMT Subject: CN=40CA9719C19DA27B7E0493B911804ABE113A4781 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:c9:ad:b9:24:7a:7e:21:c3:aa:5d:9a:98:00: bf:2f:32:68:fa:c6:85:4d:4e:39:33:c6:12:34:e2: 25:ea:06:ba:4b:dd:5d:e4:c9:f3:a7:67:00:59:72: 5a:69:dd:4a:81:3f:cb:07:56:73:de:df:ff:cc:63: 62:cf:c7:42:09:3e:5b:b1:3b:d7:9d:72:be:d9:f5: 01:23:dd:8a:ef:5e:18:f8:e8:cb:28:fb:8b:71:57: c7:94:d1:17:71:8e:0b:3d:58:1d:91:fb:61:01:da: 37:c2:a4:c2:da:11:0a:a0:74:65:9f:d0:d8:53:d4: a6:b3:73:b4:c5:d3:b3:3d:94:9b:97:84:34:58:89: 9d:cf:db:a6:fa:f2:77:7f:46:51:c6:c3:5a:1b:ae: 39:68:8f:f5:3e:2c:25:0a:ca:8c:cb:a2:ee:7e:26: bd:95:9c:d1:12:a4:fc:a6:dd:13:ae:fa:1e:e1:71: c0:ff:26:e3:93:6c:95:69:6c:f9:f9:29:ff:1d:b8: db:83:57:2d:92:29:5f:bb:50:f3:57:aa:77:92:d6: 92:84:7a:f0:f3:8a:b1:a9:db:87:5b:67:8c:9b:e7: 6b:37:d7:d4:41:d5:fa:27:b6:27:65:c7:1a:04:fd: 41:6d:67:8a:57:f9:cb:05:95:d9:74:a8:32:c1:9f: a7:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:CA:97:19:C1:9D:A2:7B:7E:04:93:B9:11:80:4A:BE:11:3A:47:81 X509v3 Authority Key Identifier: keyid:D4:DD:82:44:BC:2E:B2:B1:87:B4:18:12:26:71:45:05:DF:8F:44:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4DD8244BC2EB2B187B4181226714505DF8F4452.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption be:d7:ce:ca:7e:10:61:e2:fc:6a:a0:6d:2f:50:59:51:3c:5b: d2:0b:fd:1f:14:e8:a2:38:97:27:1b:c5:ed:da:a1:89:90:6a: a0:a5:8d:54:ca:d3:3e:4b:6a:2c:42:c7:b0:bb:05:c9:74:80: 56:61:8e:e3:55:36:a9:ab:99:b1:a2:96:b8:0e:9a:6e:0b:80: ff:8b:c4:28:26:64:a3:6a:d7:dd:bf:b5:a0:38:c0:8b:49:c1: 30:78:3f:55:e3:4d:1e:77:3d:e5:f8:90:5b:3c:e6:a4:74:ea: 97:fb:2e:c2:ee:f9:12:da:c9:44:ed:b5:66:6e:aa:f4:57:e8: 2d:cf:24:da:cb:9d:53:e2:ff:a6:57:3e:d3:85:9a:8b:8f:f8: 55:0b:5f:d3:5c:e4:3e:2f:63:9f:89:88:93:7d:7c:84:20:98: 31:41:ab:c9:cf:88:64:7a:d3:44:9d:86:07:a5:0b:d1:58:ae: 2c:59:1c:c5:e4:79:89:f0:02:0b:a3:0c:ce:fc:89:a0:55:f1: 56:0a:b2:b1:67:04:31:10:79:61:1a:76:0f:69:bb:25:2e:01: eb:8b:83:10:ac:a2:eb:7a:23:80:bb:ae:15:0e:ee:f9:09:8b: 34:0b:f8:e7:5a:fe:23:a4:a1:a7:15:f3:a0:de:af:62:44:ab: d6:25:9c:c4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUFR4iqtC84dCEL8E3va9JZ4Egws4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDRERDgyNDRCQzJFQjJCMTg3QjQxODEyMjY3MTQ1MDVE RjhGNDQ1MjAeFw0yNjAzMjUxNTA2MjNaFw0yNjAzMjgxNzU3MjNaMDMxMTAvBgNV BAMTKDQwQ0E5NzE5QzE5REEyN0I3RTA0OTNCOTExODA0QUJFMTEzQTQ3ODEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBya25JHp+IcOqXZqYAL8vMmj6 xoVNTjkzxhI04iXqBrpL3V3kyfOnZwBZclpp3UqBP8sHVnPe3//MY2LPx0IJPlux O9edcr7Z9QEj3YrvXhj46Mso+4txV8eU0Rdxjgs9WB2R+2EB2jfCpMLaEQqgdGWf 0NhT1Kazc7TF07M9lJuXhDRYiZ3P26b68nd/RlHGw1obrjloj/U+LCUKyozLou5+ Jr2VnNESpPym3ROu+h7hccD/JuOTbJVpbPn5Kf8duNuDVy2SKV+7UPNXqneS1pKE evDzirGp24dbZ4yb52s319RB1fontidlxxoE/UFtZ4pX+csFldl0qDLBn6etAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUQMqXGcGdont+BJO5EYBKvhE6R4EwHwYDVR0j BBgwFoAU1N2CRLwusrGHtBgSJnFFBd+PRFIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l YWYwZjQyMy0zYmVkLTQ5MzgtOWY4OS0xNWU2MjY5YmRkY2EvMC9ENEREODI0NEJD MkVCMkIxODdCNDE4MTIyNjcxNDUwNURGOEY0NDUyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDRERDgyNDRCQzJFQjJCMTg3QjQxODEyMjY3MTQ1MDVERjhG NDQ1Mi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWFmMGY0MjMtM2JlZC00OTM4LTlm ODktMTVlNjI2OWJkZGNhLzAvRDRERDgyNDRCQzJFQjJCMTg3QjQxODEyMjY3MTQ1 MDVERjhGNDQ1Mi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAL7Xzsp+EGHi/GqgbS9QWVE8W9IL/R8U6KI4 lycbxe3aoYmQaqCljVTK0z5LaixCx7C7Bcl0gFZhjuNVNqmrmbGilrgOmm4LgP+L xCgmZKNq192/taA4wItJwTB4P1XjTR53PeX4kFs85qR06pf7LsLu+RLayUTttWZu qvRX6C3PJNrLnVPi/6ZXPtOFmouP+FULX9Nc5D4vY5+JiJN9fIQgmDFBq8nPiGR6 00SdhgelC9FYrixZHMXkeYnwAgujDM78iaBV8VYKsrFnBDEQeWEadg9puyUuAeuL gxCsout6I4C7rhUO7vkJizQL+Oda/iOkoacV86Der2JEq9YlnMQ= -----END CERTIFICATE-----Generated at Thu Mar 26 14:59:46 2026 by rpki-client