$ rpki-client -vvf repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft File: 432AE9E2B00941EF8925409E82CA40508A4688B1.mft (raw, json) Hash identifier: mDk1gIBkw6jieIg93/K8rq908lR2xuRzbraM0S1Nwhs= Subject key identifier: BC:9E:C6:C2:54:88:3A:C9:D7:7B:93:4F:21:5B:C3:C3:BD:7B:FA:B7 Authority key identifier: 43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 Certificate issuer: /CN=432AE9E2B00941EF8925409E82CA40508A4688B1 Certificate serial: 3F70E8C6FC371D2A1320544E9FA6A1C4139ADC4D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft Manifest number: 016A Signing time: Thu 26 Mar 2026 14:32:05 +0000 Manifest this update: Thu 26 Mar 2026 14:27:05 +0000 Manifest next update: Sun 29 Mar 2026 22:30:05 +0000 Files and hashes: 1: 3135372e31302e3136302e302f32332d3234203d3e20313336303532.roa (hash: xTPoIlaNmn7dCA4oz4xbGajx7u9U25QUsQJawDHmNA8=) 2: 432AE9E2B00941EF8925409E82CA40508A4688B1.crl (hash: I7Ql2FpqaEBWX1DzqGhaNIDkHw/tlzLWZai2Ju0bsko=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.crl rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 14:23:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:70:e8:c6:fc:37:1d:2a:13:20:54:4e:9f:a6:a1:c4:13:9a:dc:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=432AE9E2B00941EF8925409E82CA40508A4688B1 Validity Not Before: Mar 26 14:27:05 2026 GMT Not After : Mar 29 22:30:05 2026 GMT Subject: CN=BC9EC6C254883AC9D77B934F215BC3C3BD7BFAB7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:a3:f7:3b:5b:59:ec:5d:3e:b6:06:2a:14:84: 55:a9:e0:b5:c3:1a:21:c9:b0:04:d9:72:2a:e5:93: 81:1f:49:6f:13:24:f0:62:34:ce:c0:45:af:30:2c: 77:06:35:fc:fe:8e:b9:a0:ca:63:64:a0:4f:6a:95: bf:f7:a2:a8:5d:7d:66:c2:e3:b7:e6:b3:95:03:02: 8b:2f:f5:e9:8f:b7:cf:a1:87:9b:0b:24:3b:7b:c8: ac:17:6e:3c:88:47:8b:56:04:81:60:c8:64:54:dc: 5a:1e:83:8a:00:ea:18:f6:a6:bf:1e:90:d6:8b:37: 34:34:1d:84:62:65:ab:36:81:45:fa:e8:5b:d6:d9: a4:b9:3d:bf:b1:55:68:c5:c8:4b:d9:69:fc:b2:5d: 68:40:74:f5:71:eb:12:92:b4:2d:f4:49:99:5c:ed: 72:09:25:c2:ca:3f:ef:1a:6b:26:fa:df:34:ea:be: de:0f:90:ac:55:19:86:92:d9:db:75:31:a2:7b:15: a5:32:ac:c0:f4:56:21:31:0b:60:75:27:f1:1c:88: b2:2e:a7:79:1c:f9:32:5d:75:62:93:0f:0f:3f:5f: fa:19:0c:8e:6a:e4:8e:11:67:ac:03:97:a9:26:20: 56:17:a3:5a:7c:7c:cc:fa:09:79:62:8a:35:c3:a4: 10:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:9E:C6:C2:54:88:3A:C9:D7:7B:93:4F:21:5B:C3:C3:BD:7B:FA:B7 X509v3 Authority Key Identifier: keyid:43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:b9:c6:6a:2b:9a:0e:4f:d0:f1:80:fa:fd:da:83:59:5a:94: 6d:3f:0d:44:e7:40:3d:a7:67:7f:18:7f:52:0d:30:44:75:35: 3c:77:0c:f2:8b:68:a0:75:29:b2:86:af:ed:42:3b:1d:c0:e4: ae:86:a9:ca:1c:8a:39:19:6d:2f:6d:9a:6d:cb:f6:3e:28:58: bf:5b:0d:06:8d:85:c0:32:c0:8f:54:14:0c:ae:fd:f4:2a:01: 7a:c2:d6:3f:79:e8:c9:98:75:72:bf:d0:8e:79:3d:88:bf:cd: 60:6e:05:72:59:27:62:3c:69:c1:9a:cd:19:8d:3a:70:2c:c8: aa:f6:93:55:d7:45:b8:17:f4:5f:0a:70:1f:34:43:16:a8:06: 6b:04:c8:00:16:8c:89:4e:36:aa:ac:3d:01:46:fb:cb:92:45: ec:a7:5d:6f:6c:5f:78:66:3b:9d:99:45:fc:54:3a:f1:e3:d5: 11:7b:2d:53:bb:43:0e:07:9b:26:14:f3:3c:2b:6e:6c:70:06: 4f:10:29:62:97:f1:ca:ee:92:a1:0b:50:42:94:86:3c:8c:5d: 8b:13:59:1b:25:61:87:ce:1c:46:55:d6:f6:90:60:8f:33:5b: 95:1d:94:e2:b0:f7:57:12:bf:29:a2:e9:b0:d2:92:ea:22:c5: ff:c0:0b:bd -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUP3Doxvw3HSoTIFROn6ahxBOa3E0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQwNTA4 QTQ2ODhCMTAeFw0yNjAzMjYxNDI3MDVaFw0yNjAzMjkyMjMwMDVaMDMxMTAvBgNV BAMTKEJDOUVDNkMyNTQ4ODNBQzlENzdCOTM0RjIxNUJDM0MzQkQ3QkZBQjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoo/c7W1nsXT62BioUhFWp4LXD GiHJsATZcirlk4EfSW8TJPBiNM7ARa8wLHcGNfz+jrmgymNkoE9qlb/3oqhdfWbC 47fms5UDAosv9emPt8+hh5sLJDt7yKwXbjyIR4tWBIFgyGRU3Foeg4oA6hj2pr8e kNaLNzQ0HYRiZas2gUX66FvW2aS5Pb+xVWjFyEvZafyyXWhAdPVx6xKStC30SZlc 7XIJJcLKP+8aayb63zTqvt4PkKxVGYaS2dt1MaJ7FaUyrMD0ViExC2B1J/EciLIu p3kc+TJddWKTDw8/X/oZDI5q5I4RZ6wDl6kmIFYXo1p8fMz6CXliijXDpBDnAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUvJ7GwlSIOsnXe5NPIVvDw717+rcwHwYDVR0j BBgwFoAUQyrp4rAJQe+JJUCegspAUIpGiLEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l YzJmYzFkNC0zN2E2LTQ5NDMtYjRjNi02ZDhlOWI0ZTU1OTEvMC80MzJBRTlFMkIw MDk0MUVGODkyNTQwOUU4MkNBNDA1MDhBNDY4OEIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQwNTA4QTQ2 ODhCMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWMyZmMxZDQtMzdhNi00OTQzLWI0 YzYtNmQ4ZTliNGU1NTkxLzAvNDMyQUU5RTJCMDA5NDFFRjg5MjU0MDlFODJDQTQw NTA4QTQ2ODhCMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFe5xmormg5P0PGA+v3ag1lalG0/DUTnQD2n Z38Yf1INMER1NTx3DPKLaKB1KbKGr+1COx3A5K6GqcocijkZbS9tmm3L9j4oWL9b DQaNhcAywI9UFAyu/fQqAXrC1j956MmYdXK/0I55PYi/zWBuBXJZJ2I8acGazRmN OnAsyKr2k1XXRbgX9F8KcB80QxaoBmsEyAAWjIlONqqsPQFG+8uSReynXW9sX3hm O52ZRfxUOvHj1RF7LVO7Qw4HmyYU8zwrbmxwBk8QKWKX8crukqELUEKUhjyMXYsT WRslYYfOHEZV1vaQYI8zW5UdlOKw91cSvymi6bDSkuoixf/AC70= -----END CERTIFICATE-----Generated at Thu Mar 26 19:33:46 2026 by rpki-client