$ rpki-client -vvf repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft File: AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft (raw, json) Hash identifier: mRZZkm73x+Mh9DdlwEKkvZTb9ycMkkYds9H29/PihOY= Subject key identifier: 39:49:19:A4:DD:35:4A:79:17:1C:19:80:BC:F7:9C:31:90:E3:54:E1 Authority key identifier: AA:72:76:8F:DD:0C:61:5A:05:E4:A3:2A:06:F9:CC:B5:CA:7E:0D:93 Certificate issuer: /CN=AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93 Certificate serial: 5BC01C59DE84D9FC0D2862C2CE9D9F10A9C11B1E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft Manifest number: 0115 Signing time: Thu 26 Mar 2026 10:32:23 +0000 Manifest this update: Thu 26 Mar 2026 10:27:23 +0000 Manifest next update: Sun 29 Mar 2026 17:46:23 +0000 Files and hashes: 1: 3136302e32352e3137352e302f32342d3234203d3e20313533303733.roa (hash: 1GdsDMn9IlNA2FNYR2FdTgcFsp12pZf8bJqQ9ss5+PA=) 2: AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.crl (hash: JdaqoOEwXPXHWR5kAvags4bs+tGEv+Uby+VushhRdZQ=) 3: 3136302e32352e3137342e302f32342d3234203d3e20313533303733.roa (hash: 9HcMn3I4XGR9gCZZPwjQDGBo7tgZN5G+yM9cxbzNmtk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.crl rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 14:23:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:c0:1c:59:de:84:d9:fc:0d:28:62:c2:ce:9d:9f:10:a9:c1:1b:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93 Validity Not Before: Mar 26 10:27:23 2026 GMT Not After : Mar 29 17:46:23 2026 GMT Subject: CN=394919A4DD354A79171C1980BCF79C3190E354E1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:4c:07:2c:1b:68:36:81:3f:9d:65:9c:fd:a7: 15:b2:84:7a:c4:16:38:4f:c7:5a:65:42:77:a9:7d: 98:c3:91:b6:00:cb:dd:ff:01:c5:8d:8c:8d:39:26: 56:2d:40:94:ca:82:43:9b:46:4e:a0:b0:28:12:a0: 1b:09:a7:df:ab:a6:79:46:9a:42:1d:7e:65:4b:4e: 4c:28:7b:b8:60:87:f5:32:6c:c8:5d:f6:6d:16:7a: ce:fb:15:a1:c3:a9:e0:90:ee:0b:75:74:6e:d9:60: 2c:7d:ec:8a:0a:f2:6e:17:95:b8:c3:aa:05:4f:b4: 4f:17:ee:1d:cc:23:d5:9b:98:64:2e:d8:b8:76:77: f0:39:14:52:f3:2c:cb:47:6e:82:a8:3b:02:5d:2f: c2:fb:54:3c:22:4d:52:fd:c4:c9:cc:5e:3d:e6:78: 7b:8f:3c:7c:10:1d:b8:1d:6b:5d:71:d5:9c:8a:f7: 14:73:6e:8f:fb:ad:16:65:c0:62:92:b0:3b:39:43: d4:29:88:29:cd:bb:f8:73:ef:80:aa:79:48:5a:b2: 95:e0:17:96:90:a8:46:71:76:f9:57:a9:93:da:49: db:0f:1a:24:b3:dd:a0:ee:0f:4d:6b:4d:dc:1e:f7: 27:e0:9c:1a:63:a1:f0:64:55:da:0d:4f:18:05:8c: ce:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:49:19:A4:DD:35:4A:79:17:1C:19:80:BC:F7:9C:31:90:E3:54:E1 X509v3 Authority Key Identifier: keyid:AA:72:76:8F:DD:0C:61:5A:05:E4:A3:2A:06:F9:CC:B5:CA:7E:0D:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ec72ee3c-e180-4296-9dad-9500efd94890/0/AA72768FDD0C615A05E4A32A06F9CCB5CA7E0D93.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:c3:a0:8b:d1:3a:b7:46:41:ef:18:08:a7:06:ac:6e:4a:3b: 64:86:99:e7:a8:86:24:ed:4a:31:2c:6d:24:25:cd:46:34:e8: fb:3a:82:83:fe:c3:11:1b:b8:58:63:42:0a:61:c7:00:93:52: 22:24:38:ca:5b:ec:79:b1:6f:ec:d2:a7:bd:63:c0:6c:e0:c2: 89:41:23:5b:82:55:06:49:4b:3c:aa:3a:cf:6b:bb:f3:7d:3f: c8:40:76:31:92:d6:5f:08:b4:de:65:34:99:df:86:c6:eb:04: 7a:74:cd:88:be:78:76:73:cf:0e:5e:a7:ee:0c:6a:30:73:77: 25:dc:78:b5:53:5f:a2:12:39:a4:ac:de:e1:07:b1:11:66:9d: 88:31:dd:b6:f7:ff:5e:4d:0a:60:72:61:78:00:67:ee:3e:ab: 35:6b:fd:aa:e5:ff:97:ef:69:7e:2c:2a:2c:be:82:e0:1f:c1: 6f:53:69:5a:d2:0b:c2:78:03:8b:ba:9e:c4:5a:6f:30:d3:22: a0:70:b7:a4:46:ca:65:91:cd:df:dd:a8:a8:5b:ce:cf:a5:32: 2a:5a:3e:2b:c0:c7:95:23:22:db:4e:6d:cd:b9:82:4f:45:68: 14:0e:a1:32:f3:35:13:07:1e:4a:c3:46:fb:a3:98:e8:a2:e7: f7:4f:01:5e -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUW8AcWd6E2fwNKGLCzp2fEKnBGx4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUE3Mjc2OEZERDBDNjE1QTA1RTRBMzJBMDZGOUNDQjVD QTdFMEQ5MzAeFw0yNjAzMjYxMDI3MjNaFw0yNjAzMjkxNzQ2MjNaMDMxMTAvBgNV BAMTKDM5NDkxOUE0REQzNTRBNzkxNzFDMTk4MEJDRjc5QzMxOTBFMzU0RTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMTAcsG2g2gT+dZZz9pxWyhHrE FjhPx1plQnepfZjDkbYAy93/AcWNjI05JlYtQJTKgkObRk6gsCgSoBsJp9+rpnlG mkIdfmVLTkwoe7hgh/UybMhd9m0Wes77FaHDqeCQ7gt1dG7ZYCx97IoK8m4XlbjD qgVPtE8X7h3MI9WbmGQu2Lh2d/A5FFLzLMtHboKoOwJdL8L7VDwiTVL9xMnMXj3m eHuPPHwQHbgda11x1ZyK9xRzbo/7rRZlwGKSsDs5Q9QpiCnNu/hz74CqeUhaspXg F5aQqEZxdvlXqZPaSdsPGiSz3aDuD01rTdwe9yfgnBpjofBkVdoNTxgFjM55AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUOUkZpN01SnkXHBmAvPecMZDjVOEwHwYDVR0j BBgwFoAUqnJ2j90MYVoF5KMqBvnMtcp+DZMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l YzcyZWUzYy1lMTgwLTQyOTYtOWRhZC05NTAwZWZkOTQ4OTAvMC9BQTcyNzY4RkRE MEM2MTVBMDVFNEEzMkEwNkY5Q0NCNUNBN0UwRDkzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUE3Mjc2OEZERDBDNjE1QTA1RTRBMzJBMDZGOUNDQjVDQTdF MEQ5My5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWM3MmVlM2MtZTE4MC00Mjk2LTlk YWQtOTUwMGVmZDk0ODkwLzAvQUE3Mjc2OEZERDBDNjE1QTA1RTRBMzJBMDZGOUND QjVDQTdFMEQ5My5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKbDoIvROrdGQe8YCKcGrG5KO2SGmeeohiTt SjEsbSQlzUY06Ps6goP+wxEbuFhjQgphxwCTUiIkOMpb7Hmxb+zSp71jwGzgwolB I1uCVQZJSzyqOs9ru/N9P8hAdjGS1l8ItN5lNJnfhsbrBHp0zYi+eHZzzw5ep+4M ajBzdyXceLVTX6ISOaSs3uEHsRFmnYgx3bb3/15NCmByYXgAZ+4+qzVr/arl/5fv aX4sKiy+guAfwW9TaVrSC8J4A4u6nsRabzDTIqBwt6RGymWRzd/dqKhbzs+lMipa PivAx5UjIttObc25gk9FaBQOoTLzNRMHHkrDRvujmOii5/dPAV4= -----END CERTIFICATE-----Generated at Thu Mar 26 14:43:35 2026 by rpki-client