$ rpki-client -vvf repo-rpki.idnic.net/repo/ede8ccb9-0a63-49a9-aa8a-ed016ee351f0/0/AA97B959271291FBE142491B81063AD5B04487FA.mft File: AA97B959271291FBE142491B81063AD5B04487FA.mft (raw, json) Hash identifier: /4JhV3hQzqchvX70xE28O6t/JRpW5M3BXYZq6OPYHVo= Subject key identifier: C7:1B:B2:48:58:6C:1C:BD:C5:52:CA:D5:1B:7E:4F:C3:7A:BC:FA:FC Authority key identifier: AA:97:B9:59:27:12:91:FB:E1:42:49:1B:81:06:3A:D5:B0:44:87:FA Certificate issuer: /CN=AA97B959271291FBE142491B81063AD5B04487FA Certificate serial: 5D501AFCFA3AC168A8FF4EAD88CCD94DEE6A4D4C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA97B959271291FBE142491B81063AD5B04487FA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ede8ccb9-0a63-49a9-aa8a-ed016ee351f0/0/AA97B959271291FBE142491B81063AD5B04487FA.mft Manifest number: 0140 Signing time: Wed 25 Mar 2026 04:50:44 +0000 Manifest this update: Wed 25 Mar 2026 04:45:44 +0000 Manifest next update: Sat 28 Mar 2026 11:06:44 +0000 Files and hashes: 1: AA97B959271291FBE142491B81063AD5B04487FA.crl (hash: rAeq8cfgsLvv3MYUqKY19nwhu6np0njyFh5b7kxCvVI=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ede8ccb9-0a63-49a9-aa8a-ed016ee351f0/0/AA97B959271291FBE142491B81063AD5B04487FA.crl rsync://repo-rpki.idnic.net/repo/ede8ccb9-0a63-49a9-aa8a-ed016ee351f0/0/AA97B959271291FBE142491B81063AD5B04487FA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA97B959271291FBE142491B81063AD5B04487FA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 11:06:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:50:1a:fc:fa:3a:c1:68:a8:ff:4e:ad:88:cc:d9:4d:ee:6a:4d:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA97B959271291FBE142491B81063AD5B04487FA Validity Not Before: Mar 25 04:45:44 2026 GMT Not After : Mar 28 11:06:44 2026 GMT Subject: CN=C71BB248586C1CBDC552CAD51B7E4FC37ABCFAFC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:6f:ef:fe:6b:f8:67:e2:53:b2:c0:12:2a:e6: ab:dd:3b:51:90:d9:6b:5f:4c:15:56:48:99:09:c0: b1:ea:7c:45:f5:6c:e8:1d:16:af:e1:bb:4c:a4:eb: 0e:0b:20:6f:35:55:6f:45:cd:f4:cb:35:fc:8b:d3: 44:8f:8c:e2:91:de:de:b0:0e:ca:c9:13:f4:e1:e0: 24:59:32:ff:02:d4:ab:98:f6:92:ff:a5:3e:dc:b1: 57:ac:8f:67:56:85:ef:9f:ba:a4:fc:d7:fc:7b:ef: 91:e0:c6:15:d9:73:4f:a9:16:d2:db:ca:dd:2b:6a: bd:20:11:b4:c7:69:83:24:ec:95:07:6b:d0:ea:3f: 04:89:8d:33:68:9d:ef:0e:9d:c1:6c:50:33:c2:93: 91:50:91:95:65:63:66:7a:72:53:21:a8:f5:2e:bf: 5f:69:f7:5e:ff:bb:86:24:9c:2d:31:95:02:02:95: 04:b7:a3:26:b4:89:0b:b1:68:9a:19:3a:57:28:c0: 26:68:a2:5e:1f:8b:ab:e3:3a:0b:61:b1:cb:99:94: cb:30:21:a5:a7:58:21:3f:c5:80:f5:b8:c1:63:fb: 44:aa:8a:4d:0d:37:0c:a8:6e:fa:b7:4a:14:c4:43: 87:be:c1:66:b2:e1:d0:8a:42:19:4d:0c:be:0b:d7: 18:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:1B:B2:48:58:6C:1C:BD:C5:52:CA:D5:1B:7E:4F:C3:7A:BC:FA:FC X509v3 Authority Key Identifier: keyid:AA:97:B9:59:27:12:91:FB:E1:42:49:1B:81:06:3A:D5:B0:44:87:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ede8ccb9-0a63-49a9-aa8a-ed016ee351f0/0/AA97B959271291FBE142491B81063AD5B04487FA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA97B959271291FBE142491B81063AD5B04487FA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ede8ccb9-0a63-49a9-aa8a-ed016ee351f0/0/AA97B959271291FBE142491B81063AD5B04487FA.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:5a:aa:4f:bf:a7:d7:56:c9:73:a1:42:73:45:07:05:f5:fa: 4b:39:8f:92:08:62:0b:67:2f:32:22:47:d2:14:b5:59:6f:a8: 58:47:13:be:da:74:3d:6b:ff:78:d8:4e:8c:69:25:14:94:df: 86:a1:53:92:ea:d9:d1:38:fa:89:c6:5a:31:1a:1e:35:a2:65: 14:f9:40:ce:85:d6:55:b7:f5:ac:ea:ba:cb:40:1f:cf:0a:10: a0:1a:07:3c:d4:f5:6a:03:45:40:df:0b:40:4e:55:a1:9b:79: 24:16:7a:8b:b0:7a:94:d0:9f:6e:cf:1b:f2:0d:81:6b:74:c1: a4:a4:d0:c2:28:76:3c:e6:72:08:b1:a8:9c:c3:96:2c:15:bb: 7a:73:fa:1e:47:72:3b:d1:92:ef:14:58:5f:6f:d8:25:8f:9e: 70:fd:58:ef:7e:05:ac:45:76:a7:5a:52:59:13:7b:07:bb:e9: f5:92:b7:be:7e:8a:b0:ed:1a:c0:58:34:dc:6e:69:c9:24:90: 01:9d:4c:d4:70:ad:28:9c:af:c8:8b:23:a8:af:f5:d7:d8:ae: a7:07:a3:c8:53:75:59:b2:db:30:59:c8:8a:50:88:6c:5b:01: 18:87:c5:b4:f8:36:7f:70:38:0e:17:a1:cb:9a:f5:17:80:ad: 0e:90:30:70 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXVAa/Po6wWio/06tiMzZTe5qTUwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUE5N0I5NTkyNzEyOTFGQkUxNDI0OTFCODEwNjNBRDVC MDQ0ODdGQTAeFw0yNjAzMjUwNDQ1NDRaFw0yNjAzMjgxMTA2NDRaMDMxMTAvBgNV BAMTKEM3MUJCMjQ4NTg2QzFDQkRDNTUyQ0FENTFCN0U0RkMzN0FCQ0ZBRkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEb+/+a/hn4lOywBIq5qvdO1GQ 2WtfTBVWSJkJwLHqfEX1bOgdFq/hu0yk6w4LIG81VW9FzfTLNfyL00SPjOKR3t6w DsrJE/Th4CRZMv8C1KuY9pL/pT7csVesj2dWhe+fuqT81/x775HgxhXZc0+pFtLb yt0rar0gEbTHaYMk7JUHa9DqPwSJjTNone8OncFsUDPCk5FQkZVlY2Z6clMhqPUu v19p917/u4YknC0xlQIClQS3oya0iQuxaJoZOlcowCZool4fi6vjOgthscuZlMsw IaWnWCE/xYD1uMFj+0Sqik0NNwyobvq3ShTEQ4e+wWay4dCKQhlNDL4L1xhXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUxxuySFhsHL3FUsrVG35Pw3q8+vwwHwYDVR0j BBgwFoAUqpe5WScSkfvhQkkbgQY61bBEh/owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l ZGU4Y2NiOS0wYTYzLTQ5YTktYWE4YS1lZDAxNmVlMzUxZjAvMC9BQTk3Qjk1OTI3 MTI5MUZCRTE0MjQ5MUI4MTA2M0FENUIwNDQ4N0ZBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUE5N0I5NTkyNzEyOTFGQkUxNDI0OTFCODEwNjNBRDVCMDQ0 ODdGQS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWRlOGNjYjktMGE2My00OWE5LWFh OGEtZWQwMTZlZTM1MWYwLzAvQUE5N0I5NTkyNzEyOTFGQkUxNDI0OTFCODEwNjNB RDVCMDQ0ODdGQS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAEdaqk+/p9dWyXOhQnNFBwX1+ks5j5IIYgtn LzIiR9IUtVlvqFhHE77adD1r/3jYToxpJRSU34ahU5Lq2dE4+onGWjEaHjWiZRT5 QM6F1lW39azqustAH88KEKAaBzzU9WoDRUDfC0BOVaGbeSQWeouwepTQn27PG/IN gWt0waSk0MIodjzmcgixqJzDliwVu3pz+h5HcjvRku8UWF9v2CWPnnD9WO9+BaxF dqdaUlkTewe76fWSt75+irDtGsBYNNxuackkkAGdTNRwrSicr8iLI6iv9dfYrqcH o8hTdVmy2zBZyIpQiGxbARiHxbT4Nn9wOA4Xocua9ReArQ6QMHA= -----END CERTIFICATE-----Generated at Thu Mar 26 12:25:14 2026 by rpki-client