$ rpki-client -vvf repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft File: 821049BBD22C335A50850F16AB159C0C6BCC28E5.mft (raw, json) Hash identifier: o4ycjSd2aaZLtKqyVqGAXOlRpCXnmWnP2mHdD4fiIfg= Subject key identifier: 0D:A5:86:21:C1:C6:39:60:DC:80:ED:7C:79:67:C3:FF:84:1D:01:FA Authority key identifier: 82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 Certificate issuer: /CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Certificate serial: 37974A6D680195D2BC2DF2DFE2F5C66442776FCE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft Manifest number: 0294 Signing time: Thu 26 Mar 2026 09:01:54 +0000 Manifest this update: Thu 26 Mar 2026 08:56:54 +0000 Manifest next update: Sun 29 Mar 2026 17:06:54 +0000 Files and hashes: 1: 821049BBD22C335A50850F16AB159C0C6BCC28E5.crl (hash: hfDyCHVhGksLmA8KAGyPl1A20vfa53008Qo3s8zJvfo=) 2: 3130332e32312e39352e302f32342d3234203d3e203435323935.roa (hash: WHp6+633q2Em0ghmTjJeCMByUXIoDLeS8IvSNmEh0gE=) 3: 3130332e32312e39332e302f32342d3234203d3e20313331373338.roa (hash: Hx5e9eX/0MDiWg+S8NREaCwOHPQ1Onm3jq45DAvThoc=) 4: 3130332e32312e39342e302f32342d3234203d3e20313331373338.roa (hash: KCUnGn0DyBychM59+lv18yYznYr1wdm5Tf5W0sYTxbE=) 5: 3130332e32312e39322e302f32342d3234203d3e20313331373338.roa (hash: ndyvXGLmi+s4jvx/l0C4JrK1SIn52emjpfzG2w+2lsw=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 17:06:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:97:4a:6d:68:01:95:d2:bc:2d:f2:df:e2:f5:c6:64:42:77:6f:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=821049BBD22C335A50850F16AB159C0C6BCC28E5 Validity Not Before: Mar 26 08:56:54 2026 GMT Not After : Mar 29 17:06:54 2026 GMT Subject: CN=0DA58621C1C63960DC80ED7C7967C3FF841D01FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:84:23:dc:4e:1e:6c:f4:be:82:41:a4:2b:67: a1:97:fd:7e:57:6f:92:56:51:95:c8:e5:e2:08:61: e6:76:ec:90:f7:97:b3:ee:0e:7a:6a:4a:19:04:82: 28:3d:44:ca:86:5e:4f:75:ce:38:4d:e8:b5:6e:68: 6d:bc:22:48:94:e8:b1:81:57:5f:68:d9:6e:ce:50: 77:9b:bd:8b:3c:16:83:5f:1a:b8:45:87:fa:10:73: b0:00:57:74:39:46:61:6f:26:a8:cf:1e:11:0e:54: 97:56:ae:22:86:b3:62:7a:dd:bb:05:6a:dc:6a:26: e3:32:66:a7:84:a7:29:5c:a1:67:c5:af:4b:cd:7e: 94:2c:a9:82:42:31:93:fb:ff:ff:c5:f5:c6:30:5c: 52:bb:1f:0a:0f:1e:3c:8e:04:5d:11:5e:91:d7:f7: 4c:df:a9:22:8b:35:4f:0b:65:d9:2a:e0:8b:cc:12: 44:10:e1:33:e0:fe:79:c6:ae:2b:9b:59:14:35:e7: 9a:13:96:cd:6b:25:20:83:0e:3e:2b:98:9a:d0:fe: 05:31:3e:e5:c0:06:98:33:9e:82:74:ad:34:c5:ae: 50:b9:e0:00:b3:96:0c:9f:0f:4e:45:47:bb:5c:de: dd:81:09:ea:3f:94:ec:72:d0:ea:7b:bd:53:30:c5: ab:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:A5:86:21:C1:C6:39:60:DC:80:ED:7C:79:67:C3:FF:84:1D:01:FA X509v3 Authority Key Identifier: keyid:82:10:49:BB:D2:2C:33:5A:50:85:0F:16:AB:15:9C:0C:6B:CC:28:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/821049BBD22C335A50850F16AB159C0C6BCC28E5.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ede8e18d-a047-4590-9e56-464a73e23c6c/0/821049BBD22C335A50850F16AB159C0C6BCC28E5.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:16:91:0d:4a:d5:da:54:95:aa:27:90:dc:a3:fb:d0:51:35: 52:07:95:6c:1b:8e:f3:40:82:f4:97:fc:d5:0a:c4:d2:66:1e: 53:24:29:e1:b6:19:2b:07:f3:07:75:68:38:78:9a:64:76:0a: c3:e8:f0:d3:13:18:3f:78:0b:d8:c7:ee:dc:89:d8:63:f9:fd: 1e:03:3b:bc:64:56:09:af:43:75:de:55:5b:bc:df:a2:d1:68: 53:dc:75:99:22:eb:01:68:1b:12:fc:23:a4:55:ea:9a:5e:a4: 2f:c4:26:42:4d:3c:5b:18:db:94:62:ea:da:f5:d3:73:9f:df: ed:57:3a:46:53:9f:ca:e7:95:d0:e9:9c:31:36:53:70:0e:14: ae:54:bb:c3:9c:a5:76:c3:55:7f:b9:f8:c9:dc:04:45:de:20: 58:50:6a:9c:70:1a:b9:6f:32:c2:f2:63:eb:18:67:21:95:a1: 95:d0:95:77:d9:8c:0d:7c:a6:22:25:59:af:0b:75:7d:00:ba: 98:3e:81:23:d0:af:0a:26:54:27:76:62:4f:23:19:dd:43:45: 14:cf:0f:3e:9c:14:f2:d9:ed:ff:ef:f2:18:18:1a:cc:cb:2e: 8c:65:38:eb:41:e2:27:b9:37:ba:c1:9d:90:c9:18:58:89:34: 18:9b:92:db -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUN5dKbWgBldK8LfLf4vXGZEJ3b84wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2 QkNDMjhFNTAeFw0yNjAzMjYwODU2NTRaFw0yNjAzMjkxNzA2NTRaMDMxMTAvBgNV BAMTKDBEQTU4NjIxQzFDNjM5NjBEQzgwRUQ3Qzc5NjdDM0ZGODQxRDAxRkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMhCPcTh5s9L6CQaQrZ6GX/X5X b5JWUZXI5eIIYeZ27JD3l7PuDnpqShkEgig9RMqGXk91zjhN6LVuaG28IkiU6LGB V19o2W7OUHebvYs8FoNfGrhFh/oQc7AAV3Q5RmFvJqjPHhEOVJdWriKGs2J63bsF atxqJuMyZqeEpylcoWfFr0vNfpQsqYJCMZP7///F9cYwXFK7HwoPHjyOBF0RXpHX 90zfqSKLNU8LZdkq4IvMEkQQ4TPg/nnGriubWRQ155oTls1rJSCDDj4rmJrQ/gUx PuXABpgznoJ0rTTFrlC54ACzlgyfD05FR7tc3t2BCeo/lOxy0Op7vVMwxatfAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUDaWGIcHGOWDcgO18eWfD/4QdAfowHwYDVR0j BBgwFoAUghBJu9IsM1pQhQ8WqxWcDGvMKOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l ZGU4ZTE4ZC1hMDQ3LTQ1OTAtOWU1Ni00NjRhNzNlMjNjNmMvMC84MjEwNDlCQkQy MkMzMzVBNTA4NTBGMTZBQjE1OUMwQzZCQ0MyOEU1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlDMEM2QkND MjhFNS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZWRlOGUxOGQtYTA0Ny00NTkwLTll NTYtNDY0YTczZTIzYzZjLzAvODIxMDQ5QkJEMjJDMzM1QTUwODUwRjE2QUIxNTlD MEM2QkNDMjhFNS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAD4WkQ1K1dpUlaonkNyj+9BRNVIHlWwbjvNA gvSX/NUKxNJmHlMkKeG2GSsH8wd1aDh4mmR2CsPo8NMTGD94C9jH7tyJ2GP5/R4D O7xkVgmvQ3XeVVu836LRaFPcdZki6wFoGxL8I6RV6ppepC/EJkJNPFsY25Ri6tr1 03Of3+1XOkZTn8rnldDpnDE2U3AOFK5Uu8OcpXbDVX+5+MncBEXeIFhQapxwGrlv MsLyY+sYZyGVoZXQlXfZjA18piIlWa8LdX0Aupg+gSPQrwomVCd2Yk8jGd1DRRTP Dz6cFPLZ7f/v8hgYGszLLoxlOOtB4ie5N7rBnZDJGFiJNBibkts= -----END CERTIFICATE-----Generated at Thu Mar 26 19:15:30 2026 by rpki-client