$ rpki-client -vvf repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft File: 8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft (raw, json) Hash identifier: NI3yzlMMAlFsKtfkM0eEspHYWFjAiOO5QvW+bx6628k= Subject key identifier: 4D:AB:89:FB:77:EC:CE:62:29:E1:09:19:21:07:72:AA:66:11:46:47 Authority key identifier: 8C:DF:71:6F:25:D6:4D:EB:3E:10:36:E6:A3:6D:B7:24:CD:E1:E5:D0 Certificate issuer: /CN=8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0 Certificate serial: 045966953ABDA1B57ED52F984A191275900847B9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft Manifest number: 03DC Signing time: Wed 25 Mar 2026 21:40:48 +0000 Manifest this update: Wed 25 Mar 2026 21:35:48 +0000 Manifest next update: Sun 29 Mar 2026 06:02:48 +0000 Files and hashes: 1: 3130332e3136322e3134362e302f32332d3234203d3e203137393935.roa (hash: glmRxvHF4g4HTvz1muaudxYOmNWHdjodUPYRc5xhUvY=) 2: 8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.crl (hash: bga/dpH3cVaoDhfdYS197lyqvlfphPf3Fi+QEz5NsmY=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.crl rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 06:02:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:59:66:95:3a:bd:a1:b5:7e:d5:2f:98:4a:19:12:75:90:08:47:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0 Validity Not Before: Mar 25 21:35:48 2026 GMT Not After : Mar 29 06:02:48 2026 GMT Subject: CN=4DAB89FB77ECCE6229E10919210772AA66114647 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:16:88:7a:03:f9:07:b8:28:b3:ad:dd:e1:c8: c6:7d:1b:8d:36:33:c5:62:b2:78:b2:3d:31:05:57: 48:8c:c8:b2:2d:d1:48:2d:7f:e8:c4:a7:06:01:7d: 1e:e4:64:2e:a2:20:83:04:2b:47:36:b5:b4:60:71: 77:b9:80:9e:80:a8:96:87:d9:b0:17:9c:ce:af:05: 45:23:31:e5:ad:f5:92:c3:22:d0:b4:27:66:90:7e: 49:30:40:ac:0b:07:58:0a:33:76:65:0f:3f:81:11: 6a:40:62:01:d2:db:67:9f:5b:fe:8f:5c:52:36:69: 9e:37:20:f9:19:4c:74:32:1b:ef:60:49:2e:98:67: 3c:fb:6a:90:15:20:f6:fa:55:12:6a:7b:b9:73:53: 25:e4:8f:12:99:ec:93:ff:35:c4:d5:37:00:49:76: cd:e1:80:da:ab:aa:de:73:8c:f2:45:63:90:9a:44: ad:06:a9:81:44:9f:e3:06:a6:b8:38:85:90:7e:44: 06:0c:fe:1d:fa:d3:81:94:e5:08:65:20:53:4c:f2: 20:1b:a9:bb:ef:ab:1f:f2:71:c1:ea:bf:9a:8f:ba: fc:8e:e6:50:ae:db:5a:75:0c:f3:e2:8e:77:35:1c: bb:f2:bd:c6:fd:1a:e5:9a:64:c6:3e:11:d2:9a:73: fa:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:AB:89:FB:77:EC:CE:62:29:E1:09:19:21:07:72:AA:66:11:46:47 X509v3 Authority Key Identifier: keyid:8C:DF:71:6F:25:D6:4D:EB:3E:10:36:E6:A3:6D:B7:24:CD:E1:E5:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f0520b54-3ba7-4631-af0b-55984b0ba7f2/0/8CDF716F25D64DEB3E1036E6A36DB724CDE1E5D0.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:aa:b2:9e:ba:71:77:af:0d:77:0b:98:c1:fa:28:be:55:dd: 56:be:19:ac:03:3f:1e:8a:2b:e9:65:ec:ed:84:a4:3e:d6:ce: 3d:0e:cd:89:a3:01:c9:a2:39:54:84:90:2c:a0:ab:f3:3a:f9: 0e:b4:8d:6a:2b:f7:c1:87:c5:e7:18:9b:54:5b:dc:40:16:97: 81:c3:70:8e:77:ce:bf:20:b6:6e:37:80:70:8f:e6:87:40:84: 72:3b:18:51:6c:53:47:8b:3f:fa:96:02:68:03:b2:61:38:93: 00:ff:0c:22:ed:2f:ae:db:28:cd:18:f0:19:8d:4b:42:b2:d6: 3b:35:14:06:83:c3:c2:8e:cc:ca:67:bc:62:be:6f:e5:f9:43: a7:95:93:82:3f:af:77:e1:6d:c9:ee:34:8f:c2:63:58:ae:d1: ee:f1:be:a2:73:7b:c6:24:7f:f6:88:48:73:67:f5:7a:33:ed: 34:b0:dd:8d:61:ff:44:2c:32:e6:ce:6e:3e:26:37:75:f2:73: 60:fd:22:33:4a:88:5b:fa:65:8c:0f:46:25:aa:95:13:85:80: 5f:19:b1:56:f6:c5:50:fa:a7:15:94:a0:31:f2:81:05:ba:ed: 13:b8:99:83:5b:54:56:29:91:54:05:8e:b2:69:56:6b:bf:f0: 52:ce:57:80 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBFlmlTq9obV+1S+YShkSdZAIR7kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOENERjcxNkYyNUQ2NERFQjNFMTAzNkU2QTM2REI3MjRD REUxRTVEMDAeFw0yNjAzMjUyMTM1NDhaFw0yNjAzMjkwNjAyNDhaMDMxMTAvBgNV BAMTKDREQUI4OUZCNzdFQ0NFNjIyOUUxMDkxOTIxMDc3MkFBNjYxMTQ2NDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRFoh6A/kHuCizrd3hyMZ9G402 M8VisniyPTEFV0iMyLIt0Ugtf+jEpwYBfR7kZC6iIIMEK0c2tbRgcXe5gJ6AqJaH 2bAXnM6vBUUjMeWt9ZLDItC0J2aQfkkwQKwLB1gKM3ZlDz+BEWpAYgHS22efW/6P XFI2aZ43IPkZTHQyG+9gSS6YZzz7apAVIPb6VRJqe7lzUyXkjxKZ7JP/NcTVNwBJ ds3hgNqrqt5zjPJFY5CaRK0GqYFEn+MGprg4hZB+RAYM/h3604GU5QhlIFNM8iAb qbvvqx/yccHqv5qPuvyO5lCu21p1DPPijnc1HLvyvcb9GuWaZMY+EdKac/qDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUTauJ+3fszmIp4QkZIQdyqmYRRkcwHwYDVR0j BBgwFoAUjN9xbyXWTes+EDbmo223JM3h5dAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m MDUyMGI1NC0zYmE3LTQ2MzEtYWYwYi01NTk4NGIwYmE3ZjIvMC84Q0RGNzE2RjI1 RDY0REVCM0UxMDM2RTZBMzZEQjcyNENERTFFNUQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOENERjcxNkYyNUQ2NERFQjNFMTAzNkU2QTM2REI3MjRDREUx RTVEMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZjA1MjBiNTQtM2JhNy00NjMxLWFm MGItNTU5ODRiMGJhN2YyLzAvOENERjcxNkYyNUQ2NERFQjNFMTAzNkU2QTM2REI3 MjRDREUxRTVEMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAD+qsp66cXevDXcLmMH6KL5V3Va+GawDPx6K K+ll7O2EpD7Wzj0OzYmjAcmiOVSEkCygq/M6+Q60jWor98GHxecYm1Rb3EAWl4HD cI53zr8gtm43gHCP5odAhHI7GFFsU0eLP/qWAmgDsmE4kwD/DCLtL67bKM0Y8BmN S0Ky1js1FAaDw8KOzMpnvGK+b+X5Q6eVk4I/r3fhbcnuNI/CY1iu0e7xvqJze8Yk f/aISHNn9Xoz7TSw3Y1h/0QsMubObj4mN3Xyc2D9IjNKiFv6ZYwPRiWqlROFgF8Z sVb2xVD6pxWUoDHygQW67RO4mYNbVFYpkVQFjrJpVmu/8FLOV4A= -----END CERTIFICATE-----Generated at Thu Mar 26 17:01:03 2026 by rpki-client