$ rpki-client -vvf repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.mft File: BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.mft (raw, json) Hash identifier: SRPElxAhtO3hwR3sQVSPbifQ5BjJZ6i2tTPkKzsTEvw= Subject key identifier: A8:41:CF:8A:52:62:AC:79:A6:D6:6D:8C:9B:C8:64:1F:E8:7E:1D:4C Authority key identifier: BC:0E:CF:DD:D0:81:CE:51:32:BE:C9:CF:DC:1A:39:0A:9A:F3:BC:BE Certificate issuer: /CN=BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE Certificate serial: 212B06CD313F489A648C9AD0EAE4121F37460338 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.mft Manifest number: 024F Signing time: Wed 25 Mar 2026 16:41:37 +0000 Manifest this update: Wed 25 Mar 2026 16:36:37 +0000 Manifest next update: Sun 29 Mar 2026 04:16:37 +0000 Files and hashes: 1: BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.crl (hash: S7EW5BRkf+YYUZAfe6G2SbyC7k/H0ws+oURGm+olMrU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.crl rsync://repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 04:16:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:2b:06:cd:31:3f:48:9a:64:8c:9a:d0:ea:e4:12:1f:37:46:03:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE Validity Not Before: Mar 25 16:36:37 2026 GMT Not After : Mar 29 04:16:37 2026 GMT Subject: CN=A841CF8A5262AC79A6D66D8C9BC8641FE87E1D4C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a6:f0:83:35:92:4d:f7:d2:b6:7f:0c:c5:17: e6:4f:ed:fa:2b:7a:b2:df:61:f6:b4:81:80:54:96: 46:93:d4:00:87:64:f7:b3:41:45:36:02:de:5a:b7: cf:d6:2a:b0:bf:82:f9:32:6b:70:41:18:b1:07:0c: 38:17:d8:35:a6:9e:d7:a7:dd:0c:f9:6a:58:a8:b9: a5:57:ce:90:70:c1:61:34:5f:04:cf:7a:cb:73:dd: 7a:1d:6c:7c:d1:63:63:e6:68:69:95:4a:e5:00:e2: 4c:ab:1e:7d:a3:98:f2:2c:3d:de:53:17:87:39:7c: fa:d5:37:6b:dd:dc:fa:a0:ec:d0:37:d9:79:89:38: c9:b4:1b:c9:a6:a4:01:8e:63:f3:13:d9:55:6c:b6: 7d:52:a3:21:9f:2c:07:29:ae:5d:34:cb:b1:4d:c3: 9b:d8:a8:74:23:b3:75:a3:88:cf:5d:54:17:e5:eb: 33:35:fc:bd:40:42:ae:de:6e:fa:1c:88:b8:89:90: bb:ca:f1:24:3b:74:ec:76:ea:03:bd:5b:78:2b:fe: dd:e5:17:f3:39:7a:2e:85:af:46:9a:99:1d:ff:e0: 6d:64:32:98:f2:d4:45:40:69:d9:4e:1f:02:cd:8c: 64:d6:83:a9:26:db:f0:77:3a:d0:ec:43:f6:92:2f: 2c:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:41:CF:8A:52:62:AC:79:A6:D6:6D:8C:9B:C8:64:1F:E8:7E:1D:4C X509v3 Authority Key Identifier: keyid:BC:0E:CF:DD:D0:81:CE:51:32:BE:C9:CF:DC:1A:39:0A:9A:F3:BC:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f86a13bd-b79a-450e-9be3-3d5a03ab93b1/0/BC0ECFDDD081CE5132BEC9CFDC1A390A9AF3BCBE.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:f7:91:f4:37:62:71:3a:82:d0:b4:1b:08:68:18:93:62:ee: 9f:b0:4a:5a:43:13:f1:42:bd:f5:ed:c9:d2:7b:5e:27:1c:89: da:ad:49:4e:a4:40:f7:26:30:cc:04:8f:a9:4c:82:bc:c4:00: 50:0b:a3:5d:68:40:3d:ae:5a:bb:dd:e1:06:36:b6:08:bf:7f: 29:44:a0:4c:a2:26:83:32:d7:6a:43:bd:4b:4b:32:65:6c:ee: 1b:55:bd:ac:82:ae:a8:03:35:66:a5:2f:ee:0d:cc:13:a8:3e: 2d:e5:4f:32:7b:61:e7:b2:6c:c8:ed:c4:cb:ae:81:cc:7f:65: 8d:b9:7d:9c:66:c2:d7:c8:88:a6:fe:73:b7:73:7d:f8:61:9b: 6b:51:cc:53:26:59:8a:8f:8a:fc:28:ce:6f:7e:5e:96:27:a7: 83:e7:11:56:ab:59:0b:9c:87:da:8d:51:ae:e8:96:31:a0:fe: db:1d:b9:5f:2a:8b:0c:e1:b5:e3:94:b8:0d:74:21:0f:3c:d7: b6:7a:b4:ae:ff:f9:e9:28:77:f1:d3:34:cd:88:81:c5:9f:2c: 2b:b6:5d:bc:06:5f:d0:12:0e:a6:db:ff:6d:50:4d:da:2d:81: 26:3b:3b:06:dd:19:1c:62:07:a0:59:53:d8:a4:aa:aa:3d:32: f9:7d:09:fe -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUISsGzTE/SJpkjJrQ6uQSHzdGAzgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkMwRUNGREREMDgxQ0U1MTMyQkVDOUNGREMxQTM5MEE5 QUYzQkNCRTAeFw0yNjAzMjUxNjM2MzdaFw0yNjAzMjkwNDE2MzdaMDMxMTAvBgNV BAMTKEE4NDFDRjhBNTI2MkFDNzlBNkQ2NkQ4QzlCQzg2NDFGRTg3RTFENEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUpvCDNZJN99K2fwzFF+ZP7for erLfYfa0gYBUlkaT1ACHZPezQUU2At5at8/WKrC/gvkya3BBGLEHDDgX2DWmnten 3Qz5aliouaVXzpBwwWE0XwTPestz3XodbHzRY2PmaGmVSuUA4kyrHn2jmPIsPd5T F4c5fPrVN2vd3Pqg7NA32XmJOMm0G8mmpAGOY/MT2VVstn1SoyGfLAcprl00y7FN w5vYqHQjs3WjiM9dVBfl6zM1/L1AQq7ebvociLiJkLvK8SQ7dOx26gO9W3gr/t3l F/M5ei6Fr0aamR3/4G1kMpjy1EVAadlOHwLNjGTWg6km2/B3OtDsQ/aSLyy/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUqEHPilJirHmm1m2Mm8hkH+h+HUwwHwYDVR0j BBgwFoAUvA7P3dCBzlEyvsnP3Bo5CprzvL4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m ODZhMTNiZC1iNzlhLTQ1MGUtOWJlMy0zZDVhMDNhYjkzYjEvMC9CQzBFQ0ZEREQw ODFDRTUxMzJCRUM5Q0ZEQzFBMzkwQTlBRjNCQ0JFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkMwRUNGREREMDgxQ0U1MTMyQkVDOUNGREMxQTM5MEE5QUYz QkNCRS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZjg2YTEzYmQtYjc5YS00NTBlLTli ZTMtM2Q1YTAzYWI5M2IxLzAvQkMwRUNGREREMDgxQ0U1MTMyQkVDOUNGREMxQTM5 MEE5QUYzQkNCRS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACP3kfQ3YnE6gtC0GwhoGJNi7p+wSlpDE/FC vfXtydJ7XiccidqtSU6kQPcmMMwEj6lMgrzEAFALo11oQD2uWrvd4QY2tgi/fylE oEyiJoMy12pDvUtLMmVs7htVvayCrqgDNWalL+4NzBOoPi3lTzJ7YeeybMjtxMuu gcx/ZY25fZxmwtfIiKb+c7dzffhhm2tRzFMmWYqPivwozm9+XpYnp4PnEVarWQuc h9qNUa7oljGg/tsduV8qiwzhteOUuA10IQ8817Z6tK7/+ekod/HTNM2IgcWfLCu2 XbwGX9ASDqbb/21QTdotgSY7OwbdGRxiB6BZU9ikqqo9Mvl9Cf4= -----END CERTIFICATE-----Generated at Thu Mar 26 07:21:49 2026 by rpki-client