$ rpki-client -vvf repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.mft File: AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.mft (raw, json) Hash identifier: D49UGFd2m/HRbv5lmI1s0hj09H+dcjv5c1GCCECBMAA= Subject key identifier: 1D:1B:31:9E:7D:45:82:B6:21:3C:4C:87:6D:7F:AA:41:DB:9B:E2:2E Authority key identifier: AF:5A:2A:D0:C9:E5:CB:1D:9E:F8:5E:6F:8F:44:03:10:F1:00:CE:38 Certificate issuer: /CN=AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38 Certificate serial: 05CA270701D3F400F63E1304E1532F2DB8B349E8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.cer Subject info access: rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.mft Manifest number: 03D8 Signing time: Sun 22 Mar 2026 03:22:11 +0000 Manifest this update: Sun 22 Mar 2026 03:17:11 +0000 Manifest next update: Wed 25 Mar 2026 04:39:11 +0000 Files and hashes: 1: AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.crl (hash: RdJvrNY00owR5X8UMZMz7DjZGxZ1nHIb3C8KMtQviyM=) 2: 3130332e3136392e342e302f32332d3234203d3e203137393935.roa (hash: ylXHQm3DiD4h9n4NuN0yUGCouUxigE+BSv0spOzfo/w=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.crl rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Mar 2026 04:39:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:ca:27:07:01:d3:f4:00:f6:3e:13:04:e1:53:2f:2d:b8:b3:49:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38 Validity Not Before: Mar 22 03:17:11 2026 GMT Not After : Mar 25 04:39:11 2026 GMT Subject: CN=1D1B319E7D4582B6213C4C876D7FAA41DB9BE22E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:63:48:d1:8d:23:05:a9:7f:3f:6b:43:e5:14: e0:4f:b8:c7:a5:44:2f:57:cf:e4:2b:29:58:96:6d: a5:b2:af:6f:1d:7c:8e:f0:26:dd:c8:ee:0a:8c:99: 40:48:a8:a8:f8:7c:9a:18:74:7c:4d:8b:cf:46:5f: 7e:3d:83:37:aa:cd:4e:6b:db:b5:23:e5:f3:91:d9: b0:93:fa:cc:e3:83:f8:1d:15:70:5c:ad:ad:13:0e: e8:6b:69:6f:8a:cc:12:ab:85:cf:49:ff:77:3b:76: 1d:22:44:00:3d:99:ad:f3:0f:f0:ab:18:c0:e7:02: c6:b5:3f:f6:ed:2f:66:2d:fd:df:fc:fd:3a:26:78: 06:c9:2e:e8:a9:61:f1:74:61:9f:b6:d9:30:06:9d: 29:c2:bf:ae:3e:04:33:bc:85:b8:8e:47:ae:e0:45: 60:05:25:6b:c2:18:e3:41:d2:b2:53:88:c7:42:5f: f4:0c:9a:6d:69:26:3d:8d:a8:b8:7d:97:f3:df:12: 33:ff:98:2a:8a:be:78:50:90:d1:07:92:8c:b1:ce: c2:05:b8:a6:4b:7b:9e:f1:c5:11:fe:3e:17:23:4d: 5f:45:f8:6d:5a:0b:60:5b:eb:82:22:5d:34:49:10: ba:f9:48:ce:d2:65:06:de:50:29:c4:29:05:19:a2: 61:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:1B:31:9E:7D:45:82:B6:21:3C:4C:87:6D:7F:AA:41:DB:9B:E2:2E X509v3 Authority Key Identifier: keyid:AF:5A:2A:D0:C9:E5:CB:1D:9E:F8:5E:6F:8F:44:03:10:F1:00:CE:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:94:f9:77:7b:73:a3:b0:28:3e:fd:1b:09:8f:c2:10:d8:d4: 81:bc:95:fc:85:06:00:76:f8:ca:54:b3:e4:ed:d4:ab:e5:f7: 0a:47:6f:90:b0:dc:7f:cd:a3:1e:f7:5b:f5:84:fc:89:37:29: b5:b1:22:18:96:bc:25:85:9f:16:9a:ad:ee:68:a3:06:26:d4: 6c:b5:b9:14:ad:f5:86:ba:27:2e:ea:6f:be:64:e1:39:6d:32: 92:29:88:d8:24:cb:34:1e:1e:04:53:fc:5b:cd:4e:20:71:7b: e0:a2:a6:30:a5:15:a5:31:d7:a1:22:d0:34:8d:81:8c:9a:8b: e4:db:4c:67:b1:e9:2a:f3:43:29:10:c2:01:78:dd:d5:bf:4c: 50:68:8c:81:c0:f2:5b:aa:c0:36:92:73:52:28:63:75:5e:7c: a1:71:28:b9:f4:6a:5b:95:f2:4c:80:7d:9f:54:24:af:96:85: b6:35:26:25:74:30:ea:76:cb:c7:2b:48:9d:35:f8:5b:bf:63: 06:28:c8:51:53:83:20:a6:93:79:e4:da:4a:4b:1f:25:8a:1d: 5f:07:b5:43:a6:6d:39:24:61:f7:a8:11:5e:a4:fd:48:04:4b: 64:26:7e:1e:49:ea:07:af:ce:3c:d1:7e:04:b8:c1:bb:8d:2f: bf:0a:1b:51 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUBconBwHT9AD2PhME4VMvLbizSegwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUY1QTJBRDBDOUU1Q0IxRDlFRjg1RTZGOEY0NDAzMTBG MTAwQ0UzODAeFw0yNjAzMjIwMzE3MTFaFw0yNjAzMjUwNDM5MTFaMDMxMTAvBgNV BAMTKDFEMUIzMTlFN0Q0NTgyQjYyMTNDNEM4NzZEN0ZBQTQxREI5QkUyMkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtY0jRjSMFqX8/a0PlFOBPuMel RC9Xz+QrKViWbaWyr28dfI7wJt3I7gqMmUBIqKj4fJoYdHxNi89GX349gzeqzU5r 27Uj5fOR2bCT+szjg/gdFXBcra0TDuhraW+KzBKrhc9J/3c7dh0iRAA9ma3zD/Cr GMDnAsa1P/btL2Yt/d/8/TomeAbJLuipYfF0YZ+22TAGnSnCv64+BDO8hbiOR67g RWAFJWvCGONB0rJTiMdCX/QMmm1pJj2NqLh9l/PfEjP/mCqKvnhQkNEHkoyxzsIF uKZLe57xxRH+PhcjTV9F+G1aC2Bb64IiXTRJELr5SM7SZQbeUCnEKQUZomE5AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUHRsxnn1FgrYhPEyHbX+qQdub4i4wHwYDVR0j BBgwFoAUr1oq0Mnlyx2e+F5vj0QDEPEAzjgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NDFlNGFjOS1jMDZiLTQzNDMtODUyNi0zYTFmMWIxYjVkODIvMC9BRjVBMkFEMEM5 RTVDQjFEOUVGODVFNkY4RjQ0MDMxMEYxMDBDRTM4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQUY1QTJBRDBDOUU1Q0IxRDlFRjg1RTZGOEY0NDAzMTBGMTAw Q0UzOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDQxZTRhYzktYzA2Yi00MzQzLTg1 MjYtM2ExZjFiMWI1ZDgyLzAvQUY1QTJBRDBDOUU1Q0IxRDlFRjg1RTZGOEY0NDAz MTBGMTAwQ0UzOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFCU+Xd7c6OwKD79GwmPwhDY1IG8lfyFBgB2 +MpUs+Tt1Kvl9wpHb5Cw3H/Nox73W/WE/Ik3KbWxIhiWvCWFnxaare5oowYm1Gy1 uRSt9Ya6Jy7qb75k4TltMpIpiNgkyzQeHgRT/FvNTiBxe+CipjClFaUx16Ei0DSN gYyai+TbTGex6SrzQykQwgF43dW/TFBojIHA8luqwDaSc1IoY3VefKFxKLn0aluV 8kyAfZ9UJK+WhbY1JiV0MOp2y8crSJ01+Fu/YwYoyFFTgyCmk3nk2kpLHyWKHV8H tUOmbTkkYfeoEV6k/UgES2Qmfh5J6gevzjzRfgS4wbuNL78KG1E= -----END CERTIFICATE-----Generated at Tue Mar 24 01:50:02 2026 by rpki-client