$ rpki-client -vvf repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft File: 25D788BD2A450C01354B9AB70826895FDFF56208.mft (raw, json) Hash identifier: 2X5X+iernxMHhOc7crQH7ypnTJn8xvcwnYqkyaZMQGA= Subject key identifier: 94:1C:1F:5E:55:CB:D6:58:E2:2C:6F:5E:C6:07:4A:20:FA:2B:E3:53 Authority key identifier: 25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08 Certificate issuer: /CN=25D788BD2A450C01354B9AB70826895FDFF56208 Certificate serial: 509DEAB9212B09D3C0F69205D48CCADF7FB3148E Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer Subject info access: rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft Manifest number: 03AB Signing time: Wed 18 Mar 2026 22:01:12 +0000 Manifest this update: Wed 18 Mar 2026 21:56:12 +0000 Manifest next update: Sun 22 Mar 2026 08:09:12 +0000 Files and hashes: 1: 3132332e3235332e3234382e302f32332d3234203d3e20313432333739.roa (hash: T9vPzFVrVbtfkOIbIR0gBtReDHG4KgAtDeHT2T3EGwQ=) 2: 323030313a6466303a663530303a3a2f34382d3438203d3e20313432333739.roa (hash: BfvR/So226bitOLhPr9CHxhxgb1Q7qOXOhbe2UXDXlU=) 3: 25D788BD2A450C01354B9AB70826895FDFF56208.crl (hash: bZRdOZA1Ki3gfX/G5Ce92W3aYmdlq13SaGJ3+TjZi58=) 4: 3130332e39312e32342e302f32322d3234203d3e20313432333739.roa (hash: AU2BjjxLKOB7x1afsJypIVoDqfBt5Pa++/i1Uy3JBXs=) 5: 3132332e3235332e3234382e302f32332d3234203d3e20313336383235.roa (hash: g29pf8GRD5KEsQ3xMiXcjqqLaCsv5cRFguqUqUNSeQU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 08:09:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:9d:ea:b9:21:2b:09:d3:c0:f6:92:05:d4:8c:ca:df:7f:b3:14:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25D788BD2A450C01354B9AB70826895FDFF56208 Validity Not Before: Mar 18 21:56:12 2026 GMT Not After : Mar 22 08:09:12 2026 GMT Subject: CN=941C1F5E55CBD658E22C6F5EC6074A20FA2BE353 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:59:6f:ad:a9:98:20:9e:24:47:27:38:aa:85: a2:5d:1e:4f:df:27:82:6c:09:21:ac:0a:ed:0b:7a: bf:e0:ce:94:1d:1b:f7:d6:ad:92:7a:39:5d:05:2c: fb:1c:b6:1c:1d:bd:6f:b3:14:b1:20:ea:11:7d:bf: 65:f7:98:10:b7:ce:4e:8f:87:76:fc:63:48:f1:ac: e6:3a:12:b8:0b:e3:63:17:a3:ed:b4:82:ca:ce:46: b8:bb:e9:7a:c1:f5:12:b6:1b:48:60:73:62:b6:29: ac:ce:90:22:0e:a5:6a:50:56:1a:1c:43:3d:90:c8: 00:75:4a:a6:b6:4d:dc:f9:4e:7d:a4:bd:02:a6:60: c2:cc:9b:79:d8:12:c1:72:bc:04:49:c2:d5:d9:60: 17:88:1b:fa:35:f7:e4:a1:73:16:b5:e7:c6:39:e7: 96:d4:b3:2e:7f:31:42:2f:15:f8:7f:43:99:2e:f9: a2:4f:75:99:7f:43:17:63:7c:21:8d:7c:2f:9f:90: 8a:80:c9:c7:aa:c8:29:65:3b:b9:d4:ab:1f:9c:e3: 6e:9e:e5:c0:05:76:ab:aa:c2:5a:0b:2c:44:86:ad: 97:ba:c6:11:9f:4f:d4:85:1b:1b:d9:db:1e:7c:7f: 4d:11:f3:4c:e3:a3:8c:6f:60:1d:86:71:93:d0:38: cc:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:1C:1F:5E:55:CB:D6:58:E2:2C:6F:5E:C6:07:4A:20:FA:2B:E3:53 X509v3 Authority Key Identifier: keyid:25:D7:88:BD:2A:45:0C:01:35:4B:9A:B7:08:26:89:5F:DF:F5:62:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25D788BD2A450C01354B9AB70826895FDFF56208.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/06a7665a-b50b-4a45-a8f9-0d69bd7d743d/0/25D788BD2A450C01354B9AB70826895FDFF56208.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:ec:9f:d1:88:ef:63:46:69:31:9b:28:14:79:3c:45:33:fe: e8:47:6e:07:43:14:f1:5c:e7:54:03:61:65:53:45:e7:90:61: ed:65:d6:5b:db:fb:91:34:d9:24:ea:9d:77:c1:60:89:ab:0a: eb:1f:6e:4b:f1:de:72:cb:ad:f8:97:0c:6a:49:89:1a:89:14: 2c:69:01:18:07:26:45:0b:c5:78:6b:7f:9d:cb:56:da:94:54: f9:d2:df:dd:9a:9e:93:62:6a:68:5c:82:62:55:60:a8:8a:d1: 25:eb:65:c5:e7:f6:d3:5a:8d:54:b7:87:8a:4a:6b:a0:0e:5c: 77:73:82:3a:44:a9:e4:77:21:4f:e2:14:8f:d1:29:98:bf:ba: 11:ae:ec:e3:de:ac:00:cd:fc:3a:20:f6:87:9e:01:f8:94:be: 04:be:29:c6:9d:9e:02:d9:10:c5:d5:6c:fd:eb:3d:e9:86:a7: 28:86:b6:48:06:ed:ff:a4:2c:4a:d8:d6:b9:6c:7c:6d:1c:e9: 8a:fe:46:49:f4:4b:21:e8:ec:20:e9:32:49:04:91:c6:c1:0d: 36:c9:91:92:dd:4f:7a:46:48:78:25:be:f9:b8:d0:ce:a3:4e: 52:4c:60:aa:a6:67:31:0a:a0:24:da:e9:90:0d:fc:e5:4d:3f: 73:51:cc:50 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUUJ3quSErCdPA9pIF1IzK33+zFI4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZE RkY1NjIwODAeFw0yNjAzMTgyMTU2MTJaFw0yNjAzMjIwODA5MTJaMDMxMTAvBgNV BAMTKDk0MUMxRjVFNTVDQkQ2NThFMjJDNkY1RUM2MDc0QTIwRkEyQkUzNTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCWW+tqZggniRHJziqhaJdHk/f J4JsCSGsCu0Ler/gzpQdG/fWrZJ6OV0FLPscthwdvW+zFLEg6hF9v2X3mBC3zk6P h3b8Y0jxrOY6ErgL42MXo+20gsrORri76XrB9RK2G0hgc2K2KazOkCIOpWpQVhoc Qz2QyAB1Sqa2Tdz5Tn2kvQKmYMLMm3nYEsFyvARJwtXZYBeIG/o19+Shcxa158Y5 55bUsy5/MUIvFfh/Q5ku+aJPdZl/QxdjfCGNfC+fkIqAyceqyCllO7nUqx+c426e 5cAFdquqwloLLESGrZe6xhGfT9SFGxvZ2x58f00R80zjo4xvYB2GcZPQOMyhAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUlBwfXlXL1ljiLG9exgdKIPor41MwHwYDVR0j BBgwFoAUJdeIvSpFDAE1S5q3CCaJX9/1YggwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NmE3NjY1YS1iNTBiLTRhNDUtYThmOS0wZDY5YmQ3ZDc0M2QvMC8yNUQ3ODhCRDJB NDUwQzAxMzU0QjlBQjcwODI2ODk1RkRGRjU2MjA4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5NUZERkY1 NjIwOC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDZhNzY2NWEtYjUwYi00YTQ1LWE4 ZjktMGQ2OWJkN2Q3NDNkLzAvMjVENzg4QkQyQTQ1MEMwMTM1NEI5QUI3MDgyNjg5 NUZERkY1NjIwOC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAvsn9GI72NGaTGbKBR5PEUz/uhHbgdDFPFc 51QDYWVTReeQYe1l1lvb+5E02STqnXfBYImrCusfbkvx3nLLrfiXDGpJiRqJFCxp ARgHJkULxXhrf53LVtqUVPnS392anpNiamhcgmJVYKiK0SXrZcXn9tNajVS3h4pK a6AOXHdzgjpEqeR3IU/iFI/RKZi/uhGu7OPerADN/Dog9oeeAfiUvgS+KcadngLZ EMXVbP3rPemGpyiGtkgG7f+kLErY1rlsfG0c6Yr+Rkn0SyHo7CDpMkkEkcbBDTbJ kZLdT3pGSHglvvm40M6jTlJMYKqmZzEKoCTa6ZAN/OVNP3NRzFA= -----END CERTIFICATE-----Generated at Thu Mar 19 09:40:26 2026 by rpki-client