$ rpki-client -vvf repo-rpki.idnic.net/repo/0ec677fd-d569-4cc5-a563-9b0f248b1af1/0/2AD789EBFC58C1F0E4F87390781D38CB0D580210.mft File: 2AD789EBFC58C1F0E4F87390781D38CB0D580210.mft (raw, json) Hash identifier: SX4/+Yz22ZQBu9WIe08THeNBPhgWm1iBxSiVLo+dFS8= Subject key identifier: 95:8C:8A:82:01:92:1E:73:17:29:E6:ED:AC:28:FC:2A:A4:26:73:73 Authority key identifier: 2A:D7:89:EB:FC:58:C1:F0:E4:F8:73:90:78:1D:38:CB:0D:58:02:10 Certificate issuer: /CN=2AD789EBFC58C1F0E4F87390781D38CB0D580210 Certificate serial: 24B123CB572AB3C92003AB1F0BE98D1DA9C1E029 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2AD789EBFC58C1F0E4F87390781D38CB0D580210.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0ec677fd-d569-4cc5-a563-9b0f248b1af1/0/2AD789EBFC58C1F0E4F87390781D38CB0D580210.mft Manifest number: 0129 Signing time: Thu 19 Mar 2026 10:52:20 +0000 Manifest this update: Thu 19 Mar 2026 10:47:20 +0000 Manifest next update: Sun 22 Mar 2026 16:28:20 +0000 Files and hashes: 1: 3136302e32322e36332e302f32342d3234203d3e20313439373138.roa (hash: bvQkvMV312x+cD6F+RgPImc6lo1lROIFQ1YOPKTkJvY=) 2: 2AD789EBFC58C1F0E4F87390781D38CB0D580210.crl (hash: GIbBRrSxiyBYoQ/TPEfc3FO3hLULYDLoCG+fPBz/jYs=) 3: 3136302e32322e36322e302f32342d3234203d3e20313439373230.roa (hash: YoRi0wh2sw9GoYCOeEcjR9q///J9GRgGfI+RYp9E7Ao=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0ec677fd-d569-4cc5-a563-9b0f248b1af1/0/2AD789EBFC58C1F0E4F87390781D38CB0D580210.crl rsync://repo-rpki.idnic.net/repo/0ec677fd-d569-4cc5-a563-9b0f248b1af1/0/2AD789EBFC58C1F0E4F87390781D38CB0D580210.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2AD789EBFC58C1F0E4F87390781D38CB0D580210.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 16:28:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:b1:23:cb:57:2a:b3:c9:20:03:ab:1f:0b:e9:8d:1d:a9:c1:e0:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2AD789EBFC58C1F0E4F87390781D38CB0D580210 Validity Not Before: Mar 19 10:47:20 2026 GMT Not After : Mar 22 16:28:20 2026 GMT Subject: CN=958C8A8201921E731729E6EDAC28FC2AA4267373 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ff:b6:75:83:04:94:9b:29:35:05:8d:b6:7d: f6:83:5f:84:28:c3:1e:f0:44:59:3c:22:6a:82:57: 65:eb:61:48:bc:4a:89:41:be:c1:ed:51:85:d3:f5: 0c:6b:44:4f:4d:f9:34:69:0d:72:03:e9:c0:ef:97: 92:30:83:02:e6:77:45:d4:a9:01:d3:33:0b:bc:7a: 97:ff:a2:8f:55:ce:63:59:4d:0a:25:e0:d7:e0:49: be:33:ae:ec:b6:47:6f:0a:6b:cd:30:e1:71:24:9e: 78:ea:27:ad:df:8e:78:76:f0:43:8d:f1:ee:8f:2e: 56:b1:ec:60:e4:bf:22:93:92:e3:28:79:02:4b:ff: 87:d9:06:0f:a5:88:95:70:9a:0b:f6:1e:eb:71:ae: 94:63:d7:e9:12:86:3f:52:f1:78:39:db:1c:9f:57: ce:31:c1:cb:2c:b5:d3:cc:42:39:8f:2c:f5:87:e6: 98:d6:60:1d:2d:2a:f5:d5:0f:ff:47:03:e8:0f:87: b2:25:99:2f:c7:e4:fc:e7:e8:0b:73:e2:9c:f6:5c: b1:d9:37:0d:01:fc:95:2b:ba:f8:4c:f8:0a:a9:e5: 10:76:c3:a4:19:99:bb:a2:96:84:4e:5b:4a:5e:d4: 52:da:10:5a:cc:d2:cb:db:b9:ec:bf:30:95:f4:5a: 09:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:8C:8A:82:01:92:1E:73:17:29:E6:ED:AC:28:FC:2A:A4:26:73:73 X509v3 Authority Key Identifier: keyid:2A:D7:89:EB:FC:58:C1:F0:E4:F8:73:90:78:1D:38:CB:0D:58:02:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0ec677fd-d569-4cc5-a563-9b0f248b1af1/0/2AD789EBFC58C1F0E4F87390781D38CB0D580210.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2AD789EBFC58C1F0E4F87390781D38CB0D580210.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0ec677fd-d569-4cc5-a563-9b0f248b1af1/0/2AD789EBFC58C1F0E4F87390781D38CB0D580210.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:ea:50:a3:d7:78:5d:11:d0:04:b7:35:81:73:53:b9:05:ab: b8:d9:98:c5:0c:90:c8:3e:91:93:3e:24:b1:e0:e8:64:28:bb: 93:b4:bb:1b:a8:80:59:b2:02:74:25:91:e5:de:62:f4:f7:61: 75:de:5e:18:ac:22:7a:a0:c5:9d:3f:90:66:6f:60:60:d9:f8: 17:f5:11:cf:6d:da:41:77:da:8d:72:02:f5:89:0d:0b:97:6d: f2:78:db:34:42:e5:af:a5:c8:b0:41:cf:96:90:9c:59:29:a3: 3a:cf:1f:f1:1b:c6:81:c9:aa:63:71:b7:9a:23:61:e6:53:da: 95:39:8f:eb:8f:d9:c7:df:95:1c:e4:60:b2:30:99:d6:d5:f8: dc:59:b7:a2:85:48:d4:97:e4:fb:08:54:a5:fb:ae:df:69:34: 0d:19:bc:4a:dc:0b:c5:9e:c0:be:05:4c:dc:aa:34:df:b2:42: 98:bd:6b:8a:62:b5:9f:26:0d:e9:5c:f4:59:db:f0:2c:ac:44: f2:27:9f:0d:e9:b4:64:fd:3a:2a:19:d7:72:ca:e3:fe:af:e2: 01:9a:3d:e3:50:f4:93:d0:18:23:99:b6:44:3c:ae:83:52:1e: 63:2b:9a:30:6d:39:6c:9d:b3:77:4e:ba:57:6c:18:2e:29:fb: e1:7c:ac:71 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUJLEjy1cqs8kgA6sfC+mNHanB4CkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkFENzg5RUJGQzU4QzFGMEU0Rjg3MzkwNzgxRDM4Q0Iw RDU4MDIxMDAeFw0yNjAzMTkxMDQ3MjBaFw0yNjAzMjIxNjI4MjBaMDMxMTAvBgNV BAMTKDk1OEM4QTgyMDE5MjFFNzMxNzI5RTZFREFDMjhGQzJBQTQyNjczNzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4/7Z1gwSUmyk1BY22ffaDX4Qo wx7wRFk8ImqCV2XrYUi8SolBvsHtUYXT9QxrRE9N+TRpDXID6cDvl5IwgwLmd0XU qQHTMwu8epf/oo9VzmNZTQol4NfgSb4zruy2R28Ka80w4XEknnjqJ63fjnh28EON 8e6PLlax7GDkvyKTkuMoeQJL/4fZBg+liJVwmgv2HutxrpRj1+kShj9S8Xg52xyf V84xwcsstdPMQjmPLPWH5pjWYB0tKvXVD/9HA+gPh7IlmS/H5Pzn6Atz4pz2XLHZ Nw0B/JUruvhM+Aqp5RB2w6QZmbuiloROW0pe1FLaEFrM0svbuey/MJX0Wgm9AgMB AAGjggI8MIICODAdBgNVHQ4EFgQUlYyKggGSHnMXKebtrCj8KqQmc3MwHwYDVR0j BBgwFoAUKteJ6/xYwfDk+HOQeB04yw1YAhAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w ZWM2NzdmZC1kNTY5LTRjYzUtYTU2My05YjBmMjQ4YjFhZjEvMC8yQUQ3ODlFQkZD NThDMUYwRTRGODczOTA3ODFEMzhDQjBENTgwMjEwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMkFENzg5RUJGQzU4QzFGMEU0Rjg3MzkwNzgxRDM4Q0IwRDU4 MDIxMC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMGVjNjc3ZmQtZDU2OS00Y2M1LWE1 NjMtOWIwZjI0OGIxYWYxLzAvMkFENzg5RUJGQzU4QzFGMEU0Rjg3MzkwNzgxRDM4 Q0IwRDU4MDIxMC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKTqUKPXeF0R0AS3NYFzU7kFq7jZmMUMkMg+ kZM+JLHg6GQou5O0uxuogFmyAnQlkeXeYvT3YXXeXhisInqgxZ0/kGZvYGDZ+Bf1 Ec9t2kF32o1yAvWJDQuXbfJ42zRC5a+lyLBBz5aQnFkpozrPH/EbxoHJqmNxt5oj YeZT2pU5j+uP2cfflRzkYLIwmdbV+NxZt6KFSNSX5PsIVKX7rt9pNA0ZvErcC8We wL4FTNyqNN+yQpi9a4pitZ8mDelc9Fnb8CysRPInnw3ptGT9OioZ13LK4/6v4gGa PeNQ9JPQGCOZtkQ8roNSHmMrmjBtOWyds3dOuldsGC4p++F8rHE= -----END CERTIFICATE-----Generated at Fri Mar 20 18:51:46 2026 by rpki-client