$ rpki-client -vvf repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft File: 523EE387D3C00A87B7E355ABF1EE524AADF74148.mft (raw, json) Hash identifier: JuVAkW5vb36/Qkyvqu4LMN+mjkRaJsei2QJ6LHgqN6s= Subject key identifier: A3:BC:E2:2F:AE:F3:D2:5B:C4:0D:51:CB:1E:52:EC:6C:41:DD:C3:E0 Authority key identifier: 52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 Certificate issuer: /CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Certificate serial: 7A9F6F7DD115567DDA389F8429EA4705B5D67A93 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft Manifest number: 055C Signing time: Tue 24 Mar 2026 16:31:06 +0000 Manifest this update: Tue 24 Mar 2026 16:26:06 +0000 Manifest next update: Sat 28 Mar 2026 00:27:06 +0000 Files and hashes: 1: 523EE387D3C00A87B7E355ABF1EE524AADF74148.crl (hash: EvcxmTABgL64H+Xn1f3XfP2lt9YWrKKJ7XwJErdzq/k=) 2: 323030313a6466343a333638303a3a2f34382d3438203d3e20313430343536.roa (hash: Hl8MdE/LfLP9veWjqyALsJsbBZo/BnkTdZYuAxUUNAQ=) 3: 3130332e3135332e36312e302f32342d3234203d3e20313430343536.roa (hash: 5CQgZezG8X6Tkce8GGCztEMcPDF8UqBXxC4f+vxvm/U=) 4: 3130332e3135332e36302e302f32332d3233203d3e20313430343536.roa (hash: 43ScMK1xGJHkc43OYqRAxNw2Nmb59FaJi1G0FFtsD2M=) 5: 3130332e3135332e36302e302f32342d3234203d3e20313430343536.roa (hash: iUOhLSK71QoxS/WtDF2icd32d4ftR5T3bY2f32rlO8c=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 20:06:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:9f:6f:7d:d1:15:56:7d:da:38:9f:84:29:ea:47:05:b5:d6:7a:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE387D3C00A87B7E355ABF1EE524AADF74148 Validity Not Before: Mar 24 16:26:06 2026 GMT Not After : Mar 28 00:27:06 2026 GMT Subject: CN=A3BCE22FAEF3D25BC40D51CB1E52EC6C41DDC3E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:15:8f:1c:34:38:1c:ab:f1:8d:71:ab:bc:4b: 2c:92:1e:ba:4f:31:93:fc:2d:6b:bb:17:74:a4:d4: 18:45:17:ac:ff:29:2c:5c:fe:ee:29:a4:43:fa:ff: 68:98:68:78:86:ae:c6:81:2c:1b:3e:2d:a1:1d:ef: f2:88:19:56:89:64:81:54:ac:f9:38:50:a4:d0:97: e8:fe:51:1c:90:92:46:39:f2:2b:57:49:8b:2b:ff: 89:63:ad:79:58:bf:07:26:5a:a2:c5:b2:59:eb:98: 23:1d:ac:6e:ce:87:52:71:66:4c:8d:01:f4:23:3a: ae:db:a4:db:c6:20:e4:e1:5a:a6:93:a5:25:07:99: a5:0e:2c:0a:ea:a1:ea:9b:fa:3c:8f:fc:21:20:a4: dd:7c:5b:38:d7:56:16:cf:a9:67:fc:5e:e3:b1:73: 7a:ef:8f:86:de:9f:c4:d0:e0:8a:09:48:c1:7f:1e: e1:6c:09:c1:30:ae:f7:d0:ea:3f:93:6b:0f:61:9c: 21:4a:72:59:1a:e6:5d:f1:ca:73:8b:09:4a:5c:1d: 41:ae:6b:fd:6c:de:0a:6d:ca:7d:06:7f:4c:b9:f1: 73:86:8d:e1:e0:24:4d:ac:61:52:82:5e:32:8a:52: 9a:73:42:3e:85:71:39:3c:ad:a4:66:0c:9b:dd:f1: 45:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:BC:E2:2F:AE:F3:D2:5B:C4:0D:51:CB:1E:52:EC:6C:41:DD:C3:E0 X509v3 Authority Key Identifier: keyid:52:3E:E3:87:D3:C0:0A:87:B7:E3:55:AB:F1:EE:52:4A:AD:F7:41:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE387D3C00A87B7E355ABF1EE524AADF74148.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1a9520fd-8de5-4a69-85f1-c44897ae6121/0/523EE387D3C00A87B7E355ABF1EE524AADF74148.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:22:98:f5:5e:52:7b:4a:ad:60:5a:20:fd:65:ee:da:a4:87: 04:24:5f:59:b5:41:48:3a:be:01:28:b8:16:21:92:6c:a8:31: d0:b8:da:48:9c:c3:36:48:0e:53:d3:1a:fd:cc:34:bb:ac:18: 43:cb:27:02:e9:1e:ed:69:5e:f2:1a:2c:47:29:b2:47:12:ad: 31:f1:4f:f5:8b:ae:10:a3:0f:24:23:4c:2a:da:d0:22:56:36: fc:3c:8c:c4:a1:8c:22:0b:aa:80:5c:11:99:4f:03:ed:df:3b: 80:4d:21:f6:45:92:11:c2:16:25:ee:c2:59:02:0c:6a:1b:13: 1e:50:80:4f:72:50:b9:02:84:32:63:98:0a:fc:c9:b0:de:6f: 81:26:72:b5:f0:38:dd:b5:82:1c:b5:c7:bd:7a:84:77:0e:c0: 3d:e2:1f:5f:90:ae:fd:60:f5:45:e0:46:bf:7b:2d:60:33:a7: 23:f7:ed:94:00:93:ea:c6:11:54:c7:c8:94:19:db:7f:69:a7: c3:92:45:1d:a0:52:0e:c0:e1:f6:d4:09:10:0d:78:5f:98:07: e6:47:63:04:d5:48:8c:58:a5:bd:eb:23:e2:87:59:59:4b:9f: a1:37:60:c5:70:e3:14:ac:2e:8c:d8:16:4d:13:83:7b:02:23: 38:f2:b1:6c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUep9vfdEVVn3aOJ+EKepHBbXWepMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFB REY3NDE0ODAeFw0yNjAzMjQxNjI2MDZaFw0yNjAzMjgwMDI3MDZaMDMxMTAvBgNV BAMTKEEzQkNFMjJGQUVGM0QyNUJDNDBENTFDQjFFNTJFQzZDNDFEREMzRTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUFY8cNDgcq/GNcau8SyySHrpP MZP8LWu7F3Sk1BhFF6z/KSxc/u4ppEP6/2iYaHiGrsaBLBs+LaEd7/KIGVaJZIFU rPk4UKTQl+j+URyQkkY58itXSYsr/4ljrXlYvwcmWqLFslnrmCMdrG7Oh1JxZkyN AfQjOq7bpNvGIOThWqaTpSUHmaUOLArqoeqb+jyP/CEgpN18WzjXVhbPqWf8XuOx c3rvj4ben8TQ4IoJSMF/HuFsCcEwrvfQ6j+Taw9hnCFKclka5l3xynOLCUpcHUGu a/1s3gptyn0Gf0y58XOGjeHgJE2sYVKCXjKKUppzQj6FcTk8raRmDJvd8UVjAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUo7ziL67z0lvEDVHLHlLsbEHdw+AwHwYDVR0j BBgwFoAUUj7jh9PACoe341Wr8e5SSq33QUgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YTk1MjBmZC04ZGU1LTRhNjktODVmMS1jNDQ4OTdhZTYxMjEvMC81MjNFRTM4N0Qz QzAwQTg3QjdFMzU1QUJGMUVFNTI0QUFERjc0MTQ4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUyNEFBREY3 NDE0OC5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMWE5NTIwZmQtOGRlNS00YTY5LTg1 ZjEtYzQ0ODk3YWU2MTIxLzAvNTIzRUUzODdEM0MwMEE4N0I3RTM1NUFCRjFFRTUy NEFBREY3NDE0OC5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACIimPVeUntKrWBaIP1l7tqkhwQkX1m1QUg6 vgEouBYhkmyoMdC42kicwzZIDlPTGv3MNLusGEPLJwLpHu1pXvIaLEcpskcSrTHx T/WLrhCjDyQjTCra0CJWNvw8jMShjCILqoBcEZlPA+3fO4BNIfZFkhHCFiXuwlkC DGobEx5QgE9yULkChDJjmAr8ybDeb4EmcrXwON21ghy1x716hHcOwD3iH1+Qrv1g 9UXgRr97LWAzpyP37ZQAk+rGEVTHyJQZ239pp8OSRR2gUg7A4fbUCRANeF+YB+ZH YwTVSIxYpb3rI+KHWVlLn6E3YMVw4xSsLozYFk0Tg3sCIzjysWw= -----END CERTIFICATE-----Generated at Tue Mar 24 19:52:14 2026 by rpki-client