$ rpki-client -vvf repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.mft File: 2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.mft (raw, json) Hash identifier: MwIWvlgA1Ct/VbjrhLqN7hBnx+l+t3B6NpqhpTjpLjY= Subject key identifier: 17:8A:3C:44:8B:BF:A3:F7:3F:2E:4F:D2:69:18:A0:A9:1C:4B:BB:42 Authority key identifier: 2D:9D:91:37:D4:42:7A:9D:34:E1:B1:5F:16:C5:C6:89:A8:C5:49:D9 Certificate issuer: /CN=2D9D9137D4427A9D34E1B15F16C5C689A8C549D9 Certificate serial: 0A38699218605BA3E6DCA00B32E6781AA8027A55 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.mft Manifest number: 055D Signing time: Wed 18 Mar 2026 20:31:32 +0000 Manifest this update: Wed 18 Mar 2026 20:26:32 +0000 Manifest next update: Sat 21 Mar 2026 23:02:32 +0000 Files and hashes: 1: 2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.crl (hash: 3gigJq8s3O8wNz9TXeM7p91dIc5h0Pv/ytAnjjExZa4=) 2: 3130332e3134342e3130322e302f32342d3234203d3e20313339343231.roa (hash: bV9xBqFWWdQNpl4xPPj/IRLaOQzWewk+JeafEOq6H8g=) 3: 3130332e3134342e3130332e302f32342d3234203d3e20313339343231.roa (hash: /ZqmuN0x+ZwpTTLsOK93bf5aWydgNNzXSi3NS4bqhi0=) 4: 3130332e3134342e3130322e302f32332d3234203d3e20313339343231.roa (hash: cdpLxSADx6mq88cWkf5UoxPyeajYM3Kq/Bc+NW2yaec=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.crl rsync://repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Mar 2026 23:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:38:69:92:18:60:5b:a3:e6:dc:a0:0b:32:e6:78:1a:a8:02:7a:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D9D9137D4427A9D34E1B15F16C5C689A8C549D9 Validity Not Before: Mar 18 20:26:32 2026 GMT Not After : Mar 21 23:02:32 2026 GMT Subject: CN=178A3C448BBFA3F73F2E4FD26918A0A91C4BBB42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:92:63:35:b2:c3:31:fa:58:39:2e:c4:51:05: 0a:ab:7e:11:02:57:b6:5c:2c:12:e6:76:a0:79:97: c9:35:bb:35:af:99:cf:3f:74:14:42:ab:e9:33:4b: 38:21:9c:91:6e:03:f5:d7:7f:63:cf:d0:6e:00:44: 50:a4:7b:de:76:1c:21:ea:5b:87:c3:dd:c5:95:55: 83:71:61:1d:27:fb:b9:ce:ed:84:1e:f6:25:51:ce: 29:9a:25:48:89:cd:88:7e:b2:10:d2:39:c3:75:88: 1a:9f:bf:42:ad:d6:cb:7f:9c:ab:a7:7e:c9:c5:34: f8:4e:c4:37:5c:98:9d:e3:4c:17:43:20:66:37:5c: ab:df:02:51:2d:50:27:b9:d6:61:c3:5f:53:6e:ee: 67:66:0a:22:74:56:b5:44:d9:03:88:43:5d:8d:f7: 83:b9:34:ff:c4:95:7d:48:70:86:a2:eb:ee:24:1a: b3:4b:a7:6b:6f:94:02:3c:ef:a4:14:51:19:ef:e5: e6:b1:12:4c:6a:2f:cb:f7:d6:03:44:83:78:0d:a8: 6b:4a:4a:81:73:be:7f:45:bc:c9:e9:7f:a6:53:ff: 48:34:01:0c:52:6c:c6:fb:9e:82:41:60:11:6b:fc: 5d:99:7d:fb:87:53:6e:4f:ba:92:b8:e7:48:84:ce: 2e:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:8A:3C:44:8B:BF:A3:F7:3F:2E:4F:D2:69:18:A0:A9:1C:4B:BB:42 X509v3 Authority Key Identifier: keyid:2D:9D:91:37:D4:42:7A:9D:34:E1:B1:5F:16:C5:C6:89:A8:C5:49:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2a5341e8-22d8-449c-a753-e47bbfc48538/0/2D9D9137D4427A9D34E1B15F16C5C689A8C549D9.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a5:2a:76:78:47:b1:e5:25:a5:c1:84:d2:60:50:d8:1f:fc:93: 4f:01:ad:c4:6a:3a:70:ec:28:2f:c7:d1:d0:cc:25:d1:29:17: de:d0:5c:fa:40:ab:f0:1a:63:5b:20:d1:11:87:bb:24:f0:92: e6:89:62:36:65:e1:42:f9:73:fa:5b:ca:83:9c:aa:f0:cd:16: 15:8a:96:26:dc:f0:5a:48:4a:62:9c:69:8d:8f:cb:33:e4:72: c1:65:02:a8:4f:0c:10:24:ae:18:23:fd:8c:61:64:5e:a8:b9: a3:d9:d0:9f:52:a0:75:29:ea:df:2e:a3:45:ed:49:14:f9:78: cd:72:76:74:f6:13:84:3b:26:9e:e7:81:0a:28:1a:6a:f4:cd: 98:9e:fd:51:84:df:b3:35:20:73:38:da:8a:4b:5e:69:c0:e2: 67:ed:2e:ea:93:8e:2d:35:08:33:fd:58:70:82:ed:2c:9a:b6: 49:52:fd:f9:d5:13:e0:aa:13:56:41:14:ea:d0:be:a9:35:54: a1:7f:72:80:56:33:42:a2:84:58:fc:0e:db:65:d2:00:d2:e7: ff:47:92:82:ba:32:e9:da:81:8d:a1:6e:98:c6:a5:65:18:8f: 81:2f:ee:cc:ee:44:fc:ff:34:6a:00:79:b2:18:4e:96:91:94: 19:1e:4f:12 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUCjhpkhhgW6Pm3KALMuZ4GqgCelUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQ5RDkxMzdENDQyN0E5RDM0RTFCMTVGMTZDNUM2ODlB OEM1NDlEOTAeFw0yNjAzMTgyMDI2MzJaFw0yNjAzMjEyMzAyMzJaMDMxMTAvBgNV BAMTKDE3OEEzQzQ0OEJCRkEzRjczRjJFNEZEMjY5MThBMEE5MUM0QkJCNDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfkmM1ssMx+lg5LsRRBQqrfhEC V7ZcLBLmdqB5l8k1uzWvmc8/dBRCq+kzSzghnJFuA/XXf2PP0G4ARFCke952HCHq W4fD3cWVVYNxYR0n+7nO7YQe9iVRzimaJUiJzYh+shDSOcN1iBqfv0Kt1st/nKun fsnFNPhOxDdcmJ3jTBdDIGY3XKvfAlEtUCe51mHDX1Nu7mdmCiJ0VrVE2QOIQ12N 94O5NP/ElX1IcIai6+4kGrNLp2tvlAI876QUURnv5eaxEkxqL8v31gNEg3gNqGtK SoFzvn9FvMnpf6ZT/0g0AQxSbMb7noJBYBFr/F2ZffuHU25PupK450iEzi6JAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUF4o8RIu/o/c/Lk/SaRigqRxLu0IwHwYDVR0j BBgwFoAULZ2RN9RCep004bFfFsXGiajFSdkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YTUzNDFlOC0yMmQ4LTQ0OWMtYTc1My1lNDdiYmZjNDg1MzgvMC8yRDlEOTEzN0Q0 NDI3QTlEMzRFMUIxNUYxNkM1QzY4OUE4QzU0OUQ5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQ5RDkxMzdENDQyN0E5RDM0RTFCMTVGMTZDNUM2ODlBOEM1 NDlEOS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMmE1MzQxZTgtMjJkOC00NDljLWE3 NTMtZTQ3YmJmYzQ4NTM4LzAvMkQ5RDkxMzdENDQyN0E5RDM0RTFCMTVGMTZDNUM2 ODlBOEM1NDlEOS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAKUqdnhHseUlpcGE0mBQ2B/8k08BrcRqOnDs KC/H0dDMJdEpF97QXPpAq/AaY1sg0RGHuyTwkuaJYjZl4UL5c/pbyoOcqvDNFhWK libc8FpISmKcaY2PyzPkcsFlAqhPDBAkrhgj/YxhZF6ouaPZ0J9SoHUp6t8uo0Xt SRT5eM1ydnT2E4Q7Jp7ngQooGmr0zZie/VGE37M1IHM42opLXmnA4mftLuqTji01 CDP9WHCC7SyatklS/fnVE+CqE1ZBFOrQvqk1VKF/coBWM0KihFj8Dttl0gDS5/9H koK6MunagY2hbpjGpWUYj4Ev7szuRPz/NGoAebIYTpaRlBkeTxI= -----END CERTIFICATE-----Generated at Thu Mar 19 09:39:28 2026 by rpki-client