$ rpki-client -vvf repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft File: 85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft (raw, json) Hash identifier: C/m3mO99U9JMk/VU+QGyRj6E83Ek2YX1jMZvcZr30GQ= Subject key identifier: 2E:01:BE:F0:35:CC:E8:FC:69:74:14:35:4A:5E:95:A1:4D:8A:66:95 Authority key identifier: 85:E8:DE:B3:87:42:E3:90:C7:BF:B3:4B:1E:4A:BA:C3:1D:33:7A:C3 Certificate issuer: /CN=85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3 Certificate serial: 34708F31B8B09372AD0480F7BD60800BAF9300EF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft Manifest number: 02F2 Signing time: Fri 20 Mar 2026 19:01:49 +0000 Manifest this update: Fri 20 Mar 2026 18:56:49 +0000 Manifest next update: Tue 24 Mar 2026 06:07:49 +0000 Files and hashes: 1: 85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl (hash: XNcL0H3R8fsbVItG6N36xD+rpr6MpA7wYTsYfZ8LxD0=) 2: 3130332e3137382e3137342e302f32332d3234203d3e20313337333331.roa (hash: gonve5wIJ3O85bDiwHHm2xjnNdsU9xH6JAbxD3Ax5a8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 24 Mar 2026 02:27:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:70:8f:31:b8:b0:93:72:ad:04:80:f7:bd:60:80:0b:af:93:00:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3 Validity Not Before: Mar 20 18:56:49 2026 GMT Not After : Mar 24 06:07:49 2026 GMT Subject: CN=2E01BEF035CCE8FC697414354A5E95A14D8A6695 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:2f:bf:ba:f3:5b:d1:de:e8:ad:b4:e0:4b:f4: c2:17:6e:4e:f7:38:91:25:87:da:db:70:f5:18:c3: 4a:e6:15:35:16:10:c6:e4:91:2f:3e:dc:f6:12:ee: 51:a9:58:eb:e8:b3:59:86:85:81:70:90:3a:fc:29: 51:aa:6e:f7:07:a7:1c:c9:9a:67:0b:d2:46:6b:35: 1d:7e:0d:57:08:e8:24:5c:9f:03:ac:2a:e3:22:8f: ea:a1:de:9b:55:0c:bc:31:40:c6:ce:f1:a2:99:62: b7:58:9c:d0:2a:a6:81:fe:fa:30:3d:af:41:00:80: fe:db:86:7c:2f:d3:59:24:ad:29:72:de:5e:e7:65: ab:3f:c0:f1:0e:d6:d3:6d:1d:9c:93:6d:7f:8a:53: 28:41:47:15:ca:88:9d:6a:5e:1c:60:2c:98:12:58: f6:05:45:ac:07:08:c8:27:66:63:44:a6:15:e9:1f: b9:da:dc:b6:b0:ea:76:8c:93:0e:91:02:c5:14:8f: 86:b2:0f:1c:0d:75:b5:7a:26:f2:50:a3:53:80:2e: 02:dd:b5:ee:53:2e:33:f8:b2:26:4f:6e:58:c3:0c: 56:29:b2:a3:d2:69:49:24:bc:23:19:5b:16:f6:2c: c9:cb:54:77:5d:d6:c1:a8:74:42:1f:b2:8a:2f:77: ca:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:01:BE:F0:35:CC:E8:FC:69:74:14:35:4A:5E:95:A1:4D:8A:66:95 X509v3 Authority Key Identifier: keyid:85:E8:DE:B3:87:42:E3:90:C7:BF:B3:4B:1E:4A:BA:C3:1D:33:7A:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6d7f9ef4-f99f-44ff-b968-70d4524d7207/0/85E8DEB38742E390C7BFB34B1E4ABAC31D337AC3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:fa:56:66:4c:17:7f:77:83:20:13:c1:15:68:98:cd:09:3b: cf:bf:6c:11:25:09:84:f1:1a:f2:52:ae:93:7a:53:bd:6c:b6: d5:49:f9:d6:c0:c4:33:14:80:4b:37:2d:40:39:a1:f9:8a:96: 77:8b:34:1d:d3:2b:d6:71:94:27:3e:9f:23:74:41:6c:50:1a: 9e:84:db:1a:57:73:5d:fa:54:6b:99:78:3d:78:8e:4d:4a:0f: 1b:f8:7e:6a:07:0d:df:e2:ba:e3:8a:60:85:0e:d8:6a:e3:9f: 2b:ae:4e:f2:fe:15:fe:83:41:e3:8a:1e:fb:b6:08:61:4f:01: f1:92:c7:cd:8c:66:04:eb:49:6b:f6:7c:7a:30:d2:d8:01:d1: 49:e7:05:56:48:06:70:3e:f7:56:0d:ee:28:3e:71:8a:59:06: 05:da:53:6b:c3:0b:38:00:65:ab:c1:a5:7e:03:a3:16:3a:5e: d3:17:5a:68:f3:09:70:06:23:57:a8:a8:4c:5f:0e:f7:6c:51: 20:bf:18:4b:6f:08:0d:0e:7c:54:42:aa:5e:b9:d9:32:e6:71: 4a:c4:52:93:a6:ab:ae:6f:3b:88:9b:1f:ac:fb:40:cb:99:3a: 2d:66:8f:a0:63:a0:c2:00:25:4b:1b:f1:98:28:98:00:a7:07: 8a:c3:c4:0c -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUNHCPMbiwk3KtBID3vWCAC6+TAO8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJBQzMx RDMzN0FDMzAeFw0yNjAzMjAxODU2NDlaFw0yNjAzMjQwNjA3NDlaMDMxMTAvBgNV BAMTKDJFMDFCRUYwMzVDQ0U4RkM2OTc0MTQzNTRBNUU5NUExNEQ4QTY2OTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuL7+681vR3uittOBL9MIXbk73 OJElh9rbcPUYw0rmFTUWEMbkkS8+3PYS7lGpWOvos1mGhYFwkDr8KVGqbvcHpxzJ mmcL0kZrNR1+DVcI6CRcnwOsKuMij+qh3ptVDLwxQMbO8aKZYrdYnNAqpoH++jA9 r0EAgP7bhnwv01kkrSly3l7nZas/wPEO1tNtHZyTbX+KUyhBRxXKiJ1qXhxgLJgS WPYFRawHCMgnZmNEphXpH7na3Law6naMkw6RAsUUj4ayDxwNdbV6JvJQo1OALgLd te5TLjP4siZPbljDDFYpsqPSaUkkvCMZWxb2LMnLVHdd1sGodEIfsoovd8oDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQULgG+8DXM6PxpdBQ1Sl6VoU2KZpUwHwYDVR0j BBgwFoAUhejes4dC45DHv7NLHkq6wx0zesMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 ZDdmOWVmNC1mOTlmLTQ0ZmYtYjk2OC03MGQ0NTI0ZDcyMDcvMC84NUU4REVCMzg3 NDJFMzkwQzdCRkIzNEIxRTRBQkFDMzFEMzM3QUMzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJBQzMxRDMz N0FDMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNmQ3ZjllZjQtZjk5Zi00NGZmLWI5 NjgtNzBkNDUyNGQ3MjA3LzAvODVFOERFQjM4NzQyRTM5MEM3QkZCMzRCMUU0QUJB QzMxRDMzN0FDMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAGn6VmZMF393gyATwRVomM0JO8+/bBElCYTx GvJSrpN6U71sttVJ+dbAxDMUgEs3LUA5ofmKlneLNB3TK9ZxlCc+nyN0QWxQGp6E 2xpXc136VGuZeD14jk1KDxv4fmoHDd/iuuOKYIUO2GrjnyuuTvL+Ff6DQeOKHvu2 CGFPAfGSx82MZgTrSWv2fHow0tgB0UnnBVZIBnA+91YN7ig+cYpZBgXaU2vDCzgA ZavBpX4DoxY6XtMXWmjzCXAGI1eoqExfDvdsUSC/GEtvCA0OfFRCql652TLmcUrE UpOmq65vO4ibH6z7QMuZOi1mj6BjoMIAJUsb8ZgomACnB4rDxAw= -----END CERTIFICATE-----Generated at Sat Mar 21 01:02:53 2026 by rpki-client