$ rpki-client -vvf repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft File: 0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft (raw, json) Hash identifier: zztCqbAyNKM5RO4xQx7BWL6fjBo1DWrS7Ca15tNiMvM= Subject key identifier: 38:CD:0E:6D:4C:06:6E:29:E5:8F:C4:91:8E:D3:C0:91:E6:66:AF:54 Authority key identifier: 0B:B4:E9:52:78:9A:C5:02:FA:0C:FB:95:C2:E0:3F:43:44:97:BF:E3 Certificate issuer: /CN=0BB4E952789AC502FA0CFB95C2E03F434497BFE3 Certificate serial: 6D9A98459E610F0E1CC7940BD74A469C55E8637A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft Manifest number: 010A Signing time: Wed 18 Mar 2026 19:12:20 +0000 Manifest this update: Wed 18 Mar 2026 19:07:20 +0000 Manifest next update: Sat 21 Mar 2026 21:12:20 +0000 Files and hashes: 1: 0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl (hash: GnrXMvP4QIRRv/xkH7vO5c1GX/uTDcryk+vLMzzzSn0=) 2: 3130332e3134382e38392e302f32342d3234203d3e20313430343231.roa (hash: TZoglv4gVSEGVdYtRZ4lgIJlzz7UT43dp4O+n8rkNNY=) 3: 3130332e3134382e38382e302f32332d3233203d3e20313430343231.roa (hash: l6is4dO0R0PbZ70dLKCH7MsIvztrQYbYg8s+N5j55/w=) 4: 323030313a6466323a633938303a3a2f34382d3438203d3e20313430343231.roa (hash: S9qtO6NNat29VwWXnPO9Ad1pn0XLAWnDz3QkqSTjTbI=) 5: 3130332e3134382e38382e302f32342d3234203d3e20313430343231.roa (hash: neEFe0w5kAvbktE6GbOUZcC2jhb5+07V2Dgm04kOOSQ=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Mar 2026 21:12:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:9a:98:45:9e:61:0f:0e:1c:c7:94:0b:d7:4a:46:9c:55:e8:63:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0BB4E952789AC502FA0CFB95C2E03F434497BFE3 Validity Not Before: Mar 18 19:07:20 2026 GMT Not After : Mar 21 21:12:20 2026 GMT Subject: CN=38CD0E6D4C066E29E58FC4918ED3C091E666AF54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:2c:9e:21:44:44:f3:2a:e3:61:d6:ce:54:56: 8d:e4:8c:80:50:10:e5:c0:fa:a3:22:34:12:fc:8c: ec:a9:40:ea:bc:bc:44:93:88:83:49:28:f2:11:76: f3:eb:51:6d:82:7d:65:5f:f7:f0:96:f5:0a:e4:2d: 83:d4:c0:b2:31:15:6c:04:68:6d:80:8c:30:7f:eb: de:ed:f0:fe:41:43:9d:1e:ca:5e:f6:43:db:cd:a9: 4c:06:70:fa:f6:cc:67:ca:05:cd:12:07:a8:0e:4c: 81:b4:71:7c:41:52:5b:60:af:3f:1a:3d:65:8c:00: f2:ef:b5:45:74:3f:78:65:f0:5a:ed:bb:38:47:28: 3c:65:82:cc:bd:ad:c7:91:f8:d6:cb:33:66:fe:b0: 51:92:c5:a3:5c:e6:e3:f7:c7:83:98:66:7c:0d:f4: 10:64:f7:11:5b:fd:d2:05:29:6e:34:b2:8b:80:07: e9:2e:73:87:26:e4:cf:78:d0:a3:97:70:48:63:b1: 90:75:eb:3e:7f:db:a9:8c:78:68:ae:b6:c3:23:a6: 14:b5:4b:c4:86:e6:73:a0:3e:62:6d:db:96:26:5a: d5:fe:70:1a:06:71:4e:96:0e:4e:2b:3b:28:4d:00: ee:5f:10:72:06:10:54:5a:d9:e6:d6:63:38:7e:aa: 3f:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:CD:0E:6D:4C:06:6E:29:E5:8F:C4:91:8E:D3:C0:91:E6:66:AF:54 X509v3 Authority Key Identifier: keyid:0B:B4:E9:52:78:9A:C5:02:FA:0C:FB:95:C2:E0:3F:43:44:97:BF:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8b72eca4-73ad-4e0b-a6a6-7a65698b73be/0/0BB4E952789AC502FA0CFB95C2E03F434497BFE3.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:b2:af:14:41:54:90:46:15:4c:94:62:26:7a:62:72:e4:8b: e8:64:fd:90:49:d3:32:53:12:6b:ed:18:b6:b5:8c:61:9b:23: 66:70:f7:da:dd:15:f2:ab:7a:25:dc:fe:9c:39:05:5f:68:18: 3f:89:fa:08:e3:32:ed:f9:a2:d6:34:9b:3c:36:eb:b9:14:d2: 98:1f:bd:e4:5f:76:29:4a:c7:95:3e:40:a3:b5:0a:e0:00:4b: 06:39:b3:0b:c3:c0:0b:8b:ec:32:67:b8:31:8a:d5:3c:39:8d: c0:1a:bb:f8:b4:da:06:01:43:fa:7c:68:20:37:a2:a1:72:be: 31:f2:91:db:68:4c:4d:96:f5:df:fb:67:c8:88:cf:1b:89:54: 89:b8:19:94:40:ad:dc:6c:30:ea:90:f0:3c:c1:73:4b:8b:b0: d1:8a:a8:94:b6:b9:79:66:e9:74:e8:52:fb:ed:0e:25:8a:c7: 8f:94:27:a0:8e:04:a2:2a:94:46:d2:84:c2:9b:87:1f:a1:30: 78:df:d4:0f:d7:d6:83:a8:d4:72:33:27:92:aa:8a:54:d4:70: e2:88:ed:14:c2:5a:c8:ec:ec:b4:34:0d:b9:85:fb:00:5b:d6: 66:ad:31:85:fd:d3:84:cb:85:0c:b8:5f:f2:bc:a0:54:23:00: 89:6a:86:bd -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUbZqYRZ5hDw4cx5QL10pGnFXoY3owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNGNDM0 NDk3QkZFMzAeFw0yNjAzMTgxOTA3MjBaFw0yNjAzMjEyMTEyMjBaMDMxMTAvBgNV BAMTKDM4Q0QwRTZENEMwNjZFMjlFNThGQzQ5MThFRDNDMDkxRTY2NkFGNTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNLJ4hRETzKuNh1s5UVo3kjIBQ EOXA+qMiNBL8jOypQOq8vESTiINJKPIRdvPrUW2CfWVf9/CW9QrkLYPUwLIxFWwE aG2AjDB/697t8P5BQ50eyl72Q9vNqUwGcPr2zGfKBc0SB6gOTIG0cXxBUltgrz8a PWWMAPLvtUV0P3hl8FrtuzhHKDxlgsy9rceR+NbLM2b+sFGSxaNc5uP3x4OYZnwN 9BBk9xFb/dIFKW40souAB+kuc4cm5M940KOXcEhjsZB16z5/26mMeGiutsMjphS1 S8SG5nOgPmJt25YmWtX+cBoGcU6WDk4rOyhNAO5fEHIGEFRa2ebWYzh+qj8RAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUOM0ObUwGbinlj8SRjtPAkeZmr1QwHwYDVR0j BBgwFoAUC7TpUniaxQL6DPuVwuA/Q0SXv+MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YjcyZWNhNC03M2FkLTRlMGItYTZhNi03YTY1Njk4YjczYmUvMC8wQkI0RTk1Mjc4 OUFDNTAyRkEwQ0ZCOTVDMkUwM0Y0MzQ0OTdCRkUzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNGNDM0NDk3 QkZFMy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGI3MmVjYTQtNzNhZC00ZTBiLWE2 YTYtN2E2NTY5OGI3M2JlLzAvMEJCNEU5NTI3ODlBQzUwMkZBMENGQjk1QzJFMDNG NDM0NDk3QkZFMy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBACyyrxRBVJBGFUyUYiZ6YnLki+hk/ZBJ0zJT EmvtGLa1jGGbI2Zw99rdFfKreiXc/pw5BV9oGD+J+gjjMu35otY0mzw267kU0pgf veRfdilKx5U+QKO1CuAASwY5swvDwAuL7DJnuDGK1Tw5jcAau/i02gYBQ/p8aCA3 oqFyvjHykdtoTE2W9d/7Z8iIzxuJVIm4GZRArdxsMOqQ8DzBc0uLsNGKqJS2uXlm 6XToUvvtDiWKx4+UJ6COBKIqlEbShMKbhx+hMHjf1A/X1oOo1HIzJ5KqilTUcOKI 7RTCWsjs7LQ0DbmF+wBb1matMYX904TLhQy4X/K8oFQjAIlqhr0= -----END CERTIFICATE-----Generated at Thu Mar 19 09:39:28 2026 by rpki-client