$ rpki-client -vvf repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft File: 21AC220B77A77D0516BC73B4C29C8363DD00911B.mft (raw, json) Hash identifier: QQukSOrfArbbRaBLCJU2wRhZ+A7HMqZGF+u59D44grM= Subject key identifier: 0A:FC:3D:7C:96:B8:90:1B:F2:2F:A3:D4:89:4F:C6:48:11:2D:A8:98 Authority key identifier: 21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B Certificate issuer: /CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Certificate serial: 6D8EBAB6F445C557C859AFDC57CCC1ED23F43E0C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft Manifest number: 0519 Signing time: Thu 19 Mar 2026 17:51:07 +0000 Manifest this update: Thu 19 Mar 2026 17:46:07 +0000 Manifest next update: Sun 22 Mar 2026 22:48:07 +0000 Files and hashes: 1: 3230322e31302e35392e302f32342d3234203d3e20313336313139.roa (hash: p7znIjGrzIeqiJgSyw1Go9JzIhUPDTiZx2kzEBcMX+M=) 2: 3130332e39342e3136382e302f32322d3234203d3e20313336313139.roa (hash: IywsBHZCpESzPvpzBYMa3aM5xr+uzQrgr/hs4zyGEfk=) 3: 21AC220B77A77D0516BC73B4C29C8363DD00911B.crl (hash: xnlFp63bFXjIYHhPi5kMk8VEMP7VE1BQcx9c5KvfuIc=) 4: 3230322e31302e35382e302f32342d3234203d3e20313336313139.roa (hash: FqumLAE5ExkmaatbD11ff744L2iTMEhUHWhZUQWOtLU=) 5: 323430313a343863303a3a2f33322d3438203d3e20313336313139.roa (hash: J7Eqzk0rLCECjOwGjEdw1vCeBneDceSExg8FEmGDsVA=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 22:48:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:8e:ba:b6:f4:45:c5:57:c8:59:af:dc:57:cc:c1:ed:23:f4:3e:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Validity Not Before: Mar 19 17:46:07 2026 GMT Not After : Mar 22 22:48:07 2026 GMT Subject: CN=0AFC3D7C96B8901BF22FA3D4894FC648112DA898 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:0c:90:cb:bc:ff:5c:dd:95:a0:0a:6c:d8:39: 4d:01:91:13:72:cf:f7:a0:d5:e5:4d:f7:43:02:fc: f8:ac:58:12:8b:c7:f2:2d:83:1f:bd:f4:c7:2c:b5: 75:64:b4:84:55:63:7d:d2:90:ae:a0:42:0c:33:78: 7e:a9:c7:1d:07:06:17:0a:33:3a:8e:1a:5d:5f:8d: 31:ab:78:40:11:d2:d3:40:a1:f3:77:b5:68:11:cb: c3:0b:83:3c:2b:ad:1b:da:30:27:fb:8b:59:c0:12: dd:af:13:b2:36:c8:44:29:b6:ac:59:ed:94:92:2d: cf:b2:55:4f:21:f7:33:2a:bf:72:8f:2a:d4:f8:37: f6:52:4a:0e:2d:ce:b6:d4:f2:b3:5f:3a:04:de:4e: 5b:bd:16:b4:56:e2:dd:5c:09:3d:91:93:f6:79:2e: 20:27:37:e3:5c:51:79:fa:a1:97:05:ca:a3:6d:69: 2c:65:ad:82:e3:95:c4:be:24:fc:f2:91:d4:e9:be: c8:16:6e:8b:34:2f:c5:d8:6e:f3:05:2a:d2:bf:33: be:b6:77:8d:41:d2:b0:06:aa:d0:53:6b:56:77:16: 25:06:c1:30:78:10:41:51:ce:d0:7b:b2:d3:3d:21: 8f:07:77:06:96:b5:b0:ed:9e:24:01:3f:31:cc:4f: 3c:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:FC:3D:7C:96:B8:90:1B:F2:2F:A3:D4:89:4F:C6:48:11:2D:A8:98 X509v3 Authority Key Identifier: keyid:21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:d0:79:09:13:89:e9:57:7b:f5:d5:64:23:3d:19:ec:e5:02: 7c:80:f8:7a:db:7e:1c:e2:28:c2:86:e1:3b:3b:90:b1:29:d9: 2f:71:6d:62:59:06:4d:2a:5e:7b:e7:8c:57:c7:ff:75:34:76: 79:76:f0:44:91:ff:43:5c:1d:ad:65:d1:56:d3:c3:94:b6:fc: 4f:7d:95:cf:e7:e1:9c:1e:4d:90:80:d7:fa:b2:f3:55:c9:52: 58:9e:71:35:0b:ca:cb:4b:38:44:90:26:44:f6:63:9c:45:10: 4a:a4:66:02:26:2b:63:88:0f:6a:52:96:a5:37:41:f7:33:b6: cc:b4:8d:0e:84:eb:e4:ba:3a:1e:3d:4a:b4:2d:44:10:e5:a3: cd:bf:32:ee:a2:02:1c:88:21:be:af:1a:4b:01:26:33:78:b1: 72:62:f1:d4:be:c0:8f:6d:79:bc:bd:0c:e4:c6:d5:b4:3b:47: 8f:73:34:5f:3b:ae:dc:1e:00:b7:7e:42:71:0a:f3:ae:5c:22: eb:62:5b:ad:a9:b7:48:90:02:2c:15:99:ac:1b:e7:47:a5:cf: 5d:da:4e:54:9a:41:8b:15:ca:6f:08:85:dd:62:06:5e:4b:04: 2e:e9:0b:c8:8d:1c:54:1d:3d:df:82:0b:48:eb:40:7e:f2:f6: ae:69:ef:09 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUbY66tvRFxVfIWa/cV8zB7SP0PgwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNE RDAwOTExQjAeFw0yNjAzMTkxNzQ2MDdaFw0yNjAzMjIyMjQ4MDdaMDMxMTAvBgNV BAMTKDBBRkMzRDdDOTZCODkwMUJGMjJGQTNENDg5NEZDNjQ4MTEyREE4OTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPDJDLvP9c3ZWgCmzYOU0BkRNy z/eg1eVN90MC/PisWBKLx/Itgx+99McstXVktIRVY33SkK6gQgwzeH6pxx0HBhcK MzqOGl1fjTGreEAR0tNAofN3tWgRy8MLgzwrrRvaMCf7i1nAEt2vE7I2yEQptqxZ 7ZSSLc+yVU8h9zMqv3KPKtT4N/ZSSg4tzrbU8rNfOgTeTlu9FrRW4t1cCT2Rk/Z5 LiAnN+NcUXn6oZcFyqNtaSxlrYLjlcS+JPzykdTpvsgWbos0L8XYbvMFKtK/M762 d41B0rAGqtBTa1Z3FiUGwTB4EEFRztB7stM9IY8HdwaWtbDtniQBPzHMTzztAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUCvw9fJa4kBvyL6PUiU/GSBEtqJgwHwYDVR0j BBgwFoAUIawiC3enfQUWvHO0wpyDY90AkRswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZGFiYzBiYS05MjIyLTRjNDUtODM0Mi1lYjg2NDNjNDk2N2QvMC8yMUFDMjIwQjc3 QTc3RDA1MTZCQzczQjRDMjlDODM2M0REMDA5MTFCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5QzgzNjNERDAw OTExQi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vYmRhYmMwYmEtOTIyMi00YzQ1LTgz NDItZWI4NjQzYzQ5NjdkLzAvMjFBQzIyMEI3N0E3N0QwNTE2QkM3M0I0QzI5Qzgz NjNERDAwOTExQi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAAbQeQkTielXe/XVZCM9GezlAnyA+Hrbfhzi KMKG4Ts7kLEp2S9xbWJZBk0qXnvnjFfH/3U0dnl28ESR/0NcHa1l0VbTw5S2/E99 lc/n4ZweTZCA1/qy81XJUliecTULystLOESQJkT2Y5xFEEqkZgImK2OID2pSlqU3 Qfcztsy0jQ6E6+S6Oh49SrQtRBDlo82/Mu6iAhyIIb6vGksBJjN4sXJi8dS+wI9t eby9DOTG1bQ7R49zNF87rtweALd+QnEK865cIutiW62pt0iQAiwVmawb50elz13a TlSaQYsVym8Ihd1iBl5LBC7pC8iNHFQdPd+CC0jrQH7y9q5p7wk= -----END CERTIFICATE-----Generated at Fri Mar 20 16:45:29 2026 by rpki-client