$ rpki-client -vvf repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/0/668C2397879176FD00D1A4949BAF8C1D8E764166.mft File: 668C2397879176FD00D1A4949BAF8C1D8E764166.mft (raw, json) Hash identifier: BXsbeeYrmuFZqxb65efUSUNYejUbHzMimPilFut3xwc= Subject key identifier: D4:82:5C:F3:73:CA:46:4B:7E:1E:CA:6C:E1:7C:A7:AD:B5:31:F4:0E Authority key identifier: 66:8C:23:97:87:91:76:FD:00:D1:A4:94:9B:AF:8C:1D:8E:76:41:66 Certificate issuer: /CN=668C2397879176FD00D1A4949BAF8C1D8E764166 Certificate serial: 705D998234113C4217F140803F0BF505080D3F11 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/668C2397879176FD00D1A4949BAF8C1D8E764166.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/0/668C2397879176FD00D1A4949BAF8C1D8E764166.mft Manifest number: 09 Signing time: Tue 17 Mar 2026 21:01:14 +0000 Manifest this update: Tue 17 Mar 2026 20:56:14 +0000 Manifest next update: Fri 20 Mar 2026 22:12:14 +0000 Files and hashes: 1: 668C2397879176FD00D1A4949BAF8C1D8E764166.crl (hash: gY0mrqNehilzIsd+Jc2jZeGclIDtpgOLCmxFJjKLAr0=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/0/668C2397879176FD00D1A4949BAF8C1D8E764166.crl rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/0/668C2397879176FD00D1A4949BAF8C1D8E764166.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/668C2397879176FD00D1A4949BAF8C1D8E764166.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Mar 2026 22:12:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:5d:99:82:34:11:3c:42:17:f1:40:80:3f:0b:f5:05:08:0d:3f:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=668C2397879176FD00D1A4949BAF8C1D8E764166 Validity Not Before: Mar 17 20:56:14 2026 GMT Not After : Mar 20 22:12:14 2026 GMT Subject: CN=D4825CF373CA464B7E1ECA6CE17CA7ADB531F40E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f3:7c:b0:29:e5:c0:e4:8c:14:80:84:0c:8c: 25:b3:57:cf:fe:92:47:e4:6f:81:80:7a:ac:d8:89: b5:3e:80:1a:c7:80:b7:22:89:ec:7d:3e:b8:a7:68: 51:c9:7b:dc:5d:3d:4e:ac:4c:7f:56:ee:19:22:9e: 3a:3d:bd:80:85:64:62:b2:2b:1d:45:e3:7f:4d:3a: bc:fe:38:a8:e0:da:46:3b:87:78:77:26:57:fc:61: da:75:cb:ca:4e:08:21:cd:71:e8:be:a6:d2:33:41: ac:d5:2a:f9:10:2d:88:fa:ea:01:20:19:da:fc:b8: 93:c3:c1:e9:52:a6:8e:36:dd:73:51:05:5f:28:53: 41:23:d9:04:6a:ab:1b:97:93:b9:4c:9c:62:0b:40: df:d7:0e:9c:ad:af:8e:1d:22:1f:5c:90:97:39:e3: 43:9b:53:42:c7:ed:0d:0d:62:79:00:77:cd:aa:b9: 37:56:2b:d9:3c:d6:e9:51:1e:d8:72:ba:22:bb:32: 70:f1:72:ca:55:e1:b7:e0:e8:96:b6:c3:86:68:f8: c0:09:10:f9:4c:81:e9:a0:46:c5:60:77:49:3f:30: 59:fd:20:f1:52:a8:c2:e7:56:b8:d5:ad:0f:c5:04: 83:60:ca:3e:cd:dc:cd:72:f1:8c:07:3f:00:94:d8: d9:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:82:5C:F3:73:CA:46:4B:7E:1E:CA:6C:E1:7C:A7:AD:B5:31:F4:0E X509v3 Authority Key Identifier: keyid:66:8C:23:97:87:91:76:FD:00:D1:A4:94:9B:AF:8C:1D:8E:76:41:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/0/668C2397879176FD00D1A4949BAF8C1D8E764166.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/668C2397879176FD00D1A4949BAF8C1D8E764166.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/0/668C2397879176FD00D1A4949BAF8C1D8E764166.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:13:67:36:12:e4:e0:f8:8a:f9:1c:db:d4:af:23:45:e0:9b: bd:cd:8f:a7:a6:f6:6c:4a:b4:76:e1:d3:7a:db:13:19:8f:20: 3e:16:ff:02:62:a8:26:f9:51:7f:14:7e:c3:b0:8e:84:c4:80: a7:e5:7d:f1:4d:5d:a4:30:10:dc:7f:71:af:58:b3:12:c7:b3: 5e:6b:c8:3f:13:6a:71:7a:7a:e7:9b:19:19:cb:4c:b8:07:d3: b0:05:5f:db:33:70:5d:5e:42:77:0c:20:4d:70:84:9d:ff:f6: 89:eb:01:a1:15:52:25:cd:53:4d:d5:c6:d3:17:cb:d3:18:69: a4:68:05:42:a5:56:9d:36:34:5c:ab:33:06:81:42:4a:07:77: 5f:99:31:d4:c6:73:9e:20:9d:85:d2:10:76:23:cd:92:67:b3: 05:ef:0b:fe:92:8e:5d:c6:36:c4:2f:42:52:78:a7:3b:48:42: 84:1e:22:27:65:81:05:b4:af:9b:88:2e:78:a1:0b:fd:d5:68: 3e:74:9f:12:fd:a0:f7:d8:d5:0d:a2:6f:34:88:42:2a:f7:51: d0:4d:a5:d9:2d:22:2d:3e:13:06:90:62:3d:91:54:d9:c0:a8: 8a:e0:8d:cb:5e:8b:c4:c8:71:84:d1:dd:c0:97:88:ca:20:99: 67:6c:61:45 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUcF2ZgjQRPEIX8UCAPwv1BQgNPxEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjY4QzIzOTc4NzkxNzZGRDAwRDFBNDk0OUJBRjhDMUQ4 RTc2NDE2NjAeFw0yNjAzMTcyMDU2MTRaFw0yNjAzMjAyMjEyMTRaMDMxMTAvBgNV BAMTKEQ0ODI1Q0YzNzNDQTQ2NEI3RTFFQ0E2Q0UxN0NBN0FEQjUzMUY0MEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC683ywKeXA5IwUgIQMjCWzV8/+ kkfkb4GAeqzYibU+gBrHgLciiex9PrinaFHJe9xdPU6sTH9W7hkinjo9vYCFZGKy Kx1F439NOrz+OKjg2kY7h3h3Jlf8Ydp1y8pOCCHNcei+ptIzQazVKvkQLYj66gEg Gdr8uJPDwelSpo423XNRBV8oU0Ej2QRqqxuXk7lMnGILQN/XDpytr44dIh9ckJc5 40ObU0LH7Q0NYnkAd82quTdWK9k81ulRHthyuiK7MnDxcspV4bfg6Ja2w4Zo+MAJ EPlMgemgRsVgd0k/MFn9IPFSqMLnVrjVrQ/FBINgyj7N3M1y8YwHPwCU2NnPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU1IJc83PKRkt+Hsps4XynrbUx9A4wHwYDVR0j BBgwFoAUZowjl4eRdv0A0aSUm6+MHY52QWYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j YmRlM2E0Mi02MjcyLTRiNmMtYWQ4MS1jY2NmYmU5NDg4YzAvMC82NjhDMjM5Nzg3 OTE3NkZEMDBEMUE0OTQ5QkFGOEMxRDhFNzY0MTY2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjY4QzIzOTc4NzkxNzZGRDAwRDFBNDk0OUJBRjhDMUQ4RTc2 NDE2Ni5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vY2JkZTNhNDItNjI3Mi00YjZjLWFk ODEtY2NjZmJlOTQ4OGMwLzAvNjY4QzIzOTc4NzkxNzZGRDAwRDFBNDk0OUJBRjhD MUQ4RTc2NDE2Ni5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFQTZzYS5OD4ivkc29SvI0Xgm73Nj6em9mxK tHbh03rbExmPID4W/wJiqCb5UX8UfsOwjoTEgKflffFNXaQwENx/ca9YsxLHs15r yD8TanF6euebGRnLTLgH07AFX9szcF1eQncMIE1whJ3/9onrAaEVUiXNU03VxtMX y9MYaaRoBUKlVp02NFyrMwaBQkoHd1+ZMdTGc54gnYXSEHYjzZJnswXvC/6Sjl3G NsQvQlJ4pztIQoQeIidlgQW0r5uILnihC/3VaD50nxL9oPfY1Q2ibzSIQir3UdBN pdktIi0+EwaQYj2RVNnAqIrgjctei8TIcYTR3cCXiMogmWdsYUU= -----END CERTIFICATE-----Generated at Thu Mar 19 09:35:57 2026 by rpki-client