$ rpki-client -vvf repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft File: DD68C98D519CC8D624F664B026AEB9B289EE819C.mft (raw, json) Hash identifier: rFM+aGjOtDTD/s7XXd2+HM5Igxo4UV6/og6P/HNQYTk= Subject key identifier: 92:E3:8C:F4:B3:32:EF:EB:19:A7:87:F2:D8:79:5A:38:FD:CA:DF:FD Authority key identifier: DD:68:C9:8D:51:9C:C8:D6:24:F6:64:B0:26:AE:B9:B2:89:EE:81:9C Certificate issuer: /CN=DD68C98D519CC8D624F664B026AEB9B289EE819C Certificate serial: 5C57D06BE7779DE26B1DBF3FBBE01B69816AB854 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft Manifest number: 0224 Signing time: Fri 20 Mar 2026 05:32:02 +0000 Manifest this update: Fri 20 Mar 2026 05:27:02 +0000 Manifest next update: Mon 23 Mar 2026 13:24:02 +0000 Files and hashes: 1: 3130332e33362e35322e302f32342d3234203d3e2039333431.roa (hash: 4vYKKc9gCQNLGbY6CdycYfIML4Cvt54/Y7bjgPLGEYU=) 2: DD68C98D519CC8D624F664B026AEB9B289EE819C.crl (hash: MZa+GvuCjM9KoTFvnvwdEa05VLabRXIky0LUTu7Rk2M=) 3: 3130332e33362e35322e302f32332d3233203d3e2039333431.roa (hash: avxCSiDbdDW7kOsh1a+dBlMPbboYpQF+S49u7QzrJXw=) 4: 3130332e33362e35332e302f32342d3234203d3e2039333431.roa (hash: 9XabV5C+bxTzwQpxWRFJ2J0ODxVlFWpwxY4ZIRRll5s=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.crl rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Mar 2026 10:28:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:57:d0:6b:e7:77:9d:e2:6b:1d:bf:3f:bb:e0:1b:69:81:6a:b8:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DD68C98D519CC8D624F664B026AEB9B289EE819C Validity Not Before: Mar 20 05:27:02 2026 GMT Not After : Mar 23 13:24:02 2026 GMT Subject: CN=92E38CF4B332EFEB19A787F2D8795A38FDCADFFD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:00:24:22:0e:d8:e8:8e:ae:9c:74:e6:e1:06: 35:81:27:f7:2f:2f:a8:ce:83:a1:e2:05:08:1e:01: 8f:ea:3a:2f:c3:db:9f:4c:63:aa:db:32:e3:14:30: 6b:5e:a4:50:dd:e8:6e:de:cc:82:70:d0:11:2e:ea: 88:24:3c:e8:25:f5:92:96:2c:de:57:00:2a:9a:1f: 86:16:84:d6:f5:2c:93:c4:a1:9c:ae:b0:78:57:12: e6:a2:3d:2c:58:e7:5b:50:4e:8b:91:f2:60:fe:15: 15:68:7d:ac:af:35:9d:e4:0a:1b:39:2b:5d:c4:6e: b0:37:c5:a2:f5:6f:c9:09:ea:8a:e7:db:3d:8a:ea: 13:75:b1:e9:82:2e:13:3e:ff:23:49:6f:0a:49:df: a7:c5:e2:7c:e5:de:3d:e4:fd:69:f9:9b:66:8c:c2: 63:2c:33:86:49:a6:53:65:28:16:71:c3:d9:7d:b5: f9:64:9d:e3:45:5b:49:0b:e9:d3:84:4a:04:17:c4: 5c:ef:a4:5e:25:bd:bf:ef:91:85:de:ff:d7:b9:95: 7e:67:9d:d7:2b:7e:ca:ee:c5:e9:89:86:d7:53:98: 02:ee:af:9e:02:e6:23:bf:4f:c6:37:94:d0:c1:f5: ac:2c:4c:d9:1a:fb:52:13:1d:5a:22:cf:ea:56:2b: bc:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:E3:8C:F4:B3:32:EF:EB:19:A7:87:F2:D8:79:5A:38:FD:CA:DF:FD X509v3 Authority Key Identifier: keyid:DD:68:C9:8D:51:9C:C8:D6:24:F6:64:B0:26:AE:B9:B2:89:EE:81:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DD68C98D519CC8D624F664B026AEB9B289EE819C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d043a889-c861-4d29-9d77-923d927e7634/0/DD68C98D519CC8D624F664B026AEB9B289EE819C.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d2:b7:c6:86:94:9d:26:49:63:b8:34:7d:6d:a8:d0:4b:ea:1c: c8:8a:b7:ec:9f:e2:f4:7a:4e:28:b3:88:ec:f6:ed:f1:25:65: cc:3d:ae:d0:51:8f:93:eb:01:fd:68:ec:dd:ff:64:b1:6b:80: 9c:62:84:07:59:0c:ce:0f:e7:1b:ce:05:7a:34:61:fe:fd:55: d8:3e:a8:e0:6f:49:e4:b1:d3:06:f7:2e:c5:45:27:0e:c6:b2: 85:2f:17:81:40:86:a8:be:46:fd:17:b0:bb:e1:4b:fd:a6:4b: 8b:9e:96:4a:f1:9d:0d:94:9a:f2:2b:0a:c7:a9:1e:c0:1e:ed: fd:b8:0f:c2:f1:26:bc:67:e3:78:f4:d6:42:ba:d6:19:58:44: 9e:2b:9c:c9:33:64:c1:ff:9f:00:7b:5d:3f:18:5a:78:92:e8: 5a:17:1d:6e:19:88:cd:75:92:e0:57:f9:f4:2b:d1:b6:84:73: bc:90:bb:ff:23:aa:23:3f:3f:57:8c:83:77:c7:f4:f1:9e:cf: fc:68:14:c9:3e:0f:5d:0b:4a:4b:0f:39:da:35:4d:fd:0e:79: b5:33:65:42:ab:36:4d:00:95:a5:4f:a1:42:d8:56:cf:df:ae: 8a:3e:f4:08:b3:cf:57:b8:cd:07:c7:c7:4b:01:66:a2:a2:7c: c2:fc:97:52 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUXFfQa+d3neJrHb8/u+AbaYFquFQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5QjI4 OUVFODE5QzAeFw0yNjAzMjAwNTI3MDJaFw0yNjAzMjMxMzI0MDJaMDMxMTAvBgNV BAMTKDkyRTM4Q0Y0QjMzMkVGRUIxOUE3ODdGMkQ4Nzk1QTM4RkRDQURGRkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOACQiDtjojq6cdObhBjWBJ/cv L6jOg6HiBQgeAY/qOi/D259MY6rbMuMUMGtepFDd6G7ezIJw0BEu6ogkPOgl9ZKW LN5XACqaH4YWhNb1LJPEoZyusHhXEuaiPSxY51tQTouR8mD+FRVofayvNZ3kChs5 K13EbrA3xaL1b8kJ6orn2z2K6hN1semCLhM+/yNJbwpJ36fF4nzl3j3k/Wn5m2aM wmMsM4ZJplNlKBZxw9l9tflkneNFW0kL6dOESgQXxFzvpF4lvb/vkYXe/9e5lX5n ndcrfsruxemJhtdTmALur54C5iO/T8Y3lNDB9awsTNka+1ITHVoiz+pWK7wDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUkuOM9LMy7+sZp4fy2HlaOP3K3/0wHwYDVR0j BBgwFoAU3WjJjVGcyNYk9mSwJq65sonugZwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MDQzYTg4OS1jODYxLTRkMjktOWQ3Ny05MjNkOTI3ZTc2MzQvMC9ERDY4Qzk4RDUx OUNDOEQ2MjRGNjY0QjAyNkFFQjlCMjg5RUU4MTlDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5QjI4OUVF ODE5Qy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDA0M2E4ODktYzg2MS00ZDI5LTlk NzctOTIzZDkyN2U3NjM0LzAvREQ2OEM5OEQ1MTlDQzhENjI0RjY2NEIwMjZBRUI5 QjI4OUVFODE5Qy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBANK3xoaUnSZJY7g0fW2o0EvqHMiKt+yf4vR6 TiiziOz27fElZcw9rtBRj5PrAf1o7N3/ZLFrgJxihAdZDM4P5xvOBXo0Yf79Vdg+ qOBvSeSx0wb3LsVFJw7GsoUvF4FAhqi+Rv0XsLvhS/2mS4uelkrxnQ2UmvIrCsep HsAe7f24D8LxJrxn43j01kK61hlYRJ4rnMkzZMH/nwB7XT8YWniS6FoXHW4ZiM11 kuBX+fQr0baEc7yQu/8jqiM/P1eMg3fH9PGez/xoFMk+D10LSksPOdo1Tf0OebUz ZUKrNk0AlaVPoULYVs/froo+9Aizz1e4zQfHx0sBZqKifML8l1I= -----END CERTIFICATE-----Generated at Fri Mar 20 12:41:30 2026 by rpki-client