$ rpki-client -vvf repo-rpki.idnic.net/repo/dea79340-4db2-458d-95dd-af20b4fcdb3d/0/B89398BA603C43BDF711A2B31FADC8CDFFC9CC16.mft File: B89398BA603C43BDF711A2B31FADC8CDFFC9CC16.mft (raw, json) Hash identifier: CIoInmG5Y3IT9DS5DK9weVoUVE+ij6b6Lk5DfKqsCE4= Subject key identifier: 97:0D:66:C6:40:FF:2B:F1:C6:BE:D1:C3:95:CF:EC:02:E6:48:62:47 Authority key identifier: B8:93:98:BA:60:3C:43:BD:F7:11:A2:B3:1F:AD:C8:CD:FF:C9:CC:16 Certificate issuer: /CN=B89398BA603C43BDF711A2B31FADC8CDFFC9CC16 Certificate serial: 652A5951B165ADC60C9D7EBB56EC5CDD5D48BA6A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B89398BA603C43BDF711A2B31FADC8CDFFC9CC16.cer Subject info access: rsync://repo-rpki.idnic.net/repo/dea79340-4db2-458d-95dd-af20b4fcdb3d/0/B89398BA603C43BDF711A2B31FADC8CDFFC9CC16.mft Manifest number: 0558 Signing time: Wed 18 Mar 2026 16:31:58 +0000 Manifest this update: Wed 18 Mar 2026 16:26:58 +0000 Manifest next update: Sun 22 Mar 2026 02:44:58 +0000 Files and hashes: 1: 323030313a6466323a346238303a3a2f34382d3438203d3e20313339343537.roa (hash: O/T9Xztwa1eZpftLg0Xl5KOsLOQM47dFO4VcGsJ1wDg=) 2: 3130332e3134362e36322e302f32332d3234203d3e20313339343537.roa (hash: J9nhXOhW6jatN3t2cMwD6dQ3cCJrOL1soCUmU7Ehehg=) 3: B89398BA603C43BDF711A2B31FADC8CDFFC9CC16.crl (hash: Z2oSodH269lWqf+JhHDBw/w0cTQ5Xx9b0DIJWjwYisU=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/dea79340-4db2-458d-95dd-af20b4fcdb3d/0/B89398BA603C43BDF711A2B31FADC8CDFFC9CC16.crl rsync://repo-rpki.idnic.net/repo/dea79340-4db2-458d-95dd-af20b4fcdb3d/0/B89398BA603C43BDF711A2B31FADC8CDFFC9CC16.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B89398BA603C43BDF711A2B31FADC8CDFFC9CC16.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 02:44:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:2a:59:51:b1:65:ad:c6:0c:9d:7e:bb:56:ec:5c:dd:5d:48:ba:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B89398BA603C43BDF711A2B31FADC8CDFFC9CC16 Validity Not Before: Mar 18 16:26:58 2026 GMT Not After : Mar 22 02:44:58 2026 GMT Subject: CN=970D66C640FF2BF1C6BED1C395CFEC02E6486247 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ec:b6:d5:73:e4:9a:2f:79:b4:06:69:e7:1b: fd:f7:9e:1c:cb:41:fd:e8:82:32:d8:ab:a2:49:54: 69:13:08:46:ef:f5:f9:36:cc:d2:f9:54:bb:49:94: 12:39:c3:3e:b1:2d:56:cd:89:30:3d:2d:58:2b:b8: 0c:dc:2b:57:41:6d:74:9f:7f:62:c8:33:09:4b:ae: 86:41:48:93:e2:d7:6e:d3:03:55:96:29:9d:71:0e: 14:49:1c:84:62:12:63:86:d7:f1:46:56:6b:ee:63: 10:03:17:30:bc:44:13:94:ed:27:2d:f4:4d:0a:e4: 56:61:1e:4c:42:3f:45:aa:7e:bb:14:df:43:2c:df: f2:a6:36:03:31:9d:30:b7:b7:ea:8d:2e:63:2f:0e: 9a:b5:9a:0a:dc:ae:05:06:bb:a2:40:cd:2f:2d:9d: e3:d7:be:5f:2b:ca:a0:0e:76:fc:32:a1:2c:18:eb: 1d:07:5a:3a:27:ef:fa:85:97:8e:7f:1f:74:cb:cf: 68:da:6d:2f:02:4e:04:ce:3a:b4:36:49:e0:6d:55: 8c:7b:a7:10:6c:b7:07:42:c1:70:5c:52:21:cc:cb: 0f:ef:28:72:b1:04:17:26:4b:05:9b:2c:40:3d:89: 59:88:a3:41:1f:0e:be:74:81:78:ca:8a:1c:73:47: 44:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:0D:66:C6:40:FF:2B:F1:C6:BE:D1:C3:95:CF:EC:02:E6:48:62:47 X509v3 Authority Key Identifier: keyid:B8:93:98:BA:60:3C:43:BD:F7:11:A2:B3:1F:AD:C8:CD:FF:C9:CC:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/dea79340-4db2-458d-95dd-af20b4fcdb3d/0/B89398BA603C43BDF711A2B31FADC8CDFFC9CC16.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B89398BA603C43BDF711A2B31FADC8CDFFC9CC16.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dea79340-4db2-458d-95dd-af20b4fcdb3d/0/B89398BA603C43BDF711A2B31FADC8CDFFC9CC16.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:9b:10:2b:ed:29:af:bc:81:95:d0:28:f3:7a:ba:53:81:36: 6e:47:2f:d0:5e:d8:e8:bd:7c:95:e2:38:2a:c6:4d:90:90:8a: 35:34:20:e7:6d:41:7b:bc:9a:b6:17:d5:a8:25:3a:38:3b:31: 31:38:dc:3c:6e:13:8b:7e:01:a1:88:80:aa:3c:9c:41:47:3c: a2:c8:3b:36:bb:be:cf:0f:73:99:bf:4f:56:d3:1c:0f:32:43: 6e:4c:17:ec:e7:7d:1f:63:d0:1a:a0:8c:4f:f6:44:dd:43:4a: 35:91:47:15:23:03:c9:51:0d:2f:d4:24:6c:ea:78:de:30:70: 78:02:f4:76:85:b9:ca:f7:06:fd:4e:ae:96:67:6c:36:dc:2c: 41:d8:33:2f:c9:04:25:43:67:e8:0a:ea:5f:e0:b3:dc:23:14: 6d:02:3a:87:22:53:c5:ad:45:ec:37:d3:c2:f4:b9:47:fc:29: 5d:4f:91:9a:0b:54:4d:87:c4:bd:b2:5a:d4:ef:1f:fb:d9:f4: 0c:20:a8:f4:e5:07:8f:d0:c0:db:25:9d:b3:8d:84:09:b8:0d: b3:c6:aa:23:a6:f9:b7:8e:c9:2f:de:e8:bf:d0:0e:20:91:6b: 54:5f:f2:23:bb:98:13:42:23:f2:f4:21:3a:8d:b5:01:e1:25: d5:55:f9:3d -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUZSpZUbFlrcYMnX67Vuxc3V1IumowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjg5Mzk4QkE2MDNDNDNCREY3MTFBMkIzMUZBREM4Q0RG RkM5Q0MxNjAeFw0yNjAzMTgxNjI2NThaFw0yNjAzMjIwMjQ0NThaMDMxMTAvBgNV BAMTKDk3MEQ2NkM2NDBGRjJCRjFDNkJFRDFDMzk1Q0ZFQzAyRTY0ODYyNDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC47LbVc+SaL3m0BmnnG/33nhzL Qf3ogjLYq6JJVGkTCEbv9fk2zNL5VLtJlBI5wz6xLVbNiTA9LVgruAzcK1dBbXSf f2LIMwlLroZBSJPi127TA1WWKZ1xDhRJHIRiEmOG1/FGVmvuYxADFzC8RBOU7Sct 9E0K5FZhHkxCP0WqfrsU30Ms3/KmNgMxnTC3t+qNLmMvDpq1mgrcrgUGu6JAzS8t nePXvl8ryqAOdvwyoSwY6x0HWjon7/qFl45/H3TLz2jabS8CTgTOOrQ2SeBtVYx7 pxBstwdCwXBcUiHMyw/vKHKxBBcmSwWbLEA9iVmIo0EfDr50gXjKihxzR0QXAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUlw1mxkD/K/HGvtHDlc/sAuZIYkcwHwYDVR0j BBgwFoAUuJOYumA8Q733EaKzH63Izf/JzBYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k ZWE3OTM0MC00ZGIyLTQ1OGQtOTVkZC1hZjIwYjRmY2RiM2QvMC9CODkzOThCQTYw M0M0M0JERjcxMUEyQjMxRkFEQzhDREZGQzlDQzE2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjg5Mzk4QkE2MDNDNDNCREY3MTFBMkIzMUZBREM4Q0RGRkM5 Q0MxNi5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZGVhNzkzNDAtNGRiMi00NThkLTk1 ZGQtYWYyMGI0ZmNkYjNkLzAvQjg5Mzk4QkE2MDNDNDNCREY3MTFBMkIzMUZBREM4 Q0RGRkM5Q0MxNi5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAFCbECvtKa+8gZXQKPN6ulOBNm5HL9Be2Oi9 fJXiOCrGTZCQijU0IOdtQXu8mrYX1aglOjg7MTE43DxuE4t+AaGIgKo8nEFHPKLI Oza7vs8Pc5m/T1bTHA8yQ25MF+znfR9j0BqgjE/2RN1DSjWRRxUjA8lRDS/UJGzq eN4wcHgC9HaFucr3Bv1OrpZnbDbcLEHYMy/JBCVDZ+gK6l/gs9wjFG0COociU8Wt Rew308L0uUf8KV1PkZoLVE2HxL2yWtTvH/vZ9AwgqPTlB4/QwNslnbONhAm4DbPG qiOm+beOyS/e6L/QDiCRa1Rf8iO7mBNCI/L0ITqNtQHhJdVV+T0= -----END CERTIFICATE-----Generated at Thu Mar 19 09:27:03 2026 by rpki-client